package fr.dcproject.component.opinion import fr.dcproject.common.entity.HasTarget import fr.dcproject.common.security.AccessControl import fr.dcproject.common.security.AccessResponse import fr.dcproject.component.citizen.CitizenI import fr.dcproject.component.opinion.entity.OpinionI import fr.postgresjson.entity.EntityCreatedBy import fr.postgresjson.entity.EntityDeletedAt class OpinionAccessControl : AccessControl() { fun canCreate(subjects: List, citizen: CitizenI?): AccessResponse where S : OpinionI, S : HasTarget<*> = canAll(subjects) { canCreate(it, citizen) } fun canCreate(subject: S, citizen: CitizenI?): AccessResponse where S : OpinionI, S : HasTarget<*> { val target = subject.target return when { citizen == null -> denied("You must be connected to make an opinion", "opinion.create.notConnected") target is EntityDeletedAt && target.isDeleted() -> denied("You cannot make opinion on deleted target", "opinion.create.deletedTarget") else -> granted() } } fun , C : CitizenI> canView(subjects: SS, citizen: CitizenI?): AccessResponse where S : OpinionI, S : EntityCreatedBy = canAll(subjects) { canView(it, citizen) } fun canView(subject: S, citizen: CitizenI?): AccessResponse where S : OpinionI, S : EntityCreatedBy = when { citizen == null -> denied("You must be connected to delete opinion", "opinion.delete.notConnected") subject.createdBy.id != citizen.id -> denied("You cannot view opinions of other citizen", "opinion.view.otherCitizen") else -> granted() } fun canDelete(subject: S, citizen: CitizenI?): AccessResponse where S : EntityCreatedBy, S : OpinionI = when { citizen == null -> denied("You must be connected to delete opinion", "opinion.delete.notConnected") subject.createdBy.id != citizen.id -> denied("You can only delete your opinions", "opinion.delete.notYours") else -> granted() } }