@Override public WikittyEvent clear(String securityToken) { String userId = getUserId(securityToken); if (isAppAdmin(securityToken, userId)) { // seul les AppAdmin on le droit a cette method WikittyEvent result = getDelegate().clear(securityToken); return result; } else { throw new SecurityException(String.format( "user %s can't clear data", userId)); } }
@Override public boolean canWrite(String securityToken, Wikitty wikitty) { boolean result = true; String userId = getUserId(securityToken); for (String extName : wikitty.getExtensionNames()) { result = result && isWriter(securityToken, userId, wikitty, extName); if (!result) { break; } } return result; }
@Override public void syncSearchEngine(String securityToken) { long start = TimeLog.getTime(); String userId = getUserId(securityToken); if (isAppAdmin(securityToken, userId)) { timeLog.log(start, "syncSearchEngine"); // seul les AppAdmin on le droit a cette method getDelegate().syncSearchEngine(securityToken); } else { throw new SecurityException(String.format( "user %s can't sync search engine", getUserId(securityToken))); } }
@Override public List<Wikitty> restore(String securityToken, List<String> ids) { String userId = getUserId(securityToken); List<Wikitty> wikitties = getDelegate().restore(securityToken, ids); long start = TimeLog.getTime(); for (ListIterator<Wikitty> i=wikitties.listIterator(); i.hasNext();) { Wikitty wikitty = i.next(); Wikitty filtered = refuseUnauthorizedRead(securityToken, userId, wikitty); if (filtered != wikitty) { i.set(filtered); } } timeLog.log(start, "restore"); return wikitties; }
/** * Check if we can delete all id passed in argument * @param securityToken * @param ids */ public void checkDelete(String securityToken, Collection<String> ids) { String userId = getUserId(securityToken); List<String> idsAsList = new ArrayList<String>(ids); List<Wikitty> wikitties = getDelegate().restore(securityToken, idsAsList); for (Wikitty wikitty : wikitties) { if (wikitty != null) { for (String extensionName : wikitty.getExtensionNames()) { if ( ! canWrite(securityToken, userId, extensionName, wikitty)) { throw new SecurityException(String.format( "user %s doesn't have rights on extension %s on wikitty %s", userId, extensionName, wikitty)); } } } } }
protected void checkStoreExtension(String securityToken, Collection<WikittyExtension> exts) { String userId = getUserId(securityToken); if ( ! isAppAdmin(securityToken, userId)) { for (WikittyExtension extension : exts) { Wikitty extensionAuthorisation = restoreExtensionAuthorisation(securityToken, extension.getName()); if (extensionAuthorisation != null) { // canWrite is true if this user can modify the field for this extension boolean canWrite = canWrite(securityToken, userId, null, extensionAuthorisation); if ( ! canWrite) { throw new SecurityException(String.format( "user %s don't have write right for extension %s", userId, extension)); } } } } }
@Override public boolean canRead(String securityToken, String wikittyId) { boolean result = true; String userId = getUserId(securityToken); Wikitty wikitty = WikittyServiceEnhanced.restore(getDelegate(), securityToken, wikittyId); if (wikitty == null) { result = false; } else { for (String extName : wikitty.getExtensionNames()) { result = result && isReader(securityToken, userId, wikitty, extName); if (!result) { break; } } } return result; }
@Override public boolean canDelete(String securityToken, String wikittyId) { boolean result = true; Wikitty wikitty = WikittyServiceEnhanced.restore( getDelegate(), securityToken, wikittyId); if (wikitty != null) { String userId = getUserId(securityToken); for (String extName : wikitty.getExtensionNames()) { result = result && isWriter(securityToken, userId, wikitty, extName); if (!result) { break; } } } return result; }
@Override public Wikitty restoreVersion(String securityToken, String wikittyId, String version) { Wikitty wikitty = getDelegate().restoreVersion(securityToken, wikittyId, version); long start = TimeLog.getTime(); String userId = getUserId(securityToken); wikitty = refuseUnauthorizedRead(securityToken, userId, wikitty); timeLog.log(start, "restoreVersion"); return wikitty; }
String userId = getUserId(securityToken); for (Wikitty wikitty : wikitties) { if (wikitty == null) {
long start = TimeLog.getTime(); String userId = getUserId(securityToken); for (WikittyEvent e : events) { if (e.getType().contains(