Author: tchemit Date: 2012-06-15 23:13:46 +0200 (Fri, 15 Jun 2012) New Revision: 3486 Url: http://chorem.org/repositories/revision/pollen/3486 Log: add new methods in securit services Modified: trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java Modified: trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java =================================================================== --- trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java 2012-06-15 20:50:50 UTC (rev 3485) +++ trunk/pollen-services/src/main/java/org/chorem/pollen/services/impl/SecurityService.java 2012-06-15 21:13:46 UTC (rev 3486) @@ -22,6 +22,9 @@ */ package org.chorem.pollen.services.impl; +import com.google.common.base.Preconditions; +import com.google.common.collect.Sets; +import org.apache.commons.lang3.StringUtils; import org.chorem.pollen.PollenTechnicalException; import org.chorem.pollen.bean.PollUri; import org.chorem.pollen.business.persistence.Poll; @@ -33,6 +36,8 @@ import org.chorem.pollen.services.exceptions.UnauthorizedPollAccessException; import org.nuiton.topia.TopiaException; +import java.util.Set; + /** * Service to manager security. * @@ -41,6 +46,37 @@ */ public class SecurityService extends PollenServiceSupport { + /** + * To define meaning of a accountId. + * + * @author tchemit <chemit@codelutin.com> + * @since 1.4 + */ + public enum AccountIdRole { + + /** + * Creator of the poll. + * <p/> + * This role can access to everything, but can not vote. + */ + CREATOR, + /** A user that has voted on a poll. */ + VOTER, + /** + * A user that was invited to a restricted poll. + * <p/> + * It might have alreay voted or not. + */ + RESTRICTED_VOTER, + /** When accountId does not exists for a poll. */ + UNDEFINED + } + + public static final Set<AccountIdRole> NONE_FREE_ACCOUNT_ID_ROLES = Sets.newHashSet( + AccountIdRole.RESTRICTED_VOTER, + AccountIdRole.CREATOR + ); + public void checkPoll(PollUri uri) throws PollNotFoundException { getExistingPoll(uri); @@ -119,7 +155,74 @@ } } + private boolean isVoterAccountId(PollAccountDAO dao, PollUri uri) { + try { + + return dao.existsByPollVoteAccountId(uri.getPollId(), uri.getAccountId()); + + } catch (TopiaException e) { + throw new PollenTechnicalException( + "Could not check pollAccount existence from poll '" + + uri.getPollId() + "' and account '" + uri.getAccountId() + "'", e); + } + } + + private boolean isRestrictPollAccountId(PollAccountDAO dao, PollUri uri) { + try { + + PollAccount result = + dao.getRestrictedPollAccount(uri.getPollId(), uri.getAccountId()); + + return result != null; + + } catch (TopiaException e) { + throw new PollenTechnicalException( + "Could not check pollAccount existence from poll '" + + uri.getPollId() + "' and account '" + uri.getAccountId() + "'", e); + } + } + protected Poll getExistingPoll(PollUri uri) throws PollNotFoundException { return newService(PollService.class).getExistingPollByPollId(uri.getPollId()); } + + public AccountIdRole getAccountIdRole(Poll poll, String accountId) { + + Preconditions.checkNotNull(poll); + + AccountIdRole result = AccountIdRole.UNDEFINED; + + if (StringUtils.isNotBlank(accountId)) { + + if (accountId.equals(poll.getCreator().getAccountId())) { + + result = AccountIdRole.CREATOR; + } else { + + PollAccountDAO dao = getDAO(PollAccount.class); + + PollUri pollUri = PollUri.newPollUri(poll.getPollId(), accountId); + + if (poll.getPollType() == PollType.FREE) { + + // + + boolean found = isVoterAccountId(dao, pollUri); + + if (found) { + result = AccountIdRole.VOTER; + } + } else { + + boolean found = isRestrictPollAccountId(dao, pollUri); + + if (found) { + result = AccountIdRole.RESTRICTED_VOTER; + } + } + } + } + return result; + } + }