|
|
@ -1,6 +1,7 @@
|
|
|
|
package info.bukova.isspst.security;
|
|
|
|
package info.bukova.isspst.security;
|
|
|
|
|
|
|
|
|
|
|
|
import info.bukova.isspst.Constants;
|
|
|
|
import info.bukova.isspst.Constants;
|
|
|
|
|
|
|
|
import info.bukova.isspst.Module;
|
|
|
|
import info.bukova.isspst.data.Permission;
|
|
|
|
import info.bukova.isspst.data.Permission;
|
|
|
|
import info.bukova.isspst.data.PermissionType;
|
|
|
|
import info.bukova.isspst.data.PermissionType;
|
|
|
|
import info.bukova.isspst.data.Role;
|
|
|
|
import info.bukova.isspst.data.Role;
|
|
|
@ -39,11 +40,22 @@ public class WorkgroupAwareServiceEvaluator implements Evaluator {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
User user = (User)authentication.getPrincipal();
|
|
|
|
User user = (User)authentication.getPrincipal();
|
|
|
|
|
|
|
|
String moduleId = "";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// TODO - v master větvi je na toto pomocná třída
|
|
|
|
|
|
|
|
for (Module m : Constants.MODULES) {
|
|
|
|
|
|
|
|
if (m.getServiceClass() != null && m.getServiceClass().isAssignableFrom(targetDomainObject.getClass())) {
|
|
|
|
|
|
|
|
moduleId = m.getId();
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
Permission appPermission = null;
|
|
|
|
Permission appPermission = null;
|
|
|
|
for (Permission p : Constants.SPECIAL_PERMISSIONS) {
|
|
|
|
for (Permission p : Constants.SPECIAL_PERMISSIONS) {
|
|
|
|
if (p.getAuthority().equals(permission)) {
|
|
|
|
if (p.getAuthority().equals(permission)
|
|
|
|
|
|
|
|
&& p.getModule().equals(moduleId)) {
|
|
|
|
appPermission = p;
|
|
|
|
appPermission = p;
|
|
|
|
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -66,7 +78,8 @@ public class WorkgroupAwareServiceEvaluator implements Evaluator {
|
|
|
|
|
|
|
|
|
|
|
|
for (Role r : wgRoles) {
|
|
|
|
for (Role r : wgRoles) {
|
|
|
|
for (Permission p : r.getPermissions()) {
|
|
|
|
for (Permission p : r.getPermissions()) {
|
|
|
|
if (p.getAuthority().equals(appPermission.getAuthority())) {
|
|
|
|
if (p.getAuthority().equals(appPermission.getAuthority())
|
|
|
|
|
|
|
|
&& p.getModule().equals(appPermission.getModule())) {
|
|
|
|
return true;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|