Privileges.java
package edu.rit.coopeval.authentication.beans;
import edu.rit.coopeval.model.Evaluation;
import org.apache.log4j.Logger;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.List;
/**
* Created by Tyler on 2/23/15.
*/
public class Privileges {
protected static Logger logger = Logger.getLogger(Privileges.class);
public boolean canGetStudentOverview(HttpSession session, HttpServletResponse response) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case STUDENT:
return true;
case ADMIN:
return true;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canGetEmployerOverview(HttpSession session)throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case EMPLOYER:
return true;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canGetStudentEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case STUDENT:
if(canStudentAccessEvaluation(evaluation, currentUser.getUid())){
return true;
}
break;
case DEPARTMENT:
if(this.canDepartmentUserAccessEvaluation(evaluation, currentUser.getDepartments())){
return true;
}
break;
case ADMIN:
return true;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canGetEmployerEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case STUDENT:
if(this.canStudentAccessEvaluation(evaluation, currentUser.getUid()) &&
this.isEvaluationSubmitted(evaluation)){
return true;
}
break;
case DEPARTMENT:
if(this.canDepartmentUserAccessEvaluation(evaluation, currentUser.getDepartments())){
return true;
};
break;
case EMPLOYER:
if(this.canEmployerAccessEvaluation(evaluation, currentUser.getUserName())){
return true;
}
break;
case ADMIN:
return true;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canSaveEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case STUDENT:
if(this.canStudentAccessEvaluation(evaluation, currentUser.getUid()) &&
!this.isEvaluationSubmitted(evaluation) && !this.isEvaluationPending(evaluation) &&
!this.isEvaluationArchived(evaluation)){
return true;
}
break;
case EMPLOYER:
if(this.canEmployerAccessEvaluation(evaluation, currentUser.getUserName()) &&
!this.isEvaluationSubmitted(evaluation) && !this.isEvaluationPending(evaluation) &&
!this.isEvaluationArchived(evaluation)){
return true;
}
break;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canSubmittedEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case STUDENT:
if(this.canStudentAccessEvaluation(evaluation, currentUser.getUid()) &&
!this.isEvaluationSubmitted(evaluation) && !this.isEvaluationPending(evaluation) &&
!this.isEvaluationArchived(evaluation)){
return true;
}
break;
case EMPLOYER:
if(this.canEmployerAccessEvaluation(evaluation, currentUser.getUserName()) &&
!this.isEvaluationSubmitted(evaluation) && !this.isEvaluationPending(evaluation) &&
!this.isEvaluationArchived(evaluation)){
return true;
}
break;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canAcceptEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
boolean canAccess = false;
switch (currentUser.getAccountType()) {
case DEPARTMENT:
if( this.canDepartmentUserAccessEvaluation(evaluation, currentUser.getDepartments()) &&
!this.isEvaluationAlreadyApproved(evaluation) ){
return true;
}
break;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
public boolean canRejectEval(HttpSession session, Evaluation evaluation) throws UnauthorizedException{
User currentUser = (User) session.getAttribute("currentUser");
switch (currentUser.getAccountType()) {
case DEPARTMENT:
if( this.canDepartmentUserAccessEvaluation(evaluation, currentUser.getDepartments()) &&
!this.isEvaluationAlreadyApproved(evaluation) ){
return true;
}
break;
}
throw new UnauthorizedException("User is unauthorized to perform this action");
}
private boolean canDepartmentUserAccessEvaluation(Evaluation evaluation, List<String> departments){
boolean canAccess = false;
for(String departmentCode : departments){
if(evaluation.getDepartmentByDepartmentId().getDepartmentCode().equals(departmentCode)){
return true;
}
}
return canAccess;
}
private boolean canStudentAccessEvaluation(Evaluation evaluation, String Uid){
boolean canAccess = false;
if(Uid.equals(evaluation.getStudentUid())){
canAccess = true;
}
return canAccess;
}
private boolean canEmployerAccessEvaluation(Evaluation evaluation, String username){
boolean canAccess = false;
if(username.equals(evaluation.getEmployerUserByEmployerUserId().getEmployerEmail())){
canAccess = true;
}
return canAccess;
}
private boolean isEvaluationSubmitted(Evaluation evaluation){
return evaluation.getEvaluationStatusByEmployerEvaluationStatusId().getName().equals("Submitted");
}
private boolean isEvaluationArchived(Evaluation evaluation){
return evaluation.getEvaluationStatusByEmployerEvaluationStatusId().getName().equals("Archived");
}
private boolean isEvaluationPending(Evaluation evaluation){
return evaluation.getEvaluationStatusByEmployerEvaluationStatusId().getName().equals("Pending");
}
private boolean isEvaluationAlreadyApproved(Evaluation evaluation){
return evaluation.getEvaluationApprovalByEvaluationId()
.getEvaluationApprovalStatusByEvaluationApprovalStatusId().getName().equals("Accepted");
}
private void sendErrorResponse(boolean canAccess, HttpServletResponse response){
if(!canAccess){
try {
response.sendError(response.SC_UNAUTHORIZED);
} catch (Exception ex) {
logger.error(ex);
}
}
}
}