[GitHub] guacamole-client pull request #319: GUACAMOLE-220: Add database support for ...

Tue, 25 Sep 2018 18:06:02 -0700 

Github user necouchman commented on a diff in the pull request:

    https://github.com/apache/guacamole-client/pull/319#discussion_r220390959
  
    --- Diff: 
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/SystemPermissionService.java
 ---
    @@ -124,39 +129,40 @@ public void 
deletePermissions(ModeledAuthenticatedUser user, ModeledUser targetU
         }
     
         /**
    -     * Retrieves the permission of the given type associated with the given
    -     * user, if it exists. If no such permission exists, null is returned.
    +     * Retrieves whether the permission of the given type has been granted 
to
    +     * the given entity. Permission inheritance through group membership is
    +     * taken into account.
          *
          * @param user
          *     The user retrieving the permission.
          *
    -     * @param targetUser
    -     *     The user associated with the permission to be retrieved.
    +     * @param targetEntity
    +     *     The entity associated with the permission to be retrieved.
          * 
          * @param type
          *     The type of permission to retrieve.
          *
    +     * @param effectiveGroups
    +     *     The identifiers of all groups that should be taken into account
    +     *     when determining the permissions effectively granted to the 
user. If
    +     *     no groups are given, only permissions directly granted to the 
user
    +     *     will be used.
    +     *
          * @return
    -     *     The permission of the given type associated with the given 
user, or
    -     *     null if no such permission exists.
    +     *     true if permission of the given type has been granted to the 
given
    +     *     user, false otherwise.
          *
          * @throws GuacamoleException
          *     If an error occurs while retrieving the requested permission.
          */
    -    public SystemPermission retrievePermission(ModeledAuthenticatedUser 
user,
    -            ModeledUser targetUser, SystemPermission.Type type) throws 
GuacamoleException {
    +    public boolean hasPermission(ModeledAuthenticatedUser user,
    +            ModeledPermissions<? extends EntityModel> targetEntity,
    +            SystemPermission.Type type, Set<String> effectiveGroups)
    +            throws GuacamoleException {
     
             // Retrieve permissions only if allowed
    -        if (canReadPermissions(user, targetUser)) {
    -
    -            // Read permission from database, return null if not found
    -            SystemPermissionModel model = 
getPermissionMapper().selectOne(targetUser.getModel(), type);
    -            if (model == null)
    -                return null;
    -
    -            return getPermissionInstance(model);
    -
    -        }
    +        if (canReadPermissions(user, targetEntity))
    +            return 
getPermissionMapper().selectOne(targetEntity.getModel(), type, effectiveGroups) 
!= null;
     
             // User cannot read this user's permissions
    --- End diff --
    
    user's -> entity's


---

Reply via email to