Mercurial > lada > lada-server
annotate src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java @ 959:391ef3356b60
Use the netzbetreiber id value instead of casting data to ort and request
netzbetreiberid again.
| author | Raimund Renkert <raimund.renkert@intevation.de> |
|---|---|
| date | Thu, 26 May 2016 12:20:15 +0200 |
| parents | 4657811fd133 |
| children | cf03bdd59767 |
| rev | line source |
|---|---|
|
849
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
2 * Software engineering by Intevation GmbH |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
3 * |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=3) |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! Check out |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
6 * the documentation coming with IMIS-Labordaten-Application for details. |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
7 */ |
|
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
8 package de.intevation.lada.util.auth; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
9 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
10 import java.lang.reflect.InvocationTargetException; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
11 import java.lang.reflect.Method; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
12 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
13 import de.intevation.lada.util.rest.RequestMethod; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
14 import de.intevation.lada.util.rest.Response; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
15 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
16 public class NetzbetreiberAuthorizer extends BaseAuthorizer { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
17 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
18 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
19 public <T> boolean isAuthorized( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
20 Object data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
21 RequestMethod method, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
22 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
23 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
24 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
25 Method m; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
26 try { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
27 m = clazz.getMethod("getNetzbetreiberId"); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
28 } catch (NoSuchMethodException | SecurityException e1) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
29 return false; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
30 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
31 String id; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
32 try { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
33 id = (String) m.invoke(data); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
34 } catch (IllegalAccessException | |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
35 IllegalArgumentException | |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
36 InvocationTargetException e |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
37 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
38 return false; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
39 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
40 return (method == RequestMethod.POST || |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
41 method == RequestMethod.PUT || |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
42 method == RequestMethod.DELETE) && |
|
951
b09a1da741c4
Allow users to create a stammdaten ort.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
849
diff
changeset
|
43 (userInfo.getFunktionenForNetzbetreiber(id).contains(4) || |
|
957
4657811fd133
Allow a user only to manipulate Ort with own Netzbetreiber.
Tom Gottfried <tom@intevation.de>
parents:
951
diff
changeset
|
44 // XXX: this currently allows any user, regardless of function, |
|
4657811fd133
Allow a user only to manipulate Ort with own Netzbetreiber.
Tom Gottfried <tom@intevation.de>
parents:
951
diff
changeset
|
45 // to manipulate and delete any ort of his own netzbetreiber! |
|
4657811fd133
Allow a user only to manipulate Ort with own Netzbetreiber.
Tom Gottfried <tom@intevation.de>
parents:
951
diff
changeset
|
46 clazz.getName().equals("de.intevation.lada.model.stamm.Ort") && |
|
959
391ef3356b60
Use the netzbetreiber id value instead of casting data to ort and request
Raimund Renkert <raimund.renkert@intevation.de>
parents:
957
diff
changeset
|
47 userInfo.getNetzbetreiber().contains(id)); |
|
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
48 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
49 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
50 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
51 public <T> Response filter( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
52 Response data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
53 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
54 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
55 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
56 return data; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
57 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
58 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
59 } |