From 44396ff04a24088ac9fb2cab270036a9a983944f Mon Sep 17 00:00:00 2001
From: Paul-Christian Volkmer
Date: Mon, 10 Apr 2023 13:09:54 +0200
Subject: Issue #24: Füge PermissionEvaluator zur Gesamtprüfung der
 Berechtigung hinzu

Dieser PermissionEvaluator delegiert die einzelnen Prüfungen an PermissionEvaluatoren
welche `AbstractDelegatedPermissionEvaluator` erweitern.

Nur, wenn all diese PermissionEvaluatoren die Berechtigung erfolgreich geprüft haben,
gibt dieser PermissionEvaluator ein positives Prüfungsergebnis zurück.
---
 .../java/DNPM/security/FormBasedPermissionEvaluator.java    | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

(limited to 'src/main/java/DNPM/security/FormBasedPermissionEvaluator.java')

diff --git a/src/main/java/DNPM/security/FormBasedPermissionEvaluator.java b/src/main/java/DNPM/security/FormBasedPermissionEvaluator.java
index 73937af..4ba19dc 100644
--- a/src/main/java/DNPM/security/FormBasedPermissionEvaluator.java
+++ b/src/main/java/DNPM/security/FormBasedPermissionEvaluator.java
@@ -3,8 +3,6 @@ package DNPM.security;
 import de.itc.onkostar.api.IOnkostarApi;
 import de.itc.onkostar.api.Patient;
 import de.itc.onkostar.api.Procedure;
-import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.stereotype.Component;
@@ -17,15 +15,10 @@ import java.util.List;
  * Permission-Evaluator zur Auswertung der Berechtigung auf Objekte aufgrund der Formularberechtigung
  */
 @Component
-public class FormBasedPermissionEvaluator implements PermissionEvaluator {
-
-    private final IOnkostarApi onkostarApi;
-
-    private final JdbcTemplate jdbcTemplate;
+public class FormBasedPermissionEvaluator extends AbstractDelegatedPermissionEvaluator {
 
     public FormBasedPermissionEvaluator(final IOnkostarApi onkostarApi, final DataSource dataSource) {
-        this.onkostarApi = onkostarApi;
-        this.jdbcTemplate = new JdbcTemplate(dataSource);
+        super(onkostarApi, dataSource);
     }
 
     /**
@@ -63,7 +56,7 @@ public class FormBasedPermissionEvaluator implements PermissionEvaluator {
     @Override
     public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permissionType) {
         if (targetId instanceof Integer) {
-            if ("Patient".equals(targetType)) {
+            if (PATIENT.equals(targetType)) {
                 return true;
             }
             var procedure = this.onkostarApi.getProcedure((int)targetId);
-- 
cgit v1.2.3