shz.spring.auth.AbstractAuthService Maven / Gradle / Ivy
package shz.spring.auth;
import shz.core.NullHelp;
import shz.core.msg.ClientFailure;
import shz.spring.session.Session;
import shz.spring.session.SessionHolder;
public abstract class AbstractAuthService implements AuthService {
@Override
public final boolean isDba() {
Session session = SessionHolder.get();
return session != null && isDba(session.getRoleId());
}
@Override
public final boolean hasApiPermission(Long roleId, long apiId) {
if (roleId == null || roleId <= 0L) return false;
return isDba(roleId) || hasApiPermission0(roleId, apiId);
}
protected abstract boolean hasApiPermission0(Long roleId, long apiId);
@Override
public final boolean hasApiPermission(Long roleId, long... apiIds) {
if (NullHelp.isEmpty(apiIds)) return true;
if (roleId == null || roleId <= 0L) return false;
return isDba(roleId) || hasApiPermission0(roleId, apiIds);
}
protected abstract boolean hasApiPermission0(Long roleId, long... apiIds);
@Override
public final void checkApiPermission(Long roleId, long apiId) {
ClientFailure.FORBIDDEN.requireNon(!hasApiPermission(roleId, apiId));
}
@Override
public final void checkApiPermission(Long roleId, long... apiIds) {
ClientFailure.FORBIDDEN.requireNon(!hasApiPermission(roleId, apiIds));
}
@Override
public final boolean hasRolePermission(Long roleId, int otherRoleLevel) {
if (roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
return hasRolePermission0(roleLevel, otherRoleLevel);
}
protected abstract Integer getRoleLevelById(long roleId);
private boolean hasRolePermission0(int roleLevel, Integer otherLevel) {
return otherLevel == null || roleLevel > otherLevel;
}
@Override
public final boolean hasRolePermission(Long roleId, int... otherRoleLevels) {
if (NullHelp.isEmpty(otherRoleLevels)) return true;
if (roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
for (int otherRoleLevel : otherRoleLevels) if (!hasRolePermission0(roleLevel, otherRoleLevel)) return false;
return true;
}
@Override
public final boolean hasRolePermission(Long roleId, long otherId) {
if (roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
return hasRolePermission0(roleLevel, getRoleLevelById(otherId));
}
@Override
public final boolean hasRolePermission(Long roleId, long... otherIds) {
if (NullHelp.isEmpty(otherIds)) return true;
if (roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
for (long otherId : otherIds) if (!hasRolePermission0(roleLevel, getRoleLevelById(otherId))) return false;
return true;
}
@Override
public final void checkRolePermission(Long roleId, int otherRoleLevel) {
ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherRoleLevel));
}
@Override
public final void checkRolePermission(Long roleId, int... otherRoleLevels) {
ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherRoleLevels));
}
@Override
public final void checkRolePermission(Long roleId, long otherId) {
ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherId));
}
@Override
public final void checkRolePermission(Long roleId, long... otherIds) {
ClientFailure.FORBIDDEN.requireNon(!hasRolePermission(roleId, otherIds));
}
@Override
public final boolean hasUserPermission(Long userid, Long roleId, long otherId) {
if (userid == null || userid <= 0L || roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
return hasUserPermission0(userid, roleLevel, otherId);
}
private boolean hasUserPermission0(long userid, int roleLevel, long otherId) {
if (userid == otherId) return true;
Long otherRoleId = selectRoleIdByUseridAndMaxLevel(otherId);
return otherRoleId == null || hasRolePermission0(roleLevel, getRoleLevelById(otherRoleId));
}
protected abstract Long selectRoleIdByUseridAndMaxLevel(long userid);
@Override
public final boolean hasUserPermission(Long userid, Long roleId, long... otherIds) {
if (NullHelp.isEmpty(otherIds)) return true;
if (userid == null || userid <= 0L || roleId == null || roleId <= 0L) return false;
Integer roleLevel = getRoleLevelById(roleId);
if (roleLevel == null) return false;
for (long otherId : otherIds) if (!hasUserPermission0(userid, roleLevel, otherId)) return false;
return true;
}
@Override
public final void checkUserPermission(Long userid, Long roleId, long otherId) {
ClientFailure.FORBIDDEN.requireNon(!hasUserPermission(userid, roleId, userid));
}
@Override
public final void checkUserPermission(Long userid, Long roleId, long... otherIds) {
ClientFailure.FORBIDDEN.requireNon(!hasUserPermission(userid, roleId, otherIds));
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy