NIHVIVO-3523 Create the HasPermission identifier.
This commit is contained in:
j2blake
parent
24e1c7cfd8
commit
df0da56e7b
2 changed files with 92 additions and 2 deletions
|
|
@ -5,6 +5,8 @@ package edu.cornell.mannlib.vitro.webapp.auth.identifier.common;
|
|||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
|
|
@ -19,11 +21,15 @@ import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
|
|
@ -53,6 +59,7 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory {
|
|||
bundle.addAll(createRoleLevelIdentifiers(req));
|
||||
bundle.addAll(createBlacklistOrAssociatedIndividualIdentifiers(req));
|
||||
bundle.addAll(createExplicitProxyEditingIdentifiers(req));
|
||||
bundle.addAll(createPermissionIdentifiers(req));
|
||||
|
||||
return bundle;
|
||||
}
|
||||
|
|
@ -141,7 +148,8 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory {
|
|||
}
|
||||
|
||||
/**
|
||||
* Get all Individuals associated with the current user by explicit proxy relationship.
|
||||
* Get all Individuals associated with the current user by explicit proxy
|
||||
* relationship.
|
||||
*/
|
||||
private Collection<? extends Identifier> createExplicitProxyEditingIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
|
|
@ -157,6 +165,44 @@ public class CommonIdentifierBundleFactory implements IdentifierBundleFactory {
|
|||
return ids;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an identifier for each Permission that the User has.
|
||||
*/
|
||||
private Collection<? extends Identifier> createPermissionIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
Collection<Identifier> ids = new ArrayList<Identifier>();
|
||||
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user == null) {
|
||||
log.debug("No Permissions: not logged in.");
|
||||
return ids;
|
||||
}
|
||||
|
||||
WebappDaoFactory wdf = (WebappDaoFactory) context
|
||||
.getAttribute("webappDaoFactory");
|
||||
if (wdf == null) {
|
||||
log.error("Could not get a WebappDaoFactory from the ServletContext");
|
||||
return ids;
|
||||
}
|
||||
|
||||
Set<String> permissionUris = new HashSet<String>();
|
||||
UserAccountsDao uaDao = wdf.getUserAccountsDao();
|
||||
for (String psUri: user.getPermissionSetUris()) {
|
||||
PermissionSet ps = uaDao.getPermissionSetByUri(psUri);
|
||||
if (ps != null) {
|
||||
permissionUris.addAll(ps.getPermissionUris());
|
||||
}
|
||||
}
|
||||
|
||||
PermissionRegistry registry = PermissionRegistry.getRegistry(context);
|
||||
for (String permissionUri: permissionUris) {
|
||||
Permission permission = registry.getPermission(permissionUri);
|
||||
ids.add(new HasPermission(permission));
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return this.getClass().getSimpleName() + " - " + hashCode();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,44 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.common;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
|
||||
/**
|
||||
* The current user has this Permission, through one or more PermissionSets.
|
||||
*/
|
||||
public class HasPermission extends AbstractCommonIdentifier implements
|
||||
Identifier {
|
||||
public static Collection<HasPermission> getIdentifiers(IdentifierBundle ids) {
|
||||
return getIdentifiersForClass(ids, HasPermission.class);
|
||||
}
|
||||
|
||||
public static Collection<Permission> getPermissions(IdentifierBundle ids) {
|
||||
Set<Permission> set = new HashSet<Permission>();
|
||||
for (HasPermission id : getIdentifiers(ids)) {
|
||||
set.add(id.getPermission());
|
||||
}
|
||||
return set;
|
||||
}
|
||||
|
||||
private final Permission permission;
|
||||
|
||||
public HasPermission(Permission permission) {
|
||||
this.permission = permission;
|
||||
}
|
||||
|
||||
public Permission getPermission() {
|
||||
return permission;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "HasPermission[" + permission + "]";
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue