/** {@inheritDoc} */
@Override
public Token getSessionToken(Operation operation, User user, String resourceId, boolean owned)
throws SmartcampusException, SecurityException {
Token token = null;
switch (operation) {
case DOWNLOAD:
try {
if ((owned && isMyResource(user, resourceId))
|| (!owned
&& socialManager.checkPermission(
user, metaService.getEntityByResource(resourceId)))) {
logger.info(
String.format(
"Download permission ok, user: %s, resource: %s", user.getId(), resourceId));
token = generateToken(resourceId);
logger.info("Session token for download operation created successfully");
} else {
logger.error(
String.format(
"User %s not have download permission to resource %s",
user.getId(), resourceId));
throw new SecurityException("User has not permission on this resource");
}
} catch (SecurityException e) {
throw e;
} catch (Exception e) {
throw new SmartcampusException(e);
}
break;
default:
throw new IllegalArgumentException("Operation not supported");
}
return token;
}
/** {@inheritDoc} */
@Override
public boolean isPermitted(Operation operation, String resourceId, User user) {
Metadata resourceInfo = null;
try {
resourceInfo = metaService.getMetadata(resourceId);
Account account = userAccountManager.findById(resourceInfo.getAccountId());
if (account.getUserId().equals(user.getId())) return true;
} catch (NotFoundException e) {
logger.error(String.format("%s resource not found", resourceId));
return false;
}
switch (operation) {
case DOWNLOAD:
try {
if (socialManager.checkPermission(user, metaService.getEntityByResource(resourceId))) {
logger.info(
String.format(
"Access permission ok, user: %s, resource: %s", user.getId(), resourceId));
return true;
} else {
return false;
}
} catch (Exception e) {
e.printStackTrace();
return false;
}
default:
throw new IllegalArgumentException("Operation not supported");
}
}
