This repository has been archived by the owner on Dec 6, 2022. It is now read-only.
/
SecureLoader.java
117 lines (91 loc) · 3.6 KB
/
SecureLoader.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package gov.nysenate.opendirectory.solr;
import java.io.StringReader;
import java.lang.reflect.Method;
import java.util.TreeSet;
import java.util.HashMap;
import org.apache.solr.common.SolrDocument;
import javax.xml.parsers.*;
import org.xml.sax.InputSource;
import org.w3c.dom.*;
import gov.nysenate.opendirectory.models.Person;
public class SecureLoader {
private Person user;
public SecureLoader(Person user) {
this.user = user;
}
public Person loadPerson(SolrDocument profile) {
//Do the loading here
Person person = new Person();
//Dependent on matching user credentials and field credentials
//load into the person object
String permissions_xml = (String)profile.getFieldValue("permissions");
try {
DocumentBuilderFactory dbf =
DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
InputSource is = new InputSource();
is.setCharacterStream(new StringReader(permissions_xml));
Document doc = db.parse(is);
NodeList fields = doc.getDocumentElement().getChildNodes();
//This is the TreeSet that will house credentials for each field
TreeSet<String> field_credentials = new TreeSet<String>();
Boolean approved;
for(int c=0; c<fields.getLength(); c++)
{
approved=false;
field_credentials = Credentials((String)fields.item(c).getAttributes().item(0).getNodeValue());
if(user.equals(Person.getAdmin()))
approved = true;
else {
for(String temp : field_credentials) {
if(user.getCredentials().contains(temp) == true) {
approved = true;
break;
}
}
}
String fieldname = (String)fields.item(c).getAttributes().item(1).getNodeValue();
if(fieldname.equals("user_credential") || fieldname.equals("skills") || fieldname.equals("interests")) {
//System.out.println(fieldname);
if(approved)
person.setCredentials(Credentials((String)profile.getFieldValue(fieldname)));
else
person.setCredentials(null);
} else if(fieldname.equals("permissions")){
if(!approved)
person.setPermissions(null);
else{
HashMap<String, TreeSet<String>> permission = new HashMap<String, TreeSet<String>>();
for(int i=0; i<fields.getLength(); i++)
{
field_credentials= Credentials((String)fields.item(i).getAttributes().item(0).getNodeValue());
fieldname = (String)fields.item(i).getAttributes().item(1).getNodeValue();
permission.put(fieldname, field_credentials);
}
person.setPermissions(permission);
}
} else {
String setFieldName = "set"+fieldname.substring(0, 1).toUpperCase()+fieldname.substring(1);
Method setMethod = person.getClass().getMethod(setFieldName, String.class);
if(approved)
setMethod.invoke(person, profile.getFieldValue(fieldname));
else
setMethod.invoke(person, (String)null);
}
}
}
catch (Exception e) {
e.printStackTrace();
}
return person;
}
public TreeSet<String> Credentials(String credentials){
TreeSet<String> Credentials = new TreeSet<String>();
String[] credentialset = credentials.split(", ");
for(String temp : credentialset)
{
Credentials.add(temp);
}
return Credentials;
}
}