1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.rest.service.command;
35
36 import info.magnolia.cms.security.operations.AccessDefinition;
37 import info.magnolia.commands.CommandsManager;
38 import info.magnolia.context.MgnlContext;
39 import info.magnolia.rest.AbstractEndpoint;
40 import info.magnolia.rest.service.command.definition.CommandDefinition;
41 import info.magnolia.rest.service.command.definition.CommandEndpointDefinition;
42
43 import javax.inject.Inject;
44
45 import org.apache.commons.lang.StringUtils;
46
47
48
49
50
51
52
53 public class AbstractCommandEndpoint<D extends CommandEndpointDefinition> extends AbstractEndpoint<D> {
54
55 protected static final String STATUS_MESSAGE_OK = "Command execution successful.";
56 protected static final String STATUS_MESSAGE_FORBIDDEN = "Not authorized to execute command.";
57 protected static final String STATUS_MESSAGE_COMMAND_NOT_FOUND = "Command not found.";
58 protected static final String STATUS_MESSAGE_ERROR_OCCURRED = "Error executing command.";
59
60 protected final CommandsManager commandsManager;
61
62 @Inject
63 public AbstractCommandEndpoint(D endpointDefinition, final CommandsManager commandsManager) {
64 super(endpointDefinition);
65 this.commandsManager = commandsManager;
66 }
67
68
69
70
71
72
73
74
75
76 protected boolean isCommandExecutableByCurrentUser(String catalogName, String commandName) {
77 if (getEndpointDefinition().getEnabledCommands() == null || commandName == null) {
78 return false;
79 }
80
81 for (CommandDefinition commandDefinition : getEndpointDefinition().getEnabledCommands()) {
82 if (StringUtils.equals(catalogName, commandDefinition.getCatalogName()) && StringUtils.equals(commandName, commandDefinition.getCommandName())) {
83 final AccessDefinition accessDefinition = commandDefinition.getAccess();
84 return accessDefinition != null && accessDefinition.hasAccess(MgnlContext.getUser());
85 }
86 }
87
88 return false;
89 }
90 }