View Javadoc
1   /*
2    * This file is part of ***  M y C o R e  ***
3    * See http://www.mycore.de/ for details.
4    *
5    * MyCoRe is free software: you can redistribute it and/or modify
6    * it under the terms of the GNU General Public License as published by
7    * the Free Software Foundation, either version 3 of the License, or
8    * (at your option) any later version.
9    *
10   * MyCoRe is distributed in the hope that it will be useful,
11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   * GNU General Public License for more details.
14   *
15   * You should have received a copy of the GNU General Public License
16   * along with MyCoRe.  If not, see <http://www.gnu.org/licenses/>.
17   */
18  
19  package org.mycore.mcr.acl.accesskey.strategy;
20  
21  import static org.mycore.access.MCRAccessManager.PERMISSION_PREVIEW;
22  import static org.mycore.access.MCRAccessManager.PERMISSION_READ;
23  import static org.mycore.access.MCRAccessManager.PERMISSION_VIEW;
24  import static org.mycore.access.MCRAccessManager.PERMISSION_WRITE;
25  
26  import java.util.Date;
27  
28  import org.apache.logging.log4j.LogManager;
29  import org.apache.logging.log4j.Logger;
30  import org.mycore.mcr.acl.accesskey.model.MCRAccessKey;
31  
32  public class MCRAccessKeyStrategyHelper {
33  
34      private static final Logger LOGGER = LogManager.getLogger();
35  
36      /**
37       * maps view and preview permission to read
38       *
39       * @param permission permission
40       * @return (sanitized) permission
41       */
42      protected static String sanitizePermission(final String permission) {
43          if (PERMISSION_VIEW.equals(permission) || PERMISSION_PREVIEW.equals(permission)) {
44              LOGGER.debug("Mapped {} to read.", permission);
45              return PERMISSION_READ;
46          }
47          return permission;
48      }
49  
50      /**
51       * verifies {@link MCRAccessKey} for permission.
52       *
53       * @param permission permission type
54       * @param accessKey the {@link MCRAccessKey}
55       * @return true if valid, otherwise false
56       */
57      public static boolean verifyAccessKey(final String permission, final MCRAccessKey accessKey) {
58          final String sanitizedPermission = sanitizePermission(permission);
59          if (PERMISSION_READ.equals(sanitizedPermission) || PERMISSION_WRITE.equals(sanitizedPermission)) {
60              if (Boolean.FALSE.equals(accessKey.getIsActive())) {
61                  return false;
62              }
63              final Date expiration = accessKey.getExpiration();
64              if (expiration != null && new Date().after(expiration)) {
65                  return false;
66              }
67              if ((sanitizedPermission.equals(PERMISSION_READ)
68                  && accessKey.getType().equals(PERMISSION_READ))
69                  || accessKey.getType().equals(PERMISSION_WRITE)) {
70                  LOGGER.debug("Access granted.");
71                  return true;
72              }
73          }
74          return false;
75      }
76  }