Ejemplo n.º 1
0
  /**
   * TODO In the future, enable different configuration for Read/Update/Delete.
   *
   * @param callContext
   * @param repositoryId TODO
   * @param key
   * @param relationship
   * @return
   */
  private Boolean checkRelationshipPermission(
      CallContext callContext, String repositoryId, String key, Relationship relationship) {
    Content source = contentService.getRelationship(repositoryId, relationship.getSourceId());
    Content target = contentService.getRelationship(repositoryId, relationship.getTargetId());

    if (source == null || target == null) {
      log.warn(
          "[objectId="
              + relationship.getId()
              + "]Source or target of this relationship is missing");
      return false;
    }

    // Read action when a relationship is specified directly
    if (PermissionMapping.CAN_GET_PROPERTIES_OBJECT.equals(key)) {
      boolean readSource =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, source),
              source.getType(),
              source);
      boolean readTarget =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, target),
              target.getType(),
              target);
      return readSource | readTarget;
    }

    // Update action
    if (PermissionMapping.CAN_UPDATE_PROPERTIES_OBJECT.equals(key)) {
      boolean updateSource =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, source),
              source.getType(),
              source);
      boolean updateTarget =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, target),
              target.getType(),
              target);
      return updateSource | updateTarget;
    }

    // Delete action
    if (PermissionMapping.CAN_DELETE_OBJECT.equals(key)) {
      boolean deleteSource =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, source),
              source.getType(),
              source);
      boolean deleteTarget =
          checkPermission(
              callContext,
              repositoryId,
              PermissionMapping.CAN_GET_OBJECT_RELATIONSHIPS_OBJECT,
              contentService.calculateAcl(repositoryId, target),
              target.getType(),
              target);
      return deleteSource | deleteTarget;
    }

    return false;
  }