/** * delegates to SecurityFilter because that is where the logic is defined for the {@link * #enableReadFilter(Object) read filter} * * <p>Ignores the id for the moment. * * <p>Though we pass in whether or not a share is active for completeness, a different {@link * ACLVoter} implementation will almost certainly be active for share use. */ public boolean allowLoad(Class<? extends IObject> klass, Details d, long id) { Assert.notNull(klass); if (d == null || sysTypes.isSystemType(klass) || sysTypes.isInSystemGroup(d) || sysTypes.isInUserGroup(d)) { return true; } final BasicEventContext c = currentUser.current(); final boolean nonPrivate = c.getCurrentGroupPermissions().isGranted(Role.GROUP, Right.READ) || c.getCurrentGroupPermissions().isGranted(Role.WORLD, Right.READ); final boolean isShare = c.getCurrentShareId() != null; final boolean adminOrPi = c.isCurrentUserAdmin() || c.getLeaderOfGroupsList().contains(c.getCurrentGroupId()); return securityFilter.passesFilter( d, c.getGroup().getId(), c.getOwner().getId(), nonPrivate, adminOrPi, isShare); }