diff --git a/dspace-api/src/main/java/org/dspace/qaevent/service/QAEventSecurityService.java b/dspace-api/src/main/java/org/dspace/qaevent/service/QAEventSecurityService.java
index d797ad98a4..7f6ef7a12c 100644
--- a/dspace-api/src/main/java/org/dspace/qaevent/service/QAEventSecurityService.java
+++ b/dspace-api/src/main/java/org/dspace/qaevent/service/QAEventSecurityService.java
@@ -23,20 +23,20 @@ public interface QAEventSecurityService {
/**
* Check if the specified user can see a specific QASource
- * @param context the context
- * @param user the eperson to consider
- * @param qaSource the qaSource involved
+ * @param context the context
+ * @param user the eperson to consider
+ * @param sourceName the source name
* @return true if the specified user can eventually see events in the QASource
*/
- boolean canSeeSource(Context context, EPerson user, String qaSource);
+ boolean canSeeSource(Context context, EPerson user, String sourceName);
/**
* Check if the specified user can see a specific QAEvent. It is expected that a QAEvent in a not visible QASource
* cannot be accessed. So implementation of this method should enforce this rule.
*
- * @param context the context
- * @param user the eperson to consider
- * @param qaEvent the qaevent to check
+ * @param context the context
+ * @param user the eperson to consider
+ * @param qaEvent the qaevent to check
* @return true if the specified user can see the specified event
*/
boolean canSeeEvent(Context context, EPerson user, QAEvent qaEvent);
@@ -45,11 +45,11 @@ public interface QAEventSecurityService {
* Generate a query to restrict the qa events returned by other search/find method to the only ones visible to the
* specified user
*
- * @param context the context
- * @param user the eperson to consider
- * @param qaSource the qaSource involved
+ * @param context the context
+ * @param user the eperson to consider
+ * @param sourceName the source name
* @return the solr filter query
*/
- public Optional generateQAEventFilterQuery(Context context, EPerson user, String qaSource);
+ public Optional generateQAEventFilterQuery(Context context, EPerson user, String sourceName);
}
diff --git a/dspace-api/src/main/java/org/dspace/qaevent/service/impl/QAEventSecurityServiceImpl.java b/dspace-api/src/main/java/org/dspace/qaevent/service/impl/QAEventSecurityServiceImpl.java
index 33b781ad58..ca689a79e0 100644
--- a/dspace-api/src/main/java/org/dspace/qaevent/service/impl/QAEventSecurityServiceImpl.java
+++ b/dspace-api/src/main/java/org/dspace/qaevent/service/impl/QAEventSecurityServiceImpl.java
@@ -16,10 +16,23 @@ import org.dspace.eperson.EPerson;
import org.dspace.qaevent.security.QASecurity;
import org.dspace.qaevent.service.QAEventSecurityService;
+/**
+ * Implementation of the security service for QAEvents.
+ * This implementation manages a configuration of {@link QASecurity} instances,
+ * each responsible for security checks for a specific QA source.
+ *
+ * @author Mykhaylo Boychuk (mykhaylo.boychuk@4science.com)
+ */
public class QAEventSecurityServiceImpl implements QAEventSecurityService {
+ /**
+ * The default security settings to be used when specific configurations are not available for a QA source.
+ */
private QASecurity defaultSecurity;
+ /**
+ * A mapping of QA source names to their corresponding QASecurity configurations.
+ */
private Map qaSecurityConfiguration;
public void setQaSecurityConfiguration(Map qaSecurityConfiguration) {
@@ -30,27 +43,58 @@ public class QAEventSecurityServiceImpl implements QAEventSecurityService {
this.defaultSecurity = defaultSecurity;
}
+ /**
+ * Generate a query to restrict the qa events returned by other search/find method to the only ones visible to the
+ * specified user
+ *
+ * @param context the context
+ * @param user the eperson to consider
+ * @param sourceName the source name
+ * @return the solr filter query
+ */
@Override
- public Optional generateQAEventFilterQuery(Context context, EPerson user, String qaSource) {
- QASecurity qaSecurity = getQASecurity(qaSource);
+ public Optional generateQAEventFilterQuery(Context context, EPerson user, String sourceName) {
+ QASecurity qaSecurity = getQASecurity(sourceName);
return qaSecurity.generateFilterQuery(context, user);
}
+ /**
+ * Retrieves the QASecurity configuration for the specified QA source, or uses the default
+ * configuration if not available.
+ *
+ * @param qaSource The name of the QA source.
+ * @return The QASecurity configuration for the specified QA source, or the default configuration if not available.
+ */
private QASecurity getQASecurity(String qaSource) {
return qaSecurityConfiguration.getOrDefault(qaSource, defaultSecurity);
}
+ /**
+ * Determines whether the user is authorized to see the specified QA event.
+ *
+ * @param context the context
+ * @param user the eperson to consider
+ * @param qaEvent the qaevent to check
+ * @return true if the specified user can see the specified event
+ */
@Override
public boolean canSeeEvent(Context context, EPerson user, QAEvent qaEvent) {
String source = qaEvent.getSource();
QASecurity qaSecurity = getQASecurity(source);
- return qaSecurity.canSeeQASource(context, user)
- && qaSecurity.canSeeQAEvent(context, user, qaEvent);
+ return qaSecurity.canSeeQASource(context, user) && qaSecurity.canSeeQAEvent(context, user, qaEvent);
}
+ /**
+ * Determines whether the user is authorized to see events from the specified QA source.
+ * @param context The context.
+ * @param user The EPerson to consider
+ * @param sourceName The source name
+ *
+ * @return True if the user is authorized to see events from the source, false otherwise.
+ */
@Override
- public boolean canSeeSource(Context context, EPerson user, String qaSource) {
- QASecurity qaSecurity = getQASecurity(qaSource);
+ public boolean canSeeSource(Context context, EPerson user, String sourceName) {
+ QASecurity qaSecurity = getQASecurity(sourceName);
return qaSecurity.canSeeQASource(context, user);
}