1 68 package com.ivata.groupware.business.addressbook.right; 69 70 import java.util.Collection ; 71 import java.util.Iterator ; 72 import java.util.List ; 73 import java.util.Vector ; 74 75 import com.ivata.groupware.admin.security.server.SecuritySession; 76 import com.ivata.groupware.business.BusinessLogic; 77 import com.ivata.groupware.business.addressbook.person.PersonDO; 78 import com.ivata.groupware.business.addressbook.person.employee.EmployeeDO; 79 import com.ivata.groupware.business.addressbook.person.group.GroupConstants; 80 import com.ivata.groupware.business.addressbook.person.group.GroupDO; 81 import com.ivata.groupware.business.addressbook.person.group.right.RightConstants; 82 import com.ivata.groupware.business.addressbook.person.group.right.RightDO; 83 import com.ivata.groupware.business.addressbook.person.group.right.detail.RightDetailDO; 84 import com.ivata.groupware.container.persistence.QueryPersistenceManager; 85 import com.ivata.mask.persistence.PersistenceSession; 86 import com.ivata.mask.util.SystemException; 87 88 89 98 public class AddressBookRightsImpl 99 extends BusinessLogic implements AddressBookRights { 100 103 private QueryPersistenceManager persistenceManager; 104 105 110 public AddressBookRightsImpl(QueryPersistenceManager persistenceManager) { 111 this.persistenceManager = persistenceManager; 112 } 113 114 121 public void amendRightsForGroup(final SecuritySession securitySession, 122 final GroupDO group, 123 final Collection rights, 124 final Integer access) 125 throws SystemException { 126 PersistenceSession persistenceSession = persistenceManager.openSession(securitySession); 127 128 try { 129 RightDetailDO rightDetail = 131 (RightDetailDO) 132 persistenceManager.findByPrimaryKey(persistenceSession, 133 RightDetailDO.class, 134 RightConstants.DETAIL_PERSON_GROUP_MEMBER); 135 136 Collection groupIdsCanViewByUser = 138 persistenceManager.find(persistenceSession, 139 "rightByUserNameAccessDetail", 140 new Object [] { 141 securitySession.getUser().getName(), 142 RightConstants.ACCESS_VIEW, 143 RightConstants.DETAIL_PERSON_GROUP_MEMBER 144 }); 145 List tmp = 147 persistenceManager.find(persistenceSession, 148 "rightByUserNameAccessDetailTargetId", 149 new Object [] { 150 securitySession.getUser().getName(), 151 access, 152 RightConstants.DETAIL_PERSON_GROUP_MEMBER, 153 group.getId() 154 }); 155 156 for (int i = 0; i < tmp.size(); i++) { 158 RightDO right = (RightDO) tmp.get(i); 159 Integer groupId = right.getGroup().getId(); 160 161 if (groupIdsCanViewByUser.contains(groupId)) { 162 if (rights.contains(groupId)) { 163 rights.remove(groupId); 164 } else if ( !GroupConstants.equals(groupId, 165 GroupConstants.GROUP_ADMINISTRATOR) ) { 166 persistenceManager.remove(persistenceSession, right); 167 } 168 } 169 } 170 171 Collection viewRights = null; 174 if (!RightConstants.ACCESS_VIEW.equals(access)) { 175 viewRights = 176 persistenceManager.find(persistenceSession, 177 "rightByAccessDetailTargetId", 178 new Object [] { 179 RightConstants.ACCESS_VIEW, 180 RightConstants.DETAIL_PERSON_GROUP_MEMBER, 181 group.getId() 182 }); 183 } 184 185 for (Iterator i = rights.iterator(); i.hasNext();) { 186 Integer groupId = (Integer ) i.next(); 187 GroupDO thisGroup = (GroupDO) 188 persistenceManager.findByPrimaryKey(persistenceSession, 189 GroupDO.class, 190 groupId); 191 192 RightDO right = new RightDO(); 193 right.setAccess(access); 194 right.setDetail(rightDetail); 195 right.setGroup(thisGroup); 196 right.setTargetId(group.getId()); 197 persistenceManager.add(persistenceSession, right); 198 199 if (!RightConstants.ACCESS_VIEW.equals(access) 202 && !viewRights.contains(groupId)) { 203 RightDO viewRight = new RightDO(); 204 viewRight.setAccess(RightConstants.ACCESS_VIEW); 205 viewRight.setDetail(rightDetail); 206 viewRight.setGroup(thisGroup); 207 viewRight.setTargetId(group.getId()); 208 persistenceManager.add(persistenceSession, viewRight); 209 } 210 } 211 } catch (Exception e) { 212 persistenceSession.cancel(); 213 throw new SystemException(e); 214 } finally { 215 persistenceSession.close(); 216 } 217 } 218 219 222 public boolean canAddEmployeeToPerson(final SecuritySession securitySession, 223 final PersonDO person) 224 throws SystemException { 225 return true; 226 } 227 228 236 public boolean canAddToGroup(final SecuritySession securitySession, 237 final GroupDO group) 238 throws SystemException { 239 if (didUserCreateGroup(securitySession, group)) { 240 return true; 241 } else { 242 return canUser(securitySession, group, RightConstants.ACCESS_ADD); 243 } 244 } 245 246 249 public boolean canAmendEmployee(final SecuritySession securitySession, 250 final EmployeeDO employeeDO) 251 throws SystemException { 252 return true; 254 } 255 256 264 public boolean canAmendInGroup(final SecuritySession securitySession, 265 final GroupDO group) 266 throws SystemException { 267 if (didUserCreateGroup(securitySession, group)) { 268 return true; 269 } else { 270 return canUser(securitySession, group, RightConstants.ACCESS_AMEND); 271 } 272 } 273 274 277 public boolean canRemoveEmployee(final SecuritySession securitySession, 278 final EmployeeDO employeeDO) 279 throws SystemException { 280 return true; 282 } 283 284 292 public boolean canRemoveFromGroup(final SecuritySession securitySession, 293 final GroupDO group) 294 throws SystemException { 295 if (didUserCreateGroup(securitySession, group)) { 296 return true; 297 } else { 298 return canUser(securitySession, group, RightConstants.ACCESS_REMOVE); 299 } 300 } 301 302 314 public boolean canUser(final SecuritySession securitySession, 315 final GroupDO group, 316 final Integer access) 317 throws SystemException { 318 GroupDO addressBook = group.getAddressBook(); 321 if (GroupConstants.equals(addressBook.getParent().getId(), 324 GroupConstants.ADDRESS_BOOK_PRIVATE)) { 325 return addressBook.getName().equals(securitySession.getUser() 326 .getName()); 327 } 328 return true; 329 } 330 331 337 private boolean didUserCreateGroup(final SecuritySession securitySession, 338 final GroupDO group) 339 throws SystemException { 340 return securitySession.getUser().equals(group.getCreatedBy()); 341 } 342 343 356 public Collection findAddressBooksByGroupAccess(final SecuritySession securitySession, 357 final GroupDO group, 358 final Integer access) 359 throws SystemException { 360 Vector groups = new Vector (); 361 PersistenceSession persistenceSession = persistenceManager.openSession(securitySession); 362 363 try { 364 Collection groupIds = 366 persistenceManager.find(persistenceSession, 367 "rightByGroupIdAccessDetail", 368 new Object [] { 369 group.getId(), 370 RightConstants.ACCESS_VIEW, 371 RightConstants.DETAIL_PERSON_GROUP_MEMBER 372 }); 373 for (Iterator i = groupIds.iterator(); i.hasNext(); ) { 374 RightDO right = (RightDO) i.next(); 375 376 GroupDO tmpGroup = (GroupDO) 377 persistenceManager.findByPrimaryKey(persistenceSession, 378 GroupDO.class, 379 right.getTargetId()); 380 if (GroupConstants.equals(tmpGroup.getParent().getId(), 381 GroupConstants.ADDRESS_BOOK_PUBLIC)) { 382 groups.add(tmpGroup); 383 } 384 } 385 } catch (Exception e) { 386 persistenceSession.cancel(); 387 throw new SystemException(e); 388 } finally { 389 persistenceSession.close(); 390 } 391 392 return groups; 393 } 394 395 404 public Collection findRightsForGroup(final SecuritySession securitySession, 405 final GroupDO group, 406 final Integer access) 407 throws SystemException { 408 PersistenceSession persistenceSession = persistenceManager.openSession(securitySession); 409 410 try { 411 Collection groupIdsCanViewByUser = 413 persistenceManager.find(persistenceSession, 414 "rightByUserNameAccessDetail", 415 new Object [] { 416 securitySession.getUser().getName(), 417 RightConstants.ACCESS_VIEW, 418 RightConstants.DETAIL_PERSON_GROUP_MEMBER 419 }); 420 421 List tmp = 423 persistenceManager.find(persistenceSession, 424 "rightByUserNameAccessDetailTargetId", 425 new Object [] { 426 securitySession.getUser().getName(), 427 access, 428 RightConstants.DETAIL_PERSON_GROUP_MEMBER, 429 group.getId() 430 }); 431 432 List rights = new Vector (); 433 for (int i = 0; i < tmp.size(); i++) { 434 RightDO right = (RightDO) tmp.get(i); 435 Integer groupId = right.getGroup().getId(); 436 437 if (groupIdsCanViewByUser.contains(groupId) && 438 !GroupConstants.equals(groupId, 439 GroupConstants.GROUP_ADMINISTRATOR)) { 440 rights.add(groupId); 441 } 442 } 443 return rights; 444 } catch (Exception e) { 445 persistenceSession.cancel(); 446 throw new SystemException(e); 447 } finally { 448 persistenceSession.close(); 449 } 450 } 451 } 452 | Popular Tags |