Mercurial > lada > lada-server
diff src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java @ 833:fa922101a462
Refactored Authorization.
* Introduced "authorizer"
* Attribute and datatype depended authorization
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Fri, 08 Jan 2016 12:05:26 +0100 |
parents | |
children | bd51cb7b8d20 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java Fri Jan 08 12:05:26 2016 +0100 @@ -0,0 +1,49 @@ +package de.intevation.lada.util.auth; + +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; + +import de.intevation.lada.util.rest.RequestMethod; +import de.intevation.lada.util.rest.Response; + +public class NetzbetreiberAuthorizer extends BaseAuthorizer { + + @Override + public <T> boolean isAuthorized( + Object data, + RequestMethod method, + UserInfo userInfo, + Class<T> clazz + ) { + Method m; + try { + m = clazz.getMethod("getNetzbetreiberId"); + } catch (NoSuchMethodException | SecurityException e1) { + return false; + } + String id; + try { + id = (String) m.invoke(data); + } catch (IllegalAccessException | + IllegalArgumentException | + InvocationTargetException e + ) { + return false; + } + return (method == RequestMethod.POST || + method == RequestMethod.PUT || + method == RequestMethod.DELETE) && + userInfo.getNetzbetreiber().contains(id) && + userInfo.getFunktionen().contains(4); + } + + @Override + public <T> Response filter( + Response data, + UserInfo userInfo, + Class<T> clazz + ) { + return data; + } + +}