Source code

001/*
002 *  Copyright 2020 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.ugc.accesscontroller;
017
018import java.util.HashMap;
019import java.util.List;
020import java.util.Map;
021import java.util.Set;
022
023import org.apache.avalon.framework.service.ServiceException;
024import org.apache.avalon.framework.service.ServiceManager;
025import org.apache.avalon.framework.service.Serviceable;
026import org.apache.commons.collections.MapUtils;
027
028import org.ametys.cms.contenttype.ContentTypesHelper;
029import org.ametys.core.group.GroupIdentity;
030import org.ametys.core.right.AccessController;
031import org.ametys.core.user.UserIdentity;
032import org.ametys.plugins.ugc.page.UGCPage;
033
034/**
035 * {@link AccessController} so creator of a UGC content types receive edit/delete rights on it
036 *
037 */
038public class UGCCreatorPageAccessController implements AccessController, Serviceable
039{
040    private static final List<String> __CREATOR_RIGHTS = List.of("Front_Edition_Access_Right");
041    
042    /** ContentTypes Helper */
043    protected ContentTypesHelper _cTypeHelper;
044    
045    public void service(ServiceManager smanager) throws ServiceException
046    {
047        _cTypeHelper = (ContentTypesHelper) smanager.lookup(ContentTypesHelper.ROLE);
048    }
049    
050    public boolean isSupported(Object object)
051    {
052        return object instanceof UGCPage;
053    }
054    
055    public AccessResult getPermission(UserIdentity user, Set<GroupIdentity> userGroups, String rightId, Object object)
056    {
057        if (((UGCPage) object).getUgcContent().getCreator().equals(user))
058        {
059            return __CREATOR_RIGHTS.contains(rightId) ? AccessResult.USER_ALLOWED : AccessResult.UNKNOWN;
060        }
061        
062        return AccessResult.UNKNOWN;
063    }
064
065    public AccessResult getReadAccessPermission(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
066    {
067        return AccessResult.UNKNOWN;
068    }
069
070    /**
071     * If creator, access to a list of rights
072     */
073    public Map<String, AccessResult> getPermissionByRight(UserIdentity user, Set<GroupIdentity> userGroups, Object object)
074    {
075        Map<String, AccessResult> permissionByRight = new HashMap<>();
076        
077        if (((UGCPage) object).getUgcContent().getCreator().equals(user))
078        {
079            for (String rightId : __CREATOR_RIGHTS)
080            {
081                permissionByRight.put(rightId, AccessResult.USER_ALLOWED);
082            }
083        }
084        
085        return permissionByRight;
086    }
087
088    public AccessResult getPermissionForAnonymous(String rightId, Object object)
089    {
090        return AccessResult.UNKNOWN;
091    }
092
093    public AccessResult getReadAccessPermissionForAnonymous(Object object)
094    {
095        return AccessResult.UNKNOWN;
096    }
097
098    public AccessResult getPermissionForAnyConnectedUser(String rightId, Object object)
099    {
100        return AccessResult.UNKNOWN;
101    }
102
103    public AccessResult getReadAccessPermissionForAnyConnectedUser(Object object)
104    {
105        return AccessResult.UNKNOWN;
106    }
107
108    /**
109     * If right requested is in the list, the creator is added the list of USER_ALLOWED
110     */
111    public Map<UserIdentity, AccessResult> getPermissionByUser(String rightId, Object object)
112    {
113        Map<UserIdentity, AccessResult> permissionByUser = new HashMap<>();
114        
115        if (__CREATOR_RIGHTS.contains(rightId))
116        {
117            permissionByUser.put(((UGCPage) object).getUgcContent().getCreator(), AccessResult.USER_ALLOWED);
118        }
119        return permissionByUser;
120    }
121
122    public Map<UserIdentity, AccessResult> getReadAccessPermissionByUser(Object object)
123    {
124        return MapUtils.EMPTY_MAP;
125    }
126
127    public Map<GroupIdentity, AccessResult> getPermissionByGroup(String rightId, Object object)
128    {
129        return MapUtils.EMPTY_MAP;
130    }
131
132    public Map<GroupIdentity, AccessResult> getReadAccessPermissionByGroup(Object object)
133    {
134        return MapUtils.EMPTY_MAP;
135    }
136
137    public boolean hasUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups, String rightId)
138    {
139        return false;
140    }
141
142    public boolean hasUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts, UserIdentity user, Set<GroupIdentity> userGroups)
143    {
144        return false;
145    }
146
147    public boolean hasAnonymousAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
148    {
149        return false;
150    }
151
152    public boolean hasAnonymousAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
153    {
154        return false;
155    }
156
157    public boolean hasAnyConnectedUserAnyPermissionOnWorkspace(Set<Object> workspacesContexts, String rightId)
158    {
159        return false;
160    }
161
162    public boolean hasAnyConnectedUserAnyReadAccessPermissionOnWorkspace(Set<Object> workspacesContexts)
163    {
164        return false;
165    }
166}