@Override public void addWikittyServiceListener(WikittyListener listener, ServiceListenerType type) { getDelegate().addWikittyServiceListener(listener, type); }
@Override public void removeWikittyServiceListener(WikittyListener listener, ServiceListenerType type) { getDelegate().addWikittyServiceListener(listener, type); }
private void checkRestoreTreeNode(String securityToken, String userId, WikittyTreeNode treeNode) { Wikitty treeNodeWikitty = WikittyUtil.getWikitty(getDelegate(), securityToken, treeNode); refuseUnauthorizedRead(securityToken, userId, treeNodeWikitty); }
/** * restore the wikitty authorisation attached to given extension. * * @return a wikitty with WikittyAuthorisation extension, or null if given * extension has no security policy attached */ protected Wikitty restoreExtensionAuthorisation(String securityToken, String extensionName) { String wikittyAuthorisationId = WikittyMetaExtensionUtil.generateId( WikittyAuthorisation.EXT_WIKITTYAUTHORISATION, extensionName); Wikitty wikittyAuthorisation = WikittyServiceEnhanced.restore( getDelegate(), securityToken, wikittyAuthorisationId); if (wikittyAuthorisation == null) { log.debug(extensionName + " has no authorization attached"); } return wikittyAuthorisation; }
@Override public WikittyEvent deleteTree(String securityToken, String treeNodeId) { Wikitty treeNodeWikitty = WikittyServiceEnhanced.restore( getDelegate(), securityToken, treeNodeId); long start = TimeLog.getTime(); Collection<Wikitty> wikitties = Collections.singletonList(treeNodeWikitty); // TODO poussin 20101222 perhaps we must check deletion authorization // for all children ? checkStore(securityToken, wikitties); timeLog.log(start, "deleteTree"); return getDelegate().deleteTree(securityToken, treeNodeId); }
/** tell who own a token (who got this token after login). * @param securityToken the token whose owner will be returned * @return a wikitty Id (wikitty has extension WikittyUser) */ protected String getUserId(String securityToken) { String result = null; // recuperation de l'utilisateur associe au securityToken // le securityToken est aussi l'id de l'objet if (securityToken != null) { Wikitty securityTokenWikitty = WikittyServiceEnhanced.restore( getDelegate(), securityToken, securityToken); if (securityTokenWikitty == null) { throw new SecurityException("bad (obsolete ?) token"); } else { result = WikittyTokenHelper.getUser(securityTokenWikitty); } } return result; }
@Override public void logout(String securityToken) { long start = TimeLog.getTime(); if (securityToken != null) { getDelegate().delete(securityToken, Arrays.asList(securityToken)); } timeLog.log(start, "logout"); }
@Override public WikittyEvent clear(String securityToken) { String userId = getUserId(securityToken); if (isAppAdmin(securityToken, userId)) { // seul les AppAdmin on le droit a cette method WikittyEvent result = getDelegate().clear(securityToken); return result; } else { throw new SecurityException(t("user %s can't clear data", userId)); } }
@Override public WikittyEvent store(String securityToken, Collection<Wikitty> wikitties, boolean force) { long start = TimeLog.getTime(); checkStore(securityToken, wikitties); timeLog.log(start, "store"); WikittyEvent result = getDelegate().store(securityToken, wikitties, force); return result; }
@Override public WikittyEvent storeExtension(String securityToken, Collection<WikittyExtension> exts) { long start = TimeLog.getTime(); checkStoreExtension(securityToken, exts); timeLog.log(start, "storeExtension"); return getDelegate().storeExtension(securityToken, exts); }
@Override public WikittyEvent deleteExtension( String securityToken, Collection<String> extNames) { long start = TimeLog.getTime(); checkDeleteExtension(securityToken, extNames); timeLog.log(start, "deleteExtension"); return getDelegate().deleteExtension(securityToken, extNames); }
@Override public WikittyEvent delete(String securityToken, Collection<String> ids) { long start = TimeLog.getTime(); checkDelete(securityToken, ids); timeLog.log(start, "delete"); WikittyEvent result = getDelegate().delete(securityToken, ids); return result; }
/** * Check if we can delete all id passed in argument * @param securityToken * @param ids */ public void checkDelete(String securityToken, Collection<String> ids) { String userId = getUserId(securityToken); List<String> idsAsList = new ArrayList<String>(ids); List<Wikitty> wikitties = getDelegate().restore(securityToken, idsAsList); for (Wikitty wikitty : wikitties) { if (wikitty != null) { for (String extensionName : wikitty.getExtensionNames()) { if ( ! canWrite(securityToken, userId, extensionName, wikitty)) { throw new SecurityException(t( "user %s doesn't have rights on extension %s on wikitty %s", userId, extensionName, wikitty)); } } } } }
/** get the wikitty with extension WikittyGroup that contains all app-admin. */ protected Wikitty getAppAdminGroup(String securityToken) { // on a deja fait la recherche precedement, on essaie de reutilise // le meme id Wikitty group = WikittyServiceEnhanced.restore( getDelegate(), securityToken, appAdminGroupId); if (group == null) { // 1er fois, on le recherche WikittyQuery criteria = new WikittyQueryMaker() .eq(WikittyGroup.FQ_FIELD_WIKITTYGROUP_NAME, WikittySecurityHelper.WIKITTY_APPADMIN_GROUP_NAME).end(); String groupId = getClient(securityToken).findByQuery(criteria); appAdminGroupId = groupId; group = WikittyServiceEnhanced.restore( getDelegate(), securityToken, appAdminGroupId); } return group; }
@Override public boolean canDelete(String securityToken, String wikittyId) { boolean result = true; Wikitty wikitty = WikittyServiceEnhanced.restore( getDelegate(), securityToken, wikittyId); if (wikitty != null) { String userId = getUserId(securityToken); for (String extName : wikitty.getExtensionNames()) { result = result && isWriter(securityToken, userId, wikitty, extName); if (!result) { break; } } } return result; }
getDelegate(), securityToken, id); if (groupWikitty != null && WikittyGroupHelper.hasExtension(groupWikitty)) {
@Override public boolean canRead(String securityToken, String wikittyId) { boolean result = true; String userId = getUserId(securityToken); Wikitty wikitty = WikittyServiceEnhanced.restore(getDelegate(), securityToken, wikittyId); if (wikitty == null) { result = false; } else { for (String extName : wikitty.getExtensionNames()) { result = result && isReader(securityToken, userId, wikitty, extName); if (!result) { break; } } } return result; }
@Override public Wikitty restoreVersion(String securityToken, String wikittyId, String version) { Wikitty wikitty = getDelegate().restoreVersion(securityToken, wikittyId, version); long start = TimeLog.getTime(); String userId = getUserId(securityToken); refuseUnauthorizedRead(securityToken, userId, wikitty); timeLog.log(start, "restoreVersion"); return wikitty; }
@Override public List<Wikitty> restore(String securityToken, List<String> ids) { String userId = getUserId(securityToken); List<Wikitty> wikitties = getDelegate().restore(securityToken, ids); long start = TimeLog.getTime(); for (Wikitty wikitty : wikitties) { if (wikitty != null) { refuseUnauthorizedRead(securityToken, userId, wikitty); } } timeLog.log(start, "restore"); return wikitties; }
@Override public void syncSearchEngine(String securityToken) { long start = TimeLog.getTime(); String userId = getUserId(securityToken); if (isAppAdmin(securityToken, userId)) { timeLog.log(start, "syncSearchEngine"); // seul les AppAdmin on le droit a cette method getDelegate().syncSearchEngine(securityToken); } else { throw new SecurityException(t("user %s can't sync search engine", getUserId(securityToken))); } }