package edu.asu.spring.quadriga.accesschecks.impl;
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import edu.asu.spring.quadriga.accesschecks.IProjectSecurityChecker;
import edu.asu.spring.quadriga.dao.workbench.IProjectAccessDAO;
import edu.asu.spring.quadriga.domain.IQuadrigaRole;
import edu.asu.spring.quadriga.domain.IUser;
import edu.asu.spring.quadriga.domain.workbench.IProjectCollaborator;
import edu.asu.spring.quadriga.exceptions.NoSuchRoleException;
import edu.asu.spring.quadriga.exceptions.QuadrigaStorageException;
import edu.asu.spring.quadriga.service.IQuadrigaRoleManager;
import edu.asu.spring.quadriga.service.IUserManager;
import edu.asu.spring.quadriga.service.workbench.IProjectCollaboratorManager;
import edu.asu.spring.quadriga.web.login.RoleNames;
@Service
public class ProjectSecurityChecker implements IProjectSecurityChecker {
@Autowired
private IUserManager userManager;
@Autowired
private IProjectCollaboratorManager projectManager;
@Autowired
private IProjectAccessDAO accessManager;
@Autowired
private IQuadrigaRoleManager roleManager;
/**
* This method checks if the user is Quadriga Admin
*
* @param userName
* @return boolean - TRUE if the user is quadriga Admin else FALSE
* @throws QuadrigaStorageException
* @author kiranbatna
*/
@Override
@Transactional
public boolean checkQuadrigaAdmin(String userName) throws QuadrigaStorageException {
boolean chkAccess;
IUser user;
List<IQuadrigaRole> quadrigaRoles;
// initialize chkAccess variable
chkAccess = false;
user = userManager.getUser(userName);
quadrigaRoles = user.getQuadrigaRoles();
for (IQuadrigaRole quadRole : quadrigaRoles) {
if (quadRole.getId().equals(RoleNames.ROLE_QUADRIGA_ADMIN)) {
chkAccess = true;
break;
}
}
return chkAccess;
}
/**
* This method checks if the user is project owner
*
* @param userName
* @return boolean - TRUE if the user is project owner else FALSE
* @throws QuadrigaStorageException
* @author kiranbatna
*/
@Override
@Transactional
public boolean isProjectOwner(String userName, String projectId) throws QuadrigaStorageException {
// check if the user is project owner
String owner = accessManager.getProjectOwner(projectId);
return owner.equals(userName);
}
@Override
@Transactional
public boolean ownsAtLeastOneProject(String userName) throws QuadrigaStorageException {
// check if the use is associated with any project
return accessManager.getNrOfOwnedProjects(userName) > 0;
}
@Override
@Transactional
public boolean collaboratesOnAtLeastOneProject(String userName, String collaboratorRole)
throws QuadrigaStorageException {
return accessManager.getNrOfProjectsCollaboratingOn(userName, collaboratorRole) > 0;
}
/**
* This method checks if the user has the specified collaboratorRole on the
* project
*
* @param userName
* @param collaboratorRole
* @param projectId
* @return boolean - TRUE if the user has specified collaboratorRole else
* FALSE
* @throws QuadrigaStorageException
* @author kiranbatna
* @throws NoSuchRoleException
*/
/*
* (non-Javadoc)
*
* @see edu.asu.spring.quadriga.accesschecks.IProjectSecurityChecker#
* isCollaborator(java.lang.String, java.lang.String, java.lang.String)
*/
@Override
@Transactional
public boolean isCollaborator(String userName, String collaboratorRole, String projectId)
throws QuadrigaStorageException, NoSuchRoleException {
IQuadrigaRole role = roleManager.getQuadrigaRoleById(IQuadrigaRoleManager.PROJECT_ROLES, collaboratorRole);
if (role == null) {
throw new NoSuchRoleException("The role " + collaboratorRole + " does not exist.");
}
return accessManager.isCollaborator(userName, role.getDBid(), projectId);
}
/**
* This method checks if the project collaborator has access to perform
* operations.
*
* @param userName
* @param projectId
* @param collaboratorRole
* @return boolean - TRUE if he has access else FALSE
* @throws QuadrigaStorageException
* @author kiranbatna
*/
@Override
@Transactional
public boolean isUserCollaboratorOnProject(String userName, String projectId, String collaboratorRole)
throws QuadrigaStorageException {
// fetch the collaborators associated with the project
List<IProjectCollaborator> projectCollaboratorList = projectManager.getProjectCollaborators(projectId);
if (projectCollaboratorList == null)
return false;
// loop through each collaborator
for (IProjectCollaborator projectCollaborator : projectCollaboratorList) {
if (projectCollaborator.getCollaborator() != null
&& projectCollaborator.getCollaborator().getUserObj().getUserName().equals(userName)) {
List<IQuadrigaRole> collaboratorRoles = projectCollaborator.getCollaborator().getCollaboratorRoles();
if (collaboratorRoles != null) {
// check if the collaborator is Project Admin or
// Contributor
for (IQuadrigaRole role : collaboratorRoles) {
if (role.getId().equals(collaboratorRole)) {
return true;
}
}
}
}
}
return false;
}
/**
* This method checks if the user is either a project owner or a quadriga
* admin
*
* @param userName
* @return boolean - TRUE if the user is either a project owner or a
* quadriga admin else FALSE
* @throws QuadrigaStorageException
* @author kiranbatna
*/
@Override
@Transactional
public boolean checkProjectAccess(String userName, String projectId) throws QuadrigaStorageException {
boolean chkAccess;
// initialize chkAccess variable
chkAccess = false;
// check if the user is project owner
chkAccess = this.isProjectOwner(userName, projectId);
if (!chkAccess) {
chkAccess = this.isUserCollaboratorOnProject(userName, projectId, RoleNames.ROLE_QUADRIGA_ADMIN);
}
return chkAccess;
}
@Override
@Transactional
public boolean isUnixnameInUse(String unixName, String projectId) throws QuadrigaStorageException {
return accessManager.getProjectIdByUnixName(unixName) != null;
}
/*
* (non-Javadoc)
*
* @see edu.asu.spring.quadriga.accesschecks.IProjectSecurityChecker#
* getCollaboratorRoles(java.lang.String, java.lang.String)
*/
@Override
public List<String> getCollaboratorRoles(String userName, String projectId) {
List<String> userDBRoles = accessManager.getProjectCollaboratorRoles(userName, projectId);
List<String> collaboratorRoles = new ArrayList<String>();
userDBRoles.forEach(userDBRole -> collaboratorRoles
.add(roleManager.getQuadrigaRoleByDbId(IQuadrigaRoleManager.PROJECT_ROLES, userDBRole).getId()));
return collaboratorRoles;
}
}