Mercurial > lada > lada-server
view src/main/java/de/intevation/lada/util/auth/ProbeAuthorizer.java @ 1028:1c41c7b8f7c2 schema-update
Updated server application to new database model. THIS IS STILL WIP!!!
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Fri, 08 Jul 2016 15:32:36 +0200 |
parents | f5b4784d9173 |
children |
line wrap: on
line source
/* Copyright (C) 2013 by Bundesamt fuer Strahlenschutz * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=3) * and comes with ABSOLUTELY NO WARRANTY! Check out * the documentation coming with IMIS-Labordaten-Application for details. */ package de.intevation.lada.util.auth; import java.util.ArrayList; import java.util.List; import de.intevation.lada.model.land.Probe; import de.intevation.lada.model.stammdaten.MessStelle; import de.intevation.lada.util.rest.RequestMethod; import de.intevation.lada.util.rest.Response; public class ProbeAuthorizer extends BaseAuthorizer { @Override public <T> boolean isAuthorized( Object data, RequestMethod method, UserInfo userInfo, Class<T> clazz ) { Probe probe = (Probe)data; if (method == RequestMethod.PUT || method == RequestMethod.DELETE) { return !isProbeReadOnly(probe.getId()); } return getAuthorization(userInfo, probe); } @SuppressWarnings("unchecked") @Override public <T> Response filter( Response data, UserInfo userInfo, Class<T> clazz ) { if (data.getData() instanceof List<?>) { List<Probe> proben = new ArrayList<Probe>(); for (Probe probe :(List<Probe>)data.getData()) { proben.add(setAuthData(userInfo, probe)); } data.setData(proben); } else if (data.getData() instanceof Probe) { Probe probe = (Probe)data.getData(); data.setData(setAuthData(userInfo, probe)); } return data; } /** * Set authorization data for the current probe object. * * @param userInfo The user information. * @param probe The probe object. * @return The probe. */ private Probe setAuthData(UserInfo userInfo, Probe probe) { MessStelle mst = repository.getByIdPlain(MessStelle.class, probe.getMstId(), "stamm"); if (!userInfo.getNetzbetreiber().contains(mst.getNetzbetreiberId())) { probe.setOwner(false); probe.setReadonly(true); return probe; } if (userInfo.belongsTo(probe.getMstId(), probe.getLaborMstId())) { probe.setOwner(true); } else { probe.setOwner(false); } probe.setReadonly(this.isProbeReadOnly(probe.getId())); return probe; } }