Mercurial > lada > lada-server

diff src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java @ 833:fa922101a462
Refactored Authorization. * Introduced "authorizer" * Attribute and datatype depended authorization
author: Raimund Renkert <raimund.renkert@intevation.de>
date: Fri, 08 Jan 2016 12:05:26 +0100
children: bd51cb7b8d20
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/main/java/de/intevation/lada/util/auth/NetzbetreiberAuthorizer.java	Fri Jan 08 12:05:26 2016 +0100
@@ -0,0 +1,49 @@
+package de.intevation.lada.util.auth;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
+import de.intevation.lada.util.rest.RequestMethod;
+import de.intevation.lada.util.rest.Response;
+
+public class NetzbetreiberAuthorizer extends BaseAuthorizer {
+
+    @Override
+    public <T> boolean isAuthorized(
+        Object data,
+        RequestMethod method,
+        UserInfo userInfo,
+        Class<T> clazz
+    ) {
+        Method m;
+        try {
+            m = clazz.getMethod("getNetzbetreiberId");
+        } catch (NoSuchMethodException | SecurityException e1) {
+            return false;
+        }
+        String id;
+        try {
+            id = (String) m.invoke(data);
+        } catch (IllegalAccessException |
+            IllegalArgumentException |
+            InvocationTargetException e
+        ) {
+            return false;
+        }
+        return (method == RequestMethod.POST ||
+            method == RequestMethod.PUT ||
+            method == RequestMethod.DELETE) &&
+            userInfo.getNetzbetreiber().contains(id) &&
+            userInfo.getFunktionen().contains(4);
+    }
+
+    @Override
+    public <T> Response filter(
+        Response data,
+        UserInfo userInfo,
+        Class<T> clazz
+    ) {
+        return data;
+    }
+
+}
author	Raimund Renkert <raimund.renkert@intevation.de>
date	Fri, 08 Jan 2016 12:05:26 +0100
parents
children	bd51cb7b8d20