/**
  * @see
  *     org.telscenter.sail.webapp.service.offering.RunService#getSharedTeacherRole(org.telscenter.sail.webapp.domain.Run,
  *     net.sf.sail.webapp.domain.User)
  */
 public String getSharedTeacherRole(Run run, User user) {
   List<Permission> permissions = this.aclService.getPermissions(run, user);
   // for runs, a user can have at most one permission per run
   if (!permissions.isEmpty()) {
     Permission permission = permissions.get(0);
     if (permission.equals(BasePermission.READ)) {
       return UserDetailsService.RUN_READ_ROLE;
     } else if (permission.equals(BasePermission.WRITE)) {
       return UserDetailsService.RUN_GRADE_ROLE;
     }
   }
   return null;
 }
 /**
  * @param permission the permission to convert
  * @return a string
  */
 public final String convert(final Permission permission) {
   if (permission == null) {
     return null;
   } else if (permission.equals(BasePermission.CREATE)) {
     return "CREATE";
   } else if (permission.equals(BasePermission.READ)) {
     return "READ";
   } else if (permission.equals(BasePermission.WRITE)) {
     return "WRITE";
   } else if (permission.equals(BasePermission.DELETE)) {
     return "DELETE";
   } else if (permission.equals(BasePermission.ADMINISTRATION)) {
     return "ADMINISTRATION";
   } else {
     throw new IllegalArgumentException(permission + " cannot be converted into a string");
   }
 }
  /**
   * Apply every permission from list to every sid from list.
   *
   * @param sids list of sids
   * @param permissions list of permissions
   * @param target securable object
   * @param acl ACL of this object
   * @param granting grant if true, revoke if false
   */
  private void applyPermissionsToSids(
      List<Sid> sids,
      List<Permission> permissions,
      Entity target,
      MutableAcl acl,
      boolean granting) {

    deletePermissionsFromAcl(acl, sids, permissions);

    int aclIndex = acl.getEntries().size();
    for (Sid recipient : sids) {
      for (Permission permission : permissions) {
        // add permission to acl for recipient
        acl.insertAce(aclIndex++, permission, recipient, granting);
        logger.debug(
            "Added permission mask {} for Sid {} securedObject {} id {}",
            new Object[] {
              permission.getMask(), recipient, target.getClass().getSimpleName(), target.getId()
            });
      }
    }
  }
Exemple #4
0
  /**
   * This method checks, if the Login has the specified permission.
   *
   * @param clazz the clazz
   * @param permission the permission
   * @return true, if checks for permission
   */
  public boolean hasPermission(Class<? extends AbstractDomainObject> clazz, Permission permission) {
    // TODO Check permission delete
    boolean hasPermission = false;

    if (clazz.equals(Login.class) || clazz.equals(Person.class)) {

      for (Role r : roles) {
        if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
          hasPermission = hasPermission || r.isCreateUser();
        } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
          hasPermission = hasPermission || r.isWriteOtherUser();
        } else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
          hasPermission = hasPermission || r.isReadOtherUser();
        } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
          hasPermission = hasPermission || r.isAdminOtherUser();
        }
      }
    } else if (clazz.equals(TrialSite.class)) {

      for (Role r : roles) {
        if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
          hasPermission = hasPermission || r.isCreateTrialSite();
        } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
          hasPermission = hasPermission || r.isWriteTrialSite();
        } else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
          hasPermission = hasPermission || r.isReadTrialSite();
        } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
          hasPermission = hasPermission || r.isAdminTrialSite();
        }
      }
    } else if (clazz.equals(Trial.class)) {

      for (Role r : roles) {
        if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
          hasPermission = hasPermission || r.isCreateTrial();
        } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
          hasPermission = hasPermission || r.isWriteTrial();
        } else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
          hasPermission = hasPermission || r.isReadTrial();
        } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
          hasPermission = hasPermission || r.isAdminTrial();
        }
      }
    } else if (clazz.equals(TrialSubject.class)) {

      for (Role r : roles) {
        if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
          hasPermission = hasPermission || r.isCreateTrialSubject();
        } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
          hasPermission = hasPermission || r.isWriteTrialSubject();
        } else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
          hasPermission = hasPermission || r.isReadTrialSubject();
        } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
          hasPermission = hasPermission || r.isAdminTrialSubject();
        }
      }
    }

    return hasPermission;
  }