KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > infoglue > cms > security > interceptors > InfoGlueCommonAccessRightsInterceptor


1 /* ===============================================================================
2  *
3  * Part of the InfoGlue Content Management Platform (www.infoglue.org)
4  *
5  * ===============================================================================
6  *
7  * Copyright (C)
8  *
9  * This program is free software; you can redistribute it and/or modify it under
10  * the terms of the GNU General Public License version 2, as published by the
11  * Free Software Foundation. See the file LICENSE.html for more information.
12  *
13  * This program is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY, including the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License along with
18  * this program; if not, write to the Free Software Foundation, Inc. / 59 Temple
19  * Place, Suite 330 / Boston, MA 02111-1307 / USA.
20  *
21  * ===============================================================================
22  */
23
24 package org.infoglue.cms.security.interceptors;
25
26 import java.util.Map JavaDoc;
27
28 import org.apache.log4j.Logger;
29 import org.exolab.castor.jdo.Database;
30 import org.infoglue.cms.controllers.kernel.impl.simple.AccessRightController;
31 import org.infoglue.cms.controllers.kernel.impl.simple.ContentControllerProxy;
32 import org.infoglue.cms.controllers.kernel.impl.simple.ContentVersionControllerProxy;
33 import org.infoglue.cms.controllers.kernel.impl.simple.SiteNodeVersionController;
34 import org.infoglue.cms.controllers.kernel.impl.simple.SiteNodeVersionControllerProxy;
35 import org.infoglue.cms.entities.content.ContentVO;
36 import org.infoglue.cms.entities.content.ContentVersionVO;
37 import org.infoglue.cms.entities.management.InterceptionPointVO;
38 import org.infoglue.cms.entities.structure.SiteNodeVersion;
39 import org.infoglue.cms.entities.structure.SiteNodeVersionVO;
40 import org.infoglue.cms.exception.AccessConstraintException;
41 import org.infoglue.cms.exception.ConstraintException;
42 import org.infoglue.cms.exception.SystemException;
43 import org.infoglue.cms.security.InfoGluePrincipal;
44 import org.infoglue.cms.util.AccessConstraintExceptionBuffer;
45
46
47 /**
48  * @author Mattias Bogeblad
49  *
50  * This interceptor is used to handle all built in access control InfoGlue offers. Additional interceptors can be
51  * registered by users of course.
52  */
53
54 public class InfoGlueCommonAccessRightsInterceptor implements InfoGlueInterceptor
55 {
56     private final static Logger logger = Logger.getLogger(InfoGlueCommonAccessRightsInterceptor.class.getName());
57
58     /**
59      * This method will be called when a interceptionPoint is reached.
60      *
61      * @param interceptionPoint
62      * @param extradata
63      * @throws ConstraintException
64      * @throws SystemException
65      */
66
67     public void intercept(InfoGluePrincipal infoGluePrincipal, InterceptionPointVO interceptionPointVO, Map JavaDoc extradata) throws ConstraintException, SystemException, Exception JavaDoc
68     {
69         logger.info("interceptionPointVO:" + interceptionPointVO.getName());
70         
71         AccessConstraintExceptionBuffer ceb = new AccessConstraintExceptionBuffer();
72         
73         if(interceptionPointVO.getName().equalsIgnoreCase("Content.Read"))
74         {
75             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
76             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
77             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
78             {
79                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
80                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Read", protectedContentId.toString()))
81                     ceb.add(new AccessConstraintException("Content.contentId", "1000"));
82             }
83         }
84         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Write"))
85         {
86             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
87             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
88             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
89             {
90                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
91                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Write", protectedContentId.toString()))
92                     ceb.add(new AccessConstraintException("Content.contentId", "1001"));
93             }
94         }
95         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Create"))
96         {
97             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
98             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
99             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
100             {
101                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
102                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Create", protectedContentId.toString()))
103                     ceb.add(new AccessConstraintException("Content.contentId", "1002"));
104             }
105         }
106         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Delete"))
107         {
108             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
109             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
110             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
111             {
112                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
113                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Delete", protectedContentId.toString()))
114                     ceb.add(new AccessConstraintException("Content.contentId", "1003"));
115             }
116         }
117         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Move"))
118         {
119             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
120             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
121             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
122             {
123                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
124                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Move", protectedContentId.toString()))
125                     ceb.add(new AccessConstraintException("Content.contentId", "1004"));
126             }
127         }
128         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.CreateVersion"))
129         {
130             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
131             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
132             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
133             {
134                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
135                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentId, true) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.CreateVersion", protectedContentId.toString()))
136                     ceb.add(new AccessConstraintException("Content.contentId", "1002"));
137             }
138         }
139         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.SubmitToPublish"))
140         {
141             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
142             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
143             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
144             {
145                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
146                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.SubmitToPublish", protectedContentId.toString()))
147                     ceb.add(new AccessConstraintException("Content.contentId", "1005"));
148             }
149         }
150         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.ChangeAccessRights"))
151         {
152             Integer JavaDoc contentId = (Integer JavaDoc)extradata.get("contentId");
153             ContentVO contentVO = ContentControllerProxy.getController().getContentVOWithId(contentId);
154             if(!contentVO.getCreatorName().equalsIgnoreCase(infoGluePrincipal.getName()))
155             {
156                 Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentId);
157                 if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.ChangeAccessRights", protectedContentId.toString()))
158                     ceb.add(new AccessConstraintException("Content.contentId", "1006"));
159             }
160         }
161         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Read"))
162         {
163             Integer JavaDoc contentVersionId = (Integer JavaDoc)extradata.get("contentVersionId");
164             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
165             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
166             {
167                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId(), false) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Read", contentVersionId.toString()))
168                 {
169                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1000"));
170                 }
171                 else
172                 {
173                     Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentVersionVO.getContentId());
174                     if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Read", protectedContentId.toString()))
175                         ceb.add(new AccessConstraintException("Content.contentId", "1000"));
176                 }
177             }
178         }
179         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Write"))
180         {
181             Integer JavaDoc contentVersionId = (Integer JavaDoc)extradata.get("contentVersionId");
182             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
183             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
184             {
185                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId(), false) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Write", contentVersionId.toString()))
186                 {
187                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1001"));
188                 }
189                 else
190                 {
191                     Integer JavaDoc protectedContentId = ContentControllerProxy.getController().getProtectedContentId(contentVersionVO.getContentId());
192                     if(protectedContentId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Write", protectedContentId.toString()))
193                         ceb.add(new AccessConstraintException("Content.contentId", "1001"));
194                 }
195             }
196         }
197         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Delete"))
198         {
199             Integer JavaDoc contentVersionId = (Integer JavaDoc)extradata.get("contentVersionId");
200             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
201             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
202             {
203                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId(), false) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Delete", contentVersionId.toString()))
204                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1003"));
205             }
206         }
207         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.Read"))
208         {
209             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
210             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getSiteNodeVersionVOWithId(siteNodeVersionId);
211             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
212             {
213                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId);
214                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.Read", protectedSiteNodeVersionId.toString()))
215                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeVersionId", "1000"));
216             }
217         }
218         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.Write"))
219         {
220             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
221             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getSiteNodeVersionVOWithId(siteNodeVersionId);
222             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
223             {
224                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId);
225                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.Write", protectedSiteNodeVersionId.toString()))
226                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeVersionId", "1001"));
227             }
228         }
229         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.CreateSiteNode"))
230         {
231             Integer JavaDoc parentSiteNodeId = (Integer JavaDoc)extradata.get("siteNodeId");
232             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getLatestSiteNodeVersionVO(parentSiteNodeId);
233             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
234             {
235                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionVO.getId());
236                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.CreateSiteNode", siteNodeVersionVO.getSiteNodeVersionId().toString()))
237                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeId", "1002"));
238             }
239         }
240         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.DeleteSiteNode"))
241         {
242             Integer JavaDoc siteNodeId = (Integer JavaDoc)extradata.get("siteNodeId");
243             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getLatestSiteNodeVersionVO(siteNodeId);
244             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
245             {
246                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionVO.getId());
247                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.DeleteSiteNode", protectedSiteNodeVersionId.toString()))
248                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeId", "1003"));
249             }
250         }
251         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.MoveSiteNode"))
252         {
253             Integer JavaDoc siteNodeId = (Integer JavaDoc)extradata.get("siteNodeId");
254             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getLatestSiteNodeVersionVO(siteNodeId);
255             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
256             {
257                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionVO.getId());
258                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.MoveSiteNode", protectedSiteNodeVersionId.toString()))
259                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeId", "1004"));
260             }
261         }
262         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.SubmitToPublish"))
263         {
264             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
265             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getSiteNodeVersionVOWithId(siteNodeVersionId);
266             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
267             {
268                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId);
269                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.SubmitToPublish", protectedSiteNodeVersionId.toString()))
270                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeId", "1005"));
271             }
272         }
273         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.ChangeAccessRights"))
274         {
275             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
276             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getSiteNodeVersionVOWithId(siteNodeVersionId);
277             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
278             {
279                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId);
280                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.ChangeAccessRights", protectedSiteNodeVersionId.toString()))
281                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeId", "1006"));
282             }
283         }
284         
285         ceb.throwIfNotEmpty();
286     }
287     
288     
289     /**
290      * This method will be called when a interceptionPoint is reached and it handle it within a transaction.
291      *
292      * @param interceptionPoint
293      * @param extradata
294      * @throws ConstraintException
295      * @throws SystemException
296      */
297
298     public void intercept(InfoGluePrincipal infoGluePrincipal, InterceptionPointVO interceptionPointVO, Map JavaDoc extradata, Database db) throws ConstraintException, SystemException, Exception JavaDoc
299     {
300         logger.info("interceptionPointVO:" + interceptionPointVO.getName());
301         
302         AccessConstraintExceptionBuffer ceb = new AccessConstraintExceptionBuffer();
303         
304         /*
305         if(interceptionPointVO.getName().equalsIgnoreCase("Content.Read"))
306         {
307             Integer contentId = (Integer)extradata.get("contentId");
308             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Read", contentId.toString()))
309                 ceb.add(new AccessConstraintException("Content.contentId", "1000"));
310         }
311         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Write"))
312         {
313             Integer contentId = (Integer)extradata.get("contentId");
314             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Write", contentId.toString()))
315                 ceb.add(new AccessConstraintException("Content.contentId", "1001"));
316         }
317         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Create"))
318         {
319             Integer contentId = (Integer)extradata.get("contentId");
320             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Create", contentId.toString()))
321                 ceb.add(new AccessConstraintException("Content.contentId", "1002"));
322         }
323         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Delete"))
324         {
325             Integer contentId = (Integer)extradata.get("contentId");
326             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Delete", contentId.toString()))
327                 ceb.add(new AccessConstraintException("Content.contentId", "1003"));
328         }
329         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.Move"))
330         {
331             Integer contentId = (Integer)extradata.get("contentId");
332             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.Move", contentId.toString()))
333                 ceb.add(new AccessConstraintException("Content.contentId", "1004"));
334         }
335         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.SubmitToPublish"))
336         {
337             Integer contentId = (Integer)extradata.get("contentId");
338             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.SubmitToPublish", contentId.toString()))
339                 ceb.add(new AccessConstraintException("Content.contentId", "1005"));
340         }
341         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.ChangeAccessRights"))
342         {
343             Integer contentId = (Integer)extradata.get("contentId");
344             if(ContentControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.ChangeAccessRights", contentId.toString()))
345                 ceb.add(new AccessConstraintException("Content.contentId", "1006"));
346         }
347         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Read"))
348         {
349             Integer contentVersionId = (Integer)extradata.get("contentVersionId");
350             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
351             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
352             {
353                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId()) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Read", contentVersionId.toString()))
354                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1000"));
355             }
356         }
357         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Write"))
358         {
359             Integer contentVersionId = (Integer)extradata.get("contentVersionId");
360             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
361             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
362             {
363                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId()) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Write", contentVersionId.toString()))
364                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1001"));
365             }
366         }
367         else if(interceptionPointVO.getName().equalsIgnoreCase("ContentVersion.Delete"))
368         {
369             Integer contentVersionId = (Integer)extradata.get("contentVersionId");
370             ContentVersionVO contentVersionVO = ContentVersionControllerProxy.getController().getContentVersionVOWithId(contentVersionId);
371             if(!contentVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
372             {
373                 if(ContentVersionControllerProxy.getController().getIsContentProtected(contentVersionVO.getContentId()) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "ContentVersion.Delete", contentVersionId.toString()))
374                     ceb.add(new AccessConstraintException("ContentVersion.contentVersionId", "1003"));
375             }
376         }
377         else if(interceptionPointVO.getName().equalsIgnoreCase("Content.CreateVersion"))
378         {
379             Integer contentId = (Integer)extradata.get("contentId");
380             if(ContentVersionControllerProxy.getController().getIsContentProtected(contentId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "Content.CreateVersion", contentId.toString()))
381                 ceb.add(new AccessConstraintException("Content.contentId", "1002"));
382         }
383         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.Read"))
384         {
385             Integer siteNodeVersionId = (Integer)extradata.get("siteNodeVersionId");
386             SiteNodeVersionVO siteNodeVersionVO = SiteNodeVersionController.getController().getSiteNodeVersionVOWithId(siteNodeVersionId);
387             if(!siteNodeVersionVO.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
388             {
389                 if(SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getIsSiteNodeVersionProtected(siteNodeVersionId) && !AccessRightController.getController().getIsPrincipalAuthorized(infoGluePrincipal, "SiteNodeVersion.Read", siteNodeVersionId.toString()))
390                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeVersionId", "1000"));
391             }
392         }
393         else*/if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.Read"))
394         {
395             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
396             SiteNodeVersion siteNodeVersion = SiteNodeVersionController.getController().getSiteNodeVersionWithId(siteNodeVersionId, db);
397             if(!siteNodeVersion.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
398             {
399                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId, db);
400                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(db, infoGluePrincipal, "SiteNodeVersion.Read", protectedSiteNodeVersionId.toString()))
401                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeVersionId", "1000"));
402             }
403         }
404         else if(interceptionPointVO.getName().equalsIgnoreCase("SiteNodeVersion.Write"))
405         {
406             Integer JavaDoc siteNodeVersionId = (Integer JavaDoc)extradata.get("siteNodeVersionId");
407             SiteNodeVersion siteNodeVersion = SiteNodeVersionController.getController().getSiteNodeVersionWithId(siteNodeVersionId, db);
408             if(!siteNodeVersion.getVersionModifier().equalsIgnoreCase(infoGluePrincipal.getName()))
409             {
410                 Integer JavaDoc protectedSiteNodeVersionId = SiteNodeVersionControllerProxy.getSiteNodeVersionControllerProxy().getProtectedSiteNodeVersionId(siteNodeVersionId, db);
411                 if(protectedSiteNodeVersionId != null && !AccessRightController.getController().getIsPrincipalAuthorized(db, infoGluePrincipal, "SiteNodeVersion.Write", protectedSiteNodeVersionId.toString()))
412                     ceb.add(new AccessConstraintException("SiteNodeVersion.siteNodeVersionId", "1001"));
413             }
414         }
415
416         ceb.throwIfNotEmpty();
417     }
418 }
419
Popular Tags