Source code

001/*
002 *  Copyright 2022 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.queriesdirectory.accesscontroller;
017
018import java.util.HashMap;
019import java.util.List;
020import java.util.Map;
021import java.util.Set;
022
023import org.apache.commons.collections.MapUtils;
024
025import org.ametys.core.group.GroupIdentity;
026import org.ametys.core.right.AccessController;
027import org.ametys.core.user.UserIdentity;
028import org.ametys.plugins.queriesdirectory.Query;
029import org.ametys.plugins.queriesdirectory.QueryDAO;
030
031/**
032 * {@link AccessController} to allow read access and handle for author of a query
033 *
034 */
035public class QueryAuthorAccessController implements AccessController
036{
037    private static final List<String> __CREATOR_RIGHTS = List.of(QueryDAO.QUERY_HANDLE_RIGHT_ID);
038    
039    public boolean isSupported(Object object)
040    {
041        return object instanceof Query;
042    }
043    
044    public AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
045    {
046        if (((Query) object).getAuthor().equals(user))
047        {
048            return __CREATOR_RIGHTS.contains(rightId) ? AccessResult.USER_ALLOWED : AccessResult.UNKNOWN;
049        }
050        
051        return AccessResult.UNKNOWN;
052    }
053
054    public AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
055    {
056        return ((Query) object).getAuthor().equals(user) ? AccessResult.USER_ALLOWED : AccessResult.UNKNOWN;
057    }
058
059    /**
060     * If creator, access to a list of rights
061     */
062    public Map<String, AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
063    {
064        Map<String, AccessResult> permissionByRight = new HashMap<>();
065        
066        if (((Query) object).getAuthor().equals(user))
067        {
068            for (String rightId : __CREATOR_RIGHTS)
069            {
070                permissionByRight.put(rightId, AccessResult.USER_ALLOWED);
071            }
072        }
073        
074        return permissionByRight;
075    }
076
077    public AccessResult getPermissionForAnonymous(String rightId, Object object)
078    {
079        return AccessResult.UNKNOWN;
080    }
081
082    public AccessResult getReadAccessPermissionForAnonymous(Object object)
083    {
084        return AccessResult.UNKNOWN;
085    }
086
087    public AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
088    {
089        return AccessResult.UNKNOWN;
090    }
091
092    public AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
093    {
094        return AccessResult.UNKNOWN;
095    }
096
097    /**
098     * If right requested is in the list, the creator is added the list of USER_ALLOWED
099     */
100    public Map<UserIdentity, AccessResult> getPermissionByUser(String rightId, Object object)
101    {
102        Map<UserIdentity, AccessResult> permissionByUser = new HashMap<>();
103        
104        if (__CREATOR_RIGHTS.contains(rightId))
105        {
106            permissionByUser.put(((Query) object).getAuthor(), AccessResult.USER_ALLOWED);
107        }
108        return permissionByUser;
109    }
110
111    public Map<UserIdentity, AccessResult> getReadAccessPermissionByUser(Object object)
112    {
113        return MapUtils.EMPTY_MAP;
114    }
115
116    public Map<GroupIdentity, AccessResult> getPermissionByGroup(String rightId, Object object)
117    {
118        return MapUtils.EMPTY_MAP;
119    }
120
121    public Map<GroupIdentity, AccessResult> getReadAccessPermissionByGroup(Object object)
122    {
123        return MapUtils.EMPTY_MAP;
124    }
125
126    public boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
127    {
128        return false;
129    }
130
131    public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
132    {
133        return false;
134    }
135
136    public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
137    {
138        return false;
139    }
140
141    public boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
142    {
143        return false;
144    }
145
146    public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
147    {
148        return false;
149    }
150
151    public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
152    {
153        return false;
154    }
155}