/** * Checks if the current tenant is the owner of the resource. * * @param resource * @return */ public static boolean isCurrentTenantResource(final CatalogDocument resource) { boolean isCurrentTenantResource = true; if (TenantContextHolder.isEnabled()) { final String currentTenant = getCurrentTenant(); final String resourceTenant = getResourceTenantOwner(resource); isCurrentTenantResource = SentiloUtils.areEquals(currentTenant, resourceTenant); } return isCurrentTenantResource; }
@Override public SearchFilter buildMapSearchFilter() { final SearchFilter filter = new SearchFilter(); final Authentication authetication = SecurityContextHolder.getContext().getAuthentication(); final boolean userIsLoggedIn = authetication != null && authetication.getPrincipal() instanceof CatalogUserDetails; boolean requestToOwnTenant = true; if (TenantContextHolder.hasContext()) { // Views always shown components belonging to or authorized to request's tenant // And if request's tenant != user's tenant then only publics components are returned final String requestTenant = TenantUtils.getRequestTenant(); final String userTenant = TenantUtils.getUserTenant(); if (StringUtils.hasText(requestTenant)) { // Show only granted components that had been marked as visible on map filter.addAndParam("tenantsMapVisible", requestTenant); // Show only own and granted components filter.addAndParam("tenantsAuth", requestTenant); } requestToOwnTenant = SentiloUtils.areEquals(requestTenant, userTenant); } if (!userIsLoggedIn || !requestToOwnTenant) { filter.addAndParam("publicAccess", Boolean.TRUE); } return filter; }