AuthorizationService.java

/*
 * Copyright (c) 2002-2019, Mairie de Paris
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 *  1. Redistributions of source code must retain the above copyright notice
 *     and the following disclaimer.
 *
 *  2. Redistributions in binary form must reproduce the above copyright notice
 *     and the following disclaimer in the documentation and/or other materials
 *     provided with the distribution.
 *
 *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
 *     contributors may be used to endorse or promote products derived from
 *     this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 *
 * License 1.0
 */
package fr.paris.lutece.plugins.appcenter.service;

import fr.paris.lutece.plugins.appcenter.business.PermissionRole;
import fr.paris.lutece.plugins.appcenter.business.PermissionRoleHome;
import fr.paris.lutece.plugins.appcenter.business.Role;
import fr.paris.lutece.plugins.appcenter.business.RoleHome;
import java.util.List;

/**
 * AuthorizationService
 */
public class AuthorizationService
{
    public static boolean isAuthorized( String strIdUser, int idApplication, String strPermissionCode, String strResource )
    {

        if ( strIdUser != null )
        {
            // check global roles
            Role role = RoleHome.findGlobalRoleByUserId( strIdUser );

            if ( role == null )
            {
                // check application role
                role = RoleHome.findByUserIdAndApplicationId( strIdUser, idApplication );
            }

            if ( role != null )
            {
                List<PermissionRole> listPermissionRole = PermissionRoleHome.getPermissionRolesListByCodeAndIdRole( strPermissionCode, role.getId( ) );

                if ( !listPermissionRole.isEmpty( ) && strResource != null )
                {
                    for ( PermissionRole permissionRole : listPermissionRole )
                    {
                        if ( permissionRole.getCodeResource( ).equals( "*" ) || permissionRole.getCodeResource( ).equals( strResource ) )
                        {
                            return true;
                        }
                    }
                }
                else
                    if ( !listPermissionRole.isEmpty( ) )
                    {
                        return true;
                    }
            }
        }

        return false;
    }
}