001/* 002 * (C) Copyright 2006-2010 Nuxeo SAS (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * bstefanescu 016 */ 017package org.nuxeo.ecm.webengine.security.guards; 018 019import java.security.Principal; 020 021import org.nuxeo.common.xmap.annotation.XObject; 022import org.nuxeo.ecm.core.api.NuxeoPrincipal; 023import org.nuxeo.ecm.webengine.model.Access; 024import org.nuxeo.ecm.webengine.security.Guard; 025import org.nuxeo.runtime.model.Adaptable; 026 027/** 028 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 029 */ 030@XObject("isAdministrator") 031public class IsAdministratorGuard implements Guard { 032 033 protected boolean isAdministrator; 034 035 public IsAdministratorGuard() { 036 isAdministrator = true; 037 } 038 039 public IsAdministratorGuard(String isAdministrator) { 040 this.isAdministrator = Boolean.parseBoolean(isAdministrator); 041 } 042 043 public IsAdministratorGuard(Access isAdministrator) { 044 this.isAdministrator = isAdministrator == Access.GRANT; 045 } 046 047 public boolean check(Adaptable context) { 048 Principal p = context.getAdapter(Principal.class); 049 if (p instanceof NuxeoPrincipal) { 050 return ((NuxeoPrincipal) p).isAdministrator() == isAdministrator; 051 } 052 return false; 053 } 054 055 public boolean isAdministrator() { 056 return isAdministrator; 057 } 058 059 public String toString() { 060 return "IS_ADMINISTRATOR[" + isAdministrator + "]"; 061 } 062 063}