KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > ivata > groupware > business > addressbook > right > AddressBookRightsImpl


1 /*
2  * Copyright (c) 2001 - 2005 ivata limited.
3  * All rights reserved.
4  * -----------------------------------------------------------------------------
5  * ivata groupware may be redistributed under the GNU General Public
6  * License as published by the Free Software Foundation;
7  * version 2 of the License.
8  *
9  * These programs are free software; you can redistribute them and/or
10  * modify them under the terms of the GNU General Public License
11  * as published by the Free Software Foundation; version 2 of the License.
12  *
13  * These programs are distributed in the hope that they will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
16  *
17  * See the GNU General Public License in the file LICENSE.txt for more
18  * details.
19  *
20  * If you would like a copy of the GNU General Public License write to
21  *
22  * Free Software Foundation, Inc.
23  * 59 Temple Place - Suite 330
24  * Boston, MA 02111-1307, USA.
25  *
26  *
27  * To arrange commercial support and licensing, contact ivata at
28  * http://www.ivata.com/contact.jsp
29  * -----------------------------------------------------------------------------
30  * $Log: AddressBookRightsImpl.java,v $
31  * Revision 1.5 2005/04/29 02:48:13 colinmacleod
32  * Data bugfixes.
33  * Changed primary key back to Integer.
34  *
35  * Revision 1.4 2005/04/28 18:47:10 colinmacleod
36  * Fixed XHMTL, styles and resin compatibility.
37  * Added support for URL rewriting.
38  *
39  * Revision 1.3 2005/04/10 20:09:38 colinmacleod
40  * Added new themes.
41  * Changed id type to String.
42  * Changed i tag to em and b tag to strong.
43  * Improved PicoContainerFactory with NanoContainer scripts.
44  *
45  * Revision 1.2 2005/04/09 17:19:08 colinmacleod
46  * Changed copyright text to GPL v2 explicitly.
47  *
48  * Revision 1.1.1.1 2005/03/10 17:50:22 colinmacleod
49  * Restructured ivata op around Hibernate/PicoContainer.
50  * Renamed ivata groupware.
51  *
52  * Revision 1.4 2004/11/12 18:17:10 colinmacleod
53  * Ordered imports.
54  *
55  * Revision 1.3 2004/11/12 15:57:06 colinmacleod
56  * Removed dependencies on SSLEXT.
57  * Moved Persistence classes to ivata masks.
58  *
59  * Revision 1.2 2004/11/03 15:34:42 colinmacleod
60  * Changed todo comments to all caps.
61  *
62  * Revision 1.1 2004/07/13 19:41:14 colinmacleod
63  * Moved project to POJOs from EJBs.
64  * Applied PicoContainer to services layer (replacing session EJBs).
65  * Applied Hibernate to persistence layer (replacing entity EJBs).
66  * -----------------------------------------------------------------------------
67  */
68 package com.ivata.groupware.business.addressbook.right;
69
70 import java.util.Collection JavaDoc;
71 import java.util.Iterator JavaDoc;
72 import java.util.List JavaDoc;
73 import java.util.Vector JavaDoc;
74
75 import com.ivata.groupware.admin.security.server.SecuritySession;
76 import com.ivata.groupware.business.BusinessLogic;
77 import com.ivata.groupware.business.addressbook.person.PersonDO;
78 import com.ivata.groupware.business.addressbook.person.employee.EmployeeDO;
79 import com.ivata.groupware.business.addressbook.person.group.GroupConstants;
80 import com.ivata.groupware.business.addressbook.person.group.GroupDO;
81 import com.ivata.groupware.business.addressbook.person.group.right.RightConstants;
82 import com.ivata.groupware.business.addressbook.person.group.right.RightDO;
83 import com.ivata.groupware.business.addressbook.person.group.right.detail.RightDetailDO;
84 import com.ivata.groupware.container.persistence.QueryPersistenceManager;
85 import com.ivata.mask.persistence.PersistenceSession;
86 import com.ivata.mask.util.SystemException;
87
88
89 /**
90  * <p>Address book rights determine what each user can and cannot do within the
91  * address book subsystem.</p>
92  *
93  * @since 2002-07-22
94  * @author Colin MacLeod
95  * <a HREF='mailto:colin.macleod@ivata.com'>colin.macleod@ivata.com</a>
96  * @version $Revision: 1.5 $
97  */
98 public class AddressBookRightsImpl
99         extends BusinessLogic implements AddressBookRights {
100     /**
101      * Persistence manger used to store/retrieve data objects.
102      */
103     private QueryPersistenceManager persistenceManager;
104
105     /**
106      * Construct a new address book rights instance.
107      *
108      * @param persistenceManager used to store objects in db.
109      */
110     public AddressBookRightsImpl(QueryPersistenceManager persistenceManager) {
111         this.persistenceManager = persistenceManager;
112     }
113
114     /**
115      * <p>Change user rights for group.</p>
116      *
117      * @param id of group
118      * @param rights collection of group ids which will have ACCESS right to that group
119      * @param set to one of the <code>ACCESS_...</code> constants in <code>RightConstants</code>.
120      */
121     public void amendRightsForGroup(final SecuritySession securitySession,
122             final GroupDO group,
123             final Collection JavaDoc rights,
124             final Integer JavaDoc access)
125             throws SystemException {
126         PersistenceSession persistenceSession = persistenceManager.openSession(securitySession);
127
128         try {
129             // find detail for group rights
130 RightDetailDO rightDetail =
131                 (RightDetailDO)
132                 persistenceManager.findByPrimaryKey(persistenceSession,
133                     RightDetailDO.class,
134                     RightConstants.DETAIL_PERSON_GROUP_MEMBER);
135
136             // I am only working with groupIds which user can view.
137 Collection JavaDoc groupIdsCanViewByUser =
138                 persistenceManager.find(persistenceSession,
139                     "rightByUserNameAccessDetail",
140                     new Object JavaDoc [] {
141                         securitySession.getUser().getName(),
142                         RightConstants.ACCESS_VIEW,
143                         RightConstants.DETAIL_PERSON_GROUP_MEMBER
144                     });
145             // find rights for GROUP with access level specified
146 List JavaDoc tmp =
147                 persistenceManager.find(persistenceSession,
148                     "rightByUserNameAccessDetailTargetId",
149                     new Object JavaDoc [] {
150                         securitySession.getUser().getName(),
151                         access,
152                         RightConstants.DETAIL_PERSON_GROUP_MEMBER,
153                         group.getId()
154                     });
155
156             // go thro' and remove the ones which are there already
157 for (int i = 0; i < tmp.size(); i++) {
158                 RightDO right = (RightDO) tmp.get(i);
159                 Integer JavaDoc groupId = right.getGroup().getId();
160
161                 if (groupIdsCanViewByUser.contains(groupId)) {
162                     if (rights.contains(groupId)) {
163                         rights.remove(groupId);
164                     } else if ( !GroupConstants.equals(groupId,
165                             GroupConstants.GROUP_ADMINISTRATOR) ) {
166                         persistenceManager.remove(persistenceSession, right);
167                     }
168                 }
169             }
170
171             // if you have right to add, amend or remove, so you have right to view
172 // -> check if you have view right, if not -> create
173 Collection JavaDoc viewRights = null;
174             if (!RightConstants.ACCESS_VIEW.equals(access)) {
175                 viewRights =
176                     persistenceManager.find(persistenceSession,
177                         "rightByAccessDetailTargetId",
178                         new Object JavaDoc [] {
179                             RightConstants.ACCESS_VIEW,
180                             RightConstants.DETAIL_PERSON_GROUP_MEMBER,
181                             group.getId()
182                         });
183             }
184
185             for (Iterator JavaDoc i = rights.iterator(); i.hasNext();) {
186                 Integer JavaDoc groupId = (Integer JavaDoc) i.next();
187                 GroupDO thisGroup = (GroupDO)
188                     persistenceManager.findByPrimaryKey(persistenceSession,
189                         GroupDO.class,
190                         groupId);
191
192                 RightDO right = new RightDO();
193                 right.setAccess(access);
194                 right.setDetail(rightDetail);
195                 right.setGroup(thisGroup);
196                 right.setTargetId(group.getId());
197                 persistenceManager.add(persistenceSession, right);
198
199                 // if any of the other rights apply, the view right automatically
200 // does too
201 if (!RightConstants.ACCESS_VIEW.equals(access)
202                         && !viewRights.contains(groupId)) {
203                     RightDO viewRight = new RightDO();
204                     viewRight.setAccess(RightConstants.ACCESS_VIEW);
205                     viewRight.setDetail(rightDetail);
206                     viewRight.setGroup(thisGroup);
207                     viewRight.setTargetId(group.getId());
208                     persistenceManager.add(persistenceSession, viewRight);
209                 }
210             }
211         } catch (Exception JavaDoc e) {
212             persistenceSession.cancel();
213             throw new SystemException(e);
214         } finally {
215             persistenceSession.close();
216         }
217     }
218
219     /**
220      * <p>TODO: add a comment here.</p>
221      */
222     public boolean canAddEmployeeToPerson(final SecuritySession securitySession,
223             final PersonDO person)
224             throws SystemException {
225         return true;
226     }
227
228     /**
229      * <p>Find out if a used is allowed to add entries to a given group.</p>
230      *
231      * @param userName the name of the user to check the user rights for.
232      * @param groupId the unique identifier of the group to check.
233      * @return <code>true</code> if the user is entitled to add to the group,
234      * otherwise <code>false</code>.
235      */
236     public boolean canAddToGroup(final SecuritySession securitySession,
237             final GroupDO group)
238             throws SystemException {
239         if (didUserCreateGroup(securitySession, group)) {
240             return true;
241         } else {
242             return canUser(securitySession, group, RightConstants.ACCESS_ADD);
243         }
244     }
245
246     /**
247      * <p>TODO: add a comment here.</p>
248      */
249     public boolean canAmendEmployee(final SecuritySession securitySession,
250             final EmployeeDO employeeDO)
251             throws SystemException {
252         // TODO:
253 return true;
254     }
255
256     /**
257      * <p>Find out if a used is allowed to amend entries in a given group.</p>
258      *
259      * @param userName the name of the user to check the user rights for.
260      * @param groupId the unique identifier of the group to check.
261      * @return <code>true</code> if the user is entitled to amend entries in the
262      * group, otherwise <code>false</code>.
263      */
264     public boolean canAmendInGroup(final SecuritySession securitySession,
265             final GroupDO group)
266             throws SystemException {
267         if (didUserCreateGroup(securitySession, group)) {
268             return true;
269         } else {
270             return canUser(securitySession, group, RightConstants.ACCESS_AMEND);
271         }
272     }
273
274     /**
275      * <p>TODO: add a comment here.</p>
276      */
277     public boolean canRemoveEmployee(final SecuritySession securitySession,
278             final EmployeeDO employeeDO)
279             throws SystemException {
280         // TODO:
281 return true;
282     }
283
284     /**
285      * <p>Find out if a used is allowed to remove entries from a given group.</p>
286      *
287      * @param userName the name of the user to check the user rights for.
288      * @param groupId the unique identifier of the group to check.
289      * @return <code>true</code> if the user is entitled to remove from the
290      * group, otherwise <code>false</code>.
291      */
292     public boolean canRemoveFromGroup(final SecuritySession securitySession,
293             final GroupDO group)
294             throws SystemException {
295         if (didUserCreateGroup(securitySession, group)) {
296             return true;
297         } else {
298             return canUser(securitySession, group, RightConstants.ACCESS_REMOVE);
299         }
300     }
301
302     /**
303      * <p>Internal helper method. Find out if a user is allowed to access
304      * entries in a given group.</p>
305      *
306      * @param userName the name of the user to check the user rights for.
307      * @param groupId the unique identifier of the group to check.
308      * @param access the access level as defined in {@link
309      * com.ivata.groupware.business.addressbook.person.group.right.RightConstants
310      * RightConstants}.
311      * @return <code>true</code> if the user is entitled to access entries in the
312      * group, otherwise <code>false</code>.
313      */
314     public boolean canUser(final SecuritySession securitySession,
315             final GroupDO group,
316             final Integer JavaDoc access)
317             throws SystemException {
318         // for now, everyone else can do pretty much everything :-)
319 // only private address books are sacred
320 GroupDO addressBook = group.getAddressBook();
321         // is this a parent address book? if so, only return true if this
322 // is the address book of the current user
323 if (GroupConstants.equals(addressBook.getParent().getId(),
324                 GroupConstants.ADDRESS_BOOK_PRIVATE)) {
325             return addressBook.getName().equals(securitySession.getUser()
326                     .getName());
327         }
328         return true;
329     }
330
331     /**
332      * <p>Did user created this group?</p>
333      * @param userName
334      * @param groupId
335      * @return
336      */
337     private boolean didUserCreateGroup(final SecuritySession securitySession,
338             final GroupDO group)
339             throws SystemException {
340         return securitySession.getUser().equals(group.getCreatedBy());
341     }
342
343     /**
344      * <p>Find the unique identifiers of all addressBooks which can be accessed by the
345      * group specified, with the access level given.</p>
346      *
347      * @param groupId unique identifier of the group for which to search for
348      * other groups.
349      * @param access the access level as defined in {@link
350      * com.ivata.groupware.business.addressbook.person.group.right.RightConstants
351      * RightConstants}.
352      * @return a <code>Collection</code> of <code>Integer</code> instances,
353      * matching all groups which can be access with this level of access
354      * by the group specified.
355      */
356     public Collection JavaDoc findAddressBooksByGroupAccess(final SecuritySession securitySession,
357             final GroupDO group,
358             final Integer JavaDoc access)
359             throws SystemException {
360         Vector JavaDoc groups = new Vector JavaDoc();
361         PersistenceSession persistenceSession = persistenceManager.openSession(securitySession);
362
363         try {
364             // find all the ids, but take only public addressBooks
365 Collection JavaDoc groupIds =
366                 persistenceManager.find(persistenceSession,
367                     "rightByGroupIdAccessDetail",
368                     new Object JavaDoc [] {
369                         group.getId(),
370                         RightConstants.ACCESS_VIEW,
371                         RightConstants.DETAIL_PERSON_GROUP_MEMBER
372                     });
373             for (Iterator JavaDoc i = groupIds.iterator(); i.hasNext(); ) {
374                 RightDO right = (RightDO) i.next();
375
376                 GroupDO tmpGroup = (GroupDO)
377                     persistenceManager.findByPrimaryKey(persistenceSession,
378                         GroupDO.class,
379                         right.getTargetId());
380                 if (GroupConstants.equals(tmpGroup.getParent().getId(),
381                         GroupConstants.ADDRESS_BOOK_PUBLIC)) {
382                     groups.add(tmpGroup);
383                 }
384             }
385         } catch (Exception JavaDoc e) {
386             persistenceSession.cancel();
387             throw new SystemException(e);
388         } finally {
389             persistenceSession.close();
390         }
391
392         return groups;
393     }
394
395     /**
396      * <p>Find groups which have <code>access</code> to group.
397      * Return only those groups which can be see by that user.</p>
398      *
399      * @param userName user which is trying find rights
400      * @param id of group which we are interesting
401      * @param access find rights with this access
402      * @return Collection of IDS of groups which have <code>access</code> to that group
403      */
404     public Collection JavaDoc findRightsForGroup(final SecuritySession securitySession,
405             final GroupDO group,
406             final Integer JavaDoc access)
407             throws SystemException {
408         PersistenceSession persistenceSession = persistenceManager.openSession(securitySession);
409
410         try {
411             // I will send only groupIds which user can view, no more.
412 Collection JavaDoc groupIdsCanViewByUser =
413                 persistenceManager.find(persistenceSession,
414                     "rightByUserNameAccessDetail",
415                     new Object JavaDoc [] {
416                         securitySession.getUser().getName(),
417                         RightConstants.ACCESS_VIEW,
418                         RightConstants.DETAIL_PERSON_GROUP_MEMBER
419                     });
420
421             // find rights for GROUP
422 List JavaDoc tmp =
423                 persistenceManager.find(persistenceSession,
424                     "rightByUserNameAccessDetailTargetId",
425                     new Object JavaDoc [] {
426                         securitySession.getUser().getName(),
427                         access,
428                         RightConstants.DETAIL_PERSON_GROUP_MEMBER,
429                         group.getId()
430                     });
431
432             List JavaDoc rights = new Vector JavaDoc();
433             for (int i = 0; i < tmp.size(); i++) {
434                 RightDO right = (RightDO) tmp.get(i);
435                 Integer JavaDoc groupId = right.getGroup().getId();
436
437                 if (groupIdsCanViewByUser.contains(groupId) &&
438                         !GroupConstants.equals(groupId,
439                                 GroupConstants.GROUP_ADMINISTRATOR)) {
440                     rights.add(groupId);
441                 }
442             }
443             return rights;
444         } catch (Exception JavaDoc e) {
445             persistenceSession.cancel();
446             throw new SystemException(e);
447         } finally {
448             persistenceSession.close();
449         }
450     }
451 }
452
Popular Tags