Source code

001/*
002 *  Licensed to the Apache Software Foundation (ASF) under one
003 *  or more contributor license agreements.  See the NOTICE file
004 *  distributed with this work for additional information
005 *  regarding copyright ownership.  The ASF licenses this file
006 *  to you under the Apache License, Version 2.0 (the
007 *  "License"); you may not use this file except in compliance
008 *  with the License.  You may obtain a copy of the License at
009 *
010 *        http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *  Unless required by applicable law or agreed to in writing,
013 *  software distributed under the License is distributed on an
014 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *  KIND, either express or implied.  See the License for the
016 *  specific language governing permissions and limitations
017 *  under the License.
018 */
019
020package org.apache.isis.core.runtime.authorization.standard;
021
022import org.apache.isis.applib.events.UsabilityEvent;
023import org.apache.isis.applib.events.VisibilityEvent;
024import org.apache.isis.core.metamodel.facetapi.Facet;
025import org.apache.isis.core.metamodel.facetapi.FacetAbstract;
026import org.apache.isis.core.metamodel.facetapi.FacetHolder;
027import org.apache.isis.core.metamodel.interactions.UsabilityContext;
028import org.apache.isis.core.metamodel.interactions.VisibilityContext;
029import org.apache.isis.core.runtime.authorization.AuthorizationManager;
030
031public abstract class AuthorizationFacetAbstract extends FacetAbstract implements AuthorizationFacet {
032
033    public static Class<? extends Facet> type() {
034        return AuthorizationFacet.class;
035    }
036
037    private final AuthorizationManager authorizationManager;
038
039    public AuthorizationFacetAbstract(final FacetHolder holder, final AuthorizationManager authorizationManager) {
040        super(type(), holder, Derivation.NOT_DERIVED);
041        this.authorizationManager = authorizationManager;
042    }
043
044    @Override
045    public String hides(final VisibilityContext<? extends VisibilityEvent> ic) {
046        return authorizationManager.isVisible(ic.getSession(), ic.getTarget(), ic.getIdentifier()) ? null : "Not authorized to view";
047    }
048
049    @Override
050    public String disables(final UsabilityContext<? extends UsabilityEvent> ic) {
051        return authorizationManager.isUsable(ic.getSession(), ic.getTarget(), ic.getIdentifier()) ? null : "Not authorized to edit";
052    }
053
054}