From 847a7ef8096cb2d56fbccea812b707c58e49bf8c Mon Sep 17 00:00:00 2001
From: rogerio.costa <rogerio.costa@centralit.com.br>
Date: Wed, 30 Mar 2016 11:24:50 -0300
Subject: [PATCH] [3576] - Ajustar modelo e cadastros: Tipo de documento, tipo de processo, documento e processo.

---
 cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomExpressionHandler.java          |  30 ++++++++++++++++++++++++++++++
 cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomWebSecurityExpresssionRoot.java | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 134 insertions(+), 0 deletions(-)
 create mode 100644 cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomExpressionHandler.java
 create mode 100644 cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomWebSecurityExpresssionRoot.java

diff --git a/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomExpressionHandler.java b/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomExpressionHandler.java
new file mode 100644
index 0000000..07fcd56
--- /dev/null
+++ b/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomExpressionHandler.java
@@ -0,0 +1,30 @@
+package br.com.centralit.api.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.expression.SecurityExpressionOperations;
+import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
+import org.springframework.security.web.access.expression.WebSecurityExpressionRoot;
+
+import br.com.centralit.api.service.CredencialProcessoService;
+
+/**
+ * @author Rob Winch
+ */
+public class CustomExpressionHandler extends DefaultWebSecurityExpressionHandler {
+
+	@Autowired
+	private CredencialProcessoService credencialProcessoService;
+
+	@Override
+	protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation fi) {
+
+		WebSecurityExpressionRoot root = new CustomWebSecurityExpresssionRoot(authentication, fi, credencialProcessoService);
+		root.setPermissionEvaluator(this.getPermissionEvaluator());
+		root.setTrustResolver(new AuthenticationTrustResolverImpl());
+		root.setRoleHierarchy(this.getRoleHierarchy());
+		return root;
+	}
+}
diff --git a/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomWebSecurityExpresssionRoot.java b/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomWebSecurityExpresssionRoot.java
new file mode 100644
index 0000000..eafd839
--- /dev/null
+++ b/cit-ecm-api/src/main/java/br/com/centralit/api/security/CustomWebSecurityExpresssionRoot.java
@@ -0,0 +1,104 @@
+package br.com.centralit.api.security;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.FilterInvocation;
+import org.springframework.security.web.access.expression.WebSecurityExpressionRoot;
+
+import br.com.centralit.api.service.CredencialProcessoService;
+
+/**
+ * <p>
+ * <img src="http://centralit.com.br/images/logo_central.png">
+ * </p>
+ * 
+ * <p>
+ * <b>Company: </b> Central IT - Governança Corporativa -
+ * </p>
+ * 
+ * <p>
+ * <b>Title: </b>
+ * </p>
+ * 
+ * <p>
+ * <b>Description: </b>
+ * </p>
+ * 
+ * <p>
+ * <b>Iniciativa(s):</b> <a href="LINK_PORTAL">NUMERO_INICIATIVA</a>
+ * </p>
+ * 
+ * <p>
+ * <b>Regra(s) de negócio:</b> <a href="LINK_PORTAL">NUMERO_REGRA_DE_NEGOCIO</a>
+ * </p>
+ * 
+ * @since 30/03/2016 - 10:43:40
+ * 
+ * @version 1.0.0
+ * 
+ * @author rogerio.costa
+ * 
+ */
+public class CustomWebSecurityExpresssionRoot extends WebSecurityExpressionRoot {
+
+	/** Atributo credencialProcessoService. */
+	private CredencialProcessoService credencialProcessoService;
+
+	/**
+	 * Responsável pela criação de novas instâncias desta classe.
+	 * 
+	 * @param authentication
+	 * @param filterInvocation
+	 * @param credencialProcessoService
+	 */
+	public CustomWebSecurityExpresssionRoot( Authentication authentication, FilterInvocation filterInvocation, CredencialProcessoService credencialProcessoService ) {
+
+		super(authentication, filterInvocation);
+
+		this.credencialProcessoService = credencialProcessoService;
+	}
+
+	/**
+	 * <p>
+	 * <b>Iniciativa(s):</b> <a href="LINK_PORTAL">NUMERO_INICIATIVA</a>
+	 * </p>
+	 * 
+	 * <p>
+	 * <b>Regra(s) de negócio:</b> <a href="LINK_PORTAL">NUMERO_REGRA_DE_NEGOCIO</a>
+	 * </p>
+	 * 
+	 * Método responsável por verificar se o usuario tem permissão para credenciar
+	 * 
+	 * @author rogerio.costa
+	 * 
+	 * @return boolean
+	 */
+	public boolean permiteCredenciar() {
+
+		Long idProcesso = (Long) this.request.getSession().getAttribute("idProcesso");
+
+		return this.credencialProcessoService.permiteCredenciar(idProcesso);
+	}
+
+	/**
+	 * <p>
+	 * <b>Iniciativa(s):</b> <a href="LINK_PORTAL">NUMERO_INICIATIVA</a>
+	 * </p>
+	 * 
+	 * <p>
+	 * <b>Regra(s) de negócio:</b> <a href="LINK_PORTAL">NUMERO_REGRA_DE_NEGOCIO</a>
+	 * </p>
+	 * 
+	 * Método responsável por verificar se o usuario logado não é o criador do processo, e se contem uma credencial para o mesmo
+	 * 
+	 * @author rogerio.costa
+	 * 
+	 * @return boolean
+	 */
+	public boolean permiteRenunciar() {
+
+		Long idProcesso = (Long) this.request.getSession().getAttribute("idProcesso");
+
+		return this.credencialProcessoService.permiteRenunciar(idProcesso);
+	}
+
+}
--
libgit2 0.21.2