@Override public boolean familyExists(String familyId) { return this.familyRepository.get(familyId) != null; }
@Override public boolean currentUserHasAccessRight(String familyId, Right right) { Family family = this.familyRepository.get(familyId); if (family == null) { return false; } return this.currentUserHasAccessRight(family, right); }
@Override public boolean deleteFamily(String familyId, boolean deleteAllMembers) { Family family = this.familyRepository.get(familyId); if (family == null) { return false; } // the access rights checks are done in familyRepository.deleteFamily() return this.familyRepository.delete(family, deleteAllMembers); }
@Override public Family getFamilyById(String familyId) { Family family = this.familyRepository.get(familyId); if (family == null) { return null; } if (!currentUserHasAccessRight(family, Right.VIEW)) { return null; } // Note: it is safe to return Family object even if the user has no edit rights for the family return family; }
@Override public boolean currentUserCanDeleteFamily(String familyId, boolean deleteAllMembers) { Family family = this.familyRepository.get(familyId); if (family == null) { return false; } return this.familyRepository.canDeleteFamily( family, this.userManager.getCurrentUser(), deleteAllMembers, false); }
@Override public Response deleteFamily(String id, Boolean deleteMembers) { this.logger.warn("Deleting family record [{}] via REST, deleteAllMembers = [{}]", id, deleteMembers); Family family = this.repository.get(id); if (family == null) { this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, id); return Response.status(Status.NOT_FOUND).build(); } if (!this.familyTools.currentUserCanDeleteFamily(id, deleteMembers)) { this.logger.error("Delete access denied to user [{}] for family record [{}] with deleteMemebers=[{}]", this.users.getCurrentUser(), id, deleteMembers); return Response.status(Status.FORBIDDEN).build(); } if (!this.familyTools.deleteFamily(id, deleteMembers)) { return Response.status(Status.INTERNAL_SERVER_ERROR).build(); } this.logger.warn("Deleted family record [{}]", id); return Response.noContent().build(); } }
@Override public Response getFamily(String id) { this.logger.warn("Retrieving family record [{}] via REST", id); Family family = this.repository.get(id); if (family == null) { this.logger.warn(NO_SUCH_FAMILY_ERROR_MESSAGE, id); return Response.status(Status.NOT_FOUND).build(); } User currentUser = this.users.getCurrentUser(); if (!this.access.hasAccess(currentUser, Right.VIEW, family.getDocumentReference())) { this.logger.error("View access denied to user [{}] on family record [{}]", currentUser, id); return Response.status(Status.FORBIDDEN).build(); } JSONObject json = family.toJSON(); json.put("links", this.autolinker.get().forResource(getClass(), this.uriInfo).build()); return Response.ok(json, MediaType.APPLICATION_JSON_TYPE).build(); }
Family family = this.familyRepository.get(queryResult); if (family == null) { continue;
@Override public Boolean hasAccess(User user, Right access, EntityReference entity) { if (!ObjectUtils.allNotNull(access, entity) || access.getTargetedEntityType() == null || !access.getTargetedEntityType().contains(EntityType.DOCUMENT)) { return null; } Family family = this.familyRepository.get(entity.toString()); if (family == null) { return null; } return false; } }
/** * Create PrincipalRepresentation of entity family members and add to the list of principals. * * @param entity to whom we create principal representations * @param addedPrincipals cash of already added principals with access levels * @param result REST representation for a list of principals that have access to the {@link PrimaryEntity} */ private void addFamilyMembers(PrimaryEntity entity, Map<String, Pair<PrincipalRepresentation, AccessLevel>> addedPrincipals, PrincipalsRepresentation result) { Family family = this.familyRepository.get(entity.getId()); List<Patient> members = family.getMembers(); for (Patient member : members) { addEntity(member, "patients", addedPrincipals, result, true); } }
@Override public Boolean hasAccess(User user, Right access, EntityReference entity) { if (!ObjectUtils.allNotNull(user, access, entity) || !(access == Right.VIEW || access == Right.EDIT)) { return null; } Family family = this.familyRepository.get(entity.toString()); if (family == null) { return null; } for (Patient member : family.getMembers()) { AccessLevel grantedAccess = this.manager.getAccessLevel(member, user.getProfileDocument()); Right grantedRight = grantedAccess.getGrantedRight(); if (grantedRight != null && (grantedRight.equals(access) || (grantedRight.getImpliedRights() != null && grantedRight.getImpliedRights().contains(access)))) { return true; } } return null; } }
@Override public boolean addMember(String patientId, String familyId) { User currentUser = this.userManager.getCurrentUser(); Patient patient = this.patientRepository.get(patientId); if (patient == null) { return false; } if (!this.authorizationService.hasAccess(currentUser, Right.EDIT, patient.getDocumentReference())) { return false; } Family family = this.familyRepository.get(familyId); if (family == null || !currentUserHasAccessRight(family, Right.EDIT)) { return false; } try { this.familyRepository.addMember(family, patient, currentUser); } catch (PTException ex) { return false; } return true; }
Family family = this.familyRepository.get(documentId); if (family == null) { return null;
Family family = this.familyRepository.get(documentId); if (family == null) { return null;
@Override public Boolean hasAccess(User user, Right access, EntityReference entity) { if (!ObjectUtils.allNotNull(access, entity) || access.getTargetedEntityType() == null || !access.getTargetedEntityType().contains(EntityType.DOCUMENT)) { return null; } Family family = this.familyRepository.get(entity.toString()); if (family == null) { return null; } String ownerStr = (String) this.dab.getProperty(family.getDocumentReference(), this.resolver.resolve(Owner.CLASS_REFERENCE), Owner.PROPERTY_NAME); DocumentReference owner = this.strResolver.resolve(ownerStr); if (isGuestOwner(ownerStr, user) || user != null && owner.equals(user.getProfileDocument())) { return true; } // Grant access to administrators if (this.auth.hasAccess(user, Right.ADMIN, entity)) { return true; } return null; }