PermissionEvaluator.java example

Explorer
elmis-master
- modules
- test-modules
/*
 * This program is part of the OpenLMIS logistics management information system platform software.
 * Copyright © 2013 VillageReach
 *
 * This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 *  
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
 * You should have received a copy of the GNU Affero General Public License along with this program.  If not, see http://www.gnu.org/licenses.  For additional information contact info@OpenLMIS.org. 
 */

package org.openlmis.authentication.web;

import lombok.NoArgsConstructor;
import org.openlmis.core.domain.Right;
import org.openlmis.core.service.RightService;
import org.openlmis.core.service.RoleRightsService;
import org.openlmis.core.utils.RightUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.List;

import static com.google.common.collect.Iterables.any;

/**
 * This class is responsible for checking if the user has the given rights.
 */

@Component
@NoArgsConstructor
public class PermissionEvaluator {

  @Autowired
  private RoleRightsService roleRightService;

  @Autowired
  private RightService rightService;

  public Boolean hasPermission(Long userId, String commaSeparatedRights) {
    List<Right> userRights = roleRightService.getRights(userId);
    return any(userRights, RightUtil.contains(getRightNamesList(commaSeparatedRights)));
  }

  public Boolean hasReportingPermission(Long userId) {
    return rightService.hasReportingRight(userId);
  }

  private List<String> getRightNamesList(String commaSeparatedRights) {
    List<String> rights = new ArrayList<>();
    String[] permissions = commaSeparatedRights.split(",");
    for (String permission : permissions) {
      rights.add(permission.trim());
    }
    return rights;
  }
}