1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.annotation.rights.internal; |
21 |
|
|
22 |
|
import javax.inject.Inject; |
23 |
|
import javax.inject.Named; |
24 |
|
import javax.inject.Singleton; |
25 |
|
|
26 |
|
import org.slf4j.Logger; |
27 |
|
import org.xwiki.annotation.Annotation; |
28 |
|
import org.xwiki.annotation.io.IOService; |
29 |
|
import org.xwiki.annotation.reference.TypedStringEntityReferenceResolver; |
30 |
|
import org.xwiki.annotation.rights.AnnotationRightService; |
31 |
|
import org.xwiki.component.annotation.Component; |
32 |
|
import org.xwiki.model.EntityType; |
33 |
|
import org.xwiki.model.reference.DocumentReference; |
34 |
|
import org.xwiki.model.reference.DocumentReferenceResolver; |
35 |
|
import org.xwiki.model.reference.EntityReference; |
36 |
|
import org.xwiki.security.authorization.AuthorizationManager; |
37 |
|
import org.xwiki.security.authorization.Right; |
38 |
|
|
39 |
|
|
40 |
|
|
41 |
|
|
42 |
|
@version |
43 |
|
@since |
44 |
|
|
45 |
|
@Component |
46 |
|
@Singleton |
|
|
| 62.5% |
Uncovered Elements: 9 (24) |
Complexity: 9 |
Complexity Density: 0.6 |
|
47 |
|
public class XWikiAnnotationRightService implements AnnotationRightService |
48 |
|
{ |
49 |
|
|
50 |
|
|
51 |
|
|
52 |
|
|
53 |
|
|
54 |
|
|
55 |
|
@Inject |
56 |
|
private TypedStringEntityReferenceResolver referenceResolver; |
57 |
|
|
58 |
|
|
59 |
|
|
60 |
|
|
61 |
|
@Inject |
62 |
|
private IOService annotationsStorageService; |
63 |
|
|
64 |
|
@Inject |
65 |
|
private AuthorizationManager authorization; |
66 |
|
|
67 |
|
@Inject |
68 |
|
@Named("user/current") |
69 |
|
private DocumentReferenceResolver<String> userAndGroupReferenceResolver; |
70 |
|
|
71 |
|
|
72 |
|
|
73 |
|
|
74 |
|
@Inject |
75 |
|
private Logger logger; |
76 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
77 |
8 |
@Override... |
78 |
|
public boolean canAddAnnotation(String target, String userName) |
79 |
|
{ |
80 |
|
|
81 |
8 |
return this.authorization.hasAccess(Right.COMMENT, getUserReference(userName), getDocumentReference(target)); |
82 |
|
} |
83 |
|
|
|
|
| 50% |
Uncovered Elements: 5 (10) |
Complexity: 3 |
Complexity Density: 0.38 |
|
84 |
12 |
@Override... |
85 |
|
public boolean canEditAnnotation(String annotationId, String target, String userName) |
86 |
|
{ |
87 |
|
|
88 |
12 |
try { |
89 |
12 |
boolean hasEditRight = |
90 |
|
this.authorization.hasAccess(Right.EDIT, getUserReference(userName), getDocumentReference(target)); |
91 |
12 |
if (hasEditRight) { |
92 |
12 |
return true; |
93 |
|
} |
94 |
|
|
95 |
|
|
96 |
0 |
Annotation ann = annotationsStorageService.getAnnotation(target, annotationId); |
97 |
0 |
return ann != null && ann.getAuthor().equals(userName); |
98 |
|
} catch (Exception e) { |
99 |
0 |
logException(e, target, userName); |
100 |
0 |
return false; |
101 |
|
} |
102 |
|
} |
103 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
104 |
0 |
@Override... |
105 |
|
public boolean canViewAnnotatedTarget(String target, String userName) |
106 |
|
{ |
107 |
0 |
return canViewAnnotations(target, userName); |
108 |
|
} |
109 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
110 |
9 |
@Override... |
111 |
|
public boolean canViewAnnotations(String target, String userName) |
112 |
|
{ |
113 |
|
|
114 |
9 |
return this.authorization.hasAccess(Right.VIEW, getUserReference(userName), getDocumentReference(target)); |
115 |
|
} |
116 |
|
|
117 |
|
|
118 |
|
|
119 |
|
|
120 |
|
|
121 |
|
|
122 |
|
@param |
123 |
|
@return |
124 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
125 |
29 |
private EntityReference getDocumentReference(String target)... |
126 |
|
{ |
127 |
29 |
EntityReference ref = this.referenceResolver.resolve(target, EntityType.DOCUMENT); |
128 |
|
|
129 |
29 |
return ref.extractReference(EntityType.DOCUMENT); |
130 |
|
} |
131 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
132 |
29 |
private DocumentReference getUserReference(String username)... |
133 |
|
{ |
134 |
29 |
return this.userAndGroupReferenceResolver.resolve(username); |
135 |
|
} |
136 |
|
|
137 |
|
|
138 |
|
|
139 |
|
|
140 |
|
@param |
141 |
|
@param |
142 |
|
@param |
143 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
144 |
0 |
private void logException(Exception e, String target, String user)... |
145 |
|
{ |
146 |
0 |
this.logger.warn("Couldn't get access rights for the target [{}] for user [{}]", target, user, e); |
147 |
|
} |
148 |
|
} |