Source code

001/*
002 *  Copyright 2022 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.cart.accesscontroller;
017
018import java.util.HashMap;
019import java.util.List;
020import java.util.Map;
021import java.util.Set;
022
023import org.apache.commons.collections.MapUtils;
024
025import org.ametys.core.group.GroupIdentity;
026import org.ametys.core.right.AccessController;
027import org.ametys.core.user.UserIdentity;
028import org.ametys.plugins.cart.Cart;
029
030/**
031 * {@link AccessController} to allow read access and handle for author of a cart
032 *
033 */
034public class CartAuthorAccessController implements AccessController
035{
036    private static final List<String> __CREATOR_RIGHTS = List.of("Cart_Rights_Admin");
037    
038    public boolean isSupported(Object object)
039    {
040        return object instanceof Cart;
041    }
042    
043    public AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
044    {
045        if (((Cart) object).getAuthor().equals(user))
046        {
047            return __CREATOR_RIGHTS.contains(rightId) ? AccessResult.USER_ALLOWED : AccessResult.UNKNOWN;
048        }
049        
050        return AccessResult.UNKNOWN;
051    }
052
053    public AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
054    {
055        return ((Cart) object).getAuthor().equals(user) ? AccessResult.USER_ALLOWED : AccessResult.UNKNOWN;
056    }
057
058    /**
059     * If creator, access to a list of rights
060     */
061    public Map<String, AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
062    {
063        Map<String, AccessResult> permissionByRight = new HashMap<>();
064        
065        if (((Cart) object).getAuthor().equals(user))
066        {
067            for (String rightId : __CREATOR_RIGHTS)
068            {
069                permissionByRight.put(rightId, AccessResult.USER_ALLOWED);
070            }
071        }
072        
073        return permissionByRight;
074    }
075
076    public AccessResult getPermissionForAnonymous(String rightId, Object object)
077    {
078        return AccessResult.UNKNOWN;
079    }
080
081    public AccessResult getReadAccessPermissionForAnonymous(Object object)
082    {
083        return AccessResult.UNKNOWN;
084    }
085
086    public AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
087    {
088        return AccessResult.UNKNOWN;
089    }
090
091    public AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
092    {
093        return AccessResult.UNKNOWN;
094    }
095
096    /**
097     * If right requested is in the list, the creator is added the list of USER_ALLOWED
098     */
099    public Map<UserIdentity, AccessResult> getPermissionByUser(String rightId, Object object)
100    {
101        Map<UserIdentity, AccessResult> permissionByUser = new HashMap<>();
102        
103        if (__CREATOR_RIGHTS.contains(rightId))
104        {
105            permissionByUser.put(((Cart) object).getAuthor(), AccessResult.USER_ALLOWED);
106        }
107        return permissionByUser;
108    }
109
110    public Map<UserIdentity, AccessResult> getReadAccessPermissionByUser(Object object)
111    {
112        return MapUtils.EMPTY_MAP;
113    }
114
115    public Map<GroupIdentity, AccessResult> getPermissionByGroup(String rightId, Object object)
116    {
117        return MapUtils.EMPTY_MAP;
118    }
119
120    public Map<GroupIdentity, AccessResult> getReadAccessPermissionByGroup(Object object)
121    {
122        return MapUtils.EMPTY_MAP;
123    }
124
125    public boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
126    {
127        return false;
128    }
129
130    public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
131    {
132        return false;
133    }
134
135    public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
136    {
137        return false;
138    }
139
140    public boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
141    {
142        return false;
143    }
144
145    public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
146    {
147        return false;
148    }
149
150    public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
151    {
152        return false;
153    }
154}