Mercurial > lada > lada-server

view src/main/java/de/intevation/lada/util/auth/ProbeAuthorizer.java @ 1028:1c41c7b8f7c2 schema-update

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated server application to new database model. THIS IS STILL WIP!!!
author Raimund Renkert <raimund.renkert@intevation.de>
date Fri, 08 Jul 2016 15:32:36 +0200
parents f5b4784d9173
children
line wrap: on
line source
/* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=3)
 * and comes with ABSOLUTELY NO WARRANTY! Check out
 * the documentation coming with IMIS-Labordaten-Application for details.
 */
package de.intevation.lada.util.auth;

import java.util.ArrayList;
import java.util.List;

import de.intevation.lada.model.land.Probe;
import de.intevation.lada.model.stammdaten.MessStelle;
import de.intevation.lada.util.rest.RequestMethod;
import de.intevation.lada.util.rest.Response;

public class ProbeAuthorizer extends BaseAuthorizer {

    @Override
    public <T> boolean isAuthorized(
        Object data,
        RequestMethod method,
        UserInfo userInfo,
        Class<T> clazz
    ) {
        Probe probe = (Probe)data;
        if (method == RequestMethod.PUT ||
            method == RequestMethod.DELETE) {
            return !isProbeReadOnly(probe.getId());
        }
        return getAuthorization(userInfo, probe);
    }

    @SuppressWarnings("unchecked")
    @Override
    public <T> Response filter(
        Response data,
        UserInfo userInfo,
        Class<T> clazz
    ) {
        if (data.getData() instanceof List<?>) {
            List<Probe> proben = new ArrayList<Probe>();
            for (Probe probe :(List<Probe>)data.getData()) {
                proben.add(setAuthData(userInfo, probe));
            }
            data.setData(proben);
        }
        else if (data.getData() instanceof Probe) {
            Probe probe = (Probe)data.getData();
            data.setData(setAuthData(userInfo, probe));
        }
        return data;
    }

    /**
     * Set authorization data for the current probe object.
     *
     * @param userInfo  The user information.
     * @param probe     The probe object.
     * @return The probe.
     */
    private Probe setAuthData(UserInfo userInfo, Probe probe) {
        MessStelle mst = repository.getByIdPlain(MessStelle.class, probe.getMstId(), "stamm");
        if (!userInfo.getNetzbetreiber().contains(mst.getNetzbetreiberId())) {
            probe.setOwner(false);
            probe.setReadonly(true);
            return probe;
        }
        if (userInfo.belongsTo(probe.getMstId(), probe.getLaborMstId())) {
            probe.setOwner(true);
        }
        else {
            probe.setOwner(false);
        }
        probe.setReadonly(this.isProbeReadOnly(probe.getId()));
        return probe;
    }
}
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)