/** * @see * org.telscenter.sail.webapp.service.offering.RunService#getSharedTeacherRole(org.telscenter.sail.webapp.domain.Run, * net.sf.sail.webapp.domain.User) */ public String getSharedTeacherRole(Run run, User user) { List<Permission> permissions = this.aclService.getPermissions(run, user); // for runs, a user can have at most one permission per run if (!permissions.isEmpty()) { Permission permission = permissions.get(0); if (permission.equals(BasePermission.READ)) { return UserDetailsService.RUN_READ_ROLE; } else if (permission.equals(BasePermission.WRITE)) { return UserDetailsService.RUN_GRADE_ROLE; } } return null; }
/** * @param permission the permission to convert * @return a string */ public final String convert(final Permission permission) { if (permission == null) { return null; } else if (permission.equals(BasePermission.CREATE)) { return "CREATE"; } else if (permission.equals(BasePermission.READ)) { return "READ"; } else if (permission.equals(BasePermission.WRITE)) { return "WRITE"; } else if (permission.equals(BasePermission.DELETE)) { return "DELETE"; } else if (permission.equals(BasePermission.ADMINISTRATION)) { return "ADMINISTRATION"; } else { throw new IllegalArgumentException(permission + " cannot be converted into a string"); } }
/** * Apply every permission from list to every sid from list. * * @param sids list of sids * @param permissions list of permissions * @param target securable object * @param acl ACL of this object * @param granting grant if true, revoke if false */ private void applyPermissionsToSids( List<Sid> sids, List<Permission> permissions, Entity target, MutableAcl acl, boolean granting) { deletePermissionsFromAcl(acl, sids, permissions); int aclIndex = acl.getEntries().size(); for (Sid recipient : sids) { for (Permission permission : permissions) { // add permission to acl for recipient acl.insertAce(aclIndex++, permission, recipient, granting); logger.debug( "Added permission mask {} for Sid {} securedObject {} id {}", new Object[] { permission.getMask(), recipient, target.getClass().getSimpleName(), target.getId() }); } } }
/** * This method checks, if the Login has the specified permission. * * @param clazz the clazz * @param permission the permission * @return true, if checks for permission */ public boolean hasPermission(Class<? extends AbstractDomainObject> clazz, Permission permission) { // TODO Check permission delete boolean hasPermission = false; if (clazz.equals(Login.class) || clazz.equals(Person.class)) { for (Role r : roles) { if (permission.getMask() == PermissionHibernate.CREATE.getMask()) { hasPermission = hasPermission || r.isCreateUser(); } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) { hasPermission = hasPermission || r.isWriteOtherUser(); } else if (permission.getMask() == PermissionHibernate.READ.getMask()) { hasPermission = hasPermission || r.isReadOtherUser(); } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) { hasPermission = hasPermission || r.isAdminOtherUser(); } } } else if (clazz.equals(TrialSite.class)) { for (Role r : roles) { if (permission.getMask() == PermissionHibernate.CREATE.getMask()) { hasPermission = hasPermission || r.isCreateTrialSite(); } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) { hasPermission = hasPermission || r.isWriteTrialSite(); } else if (permission.getMask() == PermissionHibernate.READ.getMask()) { hasPermission = hasPermission || r.isReadTrialSite(); } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) { hasPermission = hasPermission || r.isAdminTrialSite(); } } } else if (clazz.equals(Trial.class)) { for (Role r : roles) { if (permission.getMask() == PermissionHibernate.CREATE.getMask()) { hasPermission = hasPermission || r.isCreateTrial(); } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) { hasPermission = hasPermission || r.isWriteTrial(); } else if (permission.getMask() == PermissionHibernate.READ.getMask()) { hasPermission = hasPermission || r.isReadTrial(); } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) { hasPermission = hasPermission || r.isAdminTrial(); } } } else if (clazz.equals(TrialSubject.class)) { for (Role r : roles) { if (permission.getMask() == PermissionHibernate.CREATE.getMask()) { hasPermission = hasPermission || r.isCreateTrialSubject(); } else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) { hasPermission = hasPermission || r.isWriteTrialSubject(); } else if (permission.getMask() == PermissionHibernate.READ.getMask()) { hasPermission = hasPermission || r.isReadTrialSubject(); } else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) { hasPermission = hasPermission || r.isAdminTrialSubject(); } } } return hasPermission; }