Mercurial > lada > lada-server
annotate src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java @ 1142:7730d9cfc22e
Fixed namespace for stammdaten ort in authorization.
| author | Raimund Renkert <raimund.renkert@intevation.de> |
|---|---|
| date | Thu, 03 Nov 2016 14:41:13 +0100 |
| parents | cf03bdd59767 |
| children |
| rev | line source |
|---|---|
|
849
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
2 * Software engineering by Intevation GmbH |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
3 * |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=3) |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! Check out |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
6 * the documentation coming with IMIS-Labordaten-Application for details. |
|
d0a591b3eade
Added missing file header.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
841
diff
changeset
|
7 */ |
|
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
8 package de.intevation.lada.util.auth; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
9 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
10 import java.lang.reflect.InvocationTargetException; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
11 import java.lang.reflect.Method; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
12 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
13 import de.intevation.lada.util.rest.RequestMethod; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
14 import de.intevation.lada.util.rest.Response; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
15 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
16 public class NetzbetreiberAuthorizer extends BaseAuthorizer { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
17 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
18 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
19 public <T> boolean isAuthorized( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
20 Object data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
21 RequestMethod method, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
22 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
23 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
24 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
25 Method m; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
26 try { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
27 m = clazz.getMethod("getNetzbetreiberId"); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
28 } catch (NoSuchMethodException | SecurityException e1) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
29 return false; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
30 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
31 String id; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
32 try { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
33 id = (String) m.invoke(data); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
34 } catch (IllegalAccessException | |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
35 IllegalArgumentException | |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
36 InvocationTargetException e |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
37 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
38 return false; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
39 } |
| 1088 | 40 return (method == RequestMethod.POST |
| 41 || method == RequestMethod.PUT | |
| 42 || method == RequestMethod.DELETE | |
| 43 ) && ( | |
| 44 userInfo.getFunktionenForNetzbetreiber(id).contains(4) | |
|
957
4657811fd133
Allow a user only to manipulate Ort with own Netzbetreiber.
Tom Gottfried <tom@intevation.de>
parents:
951
diff
changeset
|
45 // XXX: this currently allows any user, regardless of function, |
|
4657811fd133
Allow a user only to manipulate Ort with own Netzbetreiber.
Tom Gottfried <tom@intevation.de>
parents:
951
diff
changeset
|
46 // to manipulate and delete any ort of his own netzbetreiber! |
|
1142
7730d9cfc22e
Fixed namespace for stammdaten ort in authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
1088
diff
changeset
|
47 || clazz.getName().equals("de.intevation.lada.model.stammdaten.Ort") |
| 1088 | 48 && userInfo.getNetzbetreiber().contains(id) |
| 49 ); | |
|
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
50 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
51 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
52 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
53 public <T> Response filter( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
54 Response data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
55 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
56 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
57 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
58 return data; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
59 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
60 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
61 } |