Package evolaris.platform.um.web.form

Examples of evolaris.platform.um.web.form.PermissionForm


  /**
   * show list of access permissions for specified object
   */
  protected ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest req, HttpServletResponse resp) {
    PermissionForm permissionForm = (PermissionForm)form;
    String idParam = req.getParameter("id");
    String nameParam = req.getParameter("name");
    String formActionPath = req.getParameter("formActionPath");
    req.setAttribute("formActionPath", formActionPath);

    PermissionManager permissionMgr = new PermissionManager(locale, session);
   
    List<String> permissionValues = new ArrayList<String>();
   
    AccessControlledEntry entry = permissionMgr.getAccessControlledEntry(Long.parseLong(idParam));
    if (entry == null) {
      throw new InputException(getResources(req).getMessage(locale, "um.AccessControlledEntryNotFound", idParam));
    }
    LOGGER.debug("preparing editing of permissions for AccessControlledEntry #`"+entry.getId()+"`");
    req.setAttribute("entry", entry);
    req.setAttribute("name", nameParam);
   
    LOGGER.debug("about to fetch list of permissions for AccessControlledClass `"+entry.getAccessControlledClass().getName()+"`...");
    List<Permission> permissions = permissionMgr.getPermissions(entry.getAccessControlledClass().getName());
    LOGGER.debug("successfully fetched list of permissions.");
    LOGGER.debug("about to prepare for display...");

    List<KeyValueContainer> displayablePermissions = new ArrayList<KeyValueContainer>();
    for (Permission p : permissions) {
      try {
        String s = this.getResources(req).getMessage(locale,"um.AccessPermission_"+p.getValue());
         displayablePermissions.add(new KeyValueContainer(p.getId(), s));
         LOGGER.debug("added displayable permission `"+s+"`");
      } catch (Exception e) {
        String msg = getResources(req).getMessage(locale,"um.missingAccessPermissionName", p.getValue());
        throw new ConfigurationException(msg);
      }
    }
    req.setAttribute("permissions", displayablePermissions);

    LOGGER.debug("about to fetch anonymous permissions...");
    /* anonymous permissions */
    Set<Long> anonymousPermissions = permissionMgr.getAnonymousPermissions(entry);   
    for (Permission p : permissions) {
      if (anonymousPermissions.contains(p.getId())) {
        permissionValues.add("anonymous_"+p.getId());
      }
    }
    LOGGER.debug("successfully fetched anonymous permissions.");

    LOGGER.debug("about to fetch role permissions...");
    /* role permissions */
    UserManager userMgr = new UserManager(locale,session);
    Role[] roles = null;
    if (req.isUserInRole(UserManagerBase.ADMINISTRATOR)) {
      roles = userMgr.getRoles();
    } else  if (req.isUserInRole(UserManagerBase.GROUP_ADMINISTRATOR)) {
      roles = webUser.getRoles().toArray(new Role[0])// only show the own roles
    } else {
      LOGGER.error("insufficient rights - user must be GROUP_ADMINISTRATOR or ADMINISTRATOR to edit permissions.");
      throw new InputException(getResources(req).getMessage(locale, "um.insufficientRights"));
    }   
    req.setAttribute("roles", roles);
    for (Role r : roles) {
      Set<Long> rolePermissions = permissionMgr.getRolePermissions(entry, r);   
      for (Permission p : permissions) {
        if (rolePermissions.contains(p.getId())) {
          permissionValues.add("role_"+r.getId()+"_"+p.getId());
        }       
      }
    }
    LOGGER.debug("successfully fetched role permissions.");
   
    LOGGER.debug("about to fetch userset permissions...");
    /* userset permissions */
    UserSet[] userSets = entry.getGroup().getUserSets().toArray(new UserSet[0]);
    req.setAttribute("usersets", userSets);   
    for (UserSet s : userSets) {
      Set<Long> userSetPermissions = permissionMgr.getUserSetPermissions(entry, s);   
      for (Permission p : permissions) {
        if (userSetPermissions.contains(p.getId())) {
          permissionValues.add("userset_"+s.getId()+"_"+p.getId());
        }
      }
    }
    LOGGER.debug("sucessfully fetched userset permissions.");
   
    LOGGER.debug("about to fetch user permissions.");
    /* user permissions */
    User[] users = userMgr.getUsers(entry.getGroup(), false)// get all users with a username
    if (users != null && users.length > 100) {     
      req.setAttribute("tooManyUsers", getLocalizedMessage("application", "um.tooManyUsersForPermissions", 100));
    } else {
      req.setAttribute("users", users);
      for (User u : users) {
        Set<Long> userPermissions = permissionMgr.getUserPermissions(entry, u);   
        for (Permission p : permissions) {
          if (userPermissions.contains(p.getId())) {
            permissionValues.add("user_"+u.getId()+"_"+p.getId());
          }       
        }
      }
    }   
    permissionForm.setPermission(permissionValues.toArray(new String[0]));
    permissionForm.setId(Long.parseLong(idParam));
    permissionForm.setName(nameParam);
    return mapping.findForward("edit");
  }
View Full Code Here


  public ActionForward modify(ActionMapping mapping, ActionForm form, HttpServletRequest req, HttpServletResponse resp) {
    if (! (req.isUserInRole(UserManagerBase.ADMINISTRATOR) || req.isUserInRole(UserManagerBase.GROUP_ADMINISTRATOR))) {
      throw new InputException(getResources(req).getMessage(locale, "um.insufficientRights"));
    }
    PermissionForm permissionForm = (PermissionForm)form;
    PermissionManager permissionMgr = new PermissionManager(locale, session);

    AccessControlledEntry entry = permissionMgr.getAccessControlledEntry(permissionForm.getId());
    if (entry == null) {
      throw new InputException(getResources(req).getMessage(locale, "um.AccessControlledEntryNotFound", permissionForm.getId()));
    }
   
    Set<Long> anonymousPermissions = new HashSet<Long>();
    Map<Long, Set<Long>> rolePermissions = new HashMap<Long, Set<Long>>();
    Map<Long, Set<Long>> userSetPermissions = new HashMap<Long, Set<Long>>();
    Map<Long, Set<Long>> userPermissions = new HashMap<Long, Set<Long>>();
    for (String p : permissionForm.getPermission()) {
      String[] parts = p.split("_");
      if ("anonymous".equals(parts[0])) {
        anonymousPermissions.add(Long.parseLong(parts[1]));
      } else if ("role".equals(parts[0])) {
        Long roleId = Long.parseLong(parts[1]);
View Full Code Here

TOP

Related Classes of evolaris.platform.um.web.form.PermissionForm

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.