Search in sources :

Example 1 with CheckResult

use of io.milton.property.PropertyAuthoriser.CheckResult in project lobcder by skoulouzis.

the class JsonPropPatchHandler method process.

public PropFindResponse process(Resource wrappedResource, String encodedUrl, Map<String, String> params) throws NotAuthorizedException, ConflictException, BadRequestException {
    log.trace("process");
    Map<QName, String> fields = new HashMap<QName, String>();
    for (String fieldName : params.keySet()) {
        String sFieldValue = params.get(fieldName);
        QName qn;
        if (fieldName.contains(":")) {
            // name is of form uri:local  E.g. MyDav:authorName
            String[] parts = fieldName.split(":");
            String nsUri = parts[0];
            String localName = parts[1];
            qn = new QName(nsUri, localName);
        } else {
            // name is simple form E.g. displayname, default nsUri to DAV
            qn = new QName(WebDavProtocol.NS_DAV.getPrefix(), fieldName);
        }
        log.debug("field: " + qn);
        fields.put(qn, sFieldValue);
    }
    ParseResult parseResult = new ParseResult(fields, null);
    if (log.isTraceEnabled()) {
        log.trace("check permissions with: " + permissionService.getClass());
    }
    Set<PropertyAuthoriser.CheckResult> errorFields = permissionService.checkPermissions(HttpManager.request(), Method.PROPPATCH, PropertyAuthoriser.PropertyPermission.WRITE, fields.keySet(), wrappedResource);
    if (errorFields != null && errorFields.size() > 0) {
        log.info("authorisation errors: " + errorFields.size() + " from permissionService: " + permissionService.getClass());
        if (log.isTraceEnabled()) {
            for (CheckResult e : errorFields) {
                LogUtils.trace(log, " - field error: ", e.getField(), e.getStatus(), e.getDescription());
            }
        }
        throw new NotAuthorizedException(wrappedResource);
    } else {
        LogUtils.trace(log, "setting properties with", patchSetter.getClass());
        PropFindResponse resp = patchSetter.setProperties(encodedUrl, parseResult, wrappedResource);
        if (eventManager != null) {
            log.trace("fire event");
            eventManager.fireEvent(new PropPatchEvent(wrappedResource, resp));
        } else {
            log.trace("no event manager");
        }
        if (resp.getErrorProperties().size() > 0) {
            LogUtils.warn(log, "Encountered errors setting fields with patch setter", patchSetter.getClass());
        }
        if (log.isTraceEnabled()) {
            if (resp.getErrorProperties().size() > 0) {
                for (List<NameAndError> e : resp.getErrorProperties().values()) {
                    for (NameAndError ne : e) {
                        LogUtils.trace(log, " - field error setting properties: ", ne.getName(), ne.getError());
                    }
                }
            }
        }
        return resp;
    }
}
Also used : ParseResult(io.milton.http.webdav.PropPatchRequestParser.ParseResult) HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException) NameAndError(io.milton.http.webdav.PropFindResponse.NameAndError) CheckResult(io.milton.property.PropertyAuthoriser.CheckResult) PropFindResponse(io.milton.http.webdav.PropFindResponse) PropPatchEvent(io.milton.event.PropPatchEvent)

Aggregations

PropPatchEvent (io.milton.event.PropPatchEvent)1 NotAuthorizedException (io.milton.http.exceptions.NotAuthorizedException)1 PropFindResponse (io.milton.http.webdav.PropFindResponse)1 NameAndError (io.milton.http.webdav.PropFindResponse.NameAndError)1 ParseResult (io.milton.http.webdav.PropPatchRequestParser.ParseResult)1 CheckResult (io.milton.property.PropertyAuthoriser.CheckResult)1 HashMap (java.util.HashMap)1 QName (javax.xml.namespace.QName)1