OriginInfoReadPermission.java

package edu.ualberta.med.biobank.common.permission.shipment;

import edu.ualberta.med.biobank.common.action.ActionContext;
import edu.ualberta.med.biobank.common.permission.Permission;
import edu.ualberta.med.biobank.model.Center;
import edu.ualberta.med.biobank.model.OriginInfo;
import edu.ualberta.med.biobank.model.PermissionEnum;
import edu.ualberta.med.biobank.model.User;

public class OriginInfoReadPermission implements Permission {

    private static final long serialVersionUID = 1L;

    private Integer oiId;

    private Integer centerId;

    public OriginInfoReadPermission(Integer oiId) {
        this.oiId = oiId;
    }

    public OriginInfoReadPermission(Center center) {
        this.centerId = center.getId();
    }

    @Override
    public boolean isAllowed(ActionContext context) {
        User user = context.getUser();
        if (oiId != null) {
            OriginInfo oi = context.load(OriginInfo.class, oiId);
            return PermissionEnum.ORIGIN_INFO_READ.isAllowed(user,
                oi.getReceiverSite())
                || PermissionEnum.ORIGIN_INFO_READ.isAllowed(user,
                    oi.getCenter());
        }
        else if (centerId != null)
            return PermissionEnum.ORIGIN_INFO_READ.isAllowed(user,
                context.load(Center.class, centerId));
        return PermissionEnum.ORIGIN_INFO_READ.isAllowed(user);
    }

}