package com.javaeye.jert.service.impl;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import com.javaeye.core.service.AbstractService;
import com.javaeye.jert.domain.ReportDefinition;
import com.javaeye.jert.domain.ReportPermissionGroup;
import com.javaeye.jert.service.SecurityService;
import com.javaeye.user.Group;
import com.javaeye.user.User;
import com.javaeye.user.UserManager;
/**
* The default SecurityService implementation,
* @author Quake Wang
* @since 2005-1-5
* @version $Revision: 1.3 $
*/
public class SecurityServiceDefaultImpl extends AbstractService implements SecurityService {
private UserManager userManager;
/* use permission name as group name, and check the group contains user or not.
*/
public boolean hasPermission(User user, String permission) {
Group group = userManager.getGroup(permission);
return (group != null && group.containsUser(user));
}
public boolean hasReportPermission(User user, ReportDefinition reportDefinition) {
//quick check for admin
if(hasPermission(user, ADMIN)) return true;
//TODO the user maybe from session, for the LazyLoad issue, have to reload
List groups = userManager.getUser(user.getName()).getGroups();
for (Iterator iter = groups.iterator(); iter.hasNext();) {
Group group = (Group) iter.next();
if(findReportPermissionByGroup(group).contains(reportDefinition)) return true;
}
return false;
}
public ReportPermissionGroup addReportPermissionToGroup(ReportDefinition report, Group group) {
List reportPermissionGroups = report.getReportPermissionGroups();
for (Iterator iter = reportPermissionGroups.iterator(); iter.hasNext();) {
ReportPermissionGroup rpg = (ReportPermissionGroup) iter.next();
if(rpg.getGroupName().equals(group.getName())) {
return rpg;
}
}
ReportPermissionGroup rpg = new ReportPermissionGroup();
rpg.setGroupName(group.getName());
report.addReportPermissionGroup(rpg);
update(report);
return rpg;
}
public void removeReportPermissionFromGroup(ReportDefinition report, Group group) {
List reportPermissionGroups = report.getReportPermissionGroups();
ReportPermissionGroup toBeRemoved = null;
for (Iterator iter = reportPermissionGroups.iterator(); iter.hasNext();) {
ReportPermissionGroup rpg = (ReportPermissionGroup) iter.next();
if(rpg.getGroupName().equals(group.getName())) {
toBeRemoved = rpg;
}
}
if(toBeRemoved != null) {
report.removeReportPermissionGroup(toBeRemoved);
update(report);
}
}
public List findReportPermissionByGroup(Group group) {
List reportPermissionGroups = findByNamedQuery("findReportPermissionByGroupName", group.getName());
List result = new ArrayList();
for (Iterator iter = reportPermissionGroups.iterator(); iter.hasNext();) {
ReportPermissionGroup rpg = (ReportPermissionGroup) iter.next();
result.add(rpg.getReportDefinition());
}
return result;
}
public void setUserManager(UserManager userManager) {
this.userManager = userManager;
}
}