/**
* Answers whether a given "agent" is authorized to perform a given "action" on the target entity,
* that could be a register or a code. Unspecified constraints (null values) are considered as
* all. e.g.: agent-null-target would return whether the agent is allowed all operations on the
* target. If no authorization directives are provided by the AuthManager, the request is
*
* @param agent the URI of the agent performing the action. Through the code the agent is also
* referred to as "actor" or "actorURI". A null values stands for all agents.
* @param action the URI of the action. A null value stands for all actions.
* @param entity the URI of the target entity. A null value stands for all targets.
* @throws ModelException
* @throws RegistryAccessException
*/
public boolean can(String agent, String action, String entity)
throws RegistryAccessException, ModelException {
Loggers.authLogger.debug("Asking auth for: " + agent + " " + action + " " + entity);
if (agent == null) agent = AuthConfig.allActors;
if (action == null) action = AuthConfig.allActions;
if (entity == null) entity = AuthConfig.allEntities;
if (myAuthServer.contains(agent, action, entity)
|| myAuthServer.contains(agent, action, AuthConfig.allEntities)
|| myAuthServer.contains(agent, AuthConfig.allActions, entity)
|| myAuthServer.contains(agent, AuthConfig.allActions, AuthConfig.allEntities)
|| myAuthServer.contains(AuthConfig.allActors, action, entity)
|| myAuthServer.contains(AuthConfig.allActors, action, AuthConfig.allEntities)
|| myAuthServer.contains(AuthConfig.allActors, AuthConfig.allActions, entity)
|| myAuthServer.contains(
AuthConfig.allActors, AuthConfig.allActions, AuthConfig.allEntities)) {
Loggers.authLogger.debug("Granted");
return true;
} else {
if (entity.equals(AuthConfig.allEntities)) return false;
boolean answer = false;
Set<TerminologySet> containers;
if (myFactory.terminologyIndividualExist(entity)) {
TerminologyIndividual myInd = myFactory.getUncheckedTerminologyIndividual(entity);
containers = myInd.getContainers(myInd.getLastVersion());
} else if (myFactory.terminologySetExist(entity)) {
TerminologySet mySet = myFactory.getUncheckedTerminologySet(entity);
containers = mySet.getContainers(mySet.getLastVersion());
} else throw new RegistryAccessException("Unknown: " + entity);
Iterator<TerminologySet> contIter = containers.iterator();
while (contIter.hasNext()) {
TerminologySet parent = contIter.next();
Loggers.authLogger.trace("Asking up: " + parent.getURI());
answer = answer || can(agent, action, parent.getURI());
}
return answer;
}
}
public String render(TerminologyFactory factory, String tag) throws ModelException {
String resultString = rawString;
resultString = resultString.replace("<<tmtTag>>", tag);
resultString = resultString.replace("<<tmtOwner>>", "Author is not implemented");
String roots = "";
for (TerminologySet s : factory.getRootCollections()) {
if (s.getVersionsForTag(tag).length > 0)
roots += s.getLabel(s.getVersionsForTag(tag)[0]) + " ";
else roots += s.getLabel(s.getLastVersion()) + " ";
}
resultString = resultString.replace("<<tmtRoots>>", roots);
return resultString;
}
