[Lada-commits] [PATCH] Added method to authorize new objects

[Wald Commits]

# HG changeset patch
# User Raimund Renkert <raimund.renkert at intevation.de>
# Date 1477303014 -7200
# Node ID 657f35a7467d0784a8aeeb5c53d068aabfb7424f
# Parent  ca599ec3ee799307ec77ae3106b77e39b7a209af
Added method to authorize new objects.

diff -r ca599ec3ee79 -r 657f35a7467d src/main/java/de/intevation/lada/util/auth/Authorization.java
--- a/src/main/java/de/intevation/lada/util/auth/Authorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/Authorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -22,5 +22,6 @@
         Object source, Object data, RequestMethod method, Class<T> clazz);
     //public <T> boolean isAuthorized(int id, Class<T> clazz);
     public <T> boolean isAuthorized(UserInfo userInfo, Object data, Class<T> clazz);
+    public <T> boolean isAuthorizedOnNew(UserInfo userInfo, Object data, Class<T> clazz);
     boolean isReadOnly(Integer probeId);
 }
diff -r ca599ec3ee79 -r 657f35a7467d src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -90,4 +90,19 @@
         return true;
     }
 
+    /**
+     * Get the authorization status.
+     *
+     * @param   userInfo    The user information
+     * @param   data        The response data object.
+     *
+     * @return true
+     */
+    @Override
+    public <T> boolean isAuthorizedOnNew(
+        UserInfo userInfo,
+        Object data,
+        Class<T> clazz) {
+        return true;
+    }
 }
diff -r ca599ec3ee79 -r 657f35a7467d src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -245,4 +245,25 @@
         }
         return authorizer.isAuthorized(data, RequestMethod.GET, userInfo, clazz);
     }
+
+    /**
+     * Check whether a user is authorized to operate on the given probe.
+     *
+     * @param userInfo  The user information.
+     * @param data      The probe data to test.
+     * @return True if the user is authorized else returns false.
+     */
+    @Override
+    public <T> boolean isAuthorizedOnNew(
+        UserInfo userInfo,
+        Object data,
+        Class<T> clazz
+    ) {
+        Authorizer authorizer = authorizers.get(clazz);
+        //This is a hack... Allows wildcard for unknown classes.
+        if (authorizer == null) {
+            return true;
+        }
+        return authorizer.isAuthorized(data, RequestMethod.POST, userInfo, clazz);
+    }
 }
diff -r ca599ec3ee79 -r 657f35a7467d src/main/java/de/intevation/lada/util/auth/TestAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Mon Oct 24 11:54:53 2016 +0200
+++ b/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Mon Oct 24 11:56:54 2016 +0200
@@ -64,6 +64,11 @@
     }
 
     @Override
+    public <T> boolean isAuthorizedOnNew(UserInfo userInfo, Object data, Class<T> clazz) {
+        return true;
+    }
+
+    @Override
     public boolean isReadOnly(Integer probeId) {
         return false;
     }