From df0da56e7b0b7686498545fd4340e315ee9d7644 Mon Sep 17 00:00:00 2001 From: j2blake Date: Tue, 20 Dec 2011 22:00:48 +0000 Subject: [PATCH] NIHVIVO-3523 Create the HasPermission identifier. --- .../common/CommonIdentifierBundleFactory.java | 50 ++++++++++++++++++- .../auth/identifier/common/HasPermission.java | 44 ++++++++++++++++ 2 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasPermission.java diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java index 31688baba..44da8b360 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/CommonIdentifierBundleFactory.java @@ -5,6 +5,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.identifier.common; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; +import java.util.HashSet; +import java.util.Set; import javax.servlet.ServletContext; import javax.servlet.ServletRequest; @@ -19,11 +21,15 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry; import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel; import edu.cornell.mannlib.vitro.webapp.beans.Individual; +import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet; import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration; import edu.cornell.mannlib.vitro.webapp.beans.UserAccount; import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao; +import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao; import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory; /** @@ -53,6 +59,7 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory { bundle.addAll(createRoleLevelIdentifiers(req)); bundle.addAll(createBlacklistOrAssociatedIndividualIdentifiers(req)); bundle.addAll(createExplicitProxyEditingIdentifiers(req)); + bundle.addAll(createPermissionIdentifiers(req)); return bundle; } @@ -141,7 +148,8 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory { } /** - * Get all Individuals associated with the current user by explicit proxy relationship. + * Get all Individuals associated with the current user by explicit proxy + * relationship. */ private Collection createExplicitProxyEditingIdentifiers( HttpServletRequest req) { @@ -149,7 +157,7 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory { UserAccount user = LoginStatusBean.getCurrentUser(req); if (user != null) { - for(String proxiedUri: user.getProxiedIndividualUris()) { + for (String proxiedUri : user.getProxiedIndividualUris()) { ids.add(new HasProxyEditingRights(proxiedUri)); } } @@ -157,6 +165,44 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory { return ids; } + /** + * Create an identifier for each Permission that the User has. + */ + private Collection createPermissionIdentifiers( + HttpServletRequest req) { + Collection ids = new ArrayList(); + + UserAccount user = LoginStatusBean.getCurrentUser(req); + if (user == null) { + log.debug("No Permissions: not logged in."); + return ids; + } + + WebappDaoFactory wdf = (WebappDaoFactory) context + .getAttribute("webappDaoFactory"); + if (wdf == null) { + log.error("Could not get a WebappDaoFactory from the ServletContext"); + return ids; + } + + Set permissionUris = new HashSet(); + UserAccountsDao uaDao = wdf.getUserAccountsDao(); + for (String psUri: user.getPermissionSetUris()) { + PermissionSet ps = uaDao.getPermissionSetByUri(psUri); + if (ps != null) { + permissionUris.addAll(ps.getPermissionUris()); + } + } + + PermissionRegistry registry = PermissionRegistry.getRegistry(context); + for (String permissionUri: permissionUris) { + Permission permission = registry.getPermission(permissionUri); + ids.add(new HasPermission(permission)); + } + + return ids; + } + @Override public String toString() { return this.getClass().getSimpleName() + " - " + hashCode(); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasPermission.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasPermission.java new file mode 100644 index 000000000..9621842b0 --- /dev/null +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/identifier/common/HasPermission.java @@ -0,0 +1,44 @@ +/* $This file is distributed under the terms of the license in /doc/license.txt$ */ + +package edu.cornell.mannlib.vitro.webapp.auth.identifier.common; + +import java.util.Collection; +import java.util.HashSet; +import java.util.Set; + +import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission; + +/** + * The current user has this Permission, through one or more PermissionSets. + */ +public class HasPermission extends AbstractCommonIdentifier implements + Identifier { + public static Collection getIdentifiers(IdentifierBundle ids) { + return getIdentifiersForClass(ids, HasPermission.class); + } + + public static Collection getPermissions(IdentifierBundle ids) { + Set set = new HashSet(); + for (HasPermission id : getIdentifiers(ids)) { + set.add(id.getPermission()); + } + return set; + } + + private final Permission permission; + + public HasPermission(Permission permission) { + this.permission = permission; + } + + public Permission getPermission() { + return permission; + } + + @Override + public String toString() { + return "HasPermission[" + permission + "]"; + } +}