1 package fr.ifremer.dali.security;
2
3 /*
4 * #%L
5 * Dali :: Core
6 * $Id:$
7 * $HeadURL:$
8 * %%
9 * Copyright (C) 2014 - 2015 Ifremer
10 * %%
11 * This program is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU Affero General Public License as published by
13 * the Free Software Foundation, either version 3 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU Affero General Public License
22 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 * #L%
24 */
25
26 import fr.ifremer.quadrige3.core.security.SecurityContextHelper;
27 import org.springframework.security.access.PermissionEvaluator;
28 import org.springframework.security.core.Authentication;
29 import org.springframework.stereotype.Service;
30
31 import java.io.Serializable;
32
33 /**
34 * <p>DaliPermissionEvaluator class.</p>
35 *
36 * This class is not used because Dali has less restrictions
37 *
38 * @author Ludovic Pecquot <ludovic.pecquot@e-is.pro>
39 */
40 @Service("daliPermissionEvaluator")
41 public class DaliPermissionEvaluator implements PermissionEvaluator {
42
43 // @Autowired
44 // @Lazy
45 // protected ProgramStrategyService programStrategyService;
46 //
47 // @Autowired
48 // @Lazy
49 // protected CampaignService campaignService;
50
51 /**
52 * {@inheritDoc}
53 */
54 @Override
55 public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission) {
56 return hasPermission(authentication, targetDomainObject instanceof Serializable ? (Serializable) targetDomainObject : null, null, permission);
57 }
58
59 /**
60 * {@inheritDoc}
61 */
62 @Override
63 public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
64
65 // basic permission
66 if (!SecurityContextHelper.hasAuthority(authentication, permission)) {
67 return false;
68 }
69
70 // code below is not 100% functional
71 return true;
72
73 /*
74 boolean result = false;
75
76 // specific permission for program related objects
77 if (StringUtils.isNotBlank(targetType) && targetId != null) {
78
79 switch (targetType) {
80 case DaliPermissionType.SAVE_PROGRAM: {
81
82 // targetId could be a collection of ProgramDTO
83 Collection<String> programCodes = new ArrayList<>();
84 if (targetId instanceof Collection) {
85 programCodes.addAll(((Collection<ProgramDTO>) targetId).stream().map(ProgramDTO::getCode).collect(Collectors.toList()));
86 } else if (targetId instanceof ProgramDTO) {
87 programCodes.add(((ProgramDTO) targetId).getCode());
88 }
89 result = userHasWriteAccessOnPrograms(programCodes);
90 }
91 break;
92
93 case DaliPermissionType.SAVE_PROGRAM_STRATEGY: {
94
95 // targetId should be a Collection of ProgStratDTO
96 Collection<String> programCodes = new ArrayList<>();
97 if (targetId instanceof Collection) {
98 programCodes.addAll(((Collection<ProgStratDTO>) targetId).stream().map(progStratDTO -> progStratDTO.getProgram().getCode()).collect(Collectors.toList()));
99 }
100 result = userHasWriteAccessOnPrograms(programCodes);
101 }
102 break;
103
104 case DaliPermissionType.SAVE_CAMPAIGN: {
105
106 // targetId should be a collection of CampaignDTO
107 List<Integer> campaignIds = new ArrayList<>();
108 if (targetId instanceof Collection) {
109 campaignIds.addAll(((Collection<CampaignDTO>)targetId).stream().filter(campaignDTO -> campaignDTO.getId()!=null).map(CampaignDTO::getId).collect(Collectors.toList()));
110 }
111 result = userHasWriteAccessOnCampaigns(campaignIds);
112
113 }
114 break;
115
116 case DaliPermissionType.DELETE_CAMPAIGN: {
117
118 // targetId should be a collection of Integer
119 result = userHasWriteAccessOnCampaigns((Collection<Integer>) targetId);
120 }
121 break;
122
123 case DaliPermissionType.RULE_LIST:
124 break;
125
126 default:
127 result = false;
128
129 }
130
131 }
132
133 return result;
134 */
135 }
136
137 // private boolean userHasWriteAccessOnPrograms(Collection<String> programCodes) {
138 //
139 // List<ProgramVO> writablePrograms = programStrategyService.getWritableProgramsByQuserId(SecurityContextHelper.getQuadrigeUserId());
140 // List<String> writableProgramCodes = writablePrograms.stream().map(ProgramVO::getProgCd).collect(Collectors.toList());
141 //
142 // return writableProgramCodes.containsAll(programCodes);
143 // }
144 //
145 // private boolean userHasWriteAccessOnCampaigns(Collection<Integer> campaignIds) {
146 //
147 // return campaignService.getWritableCampaignForUser(SecurityContextHelper.getQuadrigeUserId()).containsAll(campaignIds);
148 // }
149 }