View Javadoc
1   package fr.ifremer.dali.security;
2   
3   /*
4    * #%L
5    * Dali :: Core
6    * $Id:$
7    * $HeadURL:$
8    * %%
9    * Copyright (C) 2014 - 2015 Ifremer
10   * %%
11   * This program is free software: you can redistribute it and/or modify
12   * it under the terms of the GNU Affero General Public License as published by
13   * the Free Software Foundation, either version 3 of the License, or
14   * (at your option) any later version.
15   * 
16   * This program is distributed in the hope that it will be useful,
17   * but WITHOUT ANY WARRANTY; without even the implied warranty of
18   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19   * GNU General Public License for more details.
20   * 
21   * You should have received a copy of the GNU Affero General Public License
22   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
23   * #L%
24   */
25  
26  import fr.ifremer.quadrige3.core.security.SecurityContextHelper;
27  import org.springframework.security.access.PermissionEvaluator;
28  import org.springframework.security.core.Authentication;
29  import org.springframework.stereotype.Service;
30  
31  import java.io.Serializable;
32  
33  /**
34   * <p>DaliPermissionEvaluator class.</p>
35   *
36   * This class is not used because Dali has less restrictions
37   *
38   * @author Ludovic Pecquot <ludovic.pecquot@e-is.pro>
39   */
40  @Service("daliPermissionEvaluator")
41  public class DaliPermissionEvaluator implements PermissionEvaluator {
42  
43  //    @Autowired
44  //    @Lazy
45  //    protected ProgramStrategyService programStrategyService;
46  //
47  //    @Autowired
48  //    @Lazy
49  //    protected CampaignService campaignService;
50  
51      /**
52       * {@inheritDoc}
53       */
54      @Override
55      public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
56          return hasPermission(authentication, targetDomainObject instanceof Serializable ? (Serializable) targetDomainObject : null, null, permission);
57      }
58  
59      /**
60       * {@inheritDoc}
61       */
62      @Override
63      public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
64  
65          // basic permission
66          if (!SecurityContextHelper.hasAuthority(authentication, permission)) {
67              return false;
68          }
69  
70          // code below is not 100% functional
71          return true;
72  
73          /*
74          boolean result = false;
75  
76          // specific permission for program related objects
77          if (StringUtils.isNotBlank(targetType) && targetId != null) {
78  
79              switch (targetType) {
80                  case DaliPermissionType.SAVE_PROGRAM: {
81  
82                      // targetId could be a collection of ProgramDTO
83                      Collection<String> programCodes = new ArrayList<>();
84                      if (targetId instanceof Collection) {
85                          programCodes.addAll(((Collection<ProgramDTO>) targetId).stream().map(ProgramDTO::getCode).collect(Collectors.toList()));
86                      } else if (targetId instanceof ProgramDTO) {
87                          programCodes.add(((ProgramDTO) targetId).getCode());
88                      }
89                      result = userHasWriteAccessOnPrograms(programCodes);
90                  }
91                  break;
92  
93                  case DaliPermissionType.SAVE_PROGRAM_STRATEGY: {
94  
95                      // targetId should be a Collection of ProgStratDTO
96                      Collection<String> programCodes = new ArrayList<>();
97                      if (targetId instanceof Collection) {
98                          programCodes.addAll(((Collection<ProgStratDTO>) targetId).stream().map(progStratDTO -> progStratDTO.getProgram().getCode()).collect(Collectors.toList()));
99                      }
100                     result = userHasWriteAccessOnPrograms(programCodes);
101                 }
102                 break;
103 
104                 case DaliPermissionType.SAVE_CAMPAIGN: {
105 
106                     // targetId should be a collection of CampaignDTO
107                     List<Integer> campaignIds = new ArrayList<>();
108                     if (targetId instanceof Collection) {
109                         campaignIds.addAll(((Collection<CampaignDTO>)targetId).stream().filter(campaignDTO -> campaignDTO.getId()!=null).map(CampaignDTO::getId).collect(Collectors.toList()));
110                     }
111                     result = userHasWriteAccessOnCampaigns(campaignIds);
112 
113                 }
114                 break;
115 
116                 case DaliPermissionType.DELETE_CAMPAIGN: {
117 
118                     // targetId should be a collection of Integer
119                     result = userHasWriteAccessOnCampaigns((Collection<Integer>) targetId);
120                 }
121                 break;
122 
123                 case DaliPermissionType.RULE_LIST:
124                     break;
125 
126                 default:
127                     result = false;
128 
129             }
130 
131         }
132 
133         return result;
134         */
135     }
136 
137 //    private boolean userHasWriteAccessOnPrograms(Collection<String> programCodes) {
138 //
139 //        List<ProgramVO> writablePrograms = programStrategyService.getWritableProgramsByQuserId(SecurityContextHelper.getQuadrigeUserId());
140 //        List<String> writableProgramCodes = writablePrograms.stream().map(ProgramVO::getProgCd).collect(Collectors.toList());
141 //
142 //        return writableProgramCodes.containsAll(programCodes);
143 //    }
144 //
145 //    private boolean userHasWriteAccessOnCampaigns(Collection<Integer> campaignIds) {
146 //
147 //        return campaignService.getWritableCampaignForUser(SecurityContextHelper.getQuadrigeUserId()).containsAll(campaignIds);
148 //    }
149 }