WonDefaultAccessControlRules.java example

Explorer
webofneeds-master
- webofneeds
package won.cryptography.webid;

import org.apache.commons.collections.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.annotation.Transactional;
import won.protocol.model.MessageEventPlaceholder;
import won.protocol.repository.MessageEventRepository;

import java.net.URI;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * User: ypanchenko
 * Date: 28.07.2015
 */
public class WonDefaultAccessControlRules implements AccessControlRules
{

  private final Logger logger = LoggerFactory.getLogger(getClass());

  //TODO this is tepmorary, untill the acl source is defined
  @Autowired
  protected MessageEventRepository messageEventRepository;

  public WonDefaultAccessControlRules() {
  }

  @Transactional(isolation = Isolation.READ_COMMITTED)
  public boolean isAccessPermitted(String resourceURI, List<String> requesterWebIDs) {
    //TODO retrieve from an acl source for a resource instead of this temporary approach
    //specific for the message event resources
    resourceURI = resourceURI.replace("/data/event/", "/resource/event/");
    resourceURI = resourceURI.replace("/page/event/", "/resource/event/");
    List<String> permittedWebIDs = extractParticipatingParties(resourceURI);
    if (permittedWebIDs == null) {
      // no access control restrictions found, allow access by default (or should be reject by default...?)
      logger.info("found null for permitted WebIDs - allowing access to {}", resourceURI);
      return true;
    }
    Collection<String> requesterPermittedWebIDs = CollectionUtils.intersection(permittedWebIDs, requesterWebIDs);
    if (logger.isDebugEnabled()) {
      logger.debug("found requester WebIDs permitted to access {}: {}", resourceURI, requesterPermittedWebIDs.toString
        ());
    }
    return requesterPermittedWebIDs.size() > 0;
  }

  private List<String> extractParticipatingParties(String resourceUri) {
    MessageEventPlaceholder event = messageEventRepository.findOneByMessageURI(URI.create(resourceUri));
    if (event == null) {
      return null;
    }
    List<String> sendersAndReceivers = new ArrayList<>(4);
    if (event.getSenderNeedURI() != null) {
      sendersAndReceivers.add(event.getSenderNeedURI().toString());
    }
    if (event.getReceiverNeedURI() != null) {
      sendersAndReceivers.add(event.getReceiverNeedURI().toString());
    }
    if (event.getSenderNodeURI() != null) {
      sendersAndReceivers.add(event.getSenderNodeURI().toString());
    }
    if (event.getReceiverNodeURI() != null) {
      sendersAndReceivers.add(event.getReceiverNodeURI().toString());
    }
    return sendersAndReceivers;
  }
}