/*
* Copyright 2000-2013 Enonic AS
* http://www.enonic.com/license
*/
package com.enonic.cms.core.structure.menuitem;
import com.enonic.cms.core.security.SecurityService;
import com.enonic.cms.core.security.group.GroupEntity;
import com.enonic.cms.core.security.group.GroupType;
import com.enonic.cms.core.security.user.UserEntity;
import com.enonic.cms.core.security.userstore.UserStoreEntity;
/**
* Nov 19, 2009
*/
public class MenuItemAccessRightAccumulator
{
private SecurityService securityService;
public MenuItemAccessRightAccumulator( SecurityService securityService )
{
this.securityService = securityService;
}
public MenuItemAccumulatedAccessRights getAccessRightsAccumulated( final MenuItemEntity menuItem, final UserEntity user )
{
if ( user.isRoot() )
{
return new MenuItemAccumulatedAccessRights( true, user.getKey(), menuItem.getKey() );
}
final MenuItemAccumulatedAccessRights accumulated =
new MenuItemAccumulatedAccessRights( false, user.getKey(), menuItem.getKey() );
accumulateUserGroupRights( menuItem, user, accumulated );
if ( accumulated.isAllTrue() )
{
return accumulated;
}
accumulateAnonymousRights( menuItem, accumulated );
if ( accumulated.isAllTrue() )
{
return accumulated;
}
accumulateAuthenticatedUsersRights( menuItem, user, accumulated );
if ( accumulated.isAllTrue() )
{
return accumulated;
}
accumulateUsersMembershipsRights( menuItem, user, accumulated );
return accumulated;
}
private void accumulateUserGroupRights( MenuItemEntity menuItem, UserEntity user, MenuItemAccumulatedAccessRights accumulated )
{
accumulateGroupAccess( menuItem, accumulated, user.getUserGroup() );
}
private void accumulateAnonymousRights( MenuItemEntity menuItem, MenuItemAccumulatedAccessRights accumulated )
{
UserEntity anonymousUser = securityService.getUser( securityService.getAnonymousUserKey() );
if ( anonymousUser != null )
{
accumulateGroupAccess( menuItem, accumulated, anonymousUser.getUserGroup() );
}
}
private void accumulateAuthenticatedUsersRights( MenuItemEntity menuItem, UserEntity user, MenuItemAccumulatedAccessRights accumulated )
{
final UserStoreEntity userstore = user.getUserStore();
if ( !user.isAnonymous() && userstore != null )
{
GroupEntity group = securityService.getAuthenticatedUsersGroup( userstore );
accumulateGroupAccess( menuItem, accumulated, group );
}
}
private void accumulateUsersMembershipsRights( MenuItemEntity menuItem, UserEntity user, MenuItemAccumulatedAccessRights accumulated )
{
for ( final GroupEntity group : user.getAllMembershipsGroups() )
{
if ( group.getType() == GroupType.ENTERPRISE_ADMINS )
{
accumulated.setAllTo( true );
}
else
{
accumulateGroupAccess( menuItem, accumulated, group );
}
}
}
private void accumulateGroupAccess( MenuItemEntity menuItem, MenuItemAccumulatedAccessRights accumulated, GroupEntity group )
{
final MenuItemAccessEntity access = menuItem.getAccess( group.getGroupKey() );
if ( access != null )
{
accumulated.accumulate( access );
}
}
}