package views.html.security; import static be.objectify.deadbolt.java.DeadboltViewSupport.viewPattern; import static be.objectify.deadbolt.java.DeadboltViewSupport.viewRestrict; import java.util.List; import play.mvc.Http; import play.mvc.Http.Context; import security.Approvable; import be.objectify.deadbolt.core.PatternType; import be.objectify.deadbolt.core.models.Subject; import be.objectify.deadbolt.java.DeadboltHandler; import be.objectify.deadbolt.java.utils.PluginUtils; import be.objectify.deadbolt.java.utils.RequestUtils; public class DeadboltUtils { public static boolean viewRestrictCombine(List<String[]> roles, String withPattern, PatternType patternType) throws Throwable { boolean hasAccess = viewRestrict(roles, null); if (!hasAccess) { hasAccess = viewPattern(withPattern, patternType, null); } return hasAccess; } /** * Used for roleHolderNotPresent tags in the template. * * @return true if the view can be accessed, otherwise false */ public static boolean viewSubjectNotPresent() throws Throwable { DeadboltHandler handler = PluginUtils.getDeadboltHandler(); Context ctx = Http.Context.current(); Subject roleHolder = RequestUtils.getSubject(handler, ctx); return roleHolder == null; } public static boolean viewRestrictApproved() throws Throwable { DeadboltHandler handler = PluginUtils.getDeadboltHandler(); Context ctx = Http.Context.current(); Subject roleHolder = RequestUtils.getSubject(handler, ctx); return isSubjectApproved(roleHolder); } public static boolean viewRestrictNotApproved() throws Throwable { return !viewRestrictApproved(); } public static boolean isSubjectApproved(Subject roleHolder) { boolean approved = false; if (roleHolder != null && roleHolder instanceof Approvable) { Approvable approvable = (Approvable) roleHolder; if (approvable.isApproved()) approved = true; } return approved; } }