CustomRelationshipManager.java

/*
 * Copyright (C) 2015 Arthur Gregorio, AG.Software
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package br.com.webbudget.infraestructure.picketlink;

import br.com.webbudget.application.controller.UserSessionBean;
import br.com.webbudget.domain.model.security.Role;
import javax.enterprise.inject.spi.CDI;
import org.picketlink.idm.internal.ContextualRelationshipManager;
import org.picketlink.idm.internal.DefaultPartitionManager;
import org.picketlink.idm.model.IdentityType;

/**
 * Implementacao customizada da relationshipmanager para que o metodo de 
 * checagem da heranca entre os grants de roles para grupos seja invocado 
 * direcionando para um metodo customizado do dominio da aplicacao
 * 
 * @author Arthur Gregorio
 *
 * @version 1.0.0
 * @since 2.1.2, 23/12/2015
 */
public class CustomRelationshipManager extends ContextualRelationshipManager {

    private UserSessionBean userSessionBean;
    
    /**
     * @see ContextualRelationshipManager(org.picketlink.idm.internal.DefaultPartitionManager) 
     * 
     * @param partitionManager 
     */
    public CustomRelationshipManager(DefaultPartitionManager partitionManager) {
        super(partitionManager);
    }

    /**
     * @see #inheritsPrivileges(org.picketlink.idm.model.IdentityType, org.picketlink.idm.model.IdentityType) 
     * 
     * @param identity
     * @param assignee
     * @return 
     */
    @Override
    public boolean inheritsPrivileges(IdentityType identity, IdentityType assignee) {
        if (assignee instanceof Role) {
            final Role role = (Role) assignee;
            return this.getUserSessionBean().hasRole(role.getAuthorization());
        }
        return false;
    }
    
    /**
     * @return a instancia do gerenciador de permissoes do usuario
     */
    private UserSessionBean getUserSessionBean() {
        if (this.userSessionBean == null) {
            this.userSessionBean = CDI
                    .current()
                    .select(UserSessionBean.class)
                    .get();
        } 
        return this.userSessionBean;
    }
}