import mir.config.MirPropertiesConfiguration;
import mir.log.LoggerWrapper;
import mircoders.entity.EntityUsers;
+import mircoders.module.*;
+import mircoders.storage.*;
public class AccessControl {
private UserAccessControl user;
private GeneralAccessControl general;
+ private ArticleAccessControl article;
protected LoggerWrapper logger = new LoggerWrapper("Global.AccessControl");
protected MirPropertiesConfiguration configuration;
user = new UserAccessControl(configuration.getVector("AccessControl.SuperUsers"));
general = new GeneralAccessControl();
+ article = new ArticleAccessControl(
+ configuration.getString("AccessControl.LockingEnabled", "0").equals("1"),
+ configuration.getString("AccessControl.LockingOptional", "0").equals("1"));
}
catch (Throwable t) {
throw new RuntimeException(t.toString());
return general;
}
+ public ArticleAccessControl article() {
+ return article;
+ }
+
public class GeneralAccessControl {
public boolean mayDeleteArticles(EntityUsers aSubject) {
return configuration.getString("Mir.Localizer.Admin.AllowDeleteArticle", "0").equals("1");
return superusers.contains(aSubject.getValue("login"));
}
+ protected boolean isSuperUser(EntityUsers aUser) {
+ return superusers.contains(aUser.getValue("login"));
+ }
+
public void assertMayEditUser(EntityUsers aSubject, EntityUsers anObject) throws AuthorizationExc, AuthorizationFailure {
try {
if (!mayEditUser(aSubject, anObject))
}
}
}
+
+ public class ArticleAccessControl {
+ private ModuleContent contentModule;
+ private boolean lockingEnabled;
+ private boolean lockingOptional;
+
+ public ArticleAccessControl(boolean aLockingEnabled, boolean aLockingOptional) {
+ contentModule = new ModuleContent(DatabaseContent.getInstance());
+ lockingEnabled = aLockingEnabled;
+ lockingOptional = aLockingOptional;
+ }
+
+ public boolean mayEditArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return true;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return userId.equals(lockingUser) || ((lockingUser==null) && lockingOptional);
+ }
+
+ public boolean mayLockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return (lockingUser==null);
+ }
+
+ public boolean mayForceLockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return (lockingUser!=null) && !userId.equals(lockingUser) && user().isSuperUser(aSubject);
+ }
+
+ public boolean mayUnlockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return userId.equals(lockingUser);
+ }
+ }
}
projects / mir.git / blobdiff