Mercurial > lada > lada-server

changeset 1104:657f35a7467d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added method to authorize new objects.
author Raimund Renkert <raimund.renkert@intevation.de>
date Mon, 24 Oct 2016 11:56:54 +0200
parents ca599ec3ee79
children d9d57a107478
files src/main/java/de/intevation/lada/util/auth/Authorization.java src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java src/main/java/de/intevation/lada/util/auth/TestAuthorization.java
diffstat 4 files changed, 42 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/util/auth/Authorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/Authorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -22,5 +22,6 @@
         Object source, Object data, RequestMethod method, Class<T> clazz);
     //public <T> boolean isAuthorized(int id, Class<T> clazz);
     public <T> boolean isAuthorized(UserInfo userInfo, Object data, Class<T> clazz);
+    public <T> boolean isAuthorizedOnNew(UserInfo userInfo, Object data, Class<T> clazz);
     boolean isReadOnly(Integer probeId);
 }
--- a/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -90,4 +90,19 @@
         return true;
     }
 
+    /**
+     * Get the authorization status.
+     *
+     * @param   userInfo    The user information
+     * @param   data        The response data object.
+     *
+     * @return true
+     */
+    @Override
+    public <T> boolean isAuthorizedOnNew(
+        UserInfo userInfo,
+        Object data,
+        Class<T> clazz) {
+        return true;
+    }
 }
--- a/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -245,4 +245,25 @@
         }
         return authorizer.isAuthorized(data, RequestMethod.GET, userInfo, clazz);
     }
+
+    /**
+     * Check whether a user is authorized to operate on the given probe.
+     *
+     * @param userInfo  The user information.
+     * @param data      The probe data to test.
+     * @return True if the user is authorized else returns false.
+     */
+    @Override
+    public <T> boolean isAuthorizedOnNew(
+        UserInfo userInfo,
+        Object data,
+        Class<T> clazz
+    ) {
+        Authorizer authorizer = authorizers.get(clazz);
+        //This is a hack... Allows wildcard for unknown classes.
+        if (authorizer == null) {
+            return true;
+        }
+        return authorizer.isAuthorized(data, RequestMethod.POST, userInfo, clazz);
+    }
 }
--- a/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -64,6 +64,11 @@
     }
 
     @Override
+    public <T> boolean isAuthorizedOnNew(UserInfo userInfo, Object data, Class<T> clazz) {
+        return true;
+    }
+
+    @Override
     public boolean isReadOnly(Integer probeId) {
         return false;
     }
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)