1 /**
2 * This file Copyright (c) 2013-2018 Magnolia International
3 * Ltd. (http://www.magnolia-cms.com). All rights reserved.
4 *
5 *
6 * This file is dual-licensed under both the Magnolia
7 * Network Agreement and the GNU General Public License.
8 * You may elect to use one or the other of these licenses.
9 *
10 * This file is distributed in the hope that it will be
11 * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12 * implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14 * Redistribution, except as permitted by whichever of the GPL
15 * or MNA you select, is prohibited.
16 *
17 * 1. For the GPL license (GPL), you can redistribute and/or
18 * modify this file under the terms of the GNU General
19 * Public License, Version 3, as published by the Free Software
20 * Foundation. You should have received a copy of the GNU
21 * General Public License, Version 3 along with this program;
22 * if not, write to the Free Software Foundation, Inc., 51
23 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24 *
25 * 2. For the Magnolia Network Agreement (MNA), this file
26 * and the accompanying materials are made available under the
27 * terms of the MNA which accompanies this distribution, and
28 * is available at http://www.magnolia-cms.com/mna.html
29 *
30 * Any modifications to this file must keep this entire header
31 * intact.
32 *
33 */
34 package info.magnolia.ui.framework.availability.shorthandrules;
35
36 import info.magnolia.cms.security.User;
37 import info.magnolia.cms.security.operations.AccessDefinition;
38 import info.magnolia.context.MgnlContext;
39 import info.magnolia.ui.api.availability.AvailabilityRule;
40
41 import java.util.Collection;
42
43 import org.apache.commons.collections4.CollectionUtils;
44
45 /**
46 * {@link AvailabilityRule} implementation which returns true if current user has any of the specified roles.
47 */
48 public class AccessGrantedRule implements AvailabilityRule {
49
50 public static final String DEFAULT_SUPERUSER_ROLE = "superuser";
51
52 private AccessDefinition accessDefinition;
53
54 public AccessDefinition getAccessDefinition() {
55 return accessDefinition;
56 }
57
58 public void setAccessDefinition(AccessDefinition accessDefinition) {
59 this.accessDefinition = accessDefinition;
60 }
61
62 @Override
63 public boolean isAvailable(Collection<?> itemIds) {
64 User user = MgnlContext.getUser();
65 // Validate that the user has all the required roles
66 Collection<String> userRoles = user.getAllRoles();
67 Collection<String> roles = accessDefinition.getRoles();
68 if (roles.isEmpty() || userRoles.contains(DEFAULT_SUPERUSER_ROLE) || CollectionUtils.containsAny(userRoles, roles)) {
69 return true;
70 }
71 return false;
72 }
73 }