Mercurial > lada > lada-server

comparison src/main/java/de/intevation/lada/util/auth/MessprogrammIdAuthorizer.java @ 1265:a1323ef2c330

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Changed ortszuordnungs model in messprogramm.
author Raimund Renkert <raimund.renkert@intevation.de>
date Fri, 27 Jan 2017 15:14:12 +0100
parents
children d73cfd90ffc0
comparison
equal deleted inserted replaced
1264:a0a5111b2aa6 1265:a1323ef2c330
1 /* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz
2 * Software engineering by Intevation GmbH
3 *
4 * This file is Free Software under the GNU GPL (v>=3)
5 * and comes with ABSOLUTELY NO WARRANTY! Check out
6 * the documentation coming with IMIS-Labordaten-Application for details.
7 */
8 package de.intevation.lada.util.auth;
9
10 import java.lang.reflect.InvocationTargetException;
11 import java.lang.reflect.Method;
12 import java.util.ArrayList;
13 import java.util.List;
14
15 import de.intevation.lada.model.land.Messprogramm;
16 import de.intevation.lada.model.land.Probe;
17 import de.intevation.lada.model.stammdaten.MessStelle;
18 import de.intevation.lada.util.rest.RequestMethod;
19 import de.intevation.lada.util.rest.Response;
20
21 public class MessprogrammIdAuthorizer extends BaseAuthorizer {
22
23 @Override
24 public <T> boolean isAuthorized(
25 Object data,
26 RequestMethod method,
27 UserInfo userInfo,
28 Class<T> clazz
29 ) {
30 Method m;
31 try {
32 m = clazz.getMethod("getMessprogrammId");
33 } catch (NoSuchMethodException | SecurityException e1) {
34 return false;
35 }
36 Integer id;
37 try {
38 id = (Integer) m.invoke(data);
39 } catch (IllegalAccessException |
40 IllegalArgumentException |
41 InvocationTargetException e
42 ) {
43 return false;
44 }
45 Messprogramm messprogramm =
46 repository.getByIdPlain(Messprogramm.class, id, "land");
47 if (userInfo.getMessstellen().contains(messprogramm.getMstId())) {
48 return true;
49 }
50 return false;
51 }
52
53 @SuppressWarnings("unchecked")
54 @Override
55 public <T> Response filter(
56 Response data,
57 UserInfo userInfo,
58 Class<T> clazz
59 ) {
60 if (data.getData() instanceof List<?>) {
61 List<Object> objects = new ArrayList<Object>();
62 for (Object object :(List<Object>)data.getData()) {
63 objects.add(setAuthData(userInfo, object, clazz));
64 }
65 data.setData(objects);
66 }
67 else {
68 Object object = data.getData();
69 data.setData(setAuthData(userInfo, object, clazz));
70 }
71 return data;
72 }
73 /**
74 * Authorize a single data object that has a probeId Attribute.
75 *
76 * @param userInfo The user information.
77 * @param data The Response object containing the data.
78 * @param clazz The data object class.
79 * @return A Response object containing the data.
80 */
81 private <T> Object setAuthData(
82 UserInfo userInfo,
83 Object data,
84 Class<T> clazz
85 ) {
86 try {
87 Method getProbeId = clazz.getMethod("getProbeId");
88 Integer id = null;
89 if (getProbeId != null) {
90 id = (Integer) getProbeId.invoke(data);
91 }
92 else {
93 return null;
94 }
95 Probe probe =
96 (Probe)repository.getById(Probe.class, id, "land").getData();
97
98 boolean readOnly = true;
99 boolean owner = false;
100 MessStelle mst = repository.getByIdPlain(MessStelle.class, probe.getMstId(), "stamm");
101 if (!userInfo.getNetzbetreiber().contains(
102 mst.getNetzbetreiberId())) {
103 owner = false;
104 readOnly = true;
105 }
106 else {
107 if (userInfo.belongsTo(probe.getMstId(), probe.getLaborMstId())) {
108 owner = true;
109 }
110 else {
111 owner = false;
112 }
113 readOnly = this.isProbeReadOnly(id);
114 }
115
116 Method setOwner = clazz.getMethod("setOwner", boolean.class);
117 Method setReadonly = clazz.getMethod("setReadonly", boolean.class);
118 setOwner.invoke(data, owner);
119 setReadonly.invoke(data, readOnly);
120 } catch (NoSuchMethodException | SecurityException
121 | IllegalAccessException | IllegalArgumentException
122 | InvocationTargetException e) {
123 return null;
124 }
125 return data;
126 }
127 }
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)