package org.bonitasoft.console.common.server.page;
import org.bonitasoft.engine.api.ApplicationAPI;
import org.bonitasoft.engine.api.PageAPI;
import org.bonitasoft.engine.business.application.Application;
import org.bonitasoft.engine.business.application.ApplicationPageSearchDescriptor;
import org.bonitasoft.engine.business.application.ApplicationSearchDescriptor;
import org.bonitasoft.engine.exception.BonitaException;
import org.bonitasoft.engine.search.SearchOptionsBuilder;
import org.bonitasoft.engine.search.SearchResult;
import org.bonitasoft.web.toolkit.client.common.util.StringUtil;
/**
* @author Julien Mege
*/
public class CustomPageAuthorizationsHelper {
private final GetUserRightsHelper getUserRightsHelper;
private final ApplicationAPI applicationAPI;
private final PageAPI pageApi;
public CustomPageAuthorizationsHelper(final GetUserRightsHelper getUserRightsHelper, final ApplicationAPI applicationAPI, final PageAPI pageApi) {
this.getUserRightsHelper = getUserRightsHelper;
this.applicationAPI = applicationAPI;
this.pageApi = pageApi;
}
public boolean isPageAuthorized(final String appToken, final String pageName) throws BonitaException {
if (StringUtil.isBlank(appToken)) {
return isPageAuthorizedInPortal(pageName);
} else {
return isPageAuthorizedInApplication(appToken, pageName);
}
}
private boolean isPageAuthorizedInPortal(final String pageName) throws BonitaException {
return getUserRightsHelper.getUserRights().contains(pageName);
}
private boolean isPageAuthorizedInApplication(final String applicationToken, final String pageToken) throws BonitaException {
try {
Long applicationId = getApplicationId(applicationToken);
if(applicationId == null){
return false;
}
return applicationAPI.searchApplicationPages(new SearchOptionsBuilder(0, 0)
.filter(ApplicationPageSearchDescriptor.APPLICATION_ID, applicationId)
.filter(ApplicationPageSearchDescriptor.PAGE_ID, pageApi.getPageByName(pageToken).getId())
.done()).getCount() > 0;
} catch (final Exception e) {
return false;
}
}
private Long getApplicationId(String applicationToken) throws BonitaException{
SearchResult<Application> applicationSResult = applicationAPI.searchApplications(new SearchOptionsBuilder(0, 1)
.filter(ApplicationSearchDescriptor.TOKEN, applicationToken).done());
if(applicationSResult.getResult().size()<1){
return null;
}
return applicationSResult.getResult().get(0).getId();
}
}