package fi.otavanopisto.muikku.plugins.forum;
import java.util.List;
import javax.enterprise.context.Dependent;
import javax.inject.Inject;
import fi.otavanopisto.muikku.controller.ResourceRightsController;
import fi.otavanopisto.muikku.dao.security.PermissionDAO;
import fi.otavanopisto.muikku.dao.security.ResourceRolePermissionDAO;
import fi.otavanopisto.muikku.dao.users.EnvironmentUserDAO;
import fi.otavanopisto.muikku.model.security.Permission;
import fi.otavanopisto.muikku.model.users.EnvironmentUser;
import fi.otavanopisto.muikku.model.users.RoleEntity;
import fi.otavanopisto.muikku.model.users.UserEntity;
import fi.otavanopisto.muikku.model.workspace.WorkspaceEntity;
import fi.otavanopisto.muikku.model.workspace.WorkspaceUserEntity;
import fi.otavanopisto.muikku.plugins.forum.model.ForumArea;
import fi.otavanopisto.muikku.plugins.forum.model.ForumMessage;
import fi.otavanopisto.muikku.plugins.forum.model.WorkspaceForumArea;
import fi.otavanopisto.muikku.schooldata.WorkspaceController;
import fi.otavanopisto.muikku.security.AbstractPermissionResolver;
import fi.otavanopisto.muikku.users.WorkspaceUserEntityController;
import fi.otavanopisto.security.ContextReference;
import fi.otavanopisto.security.PermissionResolver;
import fi.otavanopisto.security.User;
@Dependent
public class ForumPermissionResolver extends AbstractPermissionResolver implements PermissionResolver {
@Inject
private ResourceRolePermissionDAO resourceUserRolePermissionDAO;
@Inject
private WorkspaceUserEntityController workspaceUserEntityController;
@Inject
private EnvironmentUserDAO environmentUserDAO;
@Inject
private ForumResourcePermissionCollection permissionCollection;
@Inject
private PermissionDAO permissionDAO;
@Inject
private WorkspaceController workspaceController;
@Inject
private ResourceRightsController resourceRightsController;
@Override
public boolean handlesPermission(String permission) {
try {
return permissionCollection.containsPermission(permission) && ("FORUM".equals(permissionCollection.getPermissionScope(permission)));
} catch (NoSuchFieldException e) {
return false;
}
}
@Override
public boolean hasPermission(String permission, ContextReference contextReference, User user) {
ForumArea forumArea = getForumArea(contextReference);
Permission perm = permissionDAO.findByName(permission);
UserEntity userEntity = getUserEntity(user);
if (forumArea == null) {
return false;
}
RoleEntity userRole;
// TODO: typecasts
if (forumArea instanceof WorkspaceForumArea) {
WorkspaceForumArea workspaceForum = (WorkspaceForumArea) forumArea;
WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(workspaceForum.getWorkspace());
List<WorkspaceUserEntity> workspaceUsers = workspaceUserEntityController.listWorkspaceUserEntitiesByWorkspaceAndUser(workspaceEntity, userEntity);
// TODO: This is definitely not the way to do this
if (workspaceUsers.size() > 0) {
WorkspaceUserEntity workspaceUser = workspaceUsers.get(0);
userRole = workspaceUser.getWorkspaceUserRole();
if (resourceUserRolePermissionDAO.hasResourcePermissionAccess(
resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm) ||
hasEveryonePermission(permission, forumArea) ||
userEntity.getId().equals(forumArea.getOwner()))
return true;
}
}
EnvironmentUser environmentUser = environmentUserDAO.findByUserAndArchived(userEntity, Boolean.FALSE);
userRole = environmentUser.getRole();
boolean isOwner = userEntity != null ? userEntity.getId().equals(forumArea.getOwner()) : false;
return resourceUserRolePermissionDAO.hasResourcePermissionAccess(
resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm) ||
hasEveryonePermission(permission, forumArea) ||
isOwner;
}
@Override
public boolean hasEveryonePermission(String permission, ContextReference contextReference) {
ForumArea forumArea = getForumArea(contextReference);
RoleEntity userRole = getEveryoneRole();
Permission perm = permissionDAO.findByName(permission);
if (forumArea == null)
return false;
return resourceUserRolePermissionDAO.hasResourcePermissionAccess(
resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm);
}
private ForumArea getForumArea(ContextReference contextReference) {
if (contextReference instanceof ForumArea)
return (ForumArea) contextReference;
if (contextReference instanceof ForumMessage)
return ((ForumMessage) contextReference).getForumArea();
return null;
}
}