All Downloads are FREE. Search and download functionalities are using the official Maven repository.

shz.spring.auth.AbstractAuthService Maven / Gradle / Ivy

There is a newer version: 2023.2.5
Show newest version
package shz.spring.auth;

import shz.core.NullHelp;
import shz.core.msg.ClientFailure;
import shz.spring.session.Session;
import shz.spring.session.SessionHolder;

public abstract class AbstractAuthService implements AuthService {
    @Override
    public final boolean isDba() {
        Session session = SessionHolder.get();
        return session != null && isDba(session.getRoleId());
    }

    @Override
    public final boolean hasApiPermission(Long roleId, long apiId) {
        if (roleId == null || roleId <= 0L) return false;
        return isDba(roleId) || hasApiPermission0(roleId, apiId);
    }

    protected abstract boolean hasApiPermission0(Long roleId, long apiId);

    @Override
    public final boolean hasApiPermission(Long roleId, long... apiIds) {
        if (NullHelp.isEmpty(apiIds)) return true;
        if (roleId == null || roleId <= 0L) return false;
        return isDba(roleId) || hasApiPermission0(roleId, apiIds);
    }

    protected abstract boolean hasApiPermission0(Long roleId, long... apiIds);

    @Override
    public final void checkApiPermission(Long roleId, long apiId) {
        ClientFailure.FORBIDDEN.requireNon(!hasApiPermission(roleId, apiId));
    }

    @Override
    public final void checkApiPermission(Long roleId, long... apiIds) {
        ClientFailure.FORBIDDEN.requireNon(!hasApiPermission(roleId, apiIds));
    }

    @Override
    public final boolean hasRolePermission(Long roleId, int otherRoleLevel) {
        if (roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        return hasRolePermission0(roleLevel, otherRoleLevel);
    }

    protected abstract Integer getRoleLevelById(long roleId);

    private boolean hasRolePermission0(int roleLevel, Integer otherLevel) {
        return otherLevel == null || roleLevel > otherLevel;
    }

    @Override
    public final boolean hasRolePermission(Long roleId, int... otherRoleLevels) {
        if (NullHelp.isEmpty(otherRoleLevels)) return true;
        if (roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        for (int otherRoleLevel : otherRoleLevels) if (!hasRolePermission0(roleLevel, otherRoleLevel)) return false;
        return true;
    }

    @Override
    public final boolean hasRolePermission(Long roleId, long otherId) {
        if (roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        return hasRolePermission0(roleLevel, getRoleLevelById(otherId));
    }

    @Override
    public final boolean hasRolePermission(Long roleId, long... otherIds) {
        if (NullHelp.isEmpty(otherIds)) return true;
        if (roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        for (long otherId : otherIds) if (!hasRolePermission0(roleLevel, getRoleLevelById(otherId))) return false;
        return true;
    }

    @Override
    public final void checkRolePermission(Long roleId, int otherRoleLevel) {
        ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherRoleLevel));
    }

    @Override
    public final void checkRolePermission(Long roleId, int... otherRoleLevels) {
        ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherRoleLevels));
    }

    @Override
    public final void checkRolePermission(Long roleId, long otherId) {
        ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherId));
    }

    @Override
    public final void checkRolePermission(Long roleId, long... otherIds) {
        ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherIds));
    }

    @Override
    public final boolean hasUserPermission(Long userid, Long roleId, long otherId) {
        if (userid == null || userid <= 0L || roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        return hasUserPermission0(userid, roleLevel, otherId);
    }

    private boolean hasUserPermission0(long userid, int roleLevel, long otherId) {
        if (userid == otherId) return true;
        Long otherRoleId = selectRoleIdByUseridAndMaxLevel(otherId);
        return otherRoleId == null || hasRolePermission0(roleLevel, getRoleLevelById(otherRoleId));
    }

    protected abstract Long selectRoleIdByUseridAndMaxLevel(long userid);

    @Override
    public final boolean hasUserPermission(Long userid, Long roleId, long... otherIds) {
        if (NullHelp.isEmpty(otherIds)) return true;
        if (userid == null || userid <= 0L || roleId == null || roleId <= 0L) return false;
        Integer roleLevel = getRoleLevelById(roleId);
        if (roleLevel == null) return false;
        for (long otherId : otherIds) if (!hasUserPermission0(userid, roleLevel, otherId)) return false;
        return true;
    }

    @Override
    public final void checkUserPermission(Long userid, Long roleId, long otherId) {
        ClientFailure.FORBIDDEN.requireNon(!hasUserPermission(userid, roleId, userid));
    }

    @Override
    public final void checkUserPermission(Long userid, Long roleId, long... otherIds) {
        ClientFailure.FORBIDDEN.requireNon(!hasUserPermission(userid, roleId, otherIds));
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy