The following fields in AccessManager.java:
|
/** |
|
* User locations that are accessible only to authenticated users. |
|
* These resources require user login for access. |
|
*/ |
|
private final String[] USER_LOCATIONS; |
|
/** |
|
* Teacher locations that are accessible only to authenticated teachers. |
|
* These resources require teacher privileges for access. |
|
*/ |
|
private final String[] TEACHER_LOCATIONS; |
have no current use, use them in AccessManager.hasAccess() similar to ADMIN_LOCATIONS and STUDENT_LOCATIONS:
|
if (resource.namespace().equals(USER_SPACE) || resource.resource().startsWith("my") && !(user == User.ANONYMOUS)) { |
|
return true; |
|
} else if (resource.namespace().equals(TEACHER_SPACE)) { |
|
return user.isTeacher() || user.isAdmin(); |
|
} else if (resource.namespace().equals(ADMIN_SPACE) || Arrays.asList(ADMIN_LOCATIONS).contains(resource.resource())) { |
|
return user.isAdmin(); |
|
} else { |
|
return false; |
|
} |
The following fields in AccessManager.java:
student-database/src/main/java/de/igslandstuhl/database/server/webserver/AccessManager.java
Lines 43 to 52 in 65b7dc9
have no current use, use them in AccessManager.hasAccess() similar to ADMIN_LOCATIONS and STUDENT_LOCATIONS:
student-database/src/main/java/de/igslandstuhl/database/server/webserver/AccessManager.java
Lines 118 to 126 in 65b7dc9