Source code

001/*
002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 */
017package org.nuxeo.ecm.platform.routing.web;
018
019import java.io.Serializable;
020
021import org.jboss.seam.ScopeType;
022import org.jboss.seam.annotations.In;
023import org.jboss.seam.annotations.Install;
024import org.jboss.seam.annotations.Name;
025import org.jboss.seam.annotations.Scope;
026import org.nuxeo.ecm.core.api.CoreSession;
027import org.nuxeo.ecm.core.api.DocumentModel;
028import org.nuxeo.ecm.core.api.NuxeoPrincipal;
029import org.nuxeo.ecm.platform.routing.api.DocumentRoutingService;
030import org.nuxeo.ecm.platform.ui.web.api.NavigationContext;
031import org.nuxeo.runtime.api.Framework;
032
033/**
034 * @author <a href="mailto:arussel@nuxeo.com">Alexandre Russel</a>
035 */
036@Scope(ScopeType.CONVERSATION)
037@Name("routeSecurityChecker")
038@Install(precedence = Install.FRAMEWORK)
039public class RouteSecurityChecker implements Serializable {
040
041    private static final long serialVersionUID = 1L;
042
043    @In(required = true, create = false)
044    protected NuxeoPrincipal currentUser;
045
046    @In(required = true, create = false)
047    protected CoreSession documentManager;
048
049    @In(create = true)
050    protected transient NavigationContext navigationContext;
051
052    @Deprecated
053    /**
054     * @deprecated use
055     *             {@link #canValidateRoute(DocumentModel)}
056     *             instead.
057     */
058    public boolean canValidateRoute() {
059        DocumentModel currentDoc = navigationContext.getCurrentDocument();
060        if (!documentManager.hasChildren(currentDoc.getRef())) {
061            // Cannot validate an empty route
062            return false;
063        }
064        return getDocumentRoutingService().canUserValidateRoute(currentUser);
065    }
066
067    public boolean canValidateRoute(DocumentModel routeDocument) {
068        return canValidateRoute() || getDocumentRoutingService().canValidateRoute(routeDocument, documentManager);
069    }
070
071    public DocumentRoutingService getDocumentRoutingService() {
072        return Framework.getService(DocumentRoutingService.class);
073    }
074
075}