- IE window.open does not support base href tag. Fixed.
This commit is contained in:
Paulo Gustavo Veiga
@@ -1,67 +1,66 @@
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import com.wisemapping.model.Collaborator;
|
||||
import com.wisemapping.model.MindMap;
|
||||
import com.wisemapping.model.User;
|
||||
import com.wisemapping.exceptions.AccessDeniedSecurityException;
|
||||
import com.wisemapping.exceptions.UnexpectedArgumentException;
|
||||
import com.wisemapping.security.Utils;
|
||||
import com.wisemapping.service.MindmapService;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public abstract class BaseSecurityAdvice {
|
||||
private MindmapService mindmapService = null;
|
||||
|
||||
public void checkRole(MethodInvocation methodInvocation) throws UnexpectedArgumentException, AccessDeniedSecurityException {
|
||||
final User user = Utils.getUser();
|
||||
final Object argument = methodInvocation.getArguments()[0];
|
||||
boolean isAllowed;
|
||||
|
||||
if (argument instanceof MindMap) {
|
||||
isAllowed = isAllowed(user, (MindMap) argument);
|
||||
} else if (argument instanceof Integer) {
|
||||
isAllowed = isAllowed(user, ((Integer) argument));
|
||||
} else if (argument instanceof Collaborator) {
|
||||
// Read operation find on the user are allowed ...
|
||||
isAllowed = user.equals(argument);
|
||||
} else {
|
||||
throw new UnexpectedArgumentException("Argument " + argument);
|
||||
}
|
||||
|
||||
if (!isAllowed) {
|
||||
throw new AccessDeniedSecurityException("User '" + (user != null ? user.getEmail() : "none") + "' not allowed to invoke:" + methodInvocation);
|
||||
}
|
||||
}
|
||||
|
||||
protected abstract boolean isAllowed(@Nullable User user, MindMap map);
|
||||
|
||||
protected abstract boolean isAllowed(@Nullable User user, int mapId);
|
||||
|
||||
protected MindmapService getMindmapService() {
|
||||
return mindmapService;
|
||||
}
|
||||
|
||||
public void setMindmapService(MindmapService service) {
|
||||
this.mindmapService = service;
|
||||
}
|
||||
}
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import com.wisemapping.model.Collaborator;
|
||||
import com.wisemapping.model.Mindmap;
|
||||
import com.wisemapping.model.User;
|
||||
import com.wisemapping.exceptions.AccessDeniedSecurityException;
|
||||
import com.wisemapping.exceptions.UnexpectedArgumentException;
|
||||
import com.wisemapping.security.Utils;
|
||||
import com.wisemapping.service.MindmapService;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public abstract class BaseSecurityAdvice {
|
||||
private MindmapService mindmapService = null;
|
||||
|
||||
public void checkRole(MethodInvocation methodInvocation) throws UnexpectedArgumentException, AccessDeniedSecurityException {
|
||||
final User user = Utils.getUser();
|
||||
final Object argument = methodInvocation.getArguments()[0];
|
||||
boolean isAllowed;
|
||||
|
||||
if (argument instanceof Mindmap) {
|
||||
isAllowed = isAllowed(user, (Mindmap) argument);
|
||||
} else if (argument instanceof Integer) {
|
||||
isAllowed = isAllowed(user, ((Integer) argument));
|
||||
} else if (argument instanceof Collaborator) {
|
||||
// Read operation find on the user are allowed ...
|
||||
isAllowed = user.equals(argument);
|
||||
} else {
|
||||
throw new UnexpectedArgumentException("Argument " + argument);
|
||||
}
|
||||
|
||||
if (!isAllowed) {
|
||||
throw new AccessDeniedSecurityException("User '" + (user != null ? user.getEmail() : "none") + "' not allowed to invoke:" + methodInvocation);
|
||||
}
|
||||
}
|
||||
|
||||
protected abstract boolean isAllowed(@Nullable User user, Mindmap map);
|
||||
|
||||
protected abstract boolean isAllowed(@Nullable User user, int mapId);
|
||||
|
||||
protected MindmapService getMindmapService() {
|
||||
return mindmapService;
|
||||
}
|
||||
|
||||
public void setMindmapService(MindmapService service) {
|
||||
this.mindmapService = service;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,53 +1,53 @@
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import com.wisemapping.model.CollaborationRole;
|
||||
import com.wisemapping.model.User;
|
||||
import com.wisemapping.model.MindMap;
|
||||
|
||||
import org.aopalliance.intercept.MethodInterceptor;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public class UpdateSecurityAdvise
|
||||
extends BaseSecurityAdvice
|
||||
implements MethodInterceptor {
|
||||
|
||||
public Object invoke(MethodInvocation methodInvocation) throws Throwable {
|
||||
checkRole(methodInvocation);
|
||||
return methodInvocation.proceed();
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, @NotNull MindMap map) {
|
||||
boolean result;
|
||||
if (map.getCreator() == null) {
|
||||
// This means that the map is new and is an add operation.
|
||||
result = true;
|
||||
} else {
|
||||
result = getMindmapService().hasPermissions(user, map, CollaborationRole.EDITOR);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, int mapId) {
|
||||
return getMindmapService().hasPermissions(user, mapId, CollaborationRole.EDITOR);
|
||||
}
|
||||
}
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import com.wisemapping.model.CollaborationRole;
|
||||
import com.wisemapping.model.Mindmap;
|
||||
import com.wisemapping.model.User;
|
||||
|
||||
import org.aopalliance.intercept.MethodInterceptor;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public class UpdateSecurityAdvise
|
||||
extends BaseSecurityAdvice
|
||||
implements MethodInterceptor {
|
||||
|
||||
public Object invoke(MethodInvocation methodInvocation) throws Throwable {
|
||||
checkRole(methodInvocation);
|
||||
return methodInvocation.proceed();
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, @NotNull Mindmap map) {
|
||||
boolean result;
|
||||
if (map.getCreator() == null) {
|
||||
// This means that the map is new and is an add operation.
|
||||
result = true;
|
||||
} else {
|
||||
result = getMindmapService().hasPermissions(user, map, CollaborationRole.EDITOR);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, int mapId) {
|
||||
return getMindmapService().hasPermissions(user, mapId, CollaborationRole.EDITOR);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,45 +1,45 @@
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import org.aopalliance.intercept.MethodInterceptor;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import com.wisemapping.model.CollaborationRole;
|
||||
import com.wisemapping.model.User;
|
||||
import com.wisemapping.model.MindMap;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public class ViewBaseSecurityAdvise
|
||||
extends BaseSecurityAdvice
|
||||
implements MethodInterceptor {
|
||||
|
||||
public Object invoke(@NotNull MethodInvocation methodInvocation) throws Throwable {
|
||||
checkRole(methodInvocation);
|
||||
return methodInvocation.proceed();
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, MindMap map) {
|
||||
return getMindmapService().hasPermissions(user, map, CollaborationRole.VIEWER);
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, int mapId) {
|
||||
return getMindmapService().hasPermissions(user, mapId, CollaborationRole.VIEWER);
|
||||
}
|
||||
}
|
||||
/*
|
||||
* Copyright [2011] [wisemapping]
|
||||
*
|
||||
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
|
||||
* It is basically the Apache License, Version 2.0 (the "License") plus the
|
||||
* "powered by wisemapping" text requirement on every single page;
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the license at
|
||||
*
|
||||
* http://www.wisemapping.org/license
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.wisemapping.security.aop;
|
||||
|
||||
import com.wisemapping.model.Mindmap;
|
||||
import org.aopalliance.intercept.MethodInterceptor;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import com.wisemapping.model.CollaborationRole;
|
||||
import com.wisemapping.model.User;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.jetbrains.annotations.Nullable;
|
||||
|
||||
public class ViewBaseSecurityAdvise
|
||||
extends BaseSecurityAdvice
|
||||
implements MethodInterceptor {
|
||||
|
||||
public Object invoke(@NotNull MethodInvocation methodInvocation) throws Throwable {
|
||||
checkRole(methodInvocation);
|
||||
return methodInvocation.proceed();
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, Mindmap map) {
|
||||
return getMindmapService().hasPermissions(user, map, CollaborationRole.VIEWER);
|
||||
}
|
||||
|
||||
protected boolean isAllowed(@Nullable User user, int mapId) {
|
||||
return getMindmapService().hasPermissions(user, mapId, CollaborationRole.VIEWER);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user