📄 resourceutil.java
字号:
if (permission == null || (permission != null && parent.containsPermission(permission))) {
if (db.isPrincipalAllowed(user, parent, true)) {
return true;
} else {
if (isInTree(user, parent, permission)) {
return true;
}
}
}
}
return false;
}
/**
* Get if the list of {@link ResourceItem} objects contains any obects that
* wrap the specified {@link Resource}
*
* @param items items to search
* @param resource resource to search for
* @return resource found
*/
public static boolean resourceItemListContainsResource(List items, Resource resource) {
ResourceItem ri;
for (Iterator i = items.iterator(); i.hasNext();) {
ri = (ResourceItem) i.next();
if (ri.getResource().equals(resource)) {
return true;
}
}
return false;
}
/**
* Check if the current resource may be managed (i.e. edited, removed etc)
* taking into account the current navigation context, whether the resource
* is owned and if rights to manage it have been delegated to the current
* user
*
* @param resource resource
* @param session session
* @param permissions permissions required for management. if any of these
* are assigned the the resource may be managed
* @throws NoPermissionException if not allowed
*/
public static void checkResourceManagementRights(Resource resource, SessionInfo session, Permission[] permissions)
throws NoPermissionException {
for (int i = 0; i < permissions.length; i++) {
try {
checkResourceManagementRights(resource, session, permissions[i]);
break;
} catch (NoPermissionException npe) {
if (i == (permissions.length - 1)) {
throw npe;
}
}
}
}
/**
* Check if the current resource may be managed (i.e. edited, removed etc)
* taking into account the current navigation context, whether the resource
* is owned and if rights to manage it have been delegated to the current
* user
*
* @param resource resource
* @param session session
* @param permission permission required for management
* @throws NoPermissionException if not allowed
*/
public static void checkResourceManagementRights(Resource resource, SessionInfo session, Permission permission)
throws NoPermissionException {
ResourceType resourceType = resource.getResourceType();
// If in the management console, this resource must be manageable
if (session.getNavigationContext() == SessionInfo.MANAGEMENT_CONSOLE_CONTEXT) {
try {
if (!ResourceUtil.isManageableResource(resource, session.getUser(), permission)) {
throw new NoPermissionException("You do not have permission to manage this resource.", session.getUser(),
resourceType);
}
} catch (NoPermissionException npe) {
throw npe;
} catch (Exception e) {
throw new NoPermissionException("Failed to determine if resource is manangeable.", session.getUser(), resourceType);
}
}
// If in the user console the resource must be owned
else if (session.getNavigationContext() == SessionInfo.USER_CONSOLE_CONTEXT) {
if (!(resource instanceof OwnedResource)) {
throw new NoPermissionException("You may not managed this resource here.", session.getUser(), resourceType);
} else {
if (!(session.getUser().getPrincipalName().equals(((OwnedResource) resource).getOwnerUsername()))) {
throw new NoPermissionException("You do not have permission to manage this resource.", session.getUser(),
resourceType);
}
}
} else {
throw new NoPermissionException("You may not manage this resource here.", session.getUser(), resourceType);
}
}
/**
* Check if the current resource may be accessed taking into account the
* current navigation context, whether the resource is owned and if rights
* to access it have been assigned to the current user
*
* @param resource resource
* @param session session
* @throws NoPermissionException if not allowed
*/
public static void checkResourceAccessRights(Resource resource, SessionInfo session) throws NoPermissionException {
ResourceType resourceType = resource.getResourceType();
// If in the management console, this resource must be manageable
if (session.getNavigationContext() == SessionInfo.MANAGEMENT_CONSOLE_CONTEXT) {
try {
if (!ResourceUtil.isManageableResource(resource, session.getUser(), null)) {
throw new NoPermissionException("You do not have permission to access this resource.", session.getUser(),
resourceType);
}
} catch (NoPermissionException npe) {
throw npe;
} catch (Exception e) {
throw new NoPermissionException("Failed to determine if resource is accessable.", session.getUser(), resourceType);
}
}
// If in the user console the resource must be assigned or owned
else if (session.getNavigationContext() == SessionInfo.USER_CONSOLE_CONTEXT) {
if (!(resource instanceof OwnedResource)
|| (resource instanceof OwnedResource && ((OwnedResource) resource).getOwnerUsername() == null)) {
try {
// assigned
if (!CoreServlet.getServlet().getPolicyDatabase().isPrincipalAllowed(session.getUser(), resource, false)) {
throw new NoPermissionException("You may not access this resource here.", session.getUser(), resourceType);
}
} catch (NoPermissionException npe) {
throw npe;
} catch (Exception e) {
throw new NoPermissionException("Failed to determine if resource is accessable.", session.getUser(),
resourceType);
}
} else {
// or owned
if (!(session.getUser().getPrincipalName().equals(((OwnedResource) resource).getOwnerUsername()))) {
throw new NoPermissionException("You do not have permission to access this resource.", session.getUser(),
resourceType);
}
}
} else {
throw new NoPermissionException("You may not access this resource here.", session.getUser(), resourceType);
}
}
/**
* Check if a {@link ResourcePermission} may be viewed, edited or removed.
* If the <code>actionTarget</code> supplied is <strong>view</strong>
* then a check is made to see if the resource permission is one that
* permits the current user to perform actions. If <strong>edit</strong>,
* <strong>remove</strong> or <strong>confirmRemove</strong> is supplied
* then a check if made if the resource has a parent that the current user
* has access to.
*
* @param resource resource to check
* @param session session of current user
* @param actionTarget action target
* @throws NoPermissionException no permission excepion
*/
public static void checkResourcePermissionValid(ResourcePermission resource, SessionInfo session, String actionTarget)
throws NoPermissionException {
if (actionTarget.equals("edit") || actionTarget.equals("remove") || actionTarget.equals("confirmRemove")) {
ResourceUtil.checkResourceManagementRights(resource, session, (Permission) null);
} else if (actionTarget.equals("view")) {
try {
List l = CoreServlet.getServlet().getLogonController().isAdministrator(session.getUser()) ? new ArrayList()
: CoreServlet.getServlet().getPolicyDatabase().getPermittingResourcePermissions(null, null, null,
session.getUser(), false, false, true);
if (!l.contains(resource)) {
throw new NoPermissionException("Permission denied.", session.getUser(),
PolicyConstants.RESOURCE_PERMISSION_RESOURCE_TYPE);
}
} catch (NoPermissionException npe) {
throw npe;
} catch (Exception e) {
throw new NoPermissionException("Failed to determine management rights.", session.getUser(),
PolicyConstants.RESOURCE_PERMISSION_RESOURCE_TYPE);
}
} else {
throw new Error("checkValid() only supports edit, remove or view here, not '" + actionTarget + "'.");
}
}
/**
* Get a resource from a list of resources given its name. This is for
* resources that don't have specific methods for getting a resource by its
* name in the database. <code>null</code> will be returned if no such
* named resource exists.
*
* @param resourceName resource name
* @param resources list of {@link Resource} objects
* @return resource that has specified name
*/
public static Resource getResourceByName(String resourceName, List resources) {
for (Iterator i = resources.iterator(); i.hasNext();) {
Resource r = (Resource) i.next();
if (r.getResourceName().equals(resourceName)) {
return r;
}
}
return null;
}
/**
* Gets a list of {@link Resources} granted for use for the specified
* session.
*
* @param session session
* @param resourceType resource type
* @return list of resources
* @throws Exception
*/
public static List getGrantedResource(SessionInfo session, ResourceType resourceType) throws Exception {
PolicyDatabase pdb = CoreServlet.getServlet().getPolicyDatabase();
List l = new ArrayList();
List granted = pdb.getGrantedResourcesOfType(session.getUser(), resourceType);
for (Iterator i = granted.iterator(); i.hasNext();) {
Integer r = (Integer) i.next();
l.add(resourceType.getResourceById(r.intValue()));
}
return l;
}
/**
* Filter a list of {@link Integer} objects containing resource ids for
* those that have a global favorite.
*
* @param resources resources
* @param resourceType resource type
* @return filtered list of resources that have favorites
* @throws Exception on any error
*/
public static List filterResourceIdsForGlobalFavorites(List resources, ResourceType resourceType) throws Exception {
List l = new ArrayList();
for (Iterator i = resources.iterator(); i.hasNext();) {
Integer r = (Integer) i.next();
if (CoreServlet.getServlet().getSystemDatabase().getFavorite(resourceType.getResourceTypeId(), null, r.intValue()) != null) {
l.add(r);
}
}
return l;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -