Source code

001/*
002 *  Copyright 2025 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.odf.restriction;
017
018import java.util.List;
019import java.util.Set;
020
021import org.apache.avalon.framework.configuration.Configuration;
022import org.apache.avalon.framework.configuration.ConfigurationException;
023import org.apache.avalon.framework.context.Context;
024import org.apache.avalon.framework.context.ContextException;
025import org.apache.avalon.framework.context.Contextualizable;
026import org.apache.avalon.framework.service.ServiceException;
027import org.apache.avalon.framework.service.ServiceManager;
028import org.apache.cocoon.components.ContextHelper;
029import org.apache.cocoon.environment.Request;
030
031import org.ametys.cms.model.restrictions.DefaultRestriction;
032import org.ametys.cms.model.restrictions.RestrictedModelItem;
033import org.ametys.cms.repository.Content;
034import org.ametys.core.right.RightManager.RightResult;
035import org.ametys.odf.ODFHelper;
036import org.ametys.odf.ProgramItem;
037import org.ametys.odf.data.EducationalPath;
038import org.ametys.odf.rights.ODFRightHelper;
039import org.ametys.odf.rights.ODFRightHelper.ContextualizedContent;
040
041/**
042 * Restrictions for a repeater with educational path or for data in a repeater with educational
043 */
044public class RepeaterWithEducationalPathRestriction extends DefaultRestriction implements Contextualizable
045{
046    private Context _context;
047    private boolean _sharedOnly;
048    private ODFHelper _odfHelper;
049
050    @Override
051    public void configure(Configuration configuration) throws ConfigurationException
052    {
053        Configuration classConfig = configuration.getChild("custom-restriction", true);
054        _sharedOnly = classConfig.getChild("shared-program-item-only").getValueAsBoolean(false);
055        super.configure(classConfig);
056    }
057    
058    @Override
059    public void service(ServiceManager smanager) throws ServiceException
060    {
061        super.service(smanager);
062        _odfHelper = (ODFHelper) smanager.lookup(ODFHelper.ROLE);
063    }
064    
065    public void contextualize(Context context) throws ContextException
066    {
067        _context = context;
068    }
069    
070    @Override
071    public RestrictionResult canRead(Content content, RestrictedModelItem modelItem)
072    {
073        RestrictionResult canRead = super.canRead(content, modelItem);
074        
075        if (canRead == RestrictionResult.FALSE || _sharedOnly && content instanceof ProgramItem programItem && !_odfHelper.isShared(programItem))
076        {
077            return RestrictionResult.FALSE;
078        }
079        
080        return canRead;
081    }
082    
083    @Override
084    public RestrictionResult canWrite(Content content, RestrictedModelItem modelItem)
085    {
086        if (canRead(content, modelItem) == RestrictionResult.FALSE)
087        {
088            return RestrictionResult.FALSE;
089        }
090        return super.canWrite(content, modelItem);
091    }
092    
093    
094    @Override
095    protected boolean _hasRights(Content content, Set<String> rightLimitations)
096    {
097        if (super._hasRights(content, rightLimitations))
098        {
099            // User is producer of content with needed rights for restrictions
100            return true;
101        }
102        
103        Request request = ContextHelper.getRequest(_context);
104        @SuppressWarnings("unchecked")
105        List<EducationalPath> educationalPaths = (List<EducationalPath>) request.getAttribute(ODFRightHelper.REQUEST_ATTR_EDUCATIONAL_PATHS);
106        
107        if (educationalPaths != null)
108        {
109            // Test rights as a consumer of the content (ie. allowed to edit repeater data for one of the given educational paths)
110            for (String rightId : rightLimitations)
111            {
112                for (EducationalPath educationalPath : educationalPaths)
113                {
114                    if (_rightManager.currentUserHasRight(rightId, new ContextualizedContent(content, educationalPath)) == RightResult.RIGHT_ALLOW)
115                    {
116                        return true;
117                    }
118                }
119            }
120        }
121        
122        return false;
123    }
124}