OrganizationalUnitController.java

/*
 * Copyright 2016 Red Hat, Inc. and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.guvnor.structure.client.security;

import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;

import org.guvnor.structure.organizationalunit.OrganizationalUnit;
import org.guvnor.structure.repositories.Repository;
import org.guvnor.structure.security.OrganizationalUnitAction;
import org.guvnor.structure.security.RepositoryAction;
import org.jboss.errai.security.shared.api.identity.User;
import org.uberfire.security.authz.AuthorizationManager;

@ApplicationScoped
public class OrganizationalUnitController {

    public static final String ORG_UNIT_TYPE = "orgunit";
    public static final String ORG_UNIT_CREATE = "create";
    public static final String ORG_UNIT_READ = "read";
    public static final String ORG_UNIT_UPDATE = "update";
    public static final String ORG_UNIT_DELETE = "delete";

    private AuthorizationManager authorizationManager;
    private User user;

    @Inject
    public OrganizationalUnitController(AuthorizationManager authorizationManager, User user) {
        this.authorizationManager = authorizationManager;
        this.user = user;
    }


    public boolean canCreateOrgUnits() {
        return authorizationManager.authorize(OrganizationalUnit.RESOURCE_TYPE, OrganizationalUnitAction.CREATE, user);
    }

    public boolean canReadOrgUnits() {
        return authorizationManager.authorize(OrganizationalUnit.RESOURCE_TYPE, OrganizationalUnitAction.READ, user);
    }

    public boolean canReadOrgUnit(OrganizationalUnit organizationalUnit) {
        return authorizationManager.authorize(organizationalUnit, OrganizationalUnitAction.READ, user);
    }

    public boolean canUpdateOrgUnit(OrganizationalUnit organizationalUnit) {
        return authorizationManager.authorize(organizationalUnit, OrganizationalUnitAction.UPDATE, user);
    }

    public boolean canDeleteOrgUnit(OrganizationalUnit organizationalUnit) {
        return authorizationManager.authorize(organizationalUnit, OrganizationalUnitAction.DELETE, user);
    }

    public boolean canReadRepository(Repository repository) {
        return authorizationManager.authorize(repository, RepositoryAction.READ, user);
    }
}