@Override public boolean canAccess(Authentication user, ResourceInfo resource, AccessMode mode) { return canAccess(user, resource, mode, true); }
@Override public boolean canAccess(Authentication user, LayerInfo layer, AccessMode mode) { return canAccess(user, layer, mode, true); }
public DataAccessLimits getAccessLimits(Authentication user, ResourceInfo resource) { boolean read = canAccess(user, resource, AccessMode.READ); boolean write = canAccess(user, resource, AccessMode.WRITE); Filter readFilter = read ? Filter.INCLUDE : Filter.EXCLUDE; Filter writeFilter = write ? Filter.INCLUDE : Filter.EXCLUDE; return buildLimits(resource.getClass(), readFilter, writeFilter); }
public DataAccessLimits getAccessLimits( Authentication user, LayerInfo layer, List<LayerGroupInfo> context) { final boolean directAccess = context == null || context.isEmpty(); boolean read = canAccess(user, layer, AccessMode.READ, directAccess); boolean write = canAccess(user, layer, AccessMode.WRITE, directAccess); Filter readFilter = read ? Filter.INCLUDE : Filter.EXCLUDE; Filter writeFilter = write ? Filter.INCLUDE : Filter.EXCLUDE; return buildLimits(layer.getResource().getClass(), readFilter, writeFilter); }
public WorkspaceAccessLimits getAccessLimits(Authentication user, WorkspaceInfo workspace) { boolean readable = canAccess(user, workspace, AccessMode.READ); boolean writable = canAccess(user, workspace, AccessMode.WRITE); boolean adminable = canAccess(user, workspace, AccessMode.ADMIN); CatalogMode mode = getMode(); if (readable && writable) { if (AdminRequest.get() == null) { // not admin request, read+write means full acesss return null; } } return new WorkspaceAccessLimits(mode, readable, writable, adminable); }
@Override public LayerGroupAccessLimits getAccessLimits( Authentication user, LayerGroupInfo layerGroup, List<LayerGroupInfo> containers) { boolean allowAccess = canAccess(user, layerGroup, containers == null || containers.isEmpty()); return allowAccess ? null : new LayerGroupAccessLimits(getMode()); }
public boolean canAccess( Authentication user, LayerInfo layer, AccessMode mode, boolean directAccess) { checkPropertyFile(); if (layer.getResource() == null) { LOGGER.log( Level.FINE, "Layer " + layer + " has no attached resource, " + "assuming it's possible to access it"); // it's a layer whose resource we don't know about return true; } else { return canAccess(user, layer.getResource(), mode, directAccess); } }
boolean rootAccess = canAccess(user, root); List<Filter> exceptions = new ArrayList<>(); String wsName = entry.getKey(); SecureTreeNode node = entry.getValue(); boolean nodeAccess = canAccess(user, node); if (nodeAccess != rootAccess) { if (rootAccess) { boolean rootAccess = canAccess(user, root); List<Filter> exceptions = new ArrayList<>(); String wsName = wsEntry.getKey(); SecureTreeNode wsNode = wsEntry.getValue(); boolean wsAccess = canAccess(user, wsNode); String layerName = layerEntry.getKey(); SecureTreeNode layerNode = layerEntry.getValue(); boolean layerAccess = canAccess(user, layerNode); if (layerAccess != wsAccess) { if (wsAccess) { boolean rootAccess = canAccess(user, root); List<Filter> exceptions = new ArrayList<>(); String wsName = entry.getKey(); SecureTreeNode node = entry.getValue(); boolean nodeAccess = canAccess(user, node); if (nodeAccess != rootAccess) {
return gi != null && canAccess(user, gi, directAccess); });