Mercurial > lada > lada-server
annotate src/main/java/de/intevation/lada/util/auth/ProbeAuthorizer.java @ 833:fa922101a462
Refactored Authorization.
* Introduced "authorizer"
* Attribute and datatype depended authorization
| author | Raimund Renkert <raimund.renkert@intevation.de> |
|---|---|
| date | Fri, 08 Jan 2016 12:05:26 +0100 |
| parents | |
| children | 2fe625c91ab3 |
| rev | line source |
|---|---|
|
833
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
1 package de.intevation.lada.util.auth; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
2 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
3 import java.util.ArrayList; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
4 import java.util.List; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
5 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
6 import de.intevation.lada.model.land.LProbe; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
7 import de.intevation.lada.util.rest.RequestMethod; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
8 import de.intevation.lada.util.rest.Response; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
9 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
10 public class ProbeAuthorizer extends BaseAuthorizer { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
11 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
12 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
13 public <T> boolean isAuthorized( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
14 Object data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
15 RequestMethod method, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
16 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
17 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
18 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
19 LProbe probe = (LProbe)data; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
20 if (method == RequestMethod.POST) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
21 return getAuthorization(userInfo, probe); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
22 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
23 else if (method == RequestMethod.PUT || |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
24 method == RequestMethod.DELETE) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
25 return !isProbeReadOnly(probe.getId()); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
26 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
27 return false; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
28 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
29 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
30 @SuppressWarnings("unchecked") |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
31 @Override |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
32 public <T> Response filter( |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
33 Response data, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
34 UserInfo userInfo, |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
35 Class<T> clazz |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
36 ) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
37 if (data.getData() instanceof List<?>) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
38 List<LProbe> proben = new ArrayList<LProbe>(); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
39 for (LProbe probe :(List<LProbe>)data.getData()) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
40 proben.add(setAuthData(userInfo, probe)); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
41 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
42 data.setData(proben); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
43 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
44 else if (data.getData() instanceof LProbe) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
45 LProbe probe = (LProbe)data.getData(); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
46 data.setData(setAuthData(userInfo, probe)); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
47 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
48 return data; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
49 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
50 |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
51 /** |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
52 * Set authorization data for the current probe object. |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
53 * |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
54 * @param userInfo The user information. |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
55 * @param probe The probe object. |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
56 * @return The probe. |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
57 */ |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
58 private LProbe setAuthData(UserInfo userInfo, LProbe probe) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
59 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId())) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
60 probe.setOwner(false); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
61 probe.setReadonly(true); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
62 return probe; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
63 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
64 if (userInfo.getMessstellen().contains(probe.getMstId())) { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
65 probe.setOwner(true); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
66 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
67 else { |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
68 probe.setOwner(false); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
69 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
70 probe.setReadonly(this.isProbeReadOnly(probe.getId())); |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
71 return probe; |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
72 } |
|
fa922101a462
Refactored Authorization.
Raimund Renkert <raimund.renkert@intevation.de>
parents:
diff
changeset
|
73 } |