Example 1 with TreeCleaningStrategy
use of org.orcid.core.tree.TreeCleaningStrategy in project ORCID-Source by ORCID.
the class VisibilityFilterImpl method filter.
/**
* Remove the elements that are not present in the list of set of
* {@link org.orcid.jaxb.model.message .Visibility}s present in the array
* passed in.
*
* @param messageToBeFiltered
* the {@link org.orcid.jaxb.model.message.OrcidMessage} that
* will be traversed looking for
* {@link org .orcid.jaxb.model.message.VisibilityType} elements.
* @param source
* The orcid source that is executing the request
* @param removeAttribute
* should all {@link org.orcid.jaxb.model.message.Visibility}
* elements be removed from the object graph. This has the effect
* that they will not be present in the resulting JAXB
* serialisation.
* @param visibilities
* What {@link org.orcid.jaxb.model.message.Visibility} elements
* should be allowed.
* @return the cleansed {@link org.orcid.jaxb.model.message.OrcidMessage}
*/
@Override
public OrcidMessage filter(OrcidMessage messageToBeFiltered, final String sourceId, final boolean allowPrivateWorks, final boolean allowPrivateFunding, final boolean allowPrivateAffiliations, Visibility... visibilities) {
if (messageToBeFiltered == null || visibilities == null || visibilities.length == 0) {
return null;
}
String messageIdForLog = getMessageIdForLog(messageToBeFiltered);
LOGGER.debug("About to filter message: " + messageIdForLog);
final Set<Visibility> visibilitySet = new HashSet<Visibility>(Arrays.asList(visibilities));
if (visibilitySet.contains(Visibility.SYSTEM)) {
return messageToBeFiltered;
} else {
TreeCleaner treeCleaner = new TreeCleaner();
treeCleaner.clean(messageToBeFiltered, new TreeCleaningStrategy() {
public TreeCleaningDecision needsStripping(Object obj) {
TreeCleaningDecision decision = TreeCleaningDecision.DEFAULT;
if (obj != null) {
Class<?> clazz = obj.getClass();
if (!PojoUtil.isEmpty(sourceId)) {
if (allowPrivateAffiliations && Affiliation.class.isAssignableFrom(clazz)) {
Affiliation affiliation = (Affiliation) obj;
Source source = affiliation.getSource();
if (source != null) {
String sourcePath = source.retrieveSourcePath();
if (sourcePath != null) {
if (sourceId.equals(sourcePath)) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
} else if (allowPrivateFunding && Funding.class.isAssignableFrom(clazz)) {
Funding funding = (Funding) obj;
Source source = funding.getSource();
if (source != null) {
String sourcePath = source.retrieveSourcePath();
if (sourcePath != null) {
if (sourceId.equals(sourcePath)) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
} else if (allowPrivateWorks && OrcidWork.class.isAssignableFrom(clazz)) {
OrcidWork work = (OrcidWork) obj;
Source source = work.getSource();
if (source != null) {
if (sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
}
// fields are inside the country element
if (Address.class.isAssignableFrom(clazz)) {
Address address = (Address) obj;
// Remove empty addresses
if (address.getCountry() == null) {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
} else {
Country country = address.getCountry();
// Allow public addresses
if (Visibility.PUBLIC.equals(country.getVisibility())) {
decision = TreeCleaningDecision.IGNORE;
} else if (visibilitySet.contains(Visibility.LIMITED)) {
// Allow limited visibility when possible
if (Visibility.LIMITED.equals(country.getVisibility())) {
decision = TreeCleaningDecision.IGNORE;
} else {
// As last resource, check the source
Source source = country.getSource();
if (source != null && sourceId != null && sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
} else {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
}
}
}
}
}
if (Email.class.isAssignableFrom(clazz)) {
// include all emails if present
try {
Authentication authentication = getAuthentication();
if (authentication != null && messageToBeFiltered.getOrcidProfile() != null) {
permissionChecker.checkPermissions(getAuthentication(), ScopePathType.EMAIL_READ_PRIVATE, messageToBeFiltered.getOrcidProfile().retrieveOrcidPath());
decision = TreeCleaningDecision.IGNORE;
}
} catch (AccessControlException e) {
// private email can't be read, do nothing here
}
}
// that implements PrivateVisibleToSource
if (sourceId != null)
if (PrivateVisibleToSource.class.isAssignableFrom(clazz) && visibilitySet.contains(Visibility.LIMITED)) {
Source source = ((PrivateVisibleToSource) obj).getSource();
if (source != null) {
if (sourceId.equals(source.retrieveSourcePath())) {
decision = TreeCleaningDecision.IGNORE;
}
}
}
if (TreeCleaningDecision.DEFAULT.equals(decision)) {
if (WorkContributors.class.isAssignableFrom(clazz)) {
decision = TreeCleaningDecision.IGNORE;
} else if (VisibilityType.class.isAssignableFrom(clazz)) {
VisibilityType visibilityType = (VisibilityType) obj;
if ((visibilityType.getVisibility() == null || !visibilitySet.contains(visibilityType.getVisibility()))) {
decision = TreeCleaningDecision.CLEANING_REQUIRED;
}
}
}
}
return decision;
}
});
OrcidProfile orcidProfile = messageToBeFiltered.getOrcidProfile();
if (orcidProfile != null) {
orcidProfile.setOrcidInternal(null);
}
LOGGER.debug("Finished filtering message: " + messageIdForLog);
return messageToBeFiltered;
}
}
Also used :
Email(org.orcid.jaxb.model.message.Email)
Address(org.orcid.jaxb.model.message.Address)
Funding(org.orcid.jaxb.model.message.Funding)
WorkContributors(org.orcid.jaxb.model.message.WorkContributors)
TreeCleaner(org.orcid.core.tree.TreeCleaner)
OrcidWork(org.orcid.jaxb.model.message.OrcidWork)
AccessControlException(java.security.AccessControlException)
PrivateVisibleToSource(org.orcid.jaxb.model.message.PrivateVisibleToSource)
Source(org.orcid.jaxb.model.message.Source)
TreeCleaningDecision(org.orcid.core.tree.TreeCleaningDecision)
OrcidProfile(org.orcid.jaxb.model.message.OrcidProfile)
PrivateVisibleToSource(org.orcid.jaxb.model.message.PrivateVisibleToSource)
VisibilityType(org.orcid.jaxb.model.message.VisibilityType)
Authentication(org.springframework.security.core.Authentication)
Country(org.orcid.jaxb.model.message.Country)
Visibility(org.orcid.jaxb.model.message.Visibility)
TreeCleaningStrategy(org.orcid.core.tree.TreeCleaningStrategy)
HashSet(java.util.HashSet)
Affiliation(org.orcid.jaxb.model.message.Affiliation)
Aggregations
AccessControlException (java.security.AccessControlException)1
HashSet (java.util.HashSet)1
TreeCleaner (org.orcid.core.tree.TreeCleaner)1
TreeCleaningDecision (org.orcid.core.tree.TreeCleaningDecision)1
TreeCleaningStrategy (org.orcid.core.tree.TreeCleaningStrategy)1
Address (org.orcid.jaxb.model.message.Address)1
Affiliation (org.orcid.jaxb.model.message.Affiliation)1
Country (org.orcid.jaxb.model.message.Country)1
Email (org.orcid.jaxb.model.message.Email)1
Funding (org.orcid.jaxb.model.message.Funding)1
OrcidProfile (org.orcid.jaxb.model.message.OrcidProfile)1
OrcidWork (org.orcid.jaxb.model.message.OrcidWork)1
PrivateVisibleToSource (org.orcid.jaxb.model.message.PrivateVisibleToSource)1
Source (org.orcid.jaxb.model.message.Source)1
Visibility (org.orcid.jaxb.model.message.Visibility)1
VisibilityType (org.orcid.jaxb.model.message.VisibilityType)1
WorkContributors (org.orcid.jaxb.model.message.WorkContributors)1
Authentication (org.springframework.security.core.Authentication)1
