/**
* @see
* org.telscenter.sail.webapp.service.offering.RunService#getSharedTeacherRole(org.telscenter.sail.webapp.domain.Run,
* net.sf.sail.webapp.domain.User)
*/
public String getSharedTeacherRole(Run run, User user) {
List<Permission> permissions = this.aclService.getPermissions(run, user);
// for runs, a user can have at most one permission per run
if (!permissions.isEmpty()) {
Permission permission = permissions.get(0);
if (permission.equals(BasePermission.READ)) {
return UserDetailsService.RUN_READ_ROLE;
} else if (permission.equals(BasePermission.WRITE)) {
return UserDetailsService.RUN_GRADE_ROLE;
}
}
return null;
}
/**
* @param permission the permission to convert
* @return a string
*/
public final String convert(final Permission permission) {
if (permission == null) {
return null;
} else if (permission.equals(BasePermission.CREATE)) {
return "CREATE";
} else if (permission.equals(BasePermission.READ)) {
return "READ";
} else if (permission.equals(BasePermission.WRITE)) {
return "WRITE";
} else if (permission.equals(BasePermission.DELETE)) {
return "DELETE";
} else if (permission.equals(BasePermission.ADMINISTRATION)) {
return "ADMINISTRATION";
} else {
throw new IllegalArgumentException(permission + " cannot be converted into a string");
}
}
/**
* Apply every permission from list to every sid from list.
*
* @param sids list of sids
* @param permissions list of permissions
* @param target securable object
* @param acl ACL of this object
* @param granting grant if true, revoke if false
*/
private void applyPermissionsToSids(
List<Sid> sids,
List<Permission> permissions,
Entity target,
MutableAcl acl,
boolean granting) {
deletePermissionsFromAcl(acl, sids, permissions);
int aclIndex = acl.getEntries().size();
for (Sid recipient : sids) {
for (Permission permission : permissions) {
// add permission to acl for recipient
acl.insertAce(aclIndex++, permission, recipient, granting);
logger.debug(
"Added permission mask {} for Sid {} securedObject {} id {}",
new Object[] {
permission.getMask(), recipient, target.getClass().getSimpleName(), target.getId()
});
}
}
}
/**
* This method checks, if the Login has the specified permission.
*
* @param clazz the clazz
* @param permission the permission
* @return true, if checks for permission
*/
public boolean hasPermission(Class<? extends AbstractDomainObject> clazz, Permission permission) {
// TODO Check permission delete
boolean hasPermission = false;
if (clazz.equals(Login.class) || clazz.equals(Person.class)) {
for (Role r : roles) {
if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
hasPermission = hasPermission || r.isCreateUser();
} else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
hasPermission = hasPermission || r.isWriteOtherUser();
} else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
hasPermission = hasPermission || r.isReadOtherUser();
} else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
hasPermission = hasPermission || r.isAdminOtherUser();
}
}
} else if (clazz.equals(TrialSite.class)) {
for (Role r : roles) {
if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
hasPermission = hasPermission || r.isCreateTrialSite();
} else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
hasPermission = hasPermission || r.isWriteTrialSite();
} else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
hasPermission = hasPermission || r.isReadTrialSite();
} else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
hasPermission = hasPermission || r.isAdminTrialSite();
}
}
} else if (clazz.equals(Trial.class)) {
for (Role r : roles) {
if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
hasPermission = hasPermission || r.isCreateTrial();
} else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
hasPermission = hasPermission || r.isWriteTrial();
} else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
hasPermission = hasPermission || r.isReadTrial();
} else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
hasPermission = hasPermission || r.isAdminTrial();
}
}
} else if (clazz.equals(TrialSubject.class)) {
for (Role r : roles) {
if (permission.getMask() == PermissionHibernate.CREATE.getMask()) {
hasPermission = hasPermission || r.isCreateTrialSubject();
} else if (permission.getMask() == PermissionHibernate.WRITE.getMask()) {
hasPermission = hasPermission || r.isWriteTrialSubject();
} else if (permission.getMask() == PermissionHibernate.READ.getMask()) {
hasPermission = hasPermission || r.isReadTrialSubject();
} else if (permission.getMask() == PermissionHibernate.ADMINISTRATION.getMask()) {
hasPermission = hasPermission || r.isAdminTrialSubject();
}
}
}
return hasPermission;
}