0001: /*
0002: *
0003: * Copyright (c) 2004 SourceTap - www.sourcetap.com
0004: *
0005: * The contents of this file are subject to the SourceTap Public License
0006: * ("License"); You may not use this file except in compliance with the
0007: * License. You may obtain a copy of the License at http://www.sourcetap.com/license.htm
0008: * Software distributed under the License is distributed on an "AS IS" basis,
0009: * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
0010: * the specific language governing rights and limitations under the License.
0011: *
0012: * The above copyright notice and this permission notice shall be included
0013: * in all copies or substantial portions of the Software.
0014: *
0015: */
0016:
0017: package com.sourcetap.sfa.security;
0018:
0019: import java.sql.Timestamp;
0020: import java.util.ArrayList;
0021: import java.util.Calendar;
0022: import java.util.HashMap;
0023: import java.util.Iterator;
0024: import java.util.LinkedList;
0025: import java.util.List;
0026:
0027: import org.ofbiz.base.util.Debug;
0028: import org.ofbiz.base.util.UtilMisc;
0029: import org.ofbiz.core.entity.EntityAttribute;
0030: import org.ofbiz.entity.GenericDelegator;
0031: import org.ofbiz.entity.GenericEntityException;
0032: import org.ofbiz.entity.GenericValue;
0033: import org.ofbiz.entity.condition.EntityComparisonOperator;
0034: import org.ofbiz.entity.condition.EntityCondition;
0035: import org.ofbiz.entity.condition.EntityConditionList;
0036: import org.ofbiz.entity.condition.EntityExpr;
0037: import org.ofbiz.entity.condition.EntityOperator;
0038: import org.ofbiz.entity.model.ModelEntity;
0039: import org.ofbiz.entity.model.ModelField;
0040: import org.ofbiz.entity.util.EntityListIterator;
0041:
0042: import com.sourcetap.sfa.event.DataMatrix;
0043: import com.sourcetap.sfa.replication.GenericReplicator;
0044: import com.sourcetap.sfa.util.Preference;
0045: import com.sourcetap.sfa.util.QueryInfo;
0046: import com.sourcetap.sfa.util.UserInfo;
0047:
0048: /**
0049: * DOCUMENT ME!
0050: *
0051: */
0052: public class SecurityWrapper {
0053: private static final String ROLE = "role";
0054: private static final String TEAM = "team";
0055: public static final String module = SecurityWrapper.class.getName();
0056:
0057: /**
0058: * DOCUMENT ME!
0059: *
0060: * @param entity
0061: * @param orderBy
0062: * @param userInfo
0063: * @param securityInfo
0064: * @param delegator
0065: *
0066: * @return
0067: *
0068: * @throws GenericEntityException
0069: */
0070: public static List findAll(String entity, List orderBy,
0071: UserInfo userInfo, SecurityLinkInfo securityInfo,
0072: GenericDelegator delegator) throws GenericEntityException {
0073: return findByAnd(entity, new ArrayList(), orderBy, userInfo,
0074: securityInfo, delegator);
0075: }
0076:
0077: /**
0078: * DOCUMENT ME!
0079: *
0080: * @param entity
0081: * @param entityExpressions
0082: * @param orderBy
0083: * @param userInfo
0084: * @param securityInfo
0085: * @param delegator
0086: *
0087: * @return
0088: *
0089: * @throws GenericEntityException
0090: */
0091: public static List findByAnd(String entity, List entityExpressions,
0092: List orderBy, UserInfo userInfo,
0093: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0094: throws GenericEntityException {
0095: return findByAnd(entity, entityExpressions, orderBy, userInfo,
0096: securityInfo, delegator, "TEAM");
0097: }
0098:
0099: /**
0100: * DOCUMENT ME!
0101: *
0102: * @param entity
0103: * @param entityExpressions
0104: * @param orderBy
0105: * @param userInfo
0106: * @param securityInfo
0107: * @param delegator
0108: *
0109: * @return
0110: *
0111: * @throws GenericEntityException
0112: */
0113: public static List findByAndRoleOnly(String entity,
0114: List entityExpressions, List orderBy, UserInfo userInfo,
0115: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0116: throws GenericEntityException {
0117: return findByAnd(entity, entityExpressions, orderBy, userInfo,
0118: securityInfo, delegator, "ROLE");
0119: }
0120:
0121: /**
0122: * DOCUMENT ME!
0123: *
0124: * @param entity
0125: * @param entityExpressions
0126: * @param orderBy
0127: * @param userInfo
0128: * @param securityInfo
0129: * @param delegator
0130: *
0131: * @return
0132: *
0133: * @throws GenericEntityException
0134: */
0135: public static List findByAnd(String entity, List entityExpressions,
0136: List orderBy, UserInfo userInfo,
0137: SecurityLinkInfo securityInfo, GenericDelegator delegator,
0138: String securityType) throws GenericEntityException {
0139: HashMap equalsMap = new HashMap();
0140: EntityExpr entityExpr = null;
0141: QueryInfo queryInfo = new QueryInfo(delegator, entity);
0142:
0143: //convert existing expressions into AND clauses.
0144: for (int i = 0; i < entityExpressions.size(); i++) {
0145: entityExpr = (EntityExpr) entityExpressions.get(i);
0146:
0147: Object lhs = (Object) entityExpr.getLhs();
0148: Object rhs = (Object) entityExpr.getRhs();
0149: EntityComparisonOperator op = (EntityComparisonOperator) entityExpr
0150: .getOperator();
0151:
0152: if (lhs instanceof EntityAttribute
0153: && rhs instanceof EntityAttribute) {
0154: lhs = (EntityAttribute) lhs;
0155: rhs = (EntityAttribute) rhs;
0156:
0157: String firstEntity = ((EntityAttribute) lhs)
0158: .getEntity();
0159: String secondEntity = ((EntityAttribute) rhs)
0160: .getEntity();
0161: if (!firstEntity.equals(secondEntity)) {
0162: if (!op.equals(EntityOperator.EQUALS))
0163: throw new IllegalArgumentException(
0164: "Join operator must be EQUALS");
0165:
0166: queryInfo.addJoin(firstEntity, secondEntity,
0167: Boolean.FALSE, ((EntityAttribute) lhs)
0168: .getField(),
0169: ((EntityAttribute) rhs).getField());
0170: } else {
0171: queryInfo.addCondition(firstEntity,
0172: ((EntityAttribute) lhs).getField(), op,
0173: ((EntityAttribute) rhs).getField());
0174: }
0175: } else {
0176: if (lhs instanceof EntityAttribute) {
0177: queryInfo.addCondition(((EntityAttribute) lhs)
0178: .getEntity(), ((EntityAttribute) lhs)
0179: .getField(), op, rhs);
0180: } else {
0181: queryInfo.addCondition(entity, (String) lhs, op,
0182: rhs);
0183: }
0184: }
0185: }
0186:
0187: buildSecurityInfo(queryInfo, userInfo, securityInfo, entity,
0188: delegator, securityType);
0189:
0190: queryInfo.setOrderBy(orderBy);
0191: return queryInfo.executeQuery();
0192: }
0193:
0194: /**
0195: * DOCUMENT ME!
0196: *
0197: * @param entity
0198: * @param entityExpressions
0199: * @param orderBy
0200: * @param userInfo
0201: * @param securityInfo
0202: * @param delegator
0203: *
0204: * @return
0205: *
0206: * @throws GenericEntityException
0207: */
0208: public static List findByClause(String entity,
0209: List entityExpressions, List orderBy, UserInfo userInfo,
0210: SecurityLinkInfo securityInfo, GenericDelegator delegator,
0211: boolean old_not_used_anymore) throws GenericEntityException {
0212:
0213: Debug.logVerbose("[findByClause] userInfo: "
0214: + userInfo.toString(), module);
0215: QueryInfo queryInfo = new QueryInfo(delegator, entity);
0216:
0217: ArrayList newExpressions = new ArrayList(entityExpressions);
0218: HashMap equalsMap = new HashMap();
0219: buildSecurityInfo(queryInfo, userInfo, securityInfo, entity,
0220: delegator, "TEAM");
0221:
0222: throw new IllegalArgumentException("findByClause not supported");
0223: // return delegator.findByClause(entity, newExpressions, equalsMap, orderBy);
0224: }
0225:
0226: /**
0227: * DOCUMENT ME!
0228: *
0229: * @param entity
0230: * @param entityExpressions
0231: * @param orderBy
0232: * @param userInfo
0233: * @param securityInfo
0234: * @param delegator
0235: *
0236: * @return
0237: *
0238: * @throws GenericEntityException
0239: */
0240: public static List findByClauseRoleOnly(String entity,
0241: List entityExpressions, List orderBy, UserInfo userInfo,
0242: SecurityLinkInfo securityInfo, GenericDelegator delegator,
0243: boolean old_not_used_anymore) throws GenericEntityException {
0244: ArrayList newExpressions = new ArrayList(entityExpressions);
0245: HashMap equalsMap = new HashMap();
0246:
0247: throw new IllegalArgumentException(
0248: "findByClauseRoleOnly not supported");
0249: // newExpressions = buildSecurityInfo(newExpressions, userInfo,
0250: // securityInfo, entity, delegator, "ROLE");
0251:
0252: // return delegator.findByClause(entity, newExpressions, equalsMap, orderBy);
0253: }
0254:
0255: public static List findByCondition(String entity,
0256: QueryInfo queryInfo, List orderBy, UserInfo userInfo,
0257: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0258: throws GenericEntityException {
0259:
0260: Debug.logVerbose("[findByClause] userInfo: "
0261: + userInfo.toString(), module);
0262:
0263: buildSecurityInfo(queryInfo, userInfo, securityInfo, entity,
0264: delegator, "TEAM");
0265: queryInfo.setOrderBy(orderBy);
0266: return queryInfo.executeQuery();
0267: }
0268:
0269: public static List findByCondition(String entity,
0270: EntityCondition condition, List orderBy, UserInfo userInfo,
0271: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0272: throws GenericEntityException {
0273:
0274: Debug.logVerbose("[findByCondition] userInfo: "
0275: + userInfo.toString(), module);
0276: QueryInfo queryInfo = new QueryInfo(delegator, entity);
0277: queryInfo.addCondition(condition);
0278: return findByCondition(entity, queryInfo, orderBy, userInfo,
0279: securityInfo, delegator);
0280: }
0281:
0282: public static EntityListIterator findListIteratorByCondition(
0283: String entity, EntityCondition condition, List orderBy,
0284: UserInfo userInfo, SecurityLinkInfo securityInfo,
0285: GenericDelegator delegator) throws GenericEntityException {
0286:
0287: Debug.logVerbose("[findListIteratorByCondition] userInfo: "
0288: + userInfo.toString(), module);
0289: QueryInfo queryInfo = new QueryInfo(delegator, entity);
0290: queryInfo.addCondition(condition);
0291: return findListIteratorByCondition(entity, queryInfo, orderBy,
0292: userInfo, securityInfo, delegator);
0293: }
0294:
0295: public static EntityListIterator findListIteratorByCondition(
0296: String entity, QueryInfo queryInfo, List orderBy,
0297: UserInfo userInfo, SecurityLinkInfo securityInfo,
0298: GenericDelegator delegator) throws GenericEntityException {
0299:
0300: Debug.logVerbose("[findByClause] userInfo: "
0301: + userInfo.toString(), module);
0302:
0303: buildSecurityInfo(queryInfo, userInfo, securityInfo, entity,
0304: delegator, "TEAM");
0305: queryInfo.setOrderBy(orderBy);
0306: return queryInfo.getQueryIterator();
0307: }
0308:
0309: /**
0310: * DOCUMENT ME!
0311: *
0312: * @param entity
0313: * @param entityExpressions
0314: * @param orderBy
0315: * @param userInfo
0316: * @param securityInfo
0317: * @param delegator
0318: *
0319: * @return
0320: *
0321: * @throws GenericEntityException
0322: */
0323: public static List findByLike(String entity,
0324: List entityExpressions, List orderBy, UserInfo userInfo,
0325: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0326: throws GenericEntityException {
0327: return findByLike(entity, entityExpressions, orderBy, userInfo,
0328: securityInfo, delegator, "TEAM");
0329: }
0330:
0331: /**
0332: * DOCUMENT ME!
0333: *
0334: * @param entity
0335: * @param entityExpressions
0336: * @param orderBy
0337: * @param userInfo
0338: * @param securityInfo
0339: * @param delegator
0340: *
0341: * @return
0342: *
0343: * @throws GenericEntityException
0344: */
0345: public static List findByLikeRoleOnly(String entity,
0346: List entityExpressions, List orderBy, UserInfo userInfo,
0347: SecurityLinkInfo securityInfo, GenericDelegator delegator)
0348: throws GenericEntityException {
0349: return findByLike(entity, entityExpressions, orderBy, userInfo,
0350: securityInfo, delegator, "ROLE");
0351: }
0352:
0353: /**
0354: * DOCUMENT ME!
0355: *
0356: * @param entity
0357: * @param entityExpressions
0358: * @param orderBy
0359: * @param userInfo
0360: * @param securityInfo
0361: * @param delegator
0362: *
0363: * @return
0364: *
0365: * @throws GenericEntityException
0366: */
0367: public static List findByLike(String entity,
0368: List entityExpressions, List orderBy, UserInfo userInfo,
0369: SecurityLinkInfo securityInfo, GenericDelegator delegator,
0370: String securityType) throws GenericEntityException {
0371: QueryInfo queryInfo = new QueryInfo(delegator, entity);
0372: EntityExpr entityExpr = null;
0373:
0374: //convert existing expressions into LIKE clauses.
0375: for (int i = 0; i < entityExpressions.size(); i++) {
0376: entityExpr = (EntityExpr) entityExpressions.get(i);
0377:
0378: Object lhs = entityExpr.getLhs();
0379: Object rhs = entityExpr.getRhs();
0380: EntityComparisonOperator op = (EntityComparisonOperator) entityExpr
0381: .getOperator();
0382: if (!op.equals(EntityOperator.LIKE)
0383: && !op.equals(EntityOperator.EQUALS))
0384: throw new IllegalArgumentException(
0385: "Join Operator must be LIKE or EQUALS");
0386:
0387: if (lhs instanceof EntityAttribute
0388: && rhs instanceof EntityAttribute) {
0389: lhs = (EntityAttribute) lhs;
0390: rhs = (EntityAttribute) rhs;
0391:
0392: String firstEntity = ((EntityAttribute) lhs)
0393: .getEntity();
0394: String secondEntity = ((EntityAttribute) rhs)
0395: .getEntity();
0396: if (!firstEntity.equals(secondEntity)) {
0397: if (!op.equals(EntityOperator.EQUALS))
0398: throw new IllegalArgumentException(
0399: "Join operator must be EQUALS");
0400:
0401: queryInfo.addJoin(firstEntity, secondEntity,
0402: Boolean.FALSE, ((EntityAttribute) lhs)
0403: .getField(),
0404: ((EntityAttribute) rhs).getField());
0405: } else {
0406: queryInfo.addCondition(firstEntity,
0407: ((EntityAttribute) lhs).getField(), op,
0408: ((EntityAttribute) rhs).getField());
0409: }
0410: } else {
0411: if (lhs instanceof EntityAttribute) {
0412: queryInfo.addCondition(((EntityAttribute) lhs)
0413: .getEntity(), ((EntityAttribute) lhs)
0414: .getField(), op, rhs);
0415: } else {
0416: queryInfo.addCondition(entity, (String) lhs, op,
0417: rhs);
0418: }
0419: }
0420: }
0421:
0422: buildSecurityInfo(queryInfo, userInfo, securityInfo, entity,
0423: delegator, securityType);
0424:
0425: queryInfo.setOrderBy(orderBy);
0426: return queryInfo.executeQuery();
0427: }
0428:
0429: /**
0430: * DOCUMENT ME!
0431: *
0432: * @param newExpressions
0433: * @param userInfo
0434: * @param securityInfo
0435: * @param entity
0436: * @param delegator
0437: * @param roleOrTeam
0438: *
0439: * @return
0440: *
0441: * @throws GenericEntityException
0442: */
0443: private static QueryInfo buildSecurityInfo(QueryInfo queryInfo,
0444: UserInfo userInfo, SecurityLinkInfo securityInfo,
0445: String entity, GenericDelegator delegator, String roleOrTeam)
0446: throws GenericEntityException {
0447: ModelEntity modelEntity = delegator.getModelEntity(entity);
0448:
0449: Debug.logVerbose("[buildSecurityInfo] userInfo: "
0450: + userInfo.toString(), module);
0451:
0452: String linkEntity = null;
0453: String linkAttribute = null;
0454: String partyId = userInfo.getPartyId();
0455: String roleId = userInfo.getRoleId();
0456:
0457: Preference preference = new Preference(delegator);
0458: String securityMode = preference.getPreference(userInfo
0459: .getAccountId(), "SECURITY_MODE", "team");
0460:
0461: Debug.logVerbose("[buildSecurityInfo] securityMode: "
0462: + securityMode, module);
0463:
0464: if (securityInfo != null) {
0465: linkEntity = securityInfo.getEntityName();
0466: linkAttribute = securityInfo.getAttributeName();
0467: }
0468:
0469: if ((linkEntity == null) || (linkEntity.equals(""))) {
0470: linkEntity = entity;
0471: }
0472:
0473: if ((linkAttribute == null) || (linkAttribute.equals(""))) {
0474: List pks = modelEntity.getPksCopy();
0475: linkAttribute = ((ModelField) pks.get(0)).getName();
0476: }
0477:
0478: Debug.logVerbose("[buildSecurityInfo] securityMode: "
0479: + securityMode, module);
0480: Debug.logVerbose("[buildSecurityInfo] linkEntity: "
0481: + linkEntity, module);
0482: Debug.logVerbose("[buildSecurityInfo] entity: " + entity,
0483: module);
0484: Debug.logVerbose("[buildSecurityInfo] linkAttribute: "
0485: + linkAttribute, module);
0486: Debug.logVerbose(
0487: "[buildSecurityInfo] userInfo.getAccountId(): "
0488: + userInfo.getAccountId(), module);
0489: Debug.logVerbose("[buildSecurityInfo] partyId: " + partyId,
0490: module);
0491:
0492: if (securityMode.equals("none")) {
0493: //Find Entities in the Entity_Access where the accountId for the role is the same as the user
0494: //this makes anything anyone adds available to anyone in the company
0495: queryInfo.addJoin(entity, "EntityAccess", Boolean.FALSE,
0496: linkAttribute, "entityId");
0497: queryInfo.addCondition("EntityAccess", "entity",
0498: EntityOperator.EQUALS, linkEntity);
0499: queryInfo.addCondition("EntityAccess", "partyEntityType",
0500: EntityOperator.EQUALS, "Role");
0501: queryInfo.addJoin("EntityAccess", "Role", Boolean.FALSE,
0502: "partyId", "roleId");
0503: queryInfo.addAlias("Role", "accountId", "Role_accountId");
0504: queryInfo.addCondition("Role", "Role_accountId",
0505: EntityOperator.EQUALS, userInfo.getAccountId());
0506: } else if (securityMode.equals("territory")
0507: || roleOrTeam.equalsIgnoreCase("ROLE")) {
0508: //Find Entities in the Entity_Access table where the partyId has Role access
0509: roleId = "%" + roleId + "%";
0510:
0511: Debug.logVerbose(
0512: "-->[SecurityWrapper.buildSecurityInfo] roleId: "
0513: + roleId, module);
0514:
0515: queryInfo.addJoin(entity, "EntityAccess", Boolean.FALSE,
0516: linkAttribute, "entityId");
0517: queryInfo.addCondition("EntityAccess", "entity",
0518: EntityOperator.EQUALS, linkEntity);
0519: queryInfo.addCondition("EntityAccess", "partyEntityType",
0520: EntityOperator.EQUALS, "Role");
0521: queryInfo.addJoin("EntityAccess", "Role", Boolean.FALSE,
0522: "partyId", "roleId");
0523:
0524: queryInfo.checkAttribute("EntityAccess", "entityCreatedBy");
0525: queryInfo.checkAttribute("Role", "rolePath");
0526: EntityCondition condition = new EntityConditionList(
0527: UtilMisc.toList(new EntityExpr("entityCreatedBy",
0528: EntityOperator.EQUALS, userInfo
0529: .getPartyId()), new EntityExpr(
0530: "rolePath", EntityOperator.LIKE, roleId)),
0531: EntityOperator.OR);
0532:
0533: queryInfo.addCondition(condition);
0534:
0535: } else if (roleOrTeam.equalsIgnoreCase("TEAM")) {
0536: // Find Entities in the Entity_Access table where the partyId has Team_Member access.
0537: queryInfo.addJoin(entity, "EntityAccess", Boolean.FALSE,
0538: linkAttribute, "entityId");
0539: queryInfo.addCondition("EntityAccess", "entity",
0540: EntityOperator.EQUALS, linkEntity);
0541: queryInfo.addCondition("EntityAccess", "partyEntityType",
0542: EntityOperator.EQUALS, "Team");
0543: queryInfo.addJoin("EntityAccess", "TeamMember",
0544: Boolean.FALSE, "partyId", "teamId");
0545: queryInfo.addCondition("TeamMember", "partyId",
0546: EntityOperator.EQUALS, partyId);
0547: } else {
0548: throw new GenericEntityException(
0549: "SecurityWrapper.buildSecurityInfo() must use either role or team as a parameter.");
0550: }
0551:
0552: return queryInfo;
0553: }
0554:
0555: /**
0556: * Combines two GenericValue-Lists into one. Does not add duplicate GenericValues.
0557: *
0558: */
0559: private static List unionLists(List one, List two) {
0560: List returnList = null;
0561:
0562: if (one.size() > two.size()) {
0563: Iterator twoIter = two.iterator();
0564: GenericValue value = null;
0565:
0566: while (twoIter.hasNext()) {
0567: value = (GenericValue) twoIter.next();
0568:
0569: if (!one.contains(value)) {
0570: one.add(value);
0571: }
0572: }
0573:
0574: returnList = one;
0575: } else {
0576: Iterator oneIter = one.iterator();
0577: GenericValue value = null;
0578:
0579: while (oneIter.hasNext()) {
0580: value = (GenericValue) oneIter.next();
0581:
0582: if (!two.contains(value)) {
0583: two.add(value);
0584: }
0585: }
0586:
0587: returnList = two;
0588: }
0589:
0590: return returnList;
0591: }
0592:
0593: /**
0594: * Add security information to the list of data to store with the specified entitiy
0595: */
0596: public static boolean addRoleInformation(DataMatrix dataMatrix,
0597: int row, UserInfo userInfo, String ownerPartyId,
0598: String accessEntityName, String accessEntityAttributeValue,
0599: GenericDelegator delegator) {
0600: // Create a new Team, with the current logged-in user as primary and the owner if it is different from the current user.
0601: Timestamp now = new Timestamp(Calendar.getInstance().getTime()
0602: .getTime());
0603: List storeGVL = new LinkedList();
0604:
0605: String userPartyId = userInfo.getPartyId();
0606: String userRoleId = userInfo.getRoleId();
0607:
0608: GenericValue party = new GenericValue(delegator
0609: .getModelEntity("Party"));
0610: party.setDelegator(delegator);
0611: String teamId = GenericReplicator.getNextSeqId("Party",
0612: delegator);
0613: party.set("partyId", teamId);
0614: dataMatrix.addEntity("Party", false, true);
0615: dataMatrix.getCurrentBuffer().getContentsRow(row).add(party);
0616:
0617: GenericValue team = new GenericValue(delegator
0618: .getModelEntity("Team"));
0619: team.setDelegator(delegator);
0620: team.set("teamId", teamId);
0621: team.set("createdBy", userPartyId);
0622: team.set("createdDate", now);
0623: team.set("modifiedBy", userPartyId);
0624: team.set("modifiedDate", now);
0625: dataMatrix.addEntity("Team", false, true);
0626: dataMatrix.getCurrentBuffer().getContentsRow(row).add(team);
0627:
0628: // Add user to team_members
0629: Debug
0630: .logVerbose(
0631: "-->[SecurityWrapper.addRoleInformation] Adding user to the team.",
0632: module);
0633:
0634: GenericValue userTeamMember = new GenericValue(delegator
0635: .getModelEntity("TeamMember"));
0636: userTeamMember.setDelegator(delegator);
0637: userTeamMember.set("teamMemberId", GenericReplicator
0638: .getNextSeqId("TeamMember", delegator));
0639: userTeamMember.set("teamId", teamId);
0640: userTeamMember.set("partyId", userPartyId);
0641:
0642: if (!ownerPartyId.equals(userPartyId)
0643: && !ownerPartyId.equals("") && (ownerPartyId != null)) {
0644: // The current user is not the owner.
0645: userTeamMember.set("teamOwner", "N");
0646: } else {
0647: // The current user is the owner.
0648: userTeamMember.set("teamOwner", "Y");
0649: }
0650:
0651: userTeamMember.set("createdBy", userPartyId);
0652: userTeamMember.set("createdDate", now);
0653: userTeamMember.set("modifiedBy", userPartyId);
0654: userTeamMember.set("modifiedDate", now);
0655: dataMatrix.addEntity("TeamMember", false, true);
0656: dataMatrix.getCurrentBuffer().getContentsRow(row).add(
0657: userTeamMember);
0658:
0659: Debug.logVerbose(
0660: "-->[SecurityWrapper.addRoleInformation] userPartyId: "
0661: + userPartyId, module);
0662: Debug.logVerbose(
0663: "-->[SecurityWrapper.addRoleInformation] ownerPartyId: "
0664: + ownerPartyId, module);
0665:
0666: if (!ownerPartyId.equals(userPartyId)
0667: && !ownerPartyId.equals("") && (ownerPartyId != null)) {
0668: // Add owner to team_members since it is different from the current user.
0669: Debug
0670: .logVerbose(
0671: "-->[SecurityWrapper.addRoleInformation] Adding owner to the team.",
0672: module);
0673:
0674: GenericValue ownerTeamMember = new GenericValue(delegator
0675: .getModelEntity("TeamMember"));
0676: ownerTeamMember.setDelegator(delegator);
0677: ownerTeamMember.set("teamMemberId", GenericReplicator
0678: .getNextSeqId("TeamMember", delegator));
0679: ownerTeamMember.set("teamId", teamId);
0680: ownerTeamMember.set("partyId", ownerPartyId);
0681: ownerTeamMember.set("teamOwner", "Y");
0682: ownerTeamMember.set("createdBy", userPartyId);
0683: ownerTeamMember.set("createdDate", now);
0684: ownerTeamMember.set("modifiedBy", userPartyId);
0685: ownerTeamMember.set("modifiedDate", now);
0686: dataMatrix.addEntity("TeamMember", false, true);
0687: dataMatrix.getCurrentBuffer().getContentsRow(row).add(
0688: ownerTeamMember);
0689: }
0690:
0691: //add Team to Entity Access.
0692: GenericValue entityAccess = new GenericValue(delegator
0693: .getModelEntity("EntityAccess"));
0694: entityAccess.setDelegator(delegator);
0695: entityAccess.set("entityAccessId", GenericReplicator
0696: .getNextSeqId("EntityAccess", delegator));
0697: entityAccess.set("entity", accessEntityName);
0698: entityAccess.set("entityId", accessEntityAttributeValue);
0699: entityAccess.set("partyId", team.getString("teamId"));
0700: entityAccess.set("partyEntityType", "Team");
0701: entityAccess.set("entityCreatedBy", userPartyId);
0702: entityAccess.set("createdBy", userPartyId);
0703: entityAccess.set("createdDate", now);
0704: entityAccess.set("modifiedBy", userPartyId);
0705: entityAccess.set("modifiedDate", now);
0706: dataMatrix.addEntity("EntityAccess", false, true);
0707: dataMatrix.getCurrentBuffer().getContentsRow(row).add(
0708: entityAccess);
0709:
0710: // Get the owner party's role.
0711: String ownerRoleId = "";
0712: HashMap roleFindMap = new HashMap();
0713: roleFindMap.put("contactId", ownerPartyId);
0714:
0715: try {
0716: GenericValue ownerContactGV = delegator.findByPrimaryKey(
0717: "Contact", roleFindMap);
0718:
0719: if (null != ownerContactGV) {
0720: ownerRoleId = ownerContactGV.getString("roleId");
0721:
0722: Debug
0723: .logVerbose(
0724: "-->[SecurityWrapper.addRoleInformation] Found owner's role ID.",
0725: module);
0726:
0727: }
0728: } catch (GenericEntityException e) {
0729: Debug
0730: .logError(
0731: "[SecurityWrapper.addRoleInformation] And error occurred while looking for the entity owner's contact. ("
0732: + ownerPartyId + ")", module);
0733: }
0734:
0735: if ((ownerRoleId == null) || ownerRoleId.equals("")) {
0736: // The owner does not have a role. Give access to the user that created the entity, and log a warning.
0737: ownerRoleId = userRoleId;
0738: Debug
0739: .logWarning(
0740: "[SecurityWrapper.addRoleInformation] Warning! Owner of "
0741: + accessEntityName
0742: + " "
0743: + accessEntityAttributeValue
0744: + " does not have a role. Granting access to the current user's role ( "
0745: + userRoleId + ") instead.", module);
0746: }
0747:
0748: //Add a Role entity to Entity_Access with the owner's role as the party_id
0749: Debug.logVerbose(
0750: "-->[SecurityWrapper.addRoleInformation] Adding entity access for role ID "
0751: + ownerRoleId + ".", module);
0752:
0753: GenericValue entityRoleAccess = new GenericValue(delegator
0754: .getModelEntity("EntityAccess"));
0755: entityRoleAccess.setDelegator(delegator);
0756: entityRoleAccess.set("entityAccessId", GenericReplicator
0757: .getNextSeqId("EntityAccess", delegator));
0758: entityRoleAccess.set("entity", accessEntityName);
0759: entityRoleAccess.set("entityId", accessEntityAttributeValue);
0760: entityRoleAccess.set("partyId", ownerRoleId);
0761: entityRoleAccess.set("partyEntityType", "Role");
0762: entityRoleAccess.set("entityCreatedBy", userPartyId);
0763: entityRoleAccess.set("createdBy", userPartyId);
0764: entityRoleAccess.set("createdDate", now);
0765: entityRoleAccess.set("modifiedBy", userPartyId);
0766: entityRoleAccess.set("modifiedDate", now);
0767: dataMatrix.addEntity("EntityAccess", false, true);
0768: dataMatrix.getCurrentBuffer().getContentsRow(row).add(
0769: entityRoleAccess);
0770:
0771: return true;
0772: }
0773:
0774: /**
0775: * Add security information to the list of data to store with the specified entitiy
0776: */
0777: public static boolean updateRoleInformation(DataMatrix dataMatrix,
0778: int row, UserInfo userInfo, String ownerPartyId,
0779: String accessEntityName, String accessEntityAttributeValue,
0780: GenericDelegator delegator) {
0781: // Add the owner to the team if it is different from the current user.
0782: Timestamp now = new Timestamp(Calendar.getInstance().getTime()
0783: .getTime());
0784:
0785: String userPartyId = userInfo.getPartyId();
0786: String userRoleId = userInfo.getRoleId();
0787:
0788: Debug.logVerbose(
0789: "-->[SecurityWrapper.updateRoleInformation] userPartyId: "
0790: + userPartyId, module);
0791:
0792: Debug.logVerbose(
0793: "-->[SecurityWrapper.updateRoleInformation] ownerPartyId: "
0794: + ownerPartyId, module);
0795:
0796: // Find the team-type entity access for this entity.
0797: List teamEntityAccessGVL = findEntityAccessGVL(
0798: accessEntityName, accessEntityAttributeValue, "Team",
0799: delegator);
0800: Iterator teamEntityAccessGVI = teamEntityAccessGVL.iterator();
0801:
0802: if (teamEntityAccessGVI.hasNext()) {
0803: // Team entity access was found. Get the team members.
0804: GenericValue teamEntityAccessGV = (GenericValue) teamEntityAccessGVI
0805: .next();
0806: String teamId = teamEntityAccessGV.getString("partyId");
0807: HashMap teamMemberFindMap = new HashMap();
0808: teamMemberFindMap.put("teamId", teamId);
0809:
0810: try {
0811: List teamMemberGVL = delegator.findByAnd("TeamMember",
0812: teamMemberFindMap);
0813: Iterator teamMemberGVI = teamMemberGVL.iterator();
0814: boolean ownerFound = false;
0815:
0816: while (teamMemberGVI.hasNext()) {
0817: GenericValue teamMemberGV = (GenericValue) teamMemberGVI
0818: .next();
0819: String teamMemberPartyId = (teamMemberGV
0820: .getString("partyId") == null) ? ""
0821: : teamMemberGV.getString("partyId");
0822:
0823: if (teamMemberPartyId.equals(ownerPartyId)) {
0824: Debug
0825: .logVerbose(
0826: "-->[SecurityWrapper.updateRoleInformation] Owner is already on the team.",
0827: module);
0828:
0829: ownerFound = true;
0830:
0831: break;
0832: }
0833: }
0834:
0835: if (!ownerFound) {
0836: // Need to add the owner to the team.
0837: Debug
0838: .logVerbose(
0839: "-->[SecurityWrapper.updateRoleInformation] Adding owner to the team.",
0840: module);
0841:
0842: GenericValue ownerTeamMember = new GenericValue(
0843: delegator.getModelEntity("TeamMember"));
0844: ownerTeamMember.setDelegator(delegator);
0845: ownerTeamMember.set("teamMemberId",
0846: GenericReplicator.getNextSeqId(
0847: "TeamMember", delegator));
0848: ownerTeamMember.set("teamId", teamId);
0849: ownerTeamMember.set("partyId", ownerPartyId);
0850: ownerTeamMember.set("teamOwner", "Y");
0851: ownerTeamMember.set("createdBy", userPartyId);
0852: ownerTeamMember.set("createdDate", now);
0853: ownerTeamMember.set("modifiedBy", userPartyId);
0854: ownerTeamMember.set("modifiedDate", now);
0855: dataMatrix.addEntity("TeamMember", false, true);
0856: dataMatrix.getCurrentBuffer().getContentsRow(row)
0857: .add(ownerTeamMember);
0858: }
0859: } catch (GenericEntityException e2) {
0860: Debug.logError(
0861: "[SecurityWrapper.updateRoleInformation] An error occurred while finding team "
0862: + "members for team " + teamId, module);
0863: }
0864: } else {
0865: Debug.logWarning(
0866: "[SecurityWrapper.updateRoleInformation] Could not find the team for the "
0867: + accessEntityName, module);
0868: }
0869:
0870: // Get the owner party's role.
0871: String ownerRoleId = "";
0872: HashMap roleFindMap = new HashMap();
0873: roleFindMap.put("contactId", ownerPartyId);
0874:
0875: try {
0876: GenericValue ownerContactGV = delegator.findByPrimaryKey(
0877: "Contact", roleFindMap);
0878: ownerRoleId = ownerContactGV.getString("roleId");
0879:
0880: Debug
0881: .logVerbose(
0882: "-->[SecurityWrapper.updateRoleInformation] Found owner's role ID.",
0883: module);
0884: } catch (GenericEntityException e) {
0885: Debug
0886: .logError(
0887: "[SecurityWrapper.updateRoleInformation] An error occurred while looking for the "
0888: + "entity owner's contact. ("
0889: + ownerPartyId + "):", module);
0890: Debug.logError(e.getLocalizedMessage(), module);
0891: }
0892:
0893: if ((ownerRoleId == null) || ownerRoleId.equals("")) {
0894: // The owner does not have a role. Give access to the user that created the entity, and log a warning.
0895: ownerRoleId = userRoleId;
0896: Debug
0897: .logWarning(
0898: "[SecurityWrapper.updateRoleInformation] Warning! Owner of "
0899: + accessEntityName
0900: + " "
0901: + accessEntityAttributeValue
0902: + " does not have a role. Granting access to the current user's role ( "
0903: + userRoleId + ") instead.", module);
0904: }
0905:
0906: // Check whether there is an entity access record for the owner's role.
0907:
0908: List roleEntityAccessGVL = findEntityAccessGVL(
0909: accessEntityName, accessEntityAttributeValue, "Role",
0910: delegator);
0911: String entityCreatedBy = userPartyId;
0912: boolean roleEntityAccessFound = false;
0913: Iterator roleEntityAccessGVI = roleEntityAccessGVL.iterator();
0914:
0915: while (roleEntityAccessGVI.hasNext()) {
0916: GenericValue roleEntityAccessGV = (GenericValue) roleEntityAccessGVI
0917: .next();
0918: String partyId = (roleEntityAccessGV.getString("partyId") == null) ? ""
0919: : roleEntityAccessGV.getString("partyId");
0920:
0921: if (partyId.equals(ownerRoleId)) {
0922: roleEntityAccessFound = true;
0923:
0924: Debug
0925: .logVerbose(
0926: "-->[SecurityWrapper.updateRoleInformation] Found entity access record for owner's role.",
0927: module);
0928: } else {
0929: // This entity access record is not for the owner's role. Remove it.
0930: Debug
0931: .logVerbose(
0932: "-->[SecurityWrapper.updateRoleInformation] Removing entity access record not "
0933: + "for owner's role ("
0934: + roleEntityAccessGV.toString(),
0935: module);
0936:
0937: entityCreatedBy = roleEntityAccessGV
0938: .getString("entityCreatedBy");
0939:
0940: try {
0941: roleEntityAccessGV.remove();
0942: } catch (GenericEntityException e) {
0943: Debug
0944: .logError(
0945: "[SecurityWrapper.entityAccessGVL] Warning! An error occurred while removing an "
0946: + "entity access record:",
0947: module);
0948: Debug.logError(e.getLocalizedMessage(), module);
0949: }
0950: }
0951: }
0952:
0953: if (!roleEntityAccessFound) {
0954: // No entity access was found for the owner's role. Need to add it.
0955: Debug.logVerbose(
0956: "-->[SecurityWrapper.updateRoleInformation] Adding entity access for role ID "
0957: + ownerRoleId + ".", module);
0958:
0959: GenericValue entityRoleAccess = new GenericValue(delegator
0960: .getModelEntity("EntityAccess"));
0961: entityRoleAccess.setDelegator(delegator);
0962: entityRoleAccess.set("entityAccessId", GenericReplicator
0963: .getNextSeqId("EntityAccess", delegator));
0964: entityRoleAccess.set("entity", accessEntityName);
0965: entityRoleAccess
0966: .set("entityId", accessEntityAttributeValue);
0967: entityRoleAccess.set("partyId", ownerRoleId);
0968: entityRoleAccess.set("partyEntityType", "Role");
0969: entityRoleAccess.set("entityCreatedBy", entityCreatedBy);
0970: entityRoleAccess.set("createdBy", userPartyId);
0971: entityRoleAccess.set("createdDate", now);
0972: entityRoleAccess.set("modifiedBy", userPartyId);
0973: entityRoleAccess.set("modifiedDate", now);
0974: dataMatrix.addEntity("EntityAccess", false, true);
0975: dataMatrix.getCurrentBuffer().getContentsRow(row).add(
0976: entityRoleAccess);
0977: }
0978:
0979: return true;
0980: }
0981:
0982: /**
0983: * DOCUMENT ME!
0984: *
0985: * @param accessEntityName
0986: * @param accessEntityAttributeValue
0987: * @param partyEntityType
0988: * @param delegator
0989: *
0990: * @return
0991: */
0992: protected static List findEntityAccessGVL(String accessEntityName,
0993: String accessEntityAttributeValue, String partyEntityType,
0994: GenericDelegator delegator) {
0995: HashMap entityAccessFindMap = new HashMap();
0996: entityAccessFindMap.put("entity", accessEntityName);
0997: entityAccessFindMap.put("entityId", accessEntityAttributeValue);
0998: entityAccessFindMap.put("partyEntityType", partyEntityType);
0999:
1000: try {
1001: return delegator.findByAnd("EntityAccess",
1002: entityAccessFindMap);
1003: } catch (GenericEntityException e) {
1004: Debug
1005: .logError(
1006: "[SecurityWrapper.entityAccessGVL] Warning! An error occurred while looking for "
1007: + "entity access records for {(accessEntityName, "
1008: + accessEntityName
1009: + "), (accessEntityAttributeValue,"
1010: + accessEntityAttributeValue
1011: + "), (partyEntityType,"
1012: + partyEntityType + "):", module);
1013: Debug.logError(e.getLocalizedMessage(), module);
1014:
1015: return null;
1016: }
1017: }
1018:
1019: /**
1020: * DOCUMENT ME!
1021: *
1022: * @param teamId
1023: * @param contactId
1024: * @param userInfo
1025: * @param delegator
1026: *
1027: * @return
1028: */
1029: public static boolean addTeamMember(String teamId,
1030: String contactId, UserInfo userInfo,
1031: GenericDelegator delegator) {
1032:
1033: Debug.logVerbose("[SecurityWrapper.addTeamMember]", module);
1034:
1035: try {
1036: // Add the specified user as a non-primary member of the specified team.
1037: String userPartyId = userInfo.getPartyId();
1038: GenericValue teamMember = new GenericValue(delegator
1039: .getModelEntity("TeamMember"));
1040: teamMember.setDelegator(delegator);
1041: Timestamp now = new Timestamp(Calendar.getInstance()
1042: .getTime().getTime());
1043:
1044: teamMember.set("teamMemberId", GenericReplicator
1045: .getNextSeqId("TeamMember", delegator));
1046: teamMember.set("teamId", teamId);
1047: teamMember.set("partyId", contactId);
1048: teamMember.set("teamOwner", "N");
1049: teamMember.set("createdBy", userPartyId);
1050: teamMember.set("createdDate", now);
1051: teamMember.set("modifiedBy", userPartyId);
1052: teamMember.set("modifiedDate", now);
1053:
1054: Debug.logVerbose(
1055: "[SecurityWrapper.addTeamMember] About to insert team member "
1056: + teamMember.toString(), module);
1057:
1058: delegator.create(teamMember);
1059: } catch (GenericEntityException e) {
1060: Debug.logError(
1061: "[SecurityWrapper.addTeamMember] Error inserting new team member: "
1062: + e.getLocalizedMessage(), module);
1063:
1064: return false;
1065: }
1066:
1067: return true;
1068: }
1069:
1070: /**
1071: * DOCUMENT ME!
1072: *
1073: * @param teamId
1074: * @param contactId
1075: * @param userInfo
1076: * @param delegator
1077: *
1078: * @return
1079: */
1080: public static boolean removeTeamMember(String teamId,
1081: String contactId, UserInfo userInfo,
1082: GenericDelegator delegator) {
1083: Debug.logVerbose("[SecurityWrapper.removeTeamMember]", module);
1084:
1085: try {
1086: //Delete a team member
1087: HashMap fields = new HashMap();
1088:
1089: fields.put("teamId", teamId);
1090: fields.put("partyId", contactId);
1091:
1092: Debug.logVerbose(
1093: "[SecurityWrapper.removeTeamMember] About to remove by and: "
1094: + fields.toString(), module);
1095:
1096: delegator.removeByAnd("TeamMember", fields);
1097: } catch (GenericEntityException e) {
1098: Debug.logError(
1099: "[SecurityWrapper.removeTeamMember] Error removing team member: "
1100: + e.getLocalizedMessage(), module);
1101:
1102: return false;
1103: }
1104:
1105: return true;
1106: }
1107: }
|