diff options
| author | Simon Rettberg | 2015-06-19 18:07:41 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-06-19 18:07:41 +0200 |
| commit | 3fba1e1e9d046598683a790074ee183c0f1176e6 (patch) | |
| tree | 073b1df936d4252e0bdefd7bd085f43ffe32fbad /dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions | |
| parent | [server] Implemented getUsers call, more permission checking methods (diff) | |
| download | tutor-module-3fba1e1e9d046598683a790074ee183c0f1176e6.tar.gz tutor-module-3fba1e1e9d046598683a790074ee183c0f1176e6.tar.xz tutor-module-3fba1e1e9d046598683a790074ee183c0f1176e6.zip | |
Add flag to lecture that decides whether the lecture will automatically link to a new image version when one is uploaded; implement some more functionality
Diffstat (limited to 'dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions')
| -rw-r--r-- | dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java | 74 |
1 files changed, 62 insertions, 12 deletions
diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java index 1a22d074..51041df9 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/permissions/User.java @@ -6,6 +6,7 @@ import org.openslx.bwlp.sat.database.mappers.DbImage; import org.openslx.bwlp.thrift.iface.AuthorizationError; import org.openslx.bwlp.thrift.iface.ImagePermissions; import org.openslx.bwlp.thrift.iface.ImageSummaryRead; +import org.openslx.bwlp.thrift.iface.Role; import org.openslx.bwlp.thrift.iface.TAuthorizationException; import org.openslx.bwlp.thrift.iface.TInternalServerError; import org.openslx.bwlp.thrift.iface.TNotFoundException; @@ -38,10 +39,10 @@ public class User { } public static boolean isSuperUser(UserInfo ui) { - // TODO: for superuser override + // TODO: for superuser override, read from DB return false; } - + /** * Check if the given user has the given permission for the image identified * by the given image base id. @@ -49,19 +50,36 @@ public class User { * @param user * @param imageBaseId * @param permission - * @throws TAuthorizationException * @throws TInternalServerError * @throws TNotFoundException */ - public static void hasImageBasePermissionOrFail(UserInfo user, String imageBaseId, Permission permission) - throws TAuthorizationException, TInternalServerError, TNotFoundException { + public static boolean hasImageBasePermission(UserInfo user, String imageBaseId, Permission permission) + throws TInternalServerError, TNotFoundException { ImageSummaryRead localImage; try { localImage = DbImage.getImageSummary(user, imageBaseId); } catch (SQLException e) { throw new TInternalServerError(); } - if (!canActionImage(user, permission, localImage.userPermissions, localImage.defaultPermissions)) { + if (localImage.ownerId.equals(user.userId)) + return true; + return canActionImage(user, permission, localImage.userPermissions, localImage.defaultPermissions); + } + + /** + * Check if the given user has the given permission for the image identified + * by the given image base id. + * + * @param user + * @param imageBaseId + * @param permission + * @throws TAuthorizationException + * @throws TInternalServerError + * @throws TNotFoundException + */ + public static void hasImageBasePermissionOrFail(UserInfo user, String imageBaseId, Permission permission) + throws TAuthorizationException, TInternalServerError, TNotFoundException { + if (!hasImageBasePermission(user, imageBaseId, permission)) { throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: " + permission.toString()); } @@ -74,22 +92,54 @@ public class User { * @param user * @param imageVersionId * @param permission - * @throws TAuthorizationException * @throws TInternalServerError * @throws TNotFoundException */ - public static void hasImageVersionPermissionOrFail(UserInfo user, String imageVersionId, - Permission permission) throws TAuthorizationException, TInternalServerError, TNotFoundException { - ImageSummaryRead localImage; + public static boolean hasImageVersionPermission(UserInfo user, String imageVersionId, + Permission permission) throws TInternalServerError, TNotFoundException { try { - localImage = DbImage.getImageSummaryFromVersionId(user, imageVersionId); + String imageBaseId = DbImage.getBaseIdForVersionId(imageVersionId); + if (imageBaseId == null) + throw new TNotFoundException(); + return hasImageBasePermission(user, imageBaseId, permission); } catch (SQLException e) { throw new TInternalServerError(); } - if (!canActionImage(user, permission, localImage.userPermissions, localImage.defaultPermissions)) { + } + + /** + * Check if the given user has the given permission for the image identified + * by the given image version id. + * + * @param user + * @param imageVersionId + * @param permission + * @throws TAuthorizationException + * @throws TInternalServerError + * @throws TNotFoundException + */ + public static void hasImageVersionPermissionOrFail(UserInfo user, String imageVersionId, + Permission permission) throws TAuthorizationException, TInternalServerError, TNotFoundException { + if (!hasImageVersionPermission(user, imageVersionId, permission)) { throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, "Required permission: " + permission.toString()); } } + /** + * Checks whether the given user is allowed to create new images. + * + * @param user {@link UserInfo} instance representing the user in question + * @return true or false + */ + public static boolean canCreateImage(UserInfo user) { + return user.role == Role.TUTOR; + } + + public static void canCreateImageOrFail(UserInfo user) throws TAuthorizationException { + if (!canCreateImage(user)) + throw new TAuthorizationException(AuthorizationError.NO_PERMISSION, + "No permission to create new image"); + } + } |