...
Code Block |
---|
public class HoldAdminSession extends net.okapia.osid.jamocha.adapter.hold.spi.AbatractAdapterHoldAdminSession implements org.osid.hold.HoldAdminSession private final org.osid.authorization.AuthorizationSession authzSession; private static final org.osid.id.Id CREATEHOLD_FUNCTION_ID; private static final org.osid.id.Id UPDATEHOLD_FUNCTION_ID; private static final org.osid.id.Id DELETEHOLD_FUNCTION_ID; HoldAdminSession(org.osid.hold.HoldAdminSession session, org.osid.authorization.AuthorizationSession authzSession) { super(session); this.authzSession = authzSession; return; } public org.osid.hold.HoldForm getHoldFormForCreate(org.osid.id.Id issueId, org.osid.id.Id resourceId, org.osid.type.Type[] recordTypes) { if (this.authzSession.isAuthorized(getAuthenticatedAgentId(), CREATEHOLD_FUNCTION_ID, issueId) { throw org.osid.PermissionDeniedException(); } // wrap the form so we need can get the issueId on the way back in return (new HoldFormAdapter(super.getHoldFormForCreate(issueId, resourceId, recordTypes), issueId); } public org.osid.hold.Hold createHold(org.osid.hold.HoldForm form) { if (this.authzSession.isAuthorized(getAuthenticatedAgentId(), CREATEHOLD_FUNCTION_ID, getIssueId(form)) { throw org.osid.PermissionDeniedException(); } return (super.createHold(form)); } public org.osid.hold.HoldForm getHoldFormForUpdate(org.osid.id.Id holdId) { if (this.authzSession.isAuthorized(getAuthenticatedAgentId(), UPDATEHOLD_FUNCTION_ID, holdId) { throw org.osid.PermissionDeniedException(); } // wrap the form so we need can get the issueId on the way back in return (new HoldFormAdapter(super.getHoldFormForUpdate(holdId), holdId); } public org.osid.hold.Hold updateHold(org.osid.hold.HoldForm form) { if (this.authzSession.isAuthorized(getAuthenticatedAgentId(), UPDATEHOLD_FUNCTION_ID, getIssueId(form)) { throw org.osid.PermissionDeniedException(); } return (super.updateHold(form)); } public void deleteHold(org.osid.id.Id holdId) { if (this.authzSession.isAuthorized(getAuthenticatedAgentId(), DELETEHOLD_FUNCTION_ID, holdId) { throw org.osid.PermissionDeniedException(); } return (super.deleteHold(holdId)); } private static org.osid.id.Id getIssueId(org.osid.hold.HoldForm form) { if (!(form instance of HoldFormAdapter)) { throw new org.osid.InvalidArgumentException("not my form!"); } return (((HoldFormAdapter) form).getIssueId()); } } |
Syncing Authorizations
...
The Gap
The next step is to note the gap between the above Authorizations and the way the project wants to manage Authorizations. Somehow we need to get from Issues and Holds to Organizations.
Syncing Authorizations