01: package com.technoetic.xplanner.actions;
02:
03: import com.technoetic.xplanner.domain.SearchResult;
04: import com.technoetic.xplanner.filters.ThreadServletRequest;
05: import com.technoetic.xplanner.security.AuthenticationException;
06: import com.technoetic.xplanner.security.SecurityHelper;
07: import com.technoetic.xplanner.security.auth.SystemAuthorizer;
08: import com.technoetic.xplanner.tags.DomainContext;
09: import org.apache.commons.collections.Predicate;
10:
11: /**
12: * Created by IntelliJ IDEA.
13: * User: tkmower
14: * Date: Dec 14, 2004
15: * Time: 2:02:13 PM
16: */
17: public class SearchResultAuthorizationPredicate implements Predicate {
18: private final int remoteUserId;
19:
20: public SearchResultAuthorizationPredicate(int remoteUserId) {
21: this .remoteUserId = remoteUserId;
22: }
23:
24: public boolean evaluate(Object o) {
25: try {
26: return isResultReadableByUser((SearchResult) o,
27: remoteUserId);
28: } catch (AuthenticationException e) {
29: return false;
30: }
31: }
32:
33: //debt This code looks a bit like some code in RepositorySecurityAdapter.checkAuthorization
34: protected boolean isResultReadableByUser(SearchResult searchResult,
35: int remoteUserId) throws AuthenticationException {
36: Object object = searchResult.getMatchingObject();
37: boolean result;
38: DomainContext context = new DomainContext();
39:
40: try {
41: context.populate(object);
42: result = SystemAuthorizer.get().hasPermission(
43: context.getProjectId(),
44: SecurityHelper.getRemoteUserId(ThreadServletRequest
45: .get()), object, "read");
46: } catch (Exception e) {
47: throw new AuthenticationException(e);
48: }
49: return result;
50: }
51:
52: }
|