From ecd4c289311c463a60d350b383aba8473bd9ec0b Mon Sep 17 00:00:00 2001 From: Timm Fitschen <timm.fitschen@ds.mpg.de> Date: Mon, 10 Dec 2018 23:13:12 +0100 Subject: [PATCH] STY: formatting --- .../server/jobs/extension/AWIBoxLoan.java | 36 ++++++++++++------- .../permissions/AbstractEntityACLFactory.java | 21 ++++------- .../caosdb/server/permissions/EntityACL.java | 10 +++--- .../java/caosdb/server/permissions/Role.java | 2 +- 4 files changed, 38 insertions(+), 31 deletions(-) diff --git a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java index 962b4a4d..9255a351 100644 --- a/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java +++ b/src/main/java/caosdb/server/jobs/extension/AWIBoxLoan.java @@ -1,9 +1,7 @@ package caosdb.server.jobs.extension; import static caosdb.server.permissions.Role.ANONYMOUS_ROLE; -import java.util.HashSet; -import java.util.List; -import java.util.Set; + import caosdb.server.CaosDBServer; import caosdb.server.accessControl.UserSources; import caosdb.server.entity.Entity; @@ -25,6 +23,9 @@ import caosdb.server.transaction.Update; import caosdb.server.utils.EntityStatus; import caosdb.server.utils.ServerMessages; import caosdb.server.utils.Utils; +import java.util.HashSet; +import java.util.List; +import java.util.Set; @JobAnnotation(transaction = caosdb.server.transaction.WriteTransaction.class, loadAlways = true) public class AWIBoxLoan extends ContainerJob { @@ -34,8 +35,12 @@ public class AWIBoxLoan extends ContainerJob { private static final Message BOX_HAS_LOAN = new Message( "This box cannot be be requested right now because it appears to have a Loan property attached to it. This usually means, that the box is already requested or borrowed by someone."); - private static final Message PROPERTY_NOT_ALLOWED_REQUEST_RETURN = new Message("It is not allowed to update this property during a return request as an anonymous user."); - private static final Message MULTIPLE_PROPERTIES = new Message("This property appears multiple times in this return request and is marked for an update. This is not allowed for an anonymous user."); + private static final Message PROPERTY_NOT_ALLOWED_REQUEST_RETURN = + new Message( + "It is not allowed to update this property during a return request as an anonymous user."); + private static final Message MULTIPLE_PROPERTIES = + new Message( + "This property appears multiple times in this return request and is marked for an update. This is not allowed for an anonymous user."); @Override protected void run() { @@ -48,9 +53,9 @@ public class AWIBoxLoan extends ContainerJob { addError(ServerMessages.AUTHORIZATION_ERROR); return; } - + // special ACL for boxes, loans and persons - if(getTransaction() instanceof Insert){ + if (getTransaction() instanceof Insert) { for (EntityInterface e : getContainer()) { if (isBoxRecord(e)) { e.setEntityACL(EntityACL.combine(e.getEntityACL(), getBoxACL())); @@ -249,19 +254,22 @@ public class AWIBoxLoan extends ContainerJob { /** Is Record an has single box parent. */ boolean isBoxRecord(EntityInterface e) { - return e.getRole() == Role.Record && e.getParents().size() == 1 + return e.getRole() == Role.Record + && e.getParents().size() == 1 && retrieveValidIDByName(e.getParents().get(0).getName()) == getBoxId(); } /** Is Record and has single loan parent */ private boolean isLoanRecord(EntityInterface e) { - return e.getRole() == Role.Record && e.getParents().size() == 1 + return e.getRole() == Role.Record + && e.getParents().size() == 1 && retrieveValidIDByName(e.getParents().get(0).getName()) == getLoanId(); } /** * Has only 5/6 new/updated properties: content, returnRequested, destination, Borrower, comment * (optional), location - * @throws Message + * + * @throws Message */ boolean hasOnlyAllowedLoanProperties4RequestReturn(EntityInterface e) { runJobFromSchedule(e, CheckPropValid.class); @@ -269,12 +277,16 @@ public class AWIBoxLoan extends ContainerJob { Set<Integer> found = new HashSet<>(); for (Property p : e.getProperties()) { if (p.getEntityStatus() == EntityStatus.QUALIFIED) { // this means update - if(found.contains(p.getId())){ + if (found.contains(p.getId())) { p.addError(MULTIPLE_PROPERTIES); return false; } found.add(p.getId()); - if (!(p.getId() == getContentId()|| p.getId() == getDestinationId() || p.getId() == getBorrowerId() || p.getId() == getCommentId() || p.getId() == getLocationId())) { + if (!(p.getId() == getContentId() + || p.getId() == getDestinationId() + || p.getId() == getBorrowerId() + || p.getId() == getCommentId() + || p.getId() == getLocationId())) { p.addError(PROPERTY_NOT_ALLOWED_REQUEST_RETURN); return false; // this is not a property which may be updated by anonymous. } diff --git a/src/main/java/caosdb/server/permissions/AbstractEntityACLFactory.java b/src/main/java/caosdb/server/permissions/AbstractEntityACLFactory.java index 6460cb34..5d817471 100644 --- a/src/main/java/caosdb/server/permissions/AbstractEntityACLFactory.java +++ b/src/main/java/caosdb/server/permissions/AbstractEntityACLFactory.java @@ -31,14 +31,10 @@ import java.util.Map.Entry; public abstract class AbstractEntityACLFactory<T extends EntityACL> { - private final Map<ResponsibleAgent, Long> normalGrants = - new HashMap<>(); - private final Map<ResponsibleAgent, Long> priorityGrants = - new HashMap<>(); - private final Map<ResponsibleAgent, Long> normalDenials = - new HashMap<>(); - private final Map<ResponsibleAgent, Long> priorityDenials = - new HashMap<>(); + private final Map<ResponsibleAgent, Long> normalGrants = new HashMap<>(); + private final Map<ResponsibleAgent, Long> priorityGrants = new HashMap<>(); + private final Map<ResponsibleAgent, Long> normalDenials = new HashMap<>(); + private final Map<ResponsibleAgent, Long> priorityDenials = new HashMap<>(); public void grant(final ResponsibleAgent role, final int... permissionBitNumber) { grant(role, false, permissionBitNumber); @@ -183,8 +179,7 @@ public abstract class AbstractEntityACLFactory<T extends EntityACL> { set.getKey(), this.normalDenials.get(set.getKey()) & ~set.getValue()); } if (this.normalGrants.containsKey(set.getKey())) { - this.normalGrants.put( - set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); + this.normalGrants.put(set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); } } for (final Entry<ResponsibleAgent, Long> set : this.priorityGrants.entrySet()) { @@ -193,14 +188,12 @@ public abstract class AbstractEntityACLFactory<T extends EntityACL> { set.getKey(), this.normalDenials.get(set.getKey()) & ~set.getValue()); } if (this.normalGrants.containsKey(set.getKey())) { - this.normalGrants.put( - set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); + this.normalGrants.put(set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); } } for (final Entry<ResponsibleAgent, Long> set : this.normalDenials.entrySet()) { if (this.normalGrants.containsKey(set.getKey())) { - this.normalGrants.put( - set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); + this.normalGrants.put(set.getKey(), this.normalGrants.get(set.getKey()) & ~set.getValue()); } } } diff --git a/src/main/java/caosdb/server/permissions/EntityACL.java b/src/main/java/caosdb/server/permissions/EntityACL.java index 154c2bf7..86346bdf 100644 --- a/src/main/java/caosdb/server/permissions/EntityACL.java +++ b/src/main/java/caosdb/server/permissions/EntityACL.java @@ -24,6 +24,10 @@ package caosdb.server.permissions; import static caosdb.server.permissions.Role.OTHER_ROLE; import static caosdb.server.permissions.Role.OWNER_ROLE; + +import caosdb.server.accessControl.AuthenticationUtils; +import caosdb.server.accessControl.Principal; +import caosdb.server.database.exceptions.TransactionException; import java.util.ArrayList; import java.util.BitSet; import java.util.Collection; @@ -36,9 +40,6 @@ import org.apache.shiro.subject.Subject; import org.eclipse.jetty.util.ajax.JSON; import org.jdom2.DataConversionException; import org.jdom2.Element; -import caosdb.server.accessControl.AuthenticationUtils; -import caosdb.server.accessControl.Principal; -import caosdb.server.database.exceptions.TransactionException; public class EntityACL { @@ -153,7 +154,8 @@ public class EntityACL { private static boolean subjectIsOwner( final Subject subject, final List<ResponsibleAgent> owners) { for (final ResponsibleAgent owner : owners) { - if ((owner instanceof Role && subject.hasRole(owner.toString())) || (owner instanceof Principal && subject.getPrincipal().equals(owner))) { + if ((owner instanceof Role && subject.hasRole(owner.toString())) + || (owner instanceof Principal && subject.getPrincipal().equals(owner))) { return true; } } diff --git a/src/main/java/caosdb/server/permissions/Role.java b/src/main/java/caosdb/server/permissions/Role.java index 95ce7289..70e1a61f 100644 --- a/src/main/java/caosdb/server/permissions/Role.java +++ b/src/main/java/caosdb/server/permissions/Role.java @@ -22,10 +22,10 @@ */ package caosdb.server.permissions; +import caosdb.server.accessControl.UserSources; import java.util.HashMap; import org.jdom2.Attribute; import org.jdom2.Element; -import caosdb.server.accessControl.UserSources; public class Role implements ResponsibleAgent { -- GitLab