lada/lada-server: src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java annotate

annotate src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java @ 838:1ed347eb856b statusworkflow

Use auth objects in user info to keep mst <-> function association.

author	Raimund Renkert <raimund.renkert@intevation.de>
date	Thu, 14 Jan 2016 10:21:19 +0100
parents	d0510a89e701
children	2fe625c91ab3

rev	line source
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	2 * Software engineering by Intevation GmbH
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	3 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	4 * This file is Free Software under the GNU GPL (v>=3)
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	5 * and comes with ABSOLUTELY NO WARRANTY! Check out
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	6 * the documentation coming with IMIS-Labordaten-Application for details.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	7 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	8 package de.intevation.lada.util.auth;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	9
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	10 import java.lang.reflect.InvocationTargetException;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	11 import java.lang.reflect.Method;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	12 import java.util.ArrayList;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	13 import java.util.Arrays;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	14 import java.util.List;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	15
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	16 import javax.inject.Inject;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	17 import javax.persistence.EntityManager;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	18 import javax.servlet.http.HttpServletRequest;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	19
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	20 import org.apache.log4j.Logger;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	21
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	22 import de.intevation.lada.model.land.LMessung;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	23 import de.intevation.lada.model.land.LProbe;
772 46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	24 import de.intevation.lada.model.land.LStatusProtokoll;
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	25 import de.intevation.lada.model.stamm.Auth;
772 46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	26 import de.intevation.lada.model.stamm.AuthLstUmw;
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	27 import de.intevation.lada.util.annotation.AuthorizationConfig;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	28 import de.intevation.lada.util.annotation.RepositoryConfig;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	29 import de.intevation.lada.util.data.QueryBuilder;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	30 import de.intevation.lada.util.data.Repository;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	31 import de.intevation.lada.util.data.RepositoryType;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	32 import de.intevation.lada.util.rest.RequestMethod;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	33 import de.intevation.lada.util.rest.Response;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	34
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	35 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	36 * Authorize a user via HttpServletRequest attributes.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	37 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	38 * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a>
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	39 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	40 @AuthorizationConfig(type=AuthorizationType.HEADER)
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	41 public class HeaderAuthorization implements Authorization {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	42
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	43 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	44 * The logger used in this class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	45 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	46 @Inject
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	47 private Logger logger;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	48
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	49 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	50 * The Repository used to read from Database.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	51 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	52 @Inject
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	53 @RepositoryConfig(type=RepositoryType.RO)
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	54 private Repository repository;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	55
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	56 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	57 * Request user informations using the HttpServletRequest.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	58 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	59 * @param source The HttpServletRequest
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	60 * @return The UserInfo object containing username and groups.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	61 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	62 @Override
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	63 public UserInfo getInfo(Object source) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	64 if (source instanceof HttpServletRequest) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	65 HttpServletRequest request = (HttpServletRequest)source;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	66 String roleString =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	67 request.getAttribute("lada.user.roles").toString();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	68 UserInfo info = getGroupsFromDB(roleString);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	69 info.setName(request.getAttribute("lada.user.name").toString());
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	70 return info;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	71 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	72 return null;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	73 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	74
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	75 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	76 * Filter a list of data objects using the user informations contained in
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	77 * the HttpServletRequest.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	78 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	79 * @param source The HttpServletRequest
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	80 * @param data The Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	81 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	82 * @return The Response object containing the filtered data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	83 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	84 @Override
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	85 public <T> Response filter(Object source, Response data, Class<T> clazz) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	86 UserInfo userInfo = this.getInfo(source);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	87 if (userInfo == null) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	88 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	89 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	90 if (clazz == LProbe.class) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	91 return this.authorizeProbe(userInfo, data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	92 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	93 if (clazz == LMessung.class) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	94 return this.authorizeMessung(userInfo, data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	95 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	96 Method[] methods = clazz.getMethods();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	97 for (Method method: methods) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	98 if (method.getName().equals("getProbeId")) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	99 return this.authorizeWithProbeId(userInfo, data, clazz);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	100 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	101 if (method.getName().equals("getMessungsId")) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	102 return this.authorizeWithMessungsId(userInfo, data, clazz);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	103 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	104 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	105 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	106 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	107
800 8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	108 @Override
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	109 public <T> boolean isAuthorized(int id, Class<T> clazz) {
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	110 if (clazz == LMessung.class) {
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	111 LMessung messung = repository.getByIdPlain(
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	112 LMessung.class,
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	113 id,
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	114 "land");
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	115 if (messung.getStatus() == null) {
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	116 return false;
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	117 }
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	118 LStatusProtokoll status = repository.getByIdPlain(
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	119 LStatusProtokoll.class,
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	120 messung.getStatus(),
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	121 "land");
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	122 if (status.getStatusWert() == 0) {
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	123 return false;
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	124 }
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	125 return true;
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	126 }
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	127 return false;
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	128 }
8c336f08e76f Addedd method to authorize a messung using the id and the status. Raimund Renkert <raimund.renkert@intevation.de> parents: 779 diff changeset	129
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	130 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	131 * Check whether a user is authorized to operate on the given data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	132 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	133 * @param source The HttpServletRequest containing user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	134 * @param data The data to test.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	135 * @param method The Http request type.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	136 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	137 * @return True if the user is authorized else returns false.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	138 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	139 @Override
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	140 public <T> boolean isAuthorized(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	141 Object source,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	142 Object data,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	143 RequestMethod method,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	144 Class<T> clazz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	145 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	146 UserInfo userInfo = this.getInfo(source);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	147 if (userInfo == null) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	148 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	149 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	150 if (clazz == LProbe.class) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	151 LProbe probe = (LProbe)data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	152 if (method == RequestMethod.POST) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	153 return getAuthorization(userInfo, probe);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	154 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	155 else if (method == RequestMethod.PUT \|\|
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	156 method == RequestMethod.DELETE) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	157 return !isReadOnly(probe.getId());
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	158 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	159 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	160 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	161 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	162 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	163 else if (clazz == LMessung.class) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	164 LMessung messung = (LMessung)data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	165 Response response =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	166 repository.getById(LProbe.class, messung.getProbeId(), "land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	167 LProbe probe = (LProbe)response.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	168 if (method == RequestMethod.POST) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	169 return getAuthorization(userInfo, probe);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	170 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	171 else if (method == RequestMethod.PUT \|\|
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	172 method == RequestMethod.DELETE) {
779 64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	173 return !this.isMessungReadOnly(messung) &&
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	174 getAuthorization(userInfo, probe);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	175 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	176 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	177 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	178 Method[] methods = clazz.getMethods();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	179 for (Method m: methods) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	180 if (m.getName().equals("getProbeId")) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	181 Integer id;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	182 try {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	183 id = (Integer) m.invoke(data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	184 } catch (IllegalAccessException \| IllegalArgumentException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	185 \| InvocationTargetException e) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	186 logger.warn(e.getCause() + ": " + e.getMessage());
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	187 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	188 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	189 Response response =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	190 repository.getById(LProbe.class, id, "land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	191 LProbe probe = (LProbe)response.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	192 return !isReadOnly(id) && getAuthorization(userInfo, probe);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	193
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	194 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	195 if (m.getName().equals("getMessungsId")) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	196 Integer id;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	197 try {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	198 id = (Integer) m.invoke(data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	199 } catch (IllegalAccessException \| IllegalArgumentException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	200 \| InvocationTargetException e) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	201 logger.warn(e.getCause() + ": " + e.getMessage());
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	202 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	203 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	204 Response mResponse =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	205 repository.getById(LMessung.class, id, "land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	206 LMessung messung = (LMessung)mResponse.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	207 Response pResponse =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	208 repository.getById(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	209 LProbe.class,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	210 messung.getProbeId(),
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	211 "land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	212 LProbe probe = (LProbe)pResponse.getData();
801 d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	213 if (messung.getStatus() == null) {
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	214 return false;
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	215 }
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	216 LStatusProtokoll status = repository.getByIdPlain(
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	217 LStatusProtokoll.class,
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	218 messung.getStatus(),
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	219 "land");
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	220 return status.getStatusWert() == 0 &&
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	221 getAuthorization(userInfo, probe);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	222 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	223 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	224 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	225 return true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	226 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	227
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	228 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	229 * Get the authorization of a single probe.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	230 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	231 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	232 * @param probe The probe to authorize.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	233 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	234 private boolean getAuthorization(UserInfo userInfo, LProbe probe) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	235 if (userInfo.getMessstellen().contains(probe.getMstId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	236 return true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	237 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	238 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	239 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	240 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	241 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	242
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	243 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	244 * Request the lada specific groups.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	245 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	246 * @param roles The roles defined in the OpenId server.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	247 * @return The UserInfo contianing roles and user name.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	248 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	249 private UserInfo getGroupsFromDB(String roles) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	250 QueryBuilder<Auth> builder = new QueryBuilder<Auth>(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	251 repository.entityManager("stamm"),
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	252 Auth.class);
726 a5c755b0cfda Filter the group string. This should be tidied... Dustin Demuth <dustin@intevation.de> parents: 721 diff changeset	253 roles = roles.replace("[","");
a5c755b0cfda Filter the group string. This should be tidied... Dustin Demuth <dustin@intevation.de> parents: 721 diff changeset	254 roles = roles.replace("]","");
a5c755b0cfda Filter the group string. This should be tidied... Dustin Demuth <dustin@intevation.de> parents: 721 diff changeset	255 roles = roles.replace(" ","");
a5c755b0cfda Filter the group string. This should be tidied... Dustin Demuth <dustin@intevation.de> parents: 721 diff changeset	256 String[] mst = roles.split(",");
a5c755b0cfda Filter the group string. This should be tidied... Dustin Demuth <dustin@intevation.de> parents: 721 diff changeset	257 builder.andIn("ldapGroup", Arrays.asList(mst));
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	258 Response response = repository.filter(builder.getQuery(), "stamm");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	259 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	260 List<Auth> auth = (List<Auth>)response.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	261 UserInfo userInfo = new UserInfo();
838 1ed347eb856b Use auth objects in user info to keep mst <-> function association. Raimund Renkert <raimund.renkert@intevation.de> parents: 801 diff changeset	262 userInfo.setAuth(auth);
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	263 return userInfo;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	264 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	265
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	266 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	267 * Authorize data that has a messungsId Attribute.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	268 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	269 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	270 * @param data The Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	271 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	272 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	273 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	274 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	275 private <T> Response authorizeWithMessungsId(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	276 UserInfo userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	277 Response data,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	278 Class<T> clazz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	279 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	280 if (data.getData() instanceof List<?>) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	281 List<Object> objects = new ArrayList<Object>();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	282 for (Object object :(List<Object>)data.getData()) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	283 objects.add(authorizeSingleWithMessungsId(userInfo, object, clazz));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	284 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	285 data.setData(objects);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	286 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	287 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	288 Object object = data.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	289 data.setData(authorizeSingleWithMessungsId(userInfo, object, clazz));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	290 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	291 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	292 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	293
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	294 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	295 * Authorize data that has a probeId Attribute.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	296 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	297 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	298 * @param data The Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	299 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	300 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	301 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	302 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	303 private <T> Response authorizeWithProbeId(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	304 UserInfo userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	305 Response data,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	306 Class<T> clazz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	307 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	308 if (data.getData() instanceof List<?>) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	309 List<Object> objects = new ArrayList<Object>();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	310 for (Object object :(List<Object>)data.getData()) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	311 objects.add(authorizeSingleWithProbeId(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	312 userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	313 object,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	314 clazz));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	315 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	316 data.setData(objects);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	317 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	318 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	319 Object object = data.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	320 data.setData(authorizeSingleWithProbeId(userInfo, object, clazz));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	321 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	322 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	323 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	324
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	325 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	326 * Authorize a single data object that has a messungsId Attribute.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	327 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	328 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	329 * @param data The Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	330 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	331 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	332 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	333 private <T> Object authorizeSingleWithMessungsId(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	334 UserInfo userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	335 Object data,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	336 Class<T> clazz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	337 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	338 try {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	339 Method getMessungsId = clazz.getMethod("getMessungsId");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	340 Integer id = (Integer)getMessungsId.invoke(data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	341 LMessung messung =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	342 (LMessung)repository.getById(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	343 LMessung.class, id, "land").getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	344 LProbe probe =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	345 (LProbe)repository.getById(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	346 LProbe.class, messung.getProbeId(), "land").getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	347
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	348 boolean readOnly = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	349 boolean owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	350 if (!userInfo.getNetzbetreiber().contains(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	351 probe.getNetzbetreiberId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	352 owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	353 readOnly = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	354 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	355 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	356 if (userInfo.getMessstellen().contains(probe.getMstId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	357 owner = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	358 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	359 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	360 owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	361 }
779 64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	362 readOnly = this.isMessungReadOnly(messung);
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	363 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	364
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	365 Method setOwner = clazz.getMethod("setOwner", boolean.class);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	366 Method setReadonly = clazz.getMethod("setReadonly", boolean.class);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	367 setOwner.invoke(data, owner);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	368 setReadonly.invoke(data, readOnly);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	369 } catch (NoSuchMethodException \| SecurityException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	370 \| IllegalAccessException \| IllegalArgumentException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	371 \| InvocationTargetException e) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	372 return null;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	373 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	374 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	375 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	376
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	377 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	378 * Authorize a single data object that has a probeId Attribute.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	379 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	380 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	381 * @param data The Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	382 * @param clazz The data object class.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	383 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	384 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	385 private <T> Object authorizeSingleWithProbeId(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	386 UserInfo userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	387 Object data,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	388 Class<T> clazz
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	389 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	390 try {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	391 Method getProbeId = clazz.getMethod("getProbeId");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	392 Integer id = null;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	393 if (getProbeId != null) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	394 id = (Integer) getProbeId.invoke(data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	395 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	396 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	397 return null;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	398 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	399 LProbe probe =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	400 (LProbe)repository.getById(LProbe.class, id, "land").getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	401
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	402 boolean readOnly = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	403 boolean owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	404 if (!userInfo.getNetzbetreiber().contains(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	405 probe.getNetzbetreiberId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	406 owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	407 readOnly = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	408 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	409 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	410 if (userInfo.getMessstellen().contains(probe.getMstId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	411 owner = true;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	412 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	413 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	414 owner = false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	415 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	416 readOnly = this.isReadOnly(id);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	417 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	418
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	419 Method setOwner = clazz.getMethod("setOwner", boolean.class);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	420 Method setReadonly = clazz.getMethod("setReadonly", boolean.class);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	421 setOwner.invoke(data, owner);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	422 setReadonly.invoke(data, readOnly);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	423 } catch (NoSuchMethodException \| SecurityException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	424 \| IllegalAccessException \| IllegalArgumentException
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	425 \| InvocationTargetException e) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	426 return null;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	427 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	428 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	429 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	430
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	431 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	432 * Authorize probe objects.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	433 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	434 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	435 * @param data The Response object containing the probe objects.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	436 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	437 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	438 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	439 private Response authorizeProbe(UserInfo userInfo, Response data) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	440 if (data.getData() instanceof List<?>) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	441 List<LProbe> proben = new ArrayList<LProbe>();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	442 for (LProbe probe :(List<LProbe>)data.getData()) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	443 proben.add(authorizeSingleProbe(userInfo, probe));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	444 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	445 data.setData(proben);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	446 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	447 else if (data.getData() instanceof LProbe) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	448 LProbe probe = (LProbe)data.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	449 data.setData(authorizeSingleProbe(userInfo, probe));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	450 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	451 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	452 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	453
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	454 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	455 * Authorize a sinle probe object.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	456 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	457 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	458 * @param probe The probe object.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	459 * @return The probe.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	460 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	461 private LProbe authorizeSingleProbe(UserInfo userInfo, LProbe probe) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	462 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	463 probe.setOwner(false);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	464 probe.setReadonly(true);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	465 return probe;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	466 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	467 if (userInfo.getMessstellen().contains(probe.getMstId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	468 probe.setOwner(true);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	469 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	470 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	471 probe.setOwner(false);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	472 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	473 probe.setReadonly(this.isReadOnly(probe.getId()));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	474 return probe;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	475 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	476
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	477 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	478 * Authorize messung objects.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	479 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	480 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	481 * @param data The Response object containing the messung objects.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	482 * @return A Response object containing the data.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	483 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	484 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	485 private Response authorizeMessung(UserInfo userInfo, Response data) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	486 if (data.getData() instanceof List<?>) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	487 List<LMessung> messungen = new ArrayList<LMessung>();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	488 for (LMessung messung :(List<LMessung>)data.getData()) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	489 messungen.add(authorizeSingleMessung(userInfo, messung));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	490 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	491 data.setData(messungen);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	492 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	493 else if (data.getData() instanceof LMessung) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	494 LMessung messung = (LMessung)data.getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	495 data.setData(authorizeSingleMessung(userInfo, messung));
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	496 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	497 return data;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	498 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	499
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	500 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	501 * Authorize a sinle messung object.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	502 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	503 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	504 * @param messung The messung object.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	505 * @return The messung.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	506 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	507 private LMessung authorizeSingleMessung(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	508 UserInfo userInfo,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	509 LMessung messung
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	510 ) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	511 LProbe probe =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	512 (LProbe)repository.getById(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	513 LProbe.class, messung.getProbeId(), "land").getData();
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	514 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	515 messung.setOwner(false);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	516 messung.setReadonly(true);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	517 return messung;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	518 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	519 if (userInfo.getMessstellen().contains(probe.getMstId())) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	520 messung.setOwner(true);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	521 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	522 else {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	523 messung.setOwner(false);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	524 }
772 46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	525 if (messung.getStatus() == null) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	526 messung.setReadonly(false);
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	527 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	528 else {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	529 LStatusProtokoll status = repository.getByIdPlain(
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	530 LStatusProtokoll.class,
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	531 messung.getStatus(),
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	532 "land");
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	533 messung.setReadonly(
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	534 status.getStatusWert() != 0 && status.getStatusWert() != 4);
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	535 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	536
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	537 boolean statusEdit = false;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	538 if (userInfo.getFunktionen().contains(3)) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	539 QueryBuilder<AuthLstUmw> lstFilter = new QueryBuilder<AuthLstUmw>(
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	540 repository.entityManager("stamm"),
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	541 AuthLstUmw.class);
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	542 lstFilter.or("lstId", userInfo.getMessstellen());
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	543 List<AuthLstUmw> lsts =
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	544 repository.filterPlain(lstFilter.getQuery(), "stamm");
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	545 for (int i = 0; i < lsts.size(); i++) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	546 if (lsts.get(i).getUmwId().equals(probe.getUmwId())) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	547 statusEdit = true;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	548 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	549 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	550 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	551 else if (userInfo.getFunktionen().contains(2) &&
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	552 userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	553 statusEdit = true;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	554 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	555 else if (userInfo.getFunktionen().contains(1) &&
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	556 userInfo.getMessstellen().contains(probe.getMstId())) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	557 statusEdit = true;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	558 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	559 messung.setStatusEdit(statusEdit);
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	560
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	561 return messung;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	562 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	563
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	564 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	565 * Test whether a probe is readonly.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	566 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	567 * @param probeId The probe Id.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	568 * @return True if the probe is readonly.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	569 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	570 @Override
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	571 public boolean isReadOnly(Integer probeId) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	572 EntityManager manager = repository.entityManager("land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	573 QueryBuilder<LMessung> builder =
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	574 new QueryBuilder<LMessung>(
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	575 manager,
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	576 LMessung.class);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	577 builder.and("probeId", probeId);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	578 Response response = repository.filter(builder.getQuery(), "land");
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	579 @SuppressWarnings("unchecked")
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	580 List<LMessung> messungen = (List<LMessung>) response.getData();
772 46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	581 for (int i = 0; i < messungen.size(); i++) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	582 if (messungen.get(i).getStatus() == null) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	583 return false;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	584 }
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	585 LStatusProtokoll status = repository.getByIdPlain(
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	586 LStatusProtokoll.class, messungen.get(i).getStatus(), "land");
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	587 if (status.getStatusWert() != 0 && status.getStatusWert() != 4) {
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	588 return true;
46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	589 }
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	590 }
772 46e0523bbd80 Authorize messungen with status and not the "fertig"-flag. Raimund Renkert <raimund.renkert@intevation.de> parents: 760 diff changeset	591 return false;
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	592 }
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	593
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	594 /**
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	595 * Check whether a user is authorized to operate on the given probe.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	596 *
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	597 * @param userInfo The user information.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	598 * @param data The probe data to test.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	599 * @return True if the user is authorized else returns false.
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	600 */
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	601 @Override
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	602 public boolean isAuthorized(UserInfo userInfo, Object data) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	603 if (data instanceof LProbe) {
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	604 return getAuthorization(userInfo, (LProbe)data);
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	605 }
801 d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	606 else if (data instanceof LMessung) {
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	607 LProbe probe = repository.getByIdPlain(LProbe.class, ((LMessung)data).getProbeId(), "land");
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	608 return getAuthorization(userInfo, probe);
d0510a89e701 Updated the authorization to fit the needs of the new status workflow. Raimund Renkert <raimund.renkert@intevation.de> parents: 800 diff changeset	609 }
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	610 return false;
6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	611 }
779 64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	612
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	613 private boolean isMessungReadOnly(LMessung messung) {
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	614 if (messung.getStatus() == null) {
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	615 return false;
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	616 }
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	617 LStatusProtokoll status = repository.getByIdPlain(
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	618 LStatusProtokoll.class,
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	619 messung.getStatus(),
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	620 "land");
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	621 return (status.getStatusWert() != 0 && status.getStatusWert() != 4);
64adf06df02f Use status to get readonly flag for messungen. Raimund Renkert <raimund.renkert@intevation.de> parents: 772 diff changeset	622 }
721 6eed8b5decb1 Added shibboleth authorization. Raimund Renkert <raimund.renkert@intevation.de> parents: diff changeset	623 }

Mercurial > lada > lada-server

annotate src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java @ 838:1ed347eb856b statusworkflow