Source Code of framework.beans.arm.ArmPanelBean

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package framework.beans.arm;

import framework.beans.SecuredBean;
import framework.beans.security.BeanRights;
import framework.beans.directory.simple.entities.Arm;
import framework.beans.security.entities.ArmPanel;
import framework.beans.security.entities.ArmPanelPK;
import framework.beans.security.entities.ArmRight;
import framework.beans.security.entities.ArmRightPK;
import framework.generic.ClipsServerException;
import framework.generic.ESecurity;
import framework.security.UserRight;
import framework.security.UserRightsGroup;
import framework.security.UserRightsSetAbstract;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ejb.Stateful;
import framework.security.UserRightsSetLocal;
import javax.ejb.EJB;

/**
 * @security  - Ok.
 * @author axe
 */
@Stateful(mappedName="clips-beans/ArmPanelBean")
public class ArmPanelBean extends SecuredBean implements ArmPanelBeanRemote {

    public static int COMMAND_HANDLE_ARM = 0;
    @EJB
    private UserRightsSetLocal                      rightsSet;

    @Override
    protected void initBeanRights() {
        int[] r = new int[1];
        r[COMMAND_HANDLE_ARM] = RightPresence(UserRightsSetAbstract.WRITE_REGION_ADMIN_DIRECTORY.id);
        rights = new BeanRights(r);
    }

  protected List<ArmPanel> getArmList(int armID) throws ClipsServerException{
    return findEntityList(ArmPanel.class, "arm", findEntity(Arm.class, armID));
  }

    //
    /**
     * Возвращает список имен панелей для указанного АРМА
     * @param armID АРМ
     * @return список
   * @throws ClipsServerException
   * @security без ограничений
     */
    @Override
    public Set <String> getPanelList(int armID) throws ClipsServerException {
        //checkCommandAccessibility(COMMAND_HANDLE_ARM);
    List<ArmPanel> contracts = getArmList(armID);
        Set<String> res = new HashSet<String>();
        Iterator<ArmPanel> i = contracts.iterator();
        while(i.hasNext()) {
            ArmPanel j = i.next();
            res.add(j.getKey().getPanel());
        }
        return res;
    }

    /**
     * Назначает список панелей для указанного АРМА
     * @param armID АРМ
     * @param panels не пустой список панелей
     * @security без ограничений
     */
    @Override
    public void setPanelList(int armID, Set <String> panels) throws ClipsServerException  {
        checkCommandAccessibility(COMMAND_HANDLE_ARM);

        Iterator i = getArmList(armID).iterator();
        while(i.hasNext()) {
            ArmPanel armPanel = (ArmPanel) i.next();
            String panel = armPanel.getKey().getPanel();
            if(!panels.contains(panel)) {
                manager.remove(armPanel);
            } else {
                panels.remove(panel);
            }
        }

        Iterator<String> newPS = panels.iterator();
        while(newPS.hasNext()) {
            ArmPanel panel = new ArmPanel();
            panel.setKey(new ArmPanelPK(newPS.next(), armID));
            manager.persist(panel);
        }
    }

    /**
     * Вовзврашает список идентификаторов прав
     * @return
     * @throws generic.EDataIntegrity
     */
    @Override
    public Set<Integer> getRights(int armID) throws ClipsServerException {
        //checkCommandAccessibility(COMMAND_HANDLE_ARM);

        if(armID == 0) {
            throw new IllegalArgumentException("arm == 0");
        }

    Iterator<ArmRight> list = findEntityList(ArmRight.class, "key.arm", armID).iterator();
        Set<Integer> res = new HashSet<Integer>();
        while(list.hasNext()) {
            ArmRight right = list.next();
            int rg = right.getId().getRightId();
            if (UserRightsSetAbstract.getRightFromID(rg) != null) {
                res.add(rg);
            }
        }

        return res;
    }

    /**
     * Назанчает список идентификаторов прав
     * @return
     * @throws generic.EDataIntegrity
     */
    @Override
    public void setRights(int armID, Set<Integer> rights) throws ClipsServerException {
        checkCommandAccessibility(COMMAND_HANDLE_ARM);

        Set<Integer> backup = new HashSet<Integer>(rights);
        Set<Integer> oldRights = getRights(armID);
        //make rights to add
        rights.removeAll(oldRights);
        //make rights to delete
        oldRights.removeAll(backup);

        Iterator<Integer> addNew = rights.iterator();
        while(addNew.hasNext()) {
            ArmRight r = new ArmRight();
            r.setId(new ArmRightPK(armID, addNew.next()));
            manager.persist(r);
        }

        if(oldRights.size() > 0) {
             Field f[] = {
                new Field("key.arm", armID),
                new Field("key.rightId", oldRights, Field.OPERATOR_IN)
            };
            deleteEntityList(ArmRight.class, f);
        }
    }

    @Override
    public Map<String, Integer> getRightsMask(int armID) throws ClipsServerException {
        Map<String, Integer> rm = new HashMap<String, Integer>();
        Enumeration<UserRightsGroup> e = rightsSet.rightsGroups();
        while (e.hasMoreElements()) {
            rm.put(e.nextElement().getTitle(), 0);
        }
        int mask = 0;
        Iterator<Integer> it = getRights(armID).iterator();
        while (it.hasNext()) {
            Integer id = it.next();
            UserRight right = UserRightsSetAbstract.getRightFromID(id);
            mask = rm.get(right.getGroup().getTitle());
            mask = mask | right.getRightsMask();
            rm.put(right.getGroup().getTitle(), mask);
        }
        return rm;
    }

    @Override
    public void setRightsMask(int armID, Map<String, Integer> maskMap) throws ClipsServerException {
        Set<Integer> rightsId2Save = new HashSet<Integer>();//эти права будут сохранены
        int mask = 0;
        Enumeration<UserRightsGroup> e = rightsSet.rightsGroups();
        while (e.hasMoreElements()) {
            UserRightsGroup group = e.nextElement();
            mask = maskMap.get(group.getTitle());
            Iterator<UserRight> it = getRightsFromMask(group, mask).iterator();
            while (it.hasNext()) {
                UserRight ur = it.next();
                rightsId2Save.add(ur.getID());
            }
            mask = 0;
        }
        setRights(armID, rightsId2Save);
    }

    /**
     * извлекает из группы сет прав доступных по маске
     * если из имеющихся прав данную маску построить невозможно
     * выкинет ошибку
     * @param group
     * @param mask
     * @return
     * @throws generic.ESecurity
     */
    private Set<UserRight> getRightsFromMask(UserRightsGroup group, int mask) throws ESecurity{
        Set<UserRight> rts = new HashSet<UserRight>();
        Iterator<UserRight> it = group.getRights().iterator();
        //разбираем
        while (it.hasNext()) {
            UserRight ur = it.next();
            if (include(mask, ur.getRightsMask())){
                rts.add(ur);
            }
        }

        //сравниваем
        if (createMask(rts) != mask){
            throw new ESecurity("Попытка установить невозможную комбинацию прав: " + mask);
        }

        return rts;
    }
        /**
     * Строит маску из прав
     * @param rts
     * @param mask
     * @return
     * @throws generic.ESecurity
     */
    private int createMask(Set<UserRight> rts){
        int mask = 0;
        Iterator<UserRight> it = rts.iterator();
        while (it.hasNext()) {
            UserRight ur = it.next();
            mask = mask | ur.getRightsMask();
        }
        return mask;
    }

    /**
     * проверяет вхождение маски в маску
     * @param mask
     * @param subMask
     * @return
     */
    private boolean include(int mask, int subMask){
        return mask == ( mask | subMask);
    }
}