SessionHandlerBean.java
2.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package fi.insomnia.bortal.beans;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.facade.UserFacade;
import fi.insomnia.bortal.model.Role;
import fi.insomnia.bortal.model.RoleRight;
import fi.insomnia.bortal.model.User;
/**
* Session Bean implementation class SessionHandlerBean
*/
@Stateless
public class SessionHandlerBean implements SessionHandlerBeanLocal {
@EJB
private UserFacade userfacade;
private static final Logger logger = LoggerFactory.getLogger(SessionHandlerBean.class);
/**
* Default constructor.
*/
public SessionHandlerBean() {
// TODO Auto-generated constructor stub
}
@Override
public boolean hasPermission(String target, User user, RolePermission permission) {
User dbusr = userfacade.find(user.getId());
Set<Role> checkedRoles = new HashSet<Role>();
for (Role r : dbusr.getRoles()) {
if (getRights(r, target, permission, checkedRoles)) {
return true;
}
}
return false;
}
private static boolean getRights(Role role, String target, RolePermission permission, Set<Role> checkedRoles) {
if (checkedRoles.contains(role)) {
return false;
}
for (RoleRight rr : role.getRoleRights()) {
if (rr.getAccessRight().getAccessRight().equals(target)) {
switch (permission) {
case READ:
if (rr.getRead()) {
return true;
}
break;
case WRITE:
if (rr.getWrite()) {
return true;
}
break;
case EXECUTE:
if (rr.isExecute()) {
return true;
}
}
}
}
checkedRoles.add(role);
for (Role r : role.getParents()) {
if (getRights(r, target, permission, checkedRoles)) {
return true;
}
}
return false;
}
}