Mercurial > lada > lada-server
annotate src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java @ 779:64adf06df02f
Use status to get readonly flag for messungen.
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Fri, 13 Nov 2015 13:41:36 +0100 |
parents | 46e0523bbd80 |
children | 8c336f08e76f |
rev | line source |
---|---|
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
3 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=3) |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! Check out |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
6 * the documentation coming with IMIS-Labordaten-Application for details. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
7 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
8 package de.intevation.lada.util.auth; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
9 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
10 import java.lang.reflect.InvocationTargetException; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
11 import java.lang.reflect.Method; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
12 import java.util.ArrayList; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
13 import java.util.Arrays; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
14 import java.util.List; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
15 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
16 import javax.inject.Inject; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
17 import javax.persistence.EntityManager; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
18 import javax.servlet.http.HttpServletRequest; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
19 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
20 import org.apache.log4j.Logger; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
21 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
22 import de.intevation.lada.model.land.LMessung; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
23 import de.intevation.lada.model.land.LProbe; |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
24 import de.intevation.lada.model.land.LStatusProtokoll; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
25 import de.intevation.lada.model.stamm.Auth; |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
26 import de.intevation.lada.model.stamm.AuthLstUmw; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
27 import de.intevation.lada.util.annotation.AuthorizationConfig; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
28 import de.intevation.lada.util.annotation.RepositoryConfig; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
29 import de.intevation.lada.util.data.QueryBuilder; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
30 import de.intevation.lada.util.data.Repository; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
31 import de.intevation.lada.util.data.RepositoryType; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
32 import de.intevation.lada.util.rest.RequestMethod; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
33 import de.intevation.lada.util.rest.Response; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
34 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
35 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
36 * Authorize a user via HttpServletRequest attributes. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
37 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
38 * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a> |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
39 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
40 @AuthorizationConfig(type=AuthorizationType.HEADER) |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
41 public class HeaderAuthorization implements Authorization { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
42 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
43 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
44 * The logger used in this class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
45 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
46 @Inject |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
47 private Logger logger; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
48 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
49 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
50 * The Repository used to read from Database. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
51 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
52 @Inject |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
53 @RepositoryConfig(type=RepositoryType.RO) |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
54 private Repository repository; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
55 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
56 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
57 * Request user informations using the HttpServletRequest. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
58 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
59 * @param source The HttpServletRequest |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
60 * @return The UserInfo object containing username and groups. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
61 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
62 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
63 public UserInfo getInfo(Object source) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
64 if (source instanceof HttpServletRequest) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
65 HttpServletRequest request = (HttpServletRequest)source; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
66 String roleString = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
67 request.getAttribute("lada.user.roles").toString(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
68 String[] roles = roleString.split(","); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
69 UserInfo info = getGroupsFromDB(roleString); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
70 info.setRoles(new ArrayList<String>(Arrays.asList(roles))); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
71 info.setName(request.getAttribute("lada.user.name").toString()); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
72 return info; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
73 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
74 return null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
75 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
76 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
77 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
78 * Filter a list of data objects using the user informations contained in |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
79 * the HttpServletRequest. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
80 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
81 * @param source The HttpServletRequest |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
82 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
83 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
84 * @return The Response object containing the filtered data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
85 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
86 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
87 public <T> Response filter(Object source, Response data, Class<T> clazz) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
88 UserInfo userInfo = this.getInfo(source); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
89 if (userInfo == null) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
90 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
91 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
92 if (clazz == LProbe.class) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
93 return this.authorizeProbe(userInfo, data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
94 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
95 if (clazz == LMessung.class) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
96 return this.authorizeMessung(userInfo, data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
97 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
98 Method[] methods = clazz.getMethods(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
99 for (Method method: methods) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
100 if (method.getName().equals("getProbeId")) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
101 return this.authorizeWithProbeId(userInfo, data, clazz); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
102 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
103 if (method.getName().equals("getMessungsId")) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
104 return this.authorizeWithMessungsId(userInfo, data, clazz); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
105 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
106 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
107 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
108 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
109 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
110 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
111 * Check whether a user is authorized to operate on the given data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
112 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
113 * @param source The HttpServletRequest containing user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
114 * @param data The data to test. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
115 * @param method The Http request type. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
116 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
117 * @return True if the user is authorized else returns false. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
118 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
119 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
120 public <T> boolean isAuthorized( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
121 Object source, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
122 Object data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
123 RequestMethod method, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
124 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
125 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
126 UserInfo userInfo = this.getInfo(source); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
127 if (userInfo == null) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
128 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
129 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
130 if (clazz == LProbe.class) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
131 LProbe probe = (LProbe)data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
132 if (method == RequestMethod.POST) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
133 return getAuthorization(userInfo, probe); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
134 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
135 else if (method == RequestMethod.PUT || |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
136 method == RequestMethod.DELETE) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
137 return !isReadOnly(probe.getId()); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
138 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
139 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
140 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
141 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
142 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
143 else if (clazz == LMessung.class) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
144 LMessung messung = (LMessung)data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
145 Response response = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
146 repository.getById(LProbe.class, messung.getProbeId(), "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
147 LProbe probe = (LProbe)response.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
148 if (method == RequestMethod.POST) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
149 return getAuthorization(userInfo, probe); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
150 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
151 else if (method == RequestMethod.PUT || |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
152 method == RequestMethod.DELETE) { |
779
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
153 return !this.isMessungReadOnly(messung) && |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
154 getAuthorization(userInfo, probe); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
155 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
156 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
157 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
158 Method[] methods = clazz.getMethods(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
159 for (Method m: methods) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
160 if (m.getName().equals("getProbeId")) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
161 Integer id; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
162 try { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
163 id = (Integer) m.invoke(data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
164 } catch (IllegalAccessException | IllegalArgumentException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
165 | InvocationTargetException e) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
166 logger.warn(e.getCause() + ": " + e.getMessage()); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
167 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
168 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
169 Response response = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
170 repository.getById(LProbe.class, id, "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
171 LProbe probe = (LProbe)response.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
172 return !isReadOnly(id) && getAuthorization(userInfo, probe); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
173 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
174 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
175 if (m.getName().equals("getMessungsId")) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
176 Integer id; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
177 try { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
178 id = (Integer) m.invoke(data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
179 } catch (IllegalAccessException | IllegalArgumentException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
180 | InvocationTargetException e) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
181 logger.warn(e.getCause() + ": " + e.getMessage()); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
182 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
183 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
184 Response mResponse = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
185 repository.getById(LMessung.class, id, "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
186 LMessung messung = (LMessung)mResponse.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
187 Response pResponse = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
188 repository.getById( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
189 LProbe.class, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
190 messung.getProbeId(), |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
191 "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
192 LProbe probe = (LProbe)pResponse.getData(); |
779
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
193 return !this.isMessungReadOnly(messung) && |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
194 getAuthorization(userInfo, probe); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
195 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
196 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
197 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
198 return true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
199 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
200 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
201 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
202 * Get the authorization of a single probe. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
203 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
204 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
205 * @param probe The probe to authorize. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
206 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
207 private boolean getAuthorization(UserInfo userInfo, LProbe probe) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
208 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
209 return true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
210 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
211 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
212 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
213 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
214 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
215 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
216 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
217 * Request the lada specific groups. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
218 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
219 * @param roles The roles defined in the OpenId server. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
220 * @return The UserInfo contianing roles and user name. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
221 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
222 private UserInfo getGroupsFromDB(String roles) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
223 QueryBuilder<Auth> builder = new QueryBuilder<Auth>( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
224 repository.entityManager("stamm"), |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
225 Auth.class); |
726
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
226 roles = roles.replace("[",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
227 roles = roles.replace("]",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
228 roles = roles.replace(" ",""); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
229 String[] mst = roles.split(","); |
a5c755b0cfda
Filter the group string. This should be tidied...
Dustin Demuth <dustin@intevation.de>
parents:
721
diff
changeset
|
230 builder.andIn("ldapGroup", Arrays.asList(mst)); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
231 Response response = repository.filter(builder.getQuery(), "stamm"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
232 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
233 List<Auth> auth = (List<Auth>)response.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
234 List<String> netzbetreiber = new ArrayList<String>(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
235 List<String> messstellen = new ArrayList<String>(); |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
236 List<Integer> funktionen = new ArrayList<Integer>(); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
237 for (Auth a : auth) { |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
238 if (a.getNetzbetreiberId() != null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
239 netzbetreiber.add(a.getNetzbetreiberId()); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
240 } |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
241 if (a.getMstId() != null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
242 messstellen.add(a.getMstId()); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
243 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
244 if (a.getLaborMstId() != null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
245 messstellen.add(a.getLaborMstId()); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
246 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
247 if (a.getFunktionId() != null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
248 funktionen.add(a.getFunktionId()); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
249 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
250 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
251 UserInfo userInfo = new UserInfo(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
252 userInfo.setNetzbetreiber(netzbetreiber); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
253 userInfo.setMessstellen(messstellen); |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
254 userInfo.setFunktionen(funktionen); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
255 return userInfo; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
256 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
257 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
258 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
259 * Authorize data that has a messungsId Attribute. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
260 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
261 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
262 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
263 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
264 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
265 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
266 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
267 private <T> Response authorizeWithMessungsId( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
268 UserInfo userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
269 Response data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
270 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
271 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
272 if (data.getData() instanceof List<?>) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
273 List<Object> objects = new ArrayList<Object>(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
274 for (Object object :(List<Object>)data.getData()) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
275 objects.add(authorizeSingleWithMessungsId(userInfo, object, clazz)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
276 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
277 data.setData(objects); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
278 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
279 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
280 Object object = data.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
281 data.setData(authorizeSingleWithMessungsId(userInfo, object, clazz)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
282 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
283 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
284 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
285 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
286 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
287 * Authorize data that has a probeId Attribute. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
288 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
289 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
290 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
291 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
292 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
293 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
294 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
295 private <T> Response authorizeWithProbeId( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
296 UserInfo userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
297 Response data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
298 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
299 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
300 if (data.getData() instanceof List<?>) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
301 List<Object> objects = new ArrayList<Object>(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
302 for (Object object :(List<Object>)data.getData()) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
303 objects.add(authorizeSingleWithProbeId( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
304 userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
305 object, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
306 clazz)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
307 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
308 data.setData(objects); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
309 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
310 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
311 Object object = data.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
312 data.setData(authorizeSingleWithProbeId(userInfo, object, clazz)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
313 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
314 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
315 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
316 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
317 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
318 * Authorize a single data object that has a messungsId Attribute. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
319 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
320 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
321 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
322 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
323 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
324 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
325 private <T> Object authorizeSingleWithMessungsId( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
326 UserInfo userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
327 Object data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
328 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
329 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
330 try { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
331 Method getMessungsId = clazz.getMethod("getMessungsId"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
332 Integer id = (Integer)getMessungsId.invoke(data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
333 LMessung messung = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
334 (LMessung)repository.getById( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
335 LMessung.class, id, "land").getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
336 LProbe probe = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
337 (LProbe)repository.getById( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
338 LProbe.class, messung.getProbeId(), "land").getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
339 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
340 boolean readOnly = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
341 boolean owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
342 if (!userInfo.getNetzbetreiber().contains( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
343 probe.getNetzbetreiberId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
344 owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
345 readOnly = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
346 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
347 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
348 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
349 owner = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
350 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
351 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
352 owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
353 } |
779
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
354 readOnly = this.isMessungReadOnly(messung); |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
355 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
356 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
357 Method setOwner = clazz.getMethod("setOwner", boolean.class); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
358 Method setReadonly = clazz.getMethod("setReadonly", boolean.class); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
359 setOwner.invoke(data, owner); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
360 setReadonly.invoke(data, readOnly); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
361 } catch (NoSuchMethodException | SecurityException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
362 | IllegalAccessException | IllegalArgumentException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
363 | InvocationTargetException e) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
364 return null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
365 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
366 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
367 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
368 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
369 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
370 * Authorize a single data object that has a probeId Attribute. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
371 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
372 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
373 * @param data The Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
374 * @param clazz The data object class. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
375 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
376 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
377 private <T> Object authorizeSingleWithProbeId( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
378 UserInfo userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
379 Object data, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
380 Class<T> clazz |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
381 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
382 try { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
383 Method getProbeId = clazz.getMethod("getProbeId"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
384 Integer id = null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
385 if (getProbeId != null) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
386 id = (Integer) getProbeId.invoke(data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
387 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
388 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
389 return null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
390 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
391 LProbe probe = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
392 (LProbe)repository.getById(LProbe.class, id, "land").getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
393 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
394 boolean readOnly = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
395 boolean owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
396 if (!userInfo.getNetzbetreiber().contains( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
397 probe.getNetzbetreiberId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
398 owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
399 readOnly = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
400 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
401 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
402 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
403 owner = true; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
404 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
405 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
406 owner = false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
407 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
408 readOnly = this.isReadOnly(id); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
409 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
410 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
411 Method setOwner = clazz.getMethod("setOwner", boolean.class); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
412 Method setReadonly = clazz.getMethod("setReadonly", boolean.class); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
413 setOwner.invoke(data, owner); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
414 setReadonly.invoke(data, readOnly); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
415 } catch (NoSuchMethodException | SecurityException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
416 | IllegalAccessException | IllegalArgumentException |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
417 | InvocationTargetException e) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
418 return null; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
419 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
420 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
421 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
422 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
423 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
424 * Authorize probe objects. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
425 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
426 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
427 * @param data The Response object containing the probe objects. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
428 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
429 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
430 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
431 private Response authorizeProbe(UserInfo userInfo, Response data) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
432 if (data.getData() instanceof List<?>) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
433 List<LProbe> proben = new ArrayList<LProbe>(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
434 for (LProbe probe :(List<LProbe>)data.getData()) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
435 proben.add(authorizeSingleProbe(userInfo, probe)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
436 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
437 data.setData(proben); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
438 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
439 else if (data.getData() instanceof LProbe) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
440 LProbe probe = (LProbe)data.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
441 data.setData(authorizeSingleProbe(userInfo, probe)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
442 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
443 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
444 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
445 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
446 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
447 * Authorize a sinle probe object. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
448 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
449 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
450 * @param probe The probe object. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
451 * @return The probe. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
452 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
453 private LProbe authorizeSingleProbe(UserInfo userInfo, LProbe probe) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
454 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
455 probe.setOwner(false); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
456 probe.setReadonly(true); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
457 return probe; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
458 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
459 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
460 probe.setOwner(true); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
461 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
462 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
463 probe.setOwner(false); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
464 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
465 probe.setReadonly(this.isReadOnly(probe.getId())); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
466 return probe; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
467 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
468 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
469 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
470 * Authorize messung objects. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
471 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
472 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
473 * @param data The Response object containing the messung objects. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
474 * @return A Response object containing the data. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
475 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
476 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
477 private Response authorizeMessung(UserInfo userInfo, Response data) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
478 if (data.getData() instanceof List<?>) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
479 List<LMessung> messungen = new ArrayList<LMessung>(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
480 for (LMessung messung :(List<LMessung>)data.getData()) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
481 messungen.add(authorizeSingleMessung(userInfo, messung)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
482 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
483 data.setData(messungen); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
484 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
485 else if (data.getData() instanceof LMessung) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
486 LMessung messung = (LMessung)data.getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
487 data.setData(authorizeSingleMessung(userInfo, messung)); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
488 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
489 return data; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
490 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
491 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
492 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
493 * Authorize a sinle messung object. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
494 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
495 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
496 * @param messung The messung object. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
497 * @return The messung. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
498 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
499 private LMessung authorizeSingleMessung( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
500 UserInfo userInfo, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
501 LMessung messung |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
502 ) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
503 LProbe probe = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
504 (LProbe)repository.getById( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
505 LProbe.class, messung.getProbeId(), "land").getData(); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
506 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
507 messung.setOwner(false); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
508 messung.setReadonly(true); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
509 return messung; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
510 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
511 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
512 messung.setOwner(true); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
513 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
514 else { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
515 messung.setOwner(false); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
516 } |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
517 if (messung.getStatus() == null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
518 messung.setReadonly(false); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
519 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
520 else { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
521 LStatusProtokoll status = repository.getByIdPlain( |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
522 LStatusProtokoll.class, |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
523 messung.getStatus(), |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
524 "land"); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
525 messung.setReadonly( |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
526 status.getStatusWert() != 0 && status.getStatusWert() != 4); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
527 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
528 |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
529 boolean statusEdit = false; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
530 if (userInfo.getFunktionen().contains(3)) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
531 QueryBuilder<AuthLstUmw> lstFilter = new QueryBuilder<AuthLstUmw>( |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
532 repository.entityManager("stamm"), |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
533 AuthLstUmw.class); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
534 lstFilter.or("lstId", userInfo.getMessstellen()); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
535 List<AuthLstUmw> lsts = |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
536 repository.filterPlain(lstFilter.getQuery(), "stamm"); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
537 for (int i = 0; i < lsts.size(); i++) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
538 if (lsts.get(i).getUmwId().equals(probe.getUmwId())) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
539 statusEdit = true; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
540 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
541 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
542 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
543 else if (userInfo.getFunktionen().contains(2) && |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
544 userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
545 statusEdit = true; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
546 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
547 else if (userInfo.getFunktionen().contains(1) && |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
548 userInfo.getMessstellen().contains(probe.getMstId())) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
549 statusEdit = true; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
550 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
551 messung.setStatusEdit(statusEdit); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
552 |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
553 return messung; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
554 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
555 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
556 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
557 * Test whether a probe is readonly. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
558 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
559 * @param probeId The probe Id. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
560 * @return True if the probe is readonly. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
561 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
562 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
563 public boolean isReadOnly(Integer probeId) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
564 EntityManager manager = repository.entityManager("land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
565 QueryBuilder<LMessung> builder = |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
566 new QueryBuilder<LMessung>( |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
567 manager, |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
568 LMessung.class); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
569 builder.and("probeId", probeId); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
570 Response response = repository.filter(builder.getQuery(), "land"); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
571 @SuppressWarnings("unchecked") |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
572 List<LMessung> messungen = (List<LMessung>) response.getData(); |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
573 for (int i = 0; i < messungen.size(); i++) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
574 if (messungen.get(i).getStatus() == null) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
575 return false; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
576 } |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
577 LStatusProtokoll status = repository.getByIdPlain( |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
578 LStatusProtokoll.class, messungen.get(i).getStatus(), "land"); |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
579 if (status.getStatusWert() != 0 && status.getStatusWert() != 4) { |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
580 return true; |
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
581 } |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
582 } |
772
46e0523bbd80
Authorize messungen with status and not the "fertig"-flag.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
760
diff
changeset
|
583 return false; |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
584 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
585 |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
586 /** |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
587 * Check whether a user is authorized to operate on the given probe. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
588 * |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
589 * @param userInfo The user information. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
590 * @param data The probe data to test. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
591 * @return True if the user is authorized else returns false. |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
592 */ |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
593 @Override |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
594 public boolean isAuthorized(UserInfo userInfo, Object data) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
595 if (data instanceof LProbe) { |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
596 return getAuthorization(userInfo, (LProbe)data); |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
597 } |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
598 return false; |
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
599 } |
779
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
600 |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
601 private boolean isMessungReadOnly(LMessung messung) { |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
602 if (messung.getStatus() == null) { |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
603 return false; |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
604 } |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
605 LStatusProtokoll status = repository.getByIdPlain( |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
606 LStatusProtokoll.class, |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
607 messung.getStatus(), |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
608 "land"); |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
609 return (status.getStatusWert() != 0 && status.getStatusWert() != 4); |
64adf06df02f
Use status to get readonly flag for messungen.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
772
diff
changeset
|
610 } |
721
6eed8b5decb1
Added shibboleth authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
611 } |