litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-3523 Break up the CommonIdentifierBundleFactory into several pieces: one for each type of Identifier. Add some unit tests.

Browse source
This commit is contained in:
j2blake 2011-12-23 17:33:48 +00:00
parent f63722a2fe
commit 5051c56f7a
13 changed files with 841 additions and 262 deletions
Download patch file Download diff file Expand all files Collapse all files

243
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java
View file

@ -1,243 +0,0 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.common;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
/**
* Create Identifiers that are recognized by the common policy family.
*/
public class CommonIdentifierBundleFactory implements IdentifierBundleFactory {
private static final Log log = LogFactory
.getLog(CommonIdentifierBundleFactory.class);
private final ServletContext context;
public CommonIdentifierBundleFactory(ServletContext context) {
this.context = context;
}
@Override
public IdentifierBundle getIdentifierBundle(ServletRequest request,
HttpSession session, ServletContext unusedContext) {
// If this is not an HttpServletRequest, we might as well fail now.
HttpServletRequest req = (HttpServletRequest) request;
ArrayIdentifierBundle bundle = new ArrayIdentifierBundle();
bundle.addAll(createUserIdentifiers(req));
bundle.addAll(createRootUserIdentifiers(req));
bundle.addAll(createRoleLevelIdentifiers(req));
bundle.addAll(createBlacklistOrAssociatedIndividualIdentifiers(req));
bundle.addAll(createExplicitProxyEditingIdentifiers(req));
bundle.addAll(createPermissionIdentifiers(req));
return bundle;
}
/**
* If the user is logged in, create an identifier that shows his URI.
*/
private Collection<? extends Identifier> createUserIdentifiers(
HttpServletRequest req) {
LoginStatusBean bean = LoginStatusBean.getBean(req);
if (bean.isLoggedIn()) {
return Collections.singleton(new IsUser(bean.getUserURI()));
} else {
return Collections.emptySet();
}
}
private Collection<? extends Identifier> createRootUserIdentifiers(
HttpServletRequest req) {
UserAccount user = LoginStatusBean.getCurrentUser(req);
if ((user != null) && user.isRootUser()) {
return Collections.singleton(new IsRootUser());
} else {
return Collections.emptySet();
}
}
/**
* Create an identifier that shows the role level of the current user, or
* PUBLIC if the user is not logged in.
*/
private Collection<? extends Identifier> createRoleLevelIdentifiers(
HttpServletRequest req) {
RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req);
return Collections.singleton(new HasRoleLevel(roleLevel));
}
/**
* Find all of the individuals that are associated with the current user,
* and create either an IsBlacklisted or HasAssociatedIndividual for each
* one.
*/
private Collection<? extends Identifier> createBlacklistOrAssociatedIndividualIdentifiers(
HttpServletRequest req) {
Collection<Identifier> ids = new ArrayList<Identifier>();
for (Individual ind : getAssociatedIndividuals(req)) {
// If they are blacklisted, this factory will return an identifier
Identifier id = IsBlacklisted.getInstance(ind, context);
if (id != null) {
ids.add(id);
} else {
ids.add(new HasProfile(ind.getURI()));
}
}
return ids;
}
/**
* Get all Individuals associated with the current user as SELF.
*/
private Collection<Individual> getAssociatedIndividuals(
HttpServletRequest req) {
Collection<Individual> individuals = new ArrayList<Individual>();
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user == null) {
log.debug("No Associated Individuals: not logged in.");
return individuals;
}
WebappDaoFactory wdf = (WebappDaoFactory) context
.getAttribute("webappDaoFactory");
if (wdf == null) {
log.error("Could not get a WebappDaoFactory from the ServletContext");
return individuals;
}
IndividualDao indDao = wdf.getIndividualDao();
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
individuals.addAll(sec.getAssociatedIndividuals(indDao, user));
return individuals;
}
/**
* Get all Individuals associated with the current user by explicit proxy
* relationship.
*/
private Collection<? extends Identifier> createExplicitProxyEditingIdentifiers(
HttpServletRequest req) {
Collection<Identifier> ids = new ArrayList<Identifier>();
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user != null) {
for (String proxiedUri : user.getProxiedIndividualUris()) {
ids.add(new HasProxyEditingRights(proxiedUri));
}
}
return ids;
}
/**
* Create an identifier for each Permission that the User has.
*/
private Collection<? extends Identifier> createPermissionIdentifiers(
HttpServletRequest req) {
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user == null) {
return createPublicPermissions();
} else {
return createUserPermissions(user);
}
}
private Collection<? extends Identifier> createPublicPermissions() {
Collection<Identifier> ids = new ArrayList<Identifier>();
WebappDaoFactory wdf = (WebappDaoFactory) context
.getAttribute("webappDaoFactory");
if (wdf == null) {
log.error("Could not get a WebappDaoFactory from the ServletContext");
return ids;
}
UserAccountsDao uaDao = wdf.getUserAccountsDao();
Set<String> permissionUris = new HashSet<String>();
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
if (ps.isForPublic()) {
permissionUris.addAll(ps.getPermissionUris());
}
}
PermissionRegistry registry = PermissionRegistry.getRegistry(context);
for (String permissionUri : permissionUris) {
Permission permission = registry.getPermission(permissionUri);
ids.add(new HasPermission(permission));
}
return ids;
}
private Collection<? extends Identifier> createUserPermissions(UserAccount user) {
Collection<Identifier> ids = new ArrayList<Identifier>();
WebappDaoFactory wdf = (WebappDaoFactory) context
.getAttribute("webappDaoFactory");
if (wdf == null) {
log.error("Could not get a WebappDaoFactory from the ServletContext");
return ids;
}
UserAccountsDao uaDao = wdf.getUserAccountsDao();
Set<String> permissionUris = new HashSet<String>();
for (String psUri : user.getPermissionSetUris()) {
PermissionSet ps = uaDao.getPermissionSetByUri(psUri);
if (ps != null) {
permissionUris.addAll(ps.getPermissionUris());
}
}
PermissionRegistry registry = PermissionRegistry.getRegistry(context);
for (String permissionUri : permissionUris) {
Permission permission = registry.getPermission(permissionUri);
ids.add(new HasPermission(permission));
}
return ids;
}
@Override
public String toString() {
return this.getClass().getSimpleName() + " - " + hashCode();
}
}

66
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/BaseIdentifierBundleFactory.java Normal file
View file

@ -0,0 +1,66 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
/**
* Some fields and methods that are helpful to IdentifierBundleFactory classes.
*/
public abstract class BaseIdentifierBundleFactory implements
IdentifierBundleFactory {
protected final ServletContext ctx;
protected final WebappDaoFactory wdf;
protected final UserAccountsDao uaDao;
protected final IndividualDao indDao;
public BaseIdentifierBundleFactory(ServletContext ctx) {
if (ctx == null) {
throw new NullPointerException("ctx may not be null.");
}
this.ctx = ctx;
Object wdfObject = ctx.getAttribute("webappDaoFactory");
if (wdfObject instanceof WebappDaoFactory) {
this.wdf = (WebappDaoFactory) wdfObject;
} else {
throw new IllegalStateException(
"Didn't find a WebappDaoFactory in the context. Found '"
+ wdfObject + "' instead.");
}
this.uaDao = wdf.getUserAccountsDao();
this.indDao = wdf.getIndividualDao();
}
/**
* This method should go away. Why are we passing anything other than the
* request?
*/
@Override
public final IdentifierBundle getIdentifierBundle(ServletRequest request,
HttpSession session, ServletContext context) {
return getIdentifierBundle((HttpServletRequest) request);
}
@Override
public String toString() {
return this.getClass().getSimpleName() + " - " + hashCode();
}
/**
* Return the IdentifierBundle from this factory. May return an empty
* bundle, but never returns null.
*/
public abstract IdentifierBundle getIdentifierBundle(HttpServletRequest req);
}

93
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasPermissionFactory.java Normal file
View file

@ -0,0 +1,93 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* Figure out what Permissions the user is entitled to have.
*/
public class HasPermissionFactory extends BaseIdentifierBundleFactory {
private static final Log log = LogFactory
.getLog(HasPermissionFactory.class);
public HasPermissionFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user == null) {
return createPublicPermissions();
} else {
return createUserPermissions(user);
}
}
private IdentifierBundle createPublicPermissions() {
Set<String> permissionUris = new HashSet<String>();
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
if (ps.isForPublic()) {
permissionUris.addAll(ps.getPermissionUris());
}
}
log.debug("Permission URIs: " + permissionUris);
return new ArrayIdentifierBundle(
getIdentifiersFromPermissions(getPermissionsForUris(permissionUris)));
}
private IdentifierBundle createUserPermissions(UserAccount user) {
Set<String> permissionUris = new HashSet<String>();
for (String psUri : user.getPermissionSetUris()) {
PermissionSet ps = uaDao.getPermissionSetByUri(psUri);
if (ps != null) {
permissionUris.addAll(ps.getPermissionUris());
}
}
log.debug("user permission sets: " + user.getPermissionSetUris());
log.debug("Permission URIs: " + permissionUris);
return new ArrayIdentifierBundle(
getIdentifiersFromPermissions(getPermissionsForUris(permissionUris)));
}
private Collection<Permission> getPermissionsForUris(
Collection<String> permissionUris) {
List<Permission> permissions = new ArrayList<Permission>();
PermissionRegistry registry = PermissionRegistry.getRegistry(ctx);
for (String uri : permissionUris) {
permissions.add(registry.getPermission(uri));
}
return permissions;
}
private List<HasPermission> getIdentifiersFromPermissions(
Collection<Permission> permissions) {
List<HasPermission> ids = new ArrayList<HasPermission>();
for (Permission permission : permissions) {
ids.add(new HasPermission(permission));
}
return ids;
}
}

72
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProfileOrIsBlacklistedFactory.java Normal file
View file

@ -0,0 +1,72 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import java.util.ArrayList;
import java.util.Collection;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsBlacklisted;
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* Find all of the individuals that are associated with the current user, and
* create either an IsBlacklisted or HasAssociatedIndividual for each one.
*/
public class HasProfileOrIsBlacklistedFactory extends
BaseIdentifierBundleFactory {
private static final Log log = LogFactory
.getLog(HasProfileOrIsBlacklistedFactory.class);
public HasProfileOrIsBlacklistedFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
ArrayIdentifierBundle ids = new ArrayIdentifierBundle();
for (Individual ind : getAssociatedIndividuals(req)) {
// If they are blacklisted, this factory will return an identifier
Identifier id = IsBlacklisted.getInstance(ind, ctx);
if (id != null) {
ids.add(id);
} else {
ids.add(new HasProfile(ind.getURI()));
}
}
return ids;
}
/**
* Get all Individuals associated with the current user as SELF.
*/
private Collection<Individual> getAssociatedIndividuals(
HttpServletRequest req) {
Collection<Individual> individuals = new ArrayList<Individual>();
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user == null) {
log.debug("No Associated Individuals: not logged in.");
return individuals;
}
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
individuals.addAll(sec.getAssociatedIndividuals(indDao, user));
return individuals;
}
}

37
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasProxyEditingRightsFactory.java Normal file
View file

@ -0,0 +1,37 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProxyEditingRights;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* Find out what Profiles the User can edit through proxy.
*/
public class HasProxyEditingRightsFactory extends BaseIdentifierBundleFactory {
public HasProxyEditingRightsFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
ArrayIdentifierBundle ids = new ArrayIdentifierBundle();
UserAccount user = LoginStatusBean.getCurrentUser(req);
if (user != null) {
for (String proxiedUri : user.getProxiedIndividualUris()) {
ids.add(new HasProxyEditingRights(proxiedUri));
}
}
return ids;
}
}

29
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/HasRoleLevelFactory.java Normal file
View file

@ -0,0 +1,29 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
/**
* Create an identifier that shows the role level of the current user, or
* PUBLIC if the user is not logged in.
*/
public class HasRoleLevelFactory extends BaseIdentifierBundleFactory {
public HasRoleLevelFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req);
return new ArrayIdentifierBundle(new HasRoleLevel(roleLevel));
}
}

34
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsRootUserFactory.java Normal file
View file

@ -0,0 +1,34 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* If the user is logged in as a Root User, create an identifier.
*/
public class IsRootUserFactory extends BaseIdentifierBundleFactory {
public IsRootUserFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
UserAccount user = LoginStatusBean.getCurrentUser(req);
if ((user != null) && user.isRootUser()) {
return new ArrayIdentifierBundle(IsRootUser.INSTANCE);
} else {
return new ArrayIdentifierBundle();
}
}
}

32
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/factory/IsUserFactory.java Normal file
View file

@ -0,0 +1,32 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser;
/**
* If the user is logged in, create an Identifier.
*/
public class IsUserFactory extends BaseIdentifierBundleFactory {
public IsUserFactory(ServletContext ctx) {
super(ctx);
}
@Override
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
LoginStatusBean bean = LoginStatusBean.getBean(req);
if (bean.isLoggedIn()) {
return new ArrayIdentifierBundle(new IsUser(bean.getUserURI()));
} else {
return new ArrayIdentifierBundle();
}
}
}

45
webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/setup/CommonPolicyFamilySetup.java
View file

@ -7,17 +7,24 @@ import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProfileOrIsBlacklistedFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProxyEditingRightsFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsRootUserFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsUserFactory;
import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataByRoleLevelPolicy;
import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataToSelfPolicy;
import edu.cornell.mannlib.vitro.webapp.auth.policy.EditRestrictedDataByRoleLevelPolicy;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PermissionsPolicy;
import edu.cornell.mannlib.vitro.webapp.auth.policy.SelfEditingPolicy;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus;
/**
* Set up the common policy family, with Identifier factory.
* Set up the common policy family, with Identifier factories.
*/
public class CommonPolicyFamilySetup implements ServletContextListener {
@ -27,27 +34,31 @@ public class CommonPolicyFamilySetup implements ServletContextListener {
StartupStatus ss = StartupStatus.getBean(ctx);
try {
ServletPolicyList.addPolicy(ctx, new PermissionsPolicy());
policy(ctx, new PermissionsPolicy());
policy(ctx, new DisplayRestrictedDataByRoleLevelPolicy(ctx));
policy(ctx, new DisplayRestrictedDataToSelfPolicy(ctx));
policy(ctx, new EditRestrictedDataByRoleLevelPolicy(ctx));
policy(ctx, new SelfEditingPolicy(ctx));
ServletPolicyList.addPolicy(ctx,
new DisplayRestrictedDataByRoleLevelPolicy(ctx));
ServletPolicyList.addPolicy(ctx,
new DisplayRestrictedDataToSelfPolicy(ctx));
ServletPolicyList.addPolicy(ctx,
new EditRestrictedDataByRoleLevelPolicy(ctx));
ServletPolicyList.addPolicy(ctx, new SelfEditingPolicy(ctx));
// This factory creates Identifiers for all of the above policies.
CommonIdentifierBundleFactory factory = new CommonIdentifierBundleFactory(
ctx);
ActiveIdentifierBundleFactories.addFactory(sce, factory);
factory(ctx, new IsUserFactory(ctx));
factory(ctx, new IsRootUserFactory(ctx));
factory(ctx, new HasRoleLevelFactory(ctx));
factory(ctx, new HasProfileOrIsBlacklistedFactory(ctx));
factory(ctx, new HasPermissionFactory(ctx));
factory(ctx, new HasProxyEditingRightsFactory(ctx));
} catch (Exception e) {
ss.fatal(this, "could not run CommonPolicyFamilySetup", e);
}
}
private void policy(ServletContext ctx, PolicyIface policy) {
ServletPolicyList.addPolicy(ctx, policy);
}
private void factory(ServletContext ctx, IdentifierBundleFactory factory) {
ActiveIdentifierBundleFactories.addFactory(ctx, factory);
}
@Override
public void contextDestroyed(ServletContextEvent sce) { /* nothing */
}