private void throwSecurityViolationIfNotAllowed(final IObject i) {
final String type = i.getClass().getName();
final Details d = i.getDetails();
final long user = d.getOwner().getId();
final long group = d.getGroup().getId();
final EventContext ec = getSecuritySystem().getEventContext();
final boolean root = ec.isCurrentUserAdmin();
final List<Long> leaderof = ec.getLeaderOfGroupsList();
final boolean pi = leaderof.contains(group);
final boolean own = ec.getCurrentUserId().equals(user);
if (!own && !root && !pi) {
if (log.isWarnEnabled()) {
log.warn(
String.format(
"User %d attempted to delete " + type + " %d belonging to User %d",
ec.getCurrentUserId(),
i.getId(),
user));
}
throw new SecurityViolation(
String.format("User %s cannot delete %s %d ", ec.getCurrentUserName(), type, i.getId()));
}
}
public void throwUpdateViolation(IObject iObject) throws SecurityViolation {
Assert.notNull(iObject);
boolean sysType =
sysTypes.isSystemType(iObject.getClass()) || sysTypes.isInSystemGroup(iObject.getDetails());
if (!sysType && currentUser.isGraphCritical()) { // ticket:1769
throw new GroupSecurityViolation(iObject + "-modification violates " + "group-security.");
}
throw new SecurityViolation("Updating " + iObject + " not allowed.");
}
public void throwCreationViolation(IObject iObject) throws SecurityViolation {
Assert.notNull(iObject);
boolean sysType =
sysTypes.isSystemType(iObject.getClass()) || sysTypes.isInSystemGroup(iObject.getDetails());
if (!sysType && currentUser.isGraphCritical()) { // ticket:1769
throw new GroupSecurityViolation(iObject + "-insertion violates " + "group-security.");
}
throw new SecurityViolation(
iObject + " is a System-type, and may only be " + "created through privileged APIs.");
}
public Object[] getProjections(IObject object) {
Object o = object.retrieve(ALL_PROJECTIONS);
if (o instanceof Object[]) {
return (Object[]) o;
}
return null;
}
public Integer getTotalSize(IObject object) {
Object o = object.retrieve(TOTAL_SIZE);
if (o instanceof Integer) {
return (Integer) o;
}
return null;
}
public Float getScore(IObject object) {
Object o = object.retrieve(ProjectionConstants.SCORE);
if (o instanceof Float) {
return (Float) o;
}
return null;
}
/**
* walks the {@link IObject} argument <em>non-</em>recursively and gathers all {@link IObject}
* instances which will be linkd to by the creation or updating of the argument. (Previously
* this was called "locking" since a flag was set on the object to mark it as linked, but this
* was removed in 4.2)
*
* @param iObject A newly created or updated {@link IObject} instance which might possibly lock
* other {@link IObject IObjects}. A null argument will return an empty array to be checked.
* @return A non-null array of {@link IObject IObjects} which will be linked to.
*/
public IObject[] getLockCandidates(IObject iObject) {
if (iObject == null) {
return new IObject[] {};
}
Locks l = locksHolder.get(iObject.getClass().getName());
return l.getLockCandidates(iObject);
}
public boolean allowCreation(IObject iObject) {
Assert.notNull(iObject);
Class<?> cls = iObject.getClass();
boolean sysType = sysTypes.isSystemType(cls) || sysTypes.isInSystemGroup(iObject.getDetails());
if (!sysType && currentUser.isGraphCritical()) { // ticket:1769
Long uid = currentUser.getOwner().getId();
return objectBelongsToUser(iObject, uid);
} else if (tokenHolder.hasPrivilegedToken(iObject)
|| currentUser.getCurrentEventContext().isCurrentUserAdmin()) {
return true;
} else if (sysType) {
return false;
}
return true;
}
@Transactional(readOnly = true)
public Object doWork(Session s, ServiceFactory sf) {
if (q == null) {
return null;
}
final Class<?> cls = values.onlyTypes.get(0);
FullTextSession session = Search.createFullTextSession(s);
Criteria criteria = criteria(session);
if (criteria == null) {
return null; // EARLY EXIT. See criteria method.
}
final String ticket975 =
"ticket:975 - Wrong return type: %s instead of %s\n"
+ "Under some circumstances, byFullText and related methods \n"
+ "like bySomeMustNone can return instances of the wrong \n"
+ "types. One known case is the use of onlyAnnotatedWith(). \n"
+ "If you are recieving this error, please try using the \n"
+ "intersection/union methods to achieve the same results.";
// Main query
FullTextQuery ftQuery = session.createFullTextQuery(this.q, cls);
initializeQuery(ftQuery);
List<?> result = ftQuery.list();
int totalSize = ftQuery.getResultSize();
if (result.size() == 0) {
// EARLY EXIT
return result; // of wrong type but with generics it doesn't matter
}
final Map<Long, Integer> order = new HashMap<Long, Integer>();
final Map<Long, Float> scores = new HashMap<Long, Float>();
final Map<Long, Object[]> projections = new HashMap<Long, Object[]>();
for (int i = 0; i < result.size(); i++) {
Object[] parts = (Object[]) result.get(i);
scores.put((Long) parts[1], (Float) parts[0]);
order.put((Long) parts[1], i);
projections.put((Long) parts[1], parts);
}
// TODO Could add a performance optimization here on returnUnloaded
final LinkedList<Long> ids = new LinkedList<Long>(scores.keySet());
final List<IObject> check975 = new ArrayList<IObject>();
while (ids.size() > 0) {
final List<Long> page = new ArrayList<Long>();
for (int i = 0; i < 1000 && ids.size() > 0; i++) {
page.add(ids.removeFirst());
}
if (criteria == null) {
criteria = criteria(session);
}
criteria.add(Restrictions.in("id", page));
check975.addAll(criteria.list());
criteria = null;
}
for (IObject object : check975) {
// TODO This is now all but impossible. Remove
if (!cls.isAssignableFrom(object.getClass())) {
throw new ApiUsageException(String.format(ticket975, object.getClass(), cls));
} else {
object.putAt(TOTAL_SIZE, totalSize);
object.putAt(ProjectionConstants.SCORE, scores.get(object.getId()));
object.putAt(ALL_PROJECTIONS, projections.get(object.getId()));
}
}
// Order return value based on the original ordering
final Comparator cmp =
new Comparator() {
public int compare(Object obj1, Object obj2) {
IObject o1 = (IObject) obj1;
IObject o2 = (IObject) obj2;
Long id1 = o1.getId();
Long id2 = o2.getId();
Integer idx1 = order.get(id1);
Integer idx2 = order.get(id2);
return idx1.compareTo(idx2);
}
};
Collections.sort(check975, cmp);
return check975;
}
/**
* @param iObject
* @param uid
* @return @DEV.TODO this is less problematic than linking.
*/
private boolean objectBelongsToUser(IObject iObject, Long uid) {
Long oid = iObject.getDetails().getOwner().getId();
return uid.equals(oid); // Only allow own objects!
}
private boolean allowUpdateOrDelete(IObject iObject, Details trustedDetails, boolean update) {
Assert.notNull(iObject);
BasicEventContext c = currentUser.current();
Long uid = c.getCurrentUserId();
boolean sysType =
sysTypes.isSystemType(iObject.getClass()) || sysTypes.isInSystemGroup(iObject.getDetails());
// needs no details info
if (tokenHolder.hasPrivilegedToken(iObject)) {
return true; // ticket:1794, allow move to "user
} else if (update && !sysType && currentUser.isGraphCritical()) { // ticket:1769
return objectBelongsToUser(iObject, uid);
} else if (c.isCurrentUserAdmin()) {
return true;
} else if (sysType) {
return false;
}
// previously we were taking the details directly from iObject
// iObject, however, is in a critical state. Values such as
// Permissions, owner, and group may have been changed.
Details d = trustedDetails;
// this can now only happen if a table doesn't have permissions
// and there aren't any of those. so let it be updated.
if (d == null) {
return true;
}
// the owner and group information might be null if the type
// is intended to be a system-type but isn't marked as one
// via SecuritySystem.isSystemType(). A NPE here might imply
// that that information is out of sync.
Long o = d.getOwner() == null ? null : d.getOwner().getId();
Long g = d.getGroup() == null ? null : d.getGroup().getId();
// needs no permissions info
if (g != null && c.getLeaderOfGroupsList().contains(g)) {
return true;
}
Permissions p = d.getPermissions();
// this should never occur.
if (p == null) {
throw new InternalException(
"Permissions null! Security system "
+ "failure -- refusing to continue. The Permissions should "
+ "be set to a default value.");
}
// standard
if (p.isGranted(WORLD, WRITE)) {
return true;
}
if (p.isGranted(USER, WRITE) && o != null && o.equals(c.getOwner().getId())) {
return true;
}
/* ticket:1992 - removing concept of GROUP-WRITE
if (p.isGranted(GROUP, WRITE) && g != null
&& c.getMemberOfGroupsList().contains(g)) {
return true;
}
*/
return false;
}
