| 2157 |
05 Dec 13 |
nicklas |
1 |
package net.sf.basedb.reggie.dao; |
| 2157 |
05 Dec 13 |
nicklas |
2 |
|
| 2157 |
05 Dec 13 |
nicklas |
3 |
import java.lang.reflect.Field; |
| 2157 |
05 Dec 13 |
nicklas |
4 |
import java.util.List; |
| 2157 |
05 Dec 13 |
nicklas |
5 |
|
| 2157 |
05 Dec 13 |
nicklas |
6 |
import org.json.simple.JSONObject; |
| 2157 |
05 Dec 13 |
nicklas |
7 |
|
| 2157 |
05 Dec 13 |
nicklas |
8 |
import net.sf.basedb.core.DbControl; |
| 2157 |
05 Dec 13 |
nicklas |
9 |
import net.sf.basedb.core.Group; |
| 2157 |
05 Dec 13 |
nicklas |
10 |
import net.sf.basedb.core.Include; |
| 2157 |
05 Dec 13 |
nicklas |
11 |
import net.sf.basedb.core.InvalidDataException; |
| 2157 |
05 Dec 13 |
nicklas |
12 |
import net.sf.basedb.core.Item; |
| 2157 |
05 Dec 13 |
nicklas |
13 |
import net.sf.basedb.core.ItemNotFoundException; |
| 2157 |
05 Dec 13 |
nicklas |
14 |
import net.sf.basedb.core.ItemQuery; |
| 2157 |
05 Dec 13 |
nicklas |
15 |
import net.sf.basedb.core.Nameable; |
| 2161 |
09 Dec 13 |
nicklas |
16 |
import net.sf.basedb.core.PermissionDeniedException; |
| 2157 |
05 Dec 13 |
nicklas |
17 |
import net.sf.basedb.core.Role; |
| 5026 |
15 Oct 18 |
nicklas |
18 |
import net.sf.basedb.core.SessionControl; |
| 2161 |
09 Dec 13 |
nicklas |
19 |
import net.sf.basedb.core.SystemItems; |
| 2157 |
05 Dec 13 |
nicklas |
20 |
import net.sf.basedb.core.Type; |
| 2161 |
09 Dec 13 |
nicklas |
21 |
import net.sf.basedb.core.User; |
| 2157 |
05 Dec 13 |
nicklas |
22 |
import net.sf.basedb.core.query.Expressions; |
| 2157 |
05 Dec 13 |
nicklas |
23 |
import net.sf.basedb.core.query.Hql; |
| 2157 |
05 Dec 13 |
nicklas |
24 |
import net.sf.basedb.core.query.Restrictions; |
| 2157 |
05 Dec 13 |
nicklas |
25 |
|
| 2157 |
05 Dec 13 |
nicklas |
26 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Used to define a roles for users using Reggie. A "role" can be either |
| 2157 |
05 Dec 13 |
nicklas |
a BASE Group item or a Role item. |
| 2157 |
05 Dec 13 |
nicklas |
29 |
|
| 2157 |
05 Dec 13 |
nicklas |
@author nicklas |
| 2157 |
05 Dec 13 |
nicklas |
@since 2.14 |
| 2157 |
05 Dec 13 |
nicklas |
32 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
33 |
public class ReggieRole<T extends Nameable> |
| 2157 |
05 Dec 13 |
nicklas |
34 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
35 |
|
| 2157 |
05 Dec 13 |
nicklas |
36 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "PatientCurator" role. Maps to a BASE group item. |
| 2157 |
05 Dec 13 |
nicklas |
38 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
39 |
public static final ReggieRole<Group> PATIENT_CURATOR = new ReggieRole<Group>("PatientCurator", Item.GROUP, false); |
| 2157 |
05 Dec 13 |
nicklas |
40 |
|
| 2157 |
05 Dec 13 |
nicklas |
41 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "Administrator" role. Maps to a BASE role item. Should already exist in BASE. |
| 2157 |
05 Dec 13 |
nicklas |
43 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
44 |
public static final ReggieRole<Role> ADMINISTRATOR = new ReggieRole<Role>("Administrator", Item.ROLE, false); |
| 2157 |
05 Dec 13 |
nicklas |
45 |
|
| 2157 |
05 Dec 13 |
nicklas |
46 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "SamplePrep" role. Maps to a BASE role item. |
| 2157 |
05 Dec 13 |
nicklas |
48 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
49 |
public static final ReggieRole<Role> SAMPLE_PREP = new ReggieRole<Role>("SamplePrep", Item.ROLE, false); |
| 2157 |
05 Dec 13 |
nicklas |
50 |
|
| 2157 |
05 Dec 13 |
nicklas |
51 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "Histology" role. Maps to a BASE role item. |
| 2157 |
05 Dec 13 |
nicklas |
53 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
54 |
public static final ReggieRole<Role> HISTOLOGY = new ReggieRole<Role>("Histology", Item.ROLE, false); |
| 2157 |
05 Dec 13 |
nicklas |
55 |
|
| 2157 |
05 Dec 13 |
nicklas |
56 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "LibraryPrep" role. Maps to a BASE role item. |
| 2157 |
05 Dec 13 |
nicklas |
58 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
59 |
public static final ReggieRole<Role> LIBRARY_PREP = new ReggieRole<Role>("LibraryPrep", Item.ROLE, false); |
| 2157 |
05 Dec 13 |
nicklas |
60 |
|
| 2157 |
05 Dec 13 |
nicklas |
61 |
/** |
| 5405 |
08 May 19 |
nicklas |
The definition of the "MIPsLibraryPrep" role. Maps to a BASE role item. |
| 5405 |
08 May 19 |
nicklas |
@since 4.23 |
| 5405 |
08 May 19 |
nicklas |
64 |
*/ |
| 5405 |
08 May 19 |
nicklas |
65 |
public static final ReggieRole<Role> MIPS_LIBRARY_PREP = new ReggieRole<Role>("MIPsLibraryPrep", Item.ROLE, false); |
| 5405 |
08 May 19 |
nicklas |
66 |
|
| 5405 |
08 May 19 |
nicklas |
67 |
|
| 5405 |
08 May 19 |
nicklas |
68 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
The definition of the "LibraryPlateDesigner" role. Maps to a BASE role item. |
| 2157 |
05 Dec 13 |
nicklas |
70 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
71 |
public static final ReggieRole<Role> LIBRARY_PLATE_DESIGNER = new ReggieRole<Role>("LibraryPlateDesigner", Item.ROLE, false); |
| 2157 |
05 Dec 13 |
nicklas |
72 |
|
| 2157 |
05 Dec 13 |
nicklas |
73 |
/** |
| 5405 |
08 May 19 |
nicklas |
The definition of the "MIPsPlateDesigner" role. Maps to a BASE role item. |
| 5405 |
08 May 19 |
nicklas |
@since 4.23 |
| 5405 |
08 May 19 |
nicklas |
76 |
*/ |
| 5405 |
08 May 19 |
nicklas |
77 |
public static final ReggieRole<Role> MIPS_PLATE_DESIGNER = new ReggieRole<Role>("MIPsPlateDesigner", Item.ROLE, false); |
| 5405 |
08 May 19 |
nicklas |
78 |
|
| 5405 |
08 May 19 |
nicklas |
79 |
/** |
| 2562 |
08 Aug 14 |
nicklas |
The definition of the "SecondaryAnalysis" group. Maps to a BASE group item. |
| 2157 |
05 Dec 13 |
nicklas |
81 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
82 |
public static final ReggieRole<Group> SECONDARY_ANALYSIS = new ReggieRole<Group>("SecondaryAnalysis", Item.GROUP, false); |
| 2157 |
05 Dec 13 |
nicklas |
83 |
|
| 2157 |
05 Dec 13 |
nicklas |
84 |
/** |
| 5582 |
21 Aug 19 |
nicklas |
The definition of the "MIPsSecondaryAnalysis" group. Maps to a BASE group item. |
| 5485 |
12 Jun 19 |
nicklas |
86 |
*/ |
| 5582 |
21 Aug 19 |
nicklas |
87 |
public static final ReggieRole<Group> MIPS_SECONDARY_ANALYSIS = new ReggieRole<Group>("MIPsSecondaryAnalysis", Item.GROUP, false); |
| 5485 |
12 Jun 19 |
nicklas |
88 |
|
| 5485 |
12 Jun 19 |
nicklas |
89 |
/** |
| 3163 |
04 Mar 15 |
nicklas |
The definition of the "PrepCurator" group. Maps to a BASE role item. |
| 3163 |
04 Mar 15 |
nicklas |
@since 3.2 |
| 3163 |
04 Mar 15 |
nicklas |
92 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
93 |
public static final ReggieRole<Group> PREP_CURATOR = new ReggieRole<Group>("PrepCurator", Item.ROLE, false); |
| 3163 |
04 Mar 15 |
nicklas |
94 |
|
| 3163 |
04 Mar 15 |
nicklas |
95 |
/** |
| 3986 |
10 Jun 16 |
nicklas |
The "SCAN-B Delivery" group. User accounts that need to use the delivery client |
| 3986 |
10 Jun 16 |
nicklas |
should be member of this group. |
| 3986 |
10 Jun 16 |
nicklas |
@since 4.6 |
| 3986 |
10 Jun 16 |
nicklas |
99 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
100 |
public static final ReggieRole<Group> SCANB_DELIVERY = new ReggieRole<Group>("SCAN-B Delivery", Item.GROUP, true); |
| 3986 |
10 Jun 16 |
nicklas |
101 |
|
| 3986 |
10 Jun 16 |
nicklas |
102 |
/** |
| 3986 |
10 Jun 16 |
nicklas |
The "SCAN-B Lab" group. For user accounts working in the SCAN-B lab. |
| 3986 |
10 Jun 16 |
nicklas |
@since 4.6 |
| 3986 |
10 Jun 16 |
nicklas |
105 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
106 |
public static final ReggieRole<Group> SCANB_LAB = new ReggieRole<Group>("SCAN-B Lab", Item.GROUP, false); |
| 3986 |
10 Jun 16 |
nicklas |
107 |
|
| 3986 |
10 Jun 16 |
nicklas |
108 |
|
| 3986 |
10 Jun 16 |
nicklas |
109 |
/** |
| 3571 |
30 Oct 15 |
nicklas |
Get the Reggie role by name of the static constant defined in this class. |
| 2157 |
05 Dec 13 |
nicklas |
111 |
|
| 3571 |
30 Oct 15 |
nicklas |
@param cName The name of the static constant |
| 3571 |
30 Oct 15 |
nicklas |
@return A Reggie role object or null if not found |
| 2157 |
05 Dec 13 |
nicklas |
@since 2.4 |
| 2157 |
05 Dec 13 |
nicklas |
115 |
*/ |
| 3572 |
02 Nov 15 |
nicklas |
116 |
public static ReggieRole<?> getByCName(String cName) |
| 2157 |
05 Dec 13 |
nicklas |
117 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
118 |
if (cName == null) return null; |
| 3572 |
02 Nov 15 |
nicklas |
119 |
ReggieRole<?> role = null; |
| 2157 |
05 Dec 13 |
nicklas |
120 |
try |
| 2157 |
05 Dec 13 |
nicklas |
121 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
122 |
Field f = ReggieRole.class.getDeclaredField(cName); |
| 3572 |
02 Nov 15 |
nicklas |
123 |
role = (ReggieRole<?>)f.get(null); |
| 2157 |
05 Dec 13 |
nicklas |
124 |
} |
| 2157 |
05 Dec 13 |
nicklas |
125 |
catch (NoSuchFieldException ex) |
| 2157 |
05 Dec 13 |
nicklas |
126 |
{} |
| 2157 |
05 Dec 13 |
nicklas |
127 |
catch (IllegalAccessException ex) |
| 2157 |
05 Dec 13 |
nicklas |
128 |
{} |
| 2157 |
05 Dec 13 |
nicklas |
129 |
catch (ClassCastException ex) |
| 2157 |
05 Dec 13 |
nicklas |
130 |
{} |
| 2157 |
05 Dec 13 |
nicklas |
131 |
return role; |
| 2157 |
05 Dec 13 |
nicklas |
132 |
} |
| 2157 |
05 Dec 13 |
nicklas |
133 |
|
| 2161 |
09 Dec 13 |
nicklas |
134 |
/** |
| 2161 |
09 Dec 13 |
nicklas |
Check if the current user is a member of at least one of the given roles. |
| 2161 |
09 Dec 13 |
nicklas |
If {@link ReggieRole#ADMINISTRATOR} is in the list, the method also check |
| 2161 |
09 Dec 13 |
nicklas |
if the user is the ROOT user or not. If the user is not member of any |
| 2161 |
09 Dec 13 |
nicklas |
of the roles a PermissionDeniedException is thrown. |
| 2161 |
09 Dec 13 |
nicklas |
139 |
|
| 2161 |
09 Dec 13 |
nicklas |
@param dc An active DbControl |
| 2161 |
09 Dec 13 |
nicklas |
@param message A message that is used if the user is not a member: |
| 2161 |
09 Dec 13 |
nicklas |
Permission denied: Not allowed to use <message> |
| 2161 |
09 Dec 13 |
nicklas |
@param roles A list with the roles to check |
| 2161 |
09 Dec 13 |
nicklas |
144 |
|
| 2161 |
09 Dec 13 |
nicklas |
145 |
*/ |
| 3572 |
02 Nov 15 |
nicklas |
146 |
public static void checkPermission(DbControl dc, String message, ReggieRole<?>... roles) |
| 2161 |
09 Dec 13 |
nicklas |
147 |
{ |
| 5344 |
02 Apr 19 |
nicklas |
148 |
StringBuilder msg = new StringBuilder(message); |
| 5344 |
02 Apr 19 |
nicklas |
149 |
msg.append(roles.length == 1 ? " requires " : " requires one of "); |
| 5344 |
02 Apr 19 |
nicklas |
150 |
int i = roles.length; |
| 3572 |
02 Nov 15 |
nicklas |
151 |
for (ReggieRole<?> role : roles) |
| 2161 |
09 Dec 13 |
nicklas |
152 |
{ |
| 2161 |
09 Dec 13 |
nicklas |
153 |
if (role.isMember(dc)) return; |
| 2161 |
09 Dec 13 |
nicklas |
154 |
if (role == ReggieRole.ADMINISTRATOR) |
| 2161 |
09 Dec 13 |
nicklas |
155 |
{ |
| 2161 |
09 Dec 13 |
nicklas |
156 |
boolean isRoot = dc.getSessionControl().getLoggedInUserId() == SystemItems.getId(User.ROOT); |
| 2161 |
09 Dec 13 |
nicklas |
157 |
if (isRoot) return; |
| 2161 |
09 Dec 13 |
nicklas |
158 |
} |
| 5344 |
02 Apr 19 |
nicklas |
159 |
msg.append("'").append(role.getName()).append("'"); |
| 5344 |
02 Apr 19 |
nicklas |
160 |
i--; |
| 5344 |
02 Apr 19 |
nicklas |
161 |
if (i > 0) msg.append(i == 1 ? " or " : ", "); |
| 2161 |
09 Dec 13 |
nicklas |
162 |
} |
| 5344 |
02 Apr 19 |
nicklas |
163 |
msg.append(" permission."); |
| 5344 |
02 Apr 19 |
nicklas |
164 |
throw new PermissionDeniedException(msg.toString()); |
| 2161 |
09 Dec 13 |
nicklas |
165 |
} |
| 2161 |
09 Dec 13 |
nicklas |
166 |
|
| 2157 |
05 Dec 13 |
nicklas |
167 |
private final String name; |
| 2157 |
05 Dec 13 |
nicklas |
168 |
private final Item actualType; |
| 3987 |
10 Jun 16 |
nicklas |
169 |
private final boolean hiddenMembers; |
| 2157 |
05 Dec 13 |
nicklas |
170 |
private int id; |
| 2157 |
05 Dec 13 |
nicklas |
171 |
private JSONObject json; |
| 2157 |
05 Dec 13 |
nicklas |
172 |
|
| 2157 |
05 Dec 13 |
nicklas |
173 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Create a new definition |
| 2157 |
05 Dec 13 |
nicklas |
@param name The name of the subtype |
| 2157 |
05 Dec 13 |
nicklas |
@param actualType The actual item type of the role (Item.ROLE or Item.GROUP) |
| 3987 |
10 Jun 16 |
nicklas |
@param hiddenMembers Flag to indicate if members should be hidden from each other |
| 3987 |
10 Jun 16 |
nicklas |
(only used for groups) |
| 2157 |
05 Dec 13 |
nicklas |
179 |
*/ |
| 4002 |
17 Jun 16 |
nicklas |
180 |
protected ReggieRole(String name, Item actualType, boolean hiddenMembers) |
| 2157 |
05 Dec 13 |
nicklas |
181 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
182 |
this.name = name; |
| 2157 |
05 Dec 13 |
nicklas |
183 |
this.actualType = actualType; |
| 3987 |
10 Jun 16 |
nicklas |
184 |
this.hiddenMembers = hiddenMembers; |
| 2157 |
05 Dec 13 |
nicklas |
185 |
} |
| 2157 |
05 Dec 13 |
nicklas |
186 |
|
| 2157 |
05 Dec 13 |
nicklas |
187 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Get the name of the role. |
| 2157 |
05 Dec 13 |
nicklas |
189 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
190 |
public String getName() |
| 2157 |
05 Dec 13 |
nicklas |
191 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
192 |
return name; |
| 2157 |
05 Dec 13 |
nicklas |
193 |
} |
| 2157 |
05 Dec 13 |
nicklas |
194 |
|
| 2157 |
05 Dec 13 |
nicklas |
195 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Get the actual item type of the role. |
| 2157 |
05 Dec 13 |
nicklas |
197 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
198 |
public Item getActualType() |
| 2157 |
05 Dec 13 |
nicklas |
199 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
200 |
return actualType; |
| 2157 |
05 Dec 13 |
nicklas |
201 |
} |
| 2157 |
05 Dec 13 |
nicklas |
202 |
|
| 2157 |
05 Dec 13 |
nicklas |
203 |
/** |
| 3987 |
10 Jun 16 |
nicklas |
If this is a group, are the members hidden? |
| 3987 |
10 Jun 16 |
nicklas |
@since 4.6 |
| 3987 |
10 Jun 16 |
nicklas |
206 |
*/ |
| 3987 |
10 Jun 16 |
nicklas |
207 |
public boolean hasHiddenMembers() |
| 3987 |
10 Jun 16 |
nicklas |
208 |
{ |
| 3987 |
10 Jun 16 |
nicklas |
209 |
return hiddenMembers; |
| 3987 |
10 Jun 16 |
nicklas |
210 |
} |
| 3987 |
10 Jun 16 |
nicklas |
211 |
|
| 3987 |
10 Jun 16 |
nicklas |
212 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Get the role information as a JSON object ready to be sent as an AJAX response. |
| 2157 |
05 Dec 13 |
nicklas |
214 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
215 |
public JSONObject asJSONObject(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
216 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
217 |
if (json == null) |
| 2157 |
05 Dec 13 |
nicklas |
218 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
219 |
if (id==0) load(dc); // Ensure that the subtype has been loaded |
| 2157 |
05 Dec 13 |
nicklas |
220 |
json = new JSONObject(); |
| 2157 |
05 Dec 13 |
nicklas |
221 |
json.put("id", id); |
| 2157 |
05 Dec 13 |
nicklas |
222 |
json.put("name", getName()); |
| 2157 |
05 Dec 13 |
nicklas |
223 |
json.put("actualType", getActualType().name()); |
| 3987 |
10 Jun 16 |
nicklas |
224 |
json.put("hiddenMembers", hasHiddenMembers()); |
| 2157 |
05 Dec 13 |
nicklas |
225 |
} |
| 2157 |
05 Dec 13 |
nicklas |
226 |
return json; |
| 2157 |
05 Dec 13 |
nicklas |
227 |
} |
| 2157 |
05 Dec 13 |
nicklas |
228 |
|
| 2157 |
05 Dec 13 |
nicklas |
229 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Load the role as a BASE item. Same as {@link #get(DbControl)} |
| 2157 |
05 Dec 13 |
nicklas |
but throw an exception instead of returning null if no BASE |
| 2157 |
05 Dec 13 |
nicklas |
item exists. |
| 2157 |
05 Dec 13 |
nicklas |
@param dc The DbControl to use for database access |
| 2157 |
05 Dec 13 |
nicklas |
@return A Role or Group item |
| 2157 |
05 Dec 13 |
nicklas |
235 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
236 |
@SuppressWarnings("unchecked") |
| 2157 |
05 Dec 13 |
nicklas |
237 |
public T load(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
238 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
239 |
T role = null; |
| 2157 |
05 Dec 13 |
nicklas |
240 |
if (id == 0) |
| 2157 |
05 Dec 13 |
nicklas |
241 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
242 |
List<T> result = list(dc); |
| 2157 |
05 Dec 13 |
nicklas |
243 |
if (result.size() == 0) |
| 2157 |
05 Dec 13 |
nicklas |
244 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
245 |
throw new ItemNotFoundException(actualType+"["+name+"]"); |
| 2157 |
05 Dec 13 |
nicklas |
246 |
} |
| 2157 |
05 Dec 13 |
nicklas |
247 |
else if (result.size() > 1) |
| 2157 |
05 Dec 13 |
nicklas |
248 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
249 |
throw new InvalidDataException("Found > 1 " + actualType + "["+name+"]"); |
| 2157 |
05 Dec 13 |
nicklas |
250 |
} |
| 2157 |
05 Dec 13 |
nicklas |
251 |
role = result.get(0); |
| 2157 |
05 Dec 13 |
nicklas |
252 |
id = role.getId(); |
| 2157 |
05 Dec 13 |
nicklas |
253 |
} |
| 2157 |
05 Dec 13 |
nicklas |
254 |
else |
| 2157 |
05 Dec 13 |
nicklas |
255 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
256 |
role = (T)actualType.getById(dc, id); |
| 2157 |
05 Dec 13 |
nicklas |
257 |
} |
| 2157 |
05 Dec 13 |
nicklas |
258 |
return role; |
| 2157 |
05 Dec 13 |
nicklas |
259 |
} |
| 2157 |
05 Dec 13 |
nicklas |
260 |
|
| 2157 |
05 Dec 13 |
nicklas |
261 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Load the role as a BASE item. Same as {@link #load(DbControl)} but return null |
| 2157 |
05 Dec 13 |
nicklas |
if no BASE item is found instead of throwing an exception. |
| 2157 |
05 Dec 13 |
nicklas |
@param dc The DbControl to use for database access |
| 2157 |
05 Dec 13 |
nicklas |
@return A Role or Group item |
| 2157 |
05 Dec 13 |
nicklas |
266 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
267 |
@SuppressWarnings("unchecked") |
| 2157 |
05 Dec 13 |
nicklas |
268 |
public T get(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
269 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
270 |
T role = null; |
| 2157 |
05 Dec 13 |
nicklas |
271 |
if (id == 0) |
| 2157 |
05 Dec 13 |
nicklas |
272 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
273 |
List<T> result = list(dc); |
| 2157 |
05 Dec 13 |
nicklas |
274 |
if (result.size() == 1) |
| 2157 |
05 Dec 13 |
nicklas |
275 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
276 |
role = result.get(0); |
| 2157 |
05 Dec 13 |
nicklas |
277 |
id = role.getId(); |
| 2157 |
05 Dec 13 |
nicklas |
278 |
} |
| 2157 |
05 Dec 13 |
nicklas |
279 |
} |
| 2157 |
05 Dec 13 |
nicklas |
280 |
else |
| 2157 |
05 Dec 13 |
nicklas |
281 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
282 |
role = (T)actualType.getById(dc, id); |
| 2157 |
05 Dec 13 |
nicklas |
283 |
} |
| 2157 |
05 Dec 13 |
nicklas |
284 |
return role; |
| 2157 |
05 Dec 13 |
nicklas |
285 |
|
| 2157 |
05 Dec 13 |
nicklas |
286 |
} |
| 2157 |
05 Dec 13 |
nicklas |
287 |
|
| 2157 |
05 Dec 13 |
nicklas |
288 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
List all groups/roles registered in BASE with a name |
| 2157 |
05 Dec 13 |
nicklas |
matching this definition. Normally, only a single item |
| 2157 |
05 Dec 13 |
nicklas |
should be returned. |
| 2157 |
05 Dec 13 |
nicklas |
292 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
293 |
@SuppressWarnings("unchecked") |
| 2157 |
05 Dec 13 |
nicklas |
294 |
public List<T> list(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
295 |
{ |
| 3572 |
02 Nov 15 |
nicklas |
296 |
ItemQuery<?> query = null; |
| 2157 |
05 Dec 13 |
nicklas |
297 |
if (actualType == Item.GROUP) |
| 2157 |
05 Dec 13 |
nicklas |
298 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
299 |
query = Group.getQuery(); |
| 2157 |
05 Dec 13 |
nicklas |
300 |
} |
| 2157 |
05 Dec 13 |
nicklas |
301 |
else if (actualType == Item.ROLE) |
| 2157 |
05 Dec 13 |
nicklas |
302 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
303 |
query = Role.getQuery(); |
| 2157 |
05 Dec 13 |
nicklas |
304 |
} |
| 2157 |
05 Dec 13 |
nicklas |
305 |
query.restrict( |
| 2157 |
05 Dec 13 |
nicklas |
306 |
Restrictions.eq( |
| 2157 |
05 Dec 13 |
nicklas |
307 |
Hql.property("name"), |
| 2157 |
05 Dec 13 |
nicklas |
308 |
Expressions.parameter("name", getName(), Type.STRING) |
| 2157 |
05 Dec 13 |
nicklas |
309 |
)); |
| 2157 |
05 Dec 13 |
nicklas |
310 |
query.include(Include.ALL); |
| 2157 |
05 Dec 13 |
nicklas |
311 |
return (List<T>)query.list(dc); |
| 2157 |
05 Dec 13 |
nicklas |
312 |
} |
| 2157 |
05 Dec 13 |
nicklas |
313 |
|
| 2157 |
05 Dec 13 |
nicklas |
314 |
|
| 2157 |
05 Dec 13 |
nicklas |
315 |
@SuppressWarnings("unchecked") |
| 2157 |
05 Dec 13 |
nicklas |
316 |
public T create(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
317 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
318 |
T item = null; |
| 2157 |
05 Dec 13 |
nicklas |
319 |
if (actualType == Item.GROUP) |
| 2157 |
05 Dec 13 |
nicklas |
320 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
321 |
item = (T)Group.getNew(dc); |
| 3987 |
10 Jun 16 |
nicklas |
322 |
|
| 2157 |
05 Dec 13 |
nicklas |
323 |
} |
| 2157 |
05 Dec 13 |
nicklas |
324 |
else if (actualType == Item.ROLE) |
| 2157 |
05 Dec 13 |
nicklas |
325 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
326 |
item = (T)Role.getNew(dc); |
| 2157 |
05 Dec 13 |
nicklas |
327 |
} |
| 2157 |
05 Dec 13 |
nicklas |
328 |
return item; |
| 2157 |
05 Dec 13 |
nicklas |
329 |
} |
| 2157 |
05 Dec 13 |
nicklas |
330 |
|
| 2157 |
05 Dec 13 |
nicklas |
331 |
/** |
| 2157 |
05 Dec 13 |
nicklas |
Check if the currently logged in user is a member of this role/group. |
| 2157 |
05 Dec 13 |
nicklas |
333 |
*/ |
| 2157 |
05 Dec 13 |
nicklas |
334 |
public boolean isMember(DbControl dc) |
| 2157 |
05 Dec 13 |
nicklas |
335 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
336 |
T item = null; |
| 2157 |
05 Dec 13 |
nicklas |
337 |
try |
| 2157 |
05 Dec 13 |
nicklas |
338 |
{ |
| 2157 |
05 Dec 13 |
nicklas |
339 |
item = get(dc); |
| 2157 |
05 Dec 13 |
nicklas |
340 |
} |
| 2157 |
05 Dec 13 |
nicklas |
341 |
catch (RuntimeException ex) |
| 2157 |
05 Dec 13 |
nicklas |
342 |
{} |
| 2157 |
05 Dec 13 |
nicklas |
343 |
|
| 2157 |
05 Dec 13 |
nicklas |
344 |
boolean isMember = false; |
| 2157 |
05 Dec 13 |
nicklas |
345 |
if (item != null) |
| 2157 |
05 Dec 13 |
nicklas |
346 |
{ |
| 5026 |
15 Oct 18 |
nicklas |
347 |
SessionControl sc = dc.getSessionControl(); |
| 2157 |
05 Dec 13 |
nicklas |
348 |
if (actualType == Item.GROUP) |
| 2157 |
05 Dec 13 |
nicklas |
349 |
{ |
| 5026 |
15 Oct 18 |
nicklas |
350 |
isMember = sc.isMemberOf((Group)item); |
| 2157 |
05 Dec 13 |
nicklas |
351 |
} |
| 2157 |
05 Dec 13 |
nicklas |
352 |
else if (actualType == Item.ROLE) |
| 2157 |
05 Dec 13 |
nicklas |
353 |
{ |
| 5026 |
15 Oct 18 |
nicklas |
354 |
isMember = sc.isMemberOf((Role)item) && !sc.isRoleInactive(item.getId()); |
| 2157 |
05 Dec 13 |
nicklas |
355 |
} |
| 2157 |
05 Dec 13 |
nicklas |
356 |
} |
| 2157 |
05 Dec 13 |
nicklas |
357 |
|
| 2157 |
05 Dec 13 |
nicklas |
358 |
return isMember; |
| 2157 |
05 Dec 13 |
nicklas |
359 |
} |
| 2157 |
05 Dec 13 |
nicklas |
360 |
} |