package mircoders.accesscontrol;
-import java.util.List;
-import java.util.Vector;
-
import mir.config.MirPropertiesConfiguration;
import mir.log.LoggerWrapper;
import mircoders.entity.EntityUsers;
+import mircoders.module.ModuleContent;
+
+import java.util.List;
+import java.util.Vector;
public class AccessControl {
private UserAccessControl user;
private GeneralAccessControl general;
+ private ArticleAccessControl article;
protected LoggerWrapper logger = new LoggerWrapper("Global.AccessControl");
protected MirPropertiesConfiguration configuration;
user = new UserAccessControl(configuration.getVector("AccessControl.SuperUsers"));
general = new GeneralAccessControl();
+ article = new ArticleAccessControl(
+ configuration.getString("AccessControl.LockingEnabled", "0").equals("1"),
+ configuration.getString("AccessControl.LockingOptional", "0").equals("1"));
}
catch (Throwable t) {
throw new RuntimeException(t.toString());
return general;
}
+ public ArticleAccessControl article() {
+ return article;
+ }
+
public class GeneralAccessControl {
public boolean mayDeleteArticles(EntityUsers aSubject) {
return configuration.getString("Mir.Localizer.Admin.AllowDeleteArticle", "0").equals("1");
}
public boolean mayAddUsers(EntityUsers aSubject) {
- return superusers.contains(aSubject.getValue("login"));
+ return superusers.contains(aSubject.getFieldValue("login"));
+ }
+
+ protected boolean isSuperUser(EntityUsers aUser) {
+ return superusers.contains(aUser.getFieldValue("login"));
}
public void assertMayEditUser(EntityUsers aSubject, EntityUsers anObject) throws AuthorizationExc, AuthorizationFailure {
}
public boolean mayEditUser(EntityUsers aSubject, EntityUsers anObject) {
- return superusers.contains(aSubject.getValue("login"));
+ return superusers.contains(aSubject.getFieldValue("login"));
}
public boolean mayEditUsers(EntityUsers aSubject) {
- return superusers.contains(aSubject.getValue("login"));
+ return superusers.contains(aSubject.getFieldValue("login"));
}
public void assertMayDeleteUser(EntityUsers aSubject, EntityUsers anObject) throws AuthorizationExc, AuthorizationFailure {
}
public boolean mayDeleteUser(EntityUsers aSubject, EntityUsers anObject) {
- return superusers.contains(aSubject.getValue("login"));
+ return superusers.contains(aSubject.getFieldValue("login"));
}
public boolean mayDeleteUsers(EntityUsers aSubject) {
- return superusers.contains(aSubject.getValue("login"));
+ return superusers.contains(aSubject.getFieldValue("login"));
}
public boolean mayChangeUserPassword(EntityUsers aSubject, EntityUsers anObject) {
- return aSubject.getId().equals(anObject.getId()) || superusers.contains(aSubject.getValue("login"));
+ return aSubject.getId().equals(anObject.getId()) || superusers.contains(aSubject.getFieldValue("login"));
}
public void assertMayChangeUserPassword(EntityUsers aSubject, EntityUsers anObject) throws AuthorizationExc, AuthorizationFailure {
}
}
}
+
+ public class ArticleAccessControl {
+ private ModuleContent contentModule;
+ private boolean lockingEnabled;
+ private boolean lockingOptional;
+
+ public ArticleAccessControl(boolean aLockingEnabled, boolean aLockingOptional) {
+ contentModule = new ModuleContent();
+ lockingEnabled = aLockingEnabled;
+ lockingOptional = aLockingOptional;
+ }
+
+ public boolean mayEditArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return true;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return userId.equals(lockingUser) || ((lockingUser==null) && lockingOptional);
+ }
+
+ public boolean mayLockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return (lockingUser==null);
+ }
+
+ public boolean mayForceLockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return (lockingUser!=null) && !userId.equals(lockingUser) && user().isSuperUser(aSubject);
+ }
+
+ public boolean mayUnlockArticle(EntityUsers aSubject, String anArticleId) {
+ String userId = aSubject.getId();
+
+ if (userId==null)
+ return false;
+ if (!lockingEnabled)
+ return false;
+
+ String lockingUser = contentModule.queryArticleLock(anArticleId);
+
+ return userId.equals(lockingUser);
+ }
+ }
}