1 25 package org.snipsnap.user; 26 27 import org.snipsnap.snip.Ownable; 28 import org.snipsnap.snip.Snip; 29 30 import java.util.*; 31 32 38 39 public class DefaultPermissionManager implements PermissionManager { 40 private AuthenticationService authenticationService; 41 42 private Permission[] EDITOR_PERMISSIONS = { 43 Permission.REMOVE_SNIP, Permission.EDIT_COMMENT, Permission.POST_TO_SNIP, Permission.LOCK_SNIP }; 44 private Permission[] USER_PERMISSIONS = { 45 Permission.EDIT_SNIP, Permission.CREATE_SNIP, Permission.POST_COMMENT }; 46 private Permission[] OWNER_PERMISSIONS = { 47 Permission.EDIT_COMMENT, Permission.LOCK_SNIP }; 48 private Permission[] GUEST_PERMISSIONS = { 49 Permission.VIEW_SNIP }; 50 51 private Map rolesToPermissions; 52 private Map permissionToRoles; 53 54 public DefaultPermissionManager(AuthenticationService authenticationService) { 55 this.authenticationService = authenticationService; 56 57 rolesToPermissions = new HashMap(); 58 rolesToPermissions.put("Editor", EDITOR_PERMISSIONS); 59 rolesToPermissions.put("User", USER_PERMISSIONS); 60 rolesToPermissions.put("Owner", OWNER_PERMISSIONS); 61 rolesToPermissions.put("Guest", GUEST_PERMISSIONS); 62 63 permissionToRoles = new HashMap(); 64 Iterator iterator = rolesToPermissions.keySet().iterator(); 65 while (iterator.hasNext()) { 66 String role = (String ) iterator.next(); 67 Permission[] rolePermissions = (Permission[]) rolesToPermissions.get(role); 68 for (int i = 0; i < rolePermissions.length; i++) { 69 Permission permission = rolePermissions[i]; 70 Set permissions; 71 if (permissionToRoles.containsKey(permission)) { 72 permissions = (Set) permissionToRoles.get(permission); 73 } else { 74 permissions = new HashSet(); 75 permissionToRoles.put(permission, permissions); 76 } 77 permissions.add(role); 78 } 79 } 80 } 83 84 public boolean check(Permission permission, User user, Snip snip) { 85 Set roles = getRoles(user, snip).getRoleSet(); 89 if (! permissionToRoles.containsKey(permission)) { 90 return false; 91 } else { 92 Set rolesWithPermission = (Set) permissionToRoles.get(permission); 94 rolesWithPermission.retainAll(roles); 97 return ! rolesWithPermission.isEmpty(); 98 } 99 } 100 101 107 private Roles getRoles(User user) { 108 Roles userRoles = new Roles(user.getRoles()); 109 if (authenticationService.isAuthenticated(user)) { 110 userRoles.add(Roles.AUTHENTICATED); 111 } 112 return userRoles; 113 } 114 115 124 private Roles getRoles(User user, Snip object) { 125 Roles roles = getRoles(user); 126 if (object instanceof Ownable) { 127 Ownable o = object; 128 if (o.isOwner(user)) { 129 roles.add(Roles.OWNER); 130 } 131 } 132 return roles; 133 } 134 } 135 136 | Popular Tags |