Mercurial > lada > lada-server
annotate src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java @ 1305:1e0ba37ff3d8
Removed comment.
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Tue, 28 Feb 2017 14:56:14 +0100 |
parents | a0da035cc831 |
children |
rev | line source |
---|---|
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
3 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=3) |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! Check out |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
6 * the documentation coming with IMIS-Labordaten-Application for details. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
7 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
8 package de.intevation.lada.util.auth; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
9 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
10 import java.util.Arrays; |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
11 import java.util.HashMap; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
12 import java.util.List; |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
13 import java.util.Map; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
14 |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
15 import javax.annotation.PostConstruct; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
16 import javax.inject.Inject; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
17 import javax.persistence.EntityManager; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
18 import javax.servlet.http.HttpServletRequest; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
19 |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
20 import de.intevation.lada.model.land.KommentarM; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
21 import de.intevation.lada.model.land.KommentarP; |
1150
cf1eb19f896b
Authorize messprogramm - messmethode.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1104
diff
changeset
|
22 import de.intevation.lada.model.land.Messprogramm; |
cf1eb19f896b
Authorize messprogramm - messmethode.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1104
diff
changeset
|
23 import de.intevation.lada.model.land.MessprogrammMmt; |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
24 import de.intevation.lada.model.land.Messung; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
25 import de.intevation.lada.model.land.Messwert; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
26 import de.intevation.lada.model.land.Ortszuordnung; |
1265
a1323ef2c330
Changed ortszuordnungs model in messprogramm.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1150
diff
changeset
|
27 import de.intevation.lada.model.land.OrtszuordnungMp; |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
28 import de.intevation.lada.model.land.Probe; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
29 import de.intevation.lada.model.land.StatusProtokoll; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
30 import de.intevation.lada.model.land.ZusatzWert; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
31 import de.intevation.lada.model.stammdaten.Auth; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
32 import de.intevation.lada.model.stammdaten.DatensatzErzeuger; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
33 import de.intevation.lada.model.stammdaten.LadaUser; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
34 import de.intevation.lada.model.stammdaten.MessprogrammKategorie; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
35 import de.intevation.lada.model.stammdaten.Ort; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
36 import de.intevation.lada.model.stammdaten.Probenehmer; |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
37 import de.intevation.lada.model.stammdaten.StatusKombi; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
38 import de.intevation.lada.util.annotation.AuthorizationConfig; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
39 import de.intevation.lada.util.annotation.RepositoryConfig; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
40 import de.intevation.lada.util.data.QueryBuilder; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
41 import de.intevation.lada.util.data.Repository; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
42 import de.intevation.lada.util.data.RepositoryType; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
43 import de.intevation.lada.util.rest.RequestMethod; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
44 import de.intevation.lada.util.rest.Response; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
45 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
46 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
47 * Authorize a user via HttpServletRequest attributes. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
48 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
49 * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a> |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
50 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
51 @AuthorizationConfig(type=AuthorizationType.HEADER) |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
52 public class HeaderAuthorization implements Authorization { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
53 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
54 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
55 * The Repository used to read from Database. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
56 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
57 @Inject |
857
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
58 @RepositoryConfig(type=RepositoryType.RW) |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
59 private Repository repository; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
60 |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
61 @SuppressWarnings("rawtypes") |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
62 private Map<Class, Authorizer> authorizers; |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
63 @Inject ProbeAuthorizer probeAuthorizer; |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
64 @Inject MessungAuthorizer messungAuthorizer; |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
65 @Inject ProbeIdAuthorizer pIdAuthorizer; |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
66 @Inject MessungIdAuthorizer mIdAuthorizer; |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
67 @Inject NetzbetreiberAuthorizer netzAuthorizer; |
1070
f78f90446084
Add minimalistic authorization for Messprogramm.
Tom Gottfried <tom@intevation.de>
parents:
857
diff
changeset
|
68 @Inject MessprogrammAuthorizer messprogrammAuthorizer; |
1265
a1323ef2c330
Changed ortszuordnungs model in messprogramm.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1150
diff
changeset
|
69 @Inject MessprogrammIdAuthorizer mpIdAuthorizer; |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
70 |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
71 @SuppressWarnings("rawtypes") |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
72 @PostConstruct |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
73 public void init() { |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
74 authorizers = new HashMap<Class, Authorizer>(); |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
75 authorizers.put(Probe.class, probeAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
76 authorizers.put(Messung.class, messungAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
77 authorizers.put(Ortszuordnung.class, pIdAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
78 authorizers.put(KommentarP.class, pIdAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
79 authorizers.put(ZusatzWert.class, pIdAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
80 authorizers.put(KommentarM.class, mIdAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
81 authorizers.put(Messwert.class, mIdAuthorizer); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
82 authorizers.put(StatusProtokoll.class, mIdAuthorizer); |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
83 authorizers.put(Probenehmer.class, netzAuthorizer); |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
84 authorizers.put(DatensatzErzeuger.class, netzAuthorizer); |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
85 authorizers.put(MessprogrammKategorie.class, netzAuthorizer); |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
86 authorizers.put(Ort.class, netzAuthorizer); |
1070
f78f90446084
Add minimalistic authorization for Messprogramm.
Tom Gottfried <tom@intevation.de>
parents:
857
diff
changeset
|
87 authorizers.put(Messprogramm.class, messprogrammAuthorizer); |
1150
cf1eb19f896b
Authorize messprogramm - messmethode.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1104
diff
changeset
|
88 authorizers.put(MessprogrammMmt.class, messprogrammAuthorizer); |
1265
a1323ef2c330
Changed ortszuordnungs model in messprogramm.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1150
diff
changeset
|
89 authorizers.put(OrtszuordnungMp.class, mpIdAuthorizer); |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
90 } |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
91 |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
92 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
93 * Request user informations using the HttpServletRequest. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
94 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
95 * @param source The HttpServletRequest |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
96 * @return The UserInfo object containing username and groups. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
97 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
98 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
99 public UserInfo getInfo(Object source) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
100 if (source instanceof HttpServletRequest) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
101 HttpServletRequest request = (HttpServletRequest)source; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
102 String roleString = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
103 request.getAttribute("lada.user.roles").toString(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
104 UserInfo info = getGroupsFromDB(roleString); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
105 info.setName(request.getAttribute("lada.user.name").toString()); |
857
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
106 QueryBuilder<LadaUser> builder = new QueryBuilder<LadaUser>( |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
107 repository.entityManager("stamm"), |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
108 LadaUser.class |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
109 ); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
110 builder.and("name", info.getName()); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
111 List<LadaUser> user = repository.filterPlain(builder.getQuery(), "stamm"); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
112 if (user == null || user.isEmpty()) { |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
113 LadaUser newUser = new LadaUser(); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
114 newUser.setName(info.getName()); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
115 Response r = repository.create(newUser, "stamm"); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
116 user = repository.filterPlain(builder.getQuery(), "stamm"); |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
117 } |
c481688150e8
Create a new user object if not exists and use user authorization for queries.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
840
diff
changeset
|
118 info.setUserId(user.get(0).getId()); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
119 return info; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
120 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
121 return null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
122 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
123 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
124 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
125 * Filter a list of data objects using the user informations contained in |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
126 * the HttpServletRequest. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
127 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
128 * @param source The HttpServletRequest |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
129 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
130 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
131 * @return The Response object containing the filtered data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
132 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
133 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
134 public <T> Response filter(Object source, Response data, Class<T> clazz) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
135 UserInfo userInfo = this.getInfo(source); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
136 if (userInfo == null) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
137 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
138 } |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
139 Authorizer authorizer = authorizers.get(clazz); |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
140 if (authorizer == null) { |
1303
a0da035cc831
Do not allow access to unknow classes.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1265
diff
changeset
|
141 return new Response(false, 699, null); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
142 } |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
143 return authorizer.filter(data, userInfo, clazz); |
800
8c336f08e76f
Addedd method to authorize a messung using the id and the status.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
779
diff
changeset
|
144 } |
8c336f08e76f
Addedd method to authorize a messung using the id and the status.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
779
diff
changeset
|
145 |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
146 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
147 * Check whether a user is authorized to operate on the given data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
148 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
149 * @param source The HttpServletRequest containing user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
150 * @param data The data to test. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
151 * @param method The Http request type. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
152 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
153 * @return True if the user is authorized else returns false. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
154 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
155 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
156 public <T> boolean isAuthorized( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
157 Object source, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
158 Object data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
159 RequestMethod method, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
160 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
161 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
162 UserInfo userInfo = this.getInfo(source); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
163 if (userInfo == null) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
164 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
165 } |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
166 Authorizer authorizer = authorizers.get(clazz); |
1071
02915a07e186
Do not authorize everything unknown.
Tom Gottfried <tom@intevation.de>
parents:
1070
diff
changeset
|
167 // Do not authorize anything unknown |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
168 if (authorizer == null) { |
1071
02915a07e186
Do not authorize everything unknown.
Tom Gottfried <tom@intevation.de>
parents:
1070
diff
changeset
|
169 return false; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
170 } |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
171 return authorizer.isAuthorized(data, method, userInfo, clazz); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
172 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
173 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
174 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
175 * Request the lada specific groups. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
176 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
177 * @param roles The roles defined in the OpenId server. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
178 * @return The UserInfo contianing roles and user name. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
179 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
180 private UserInfo getGroupsFromDB(String roles) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
181 QueryBuilder<Auth> builder = new QueryBuilder<Auth>( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
182 repository.entityManager("stamm"), |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
183 Auth.class); |
726
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
184 roles = roles.replace("[",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
185 roles = roles.replace("]",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
186 roles = roles.replace(" ",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
187 String[] mst = roles.split(","); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
188 builder.andIn("ldapGroup", Arrays.asList(mst)); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
189 Response response = repository.filter(builder.getQuery(), "stamm"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
190 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
191 List<Auth> auth = (List<Auth>)response.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
192 UserInfo userInfo = new UserInfo(); |
838
1ed347eb856b
Use auth objects in user info to keep mst <-> function association.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
193 userInfo.setAuth(auth); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
194 return userInfo; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
195 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
196 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
197 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
198 * Test whether a probe is readonly. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
199 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
200 * @param probeId The probe Id. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
201 * @return True if the probe is readonly. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
202 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
203 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
204 public boolean isReadOnly(Integer probeId) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
205 EntityManager manager = repository.entityManager("land"); |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
206 QueryBuilder<Messung> builder = |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
207 new QueryBuilder<Messung>( |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
208 manager, |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
209 Messung.class); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
210 builder.and("probeId", probeId); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
211 Response response = repository.filter(builder.getQuery(), "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
212 @SuppressWarnings("unchecked") |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
213 List<Messung> messungen = (List<Messung>) response.getData(); |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
214 for (int i = 0; i < messungen.size(); i++) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
215 if (messungen.get(i).getStatus() == null) { |
840 | 216 continue; |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
217 } |
1097
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
218 StatusProtokoll status = repository.getByIdPlain( |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
219 StatusProtokoll.class, messungen.get(i).getStatus(), "land"); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
220 StatusKombi kombi = repository.getByIdPlain( |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
221 StatusKombi.class, status.getStatusKombi(), "stamm"); |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
222 if (kombi.getStatusWert().getId() != 0 && |
186d602e031a
Merged branch schema-update into default.
Tom Gottfried <tom@intevation.de>
parents:
1071
diff
changeset
|
223 kombi.getStatusWert().getId() != 4) { |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
224 return true; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
225 } |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
226 } |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
227 return false; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
228 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
229 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
230 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
231 * Check whether a user is authorized to operate on the given probe. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
232 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
233 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
234 * @param data The probe data to test. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
235 * @return True if the user is authorized else returns false. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
236 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
237 @Override |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
238 public <T> boolean isAuthorized( |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
239 UserInfo userInfo, |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
240 Object data, |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
241 Class<T> clazz |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
242 ) { |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
243 Authorizer authorizer = authorizers.get(clazz); |
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
244 if (authorizer == null) { |
1303
a0da035cc831
Do not allow access to unknow classes.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1265
diff
changeset
|
245 return false; |
801
d0510a89e701
Updated the authorization to fit the needs of the new status workflow.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
800
diff
changeset
|
246 } |
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
801
diff
changeset
|
247 return authorizer.isAuthorized(data, RequestMethod.GET, userInfo, clazz); |
779
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
248 } |
1104
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
249 |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
250 /** |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
251 * Check whether a user is authorized to operate on the given probe. |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
252 * |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
253 * @param userInfo The user information. |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
254 * @param data The probe data to test. |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
255 * @return True if the user is authorized else returns false. |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
256 */ |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
257 @Override |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
258 public <T> boolean isAuthorizedOnNew( |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
259 UserInfo userInfo, |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
260 Object data, |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
261 Class<T> clazz |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
262 ) { |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
263 Authorizer authorizer = authorizers.get(clazz); |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
264 if (authorizer == null) { |
1303
a0da035cc831
Do not allow access to unknow classes.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1265
diff
changeset
|
265 return false; |
1104
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
266 } |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
267 return authorizer.isAuthorized(data, RequestMethod.POST, userInfo, clazz); |
657f35a7467d
Added method to authorize new objects.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1097
diff
changeset
|
268 } |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
269 } |