DeadboltUtils.java

package views.html.security;

import static be.objectify.deadbolt.java.DeadboltViewSupport.viewPattern;
import static be.objectify.deadbolt.java.DeadboltViewSupport.viewRestrict;

import java.util.List;

import play.mvc.Http;
import play.mvc.Http.Context;
import security.Approvable;
import be.objectify.deadbolt.core.PatternType;
import be.objectify.deadbolt.core.models.Subject;
import be.objectify.deadbolt.java.DeadboltHandler;
import be.objectify.deadbolt.java.utils.PluginUtils;
import be.objectify.deadbolt.java.utils.RequestUtils;

public class DeadboltUtils {

	public static boolean viewRestrictCombine(List<String[]> roles, String withPattern, PatternType patternType)
			throws Throwable {
		boolean hasAccess = viewRestrict(roles, null);
		if (!hasAccess) {
			hasAccess = viewPattern(withPattern, patternType, null);
		}
		return hasAccess;
	}

	/**
	 * Used for roleHolderNotPresent tags in the template.
	 * 
	 * @return true if the view can be accessed, otherwise false
	 */
	public static boolean viewSubjectNotPresent() throws Throwable {
		DeadboltHandler handler = PluginUtils.getDeadboltHandler();
		Context ctx = Http.Context.current();
		Subject roleHolder = RequestUtils.getSubject(handler, ctx);
		return roleHolder == null;
	}

	public static boolean viewRestrictApproved() throws Throwable {
		DeadboltHandler handler = PluginUtils.getDeadboltHandler();
		Context ctx = Http.Context.current();
		Subject roleHolder = RequestUtils.getSubject(handler, ctx);
		return isSubjectApproved(roleHolder);
	}

	public static boolean viewRestrictNotApproved() throws Throwable {
		return !viewRestrictApproved();
	}

	public static boolean isSubjectApproved(Subject roleHolder) {
		boolean approved = false;
		if (roleHolder != null && roleHolder instanceof Approvable) {
			Approvable approvable = (Approvable) roleHolder;

			if (approvable.isApproved())
				approved = true;
		}
		return approved;
	}
}