001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: SettingsRightsImpl.java,v $
031: * Revision 1.4 2005/04/29 02:47:52 colinmacleod
032: * Data bugfixes.
033: * Changed primary key back to Integer.
034: *
035: * Revision 1.3 2005/04/10 20:09:33 colinmacleod
036: * Added new themes.
037: * Changed id type to String.
038: * Changed i tag to em and b tag to strong.
039: * Improved PicoContainerFactory with NanoContainer scripts.
040: *
041: * Revision 1.2 2005/04/09 17:19:05 colinmacleod
042: * Changed copyright text to GPL v2 explicitly.
043: *
044: * Revision 1.1.1.1 2005/03/10 17:50:38 colinmacleod
045: * Restructured ivata op around Hibernate/PicoContainer.
046: * Renamed ivata groupware.
047: *
048: * Revision 1.4 2004/11/12 18:17:09 colinmacleod
049: * Ordered imports.
050: *
051: * Revision 1.3 2004/11/12 15:56:46 colinmacleod
052: * Removed dependencies on SSLEXT.
053: * Moved Persistence classes to ivata masks.
054: *
055: * Revision 1.2 2004/11/03 15:29:30 colinmacleod
056: * Added missing persistenceSession.close().
057: *
058: * Revision 1.1 2004/07/13 19:41:12 colinmacleod
059: * Moved project to POJOs from EJBs.
060: * Applied PicoContainer to services layer (replacing session EJBs).
061: * Applied Hibernate to persistence layer (replacing entity EJBs).
062: *
063: * Revision 1.3 2004/02/10 19:57:20 colinmacleod
064: * Changed email address.
065: *
066: * Revision 1.2 2004/02/01 22:00:32 colinmacleod
067: * Added full names to author tags
068: *
069: * Revision 1.1.1.1 2004/01/27 20:57:46 colinmacleod
070: * Moved open portal to sourceforge.
071: *
072: * Revision 1.5 2003/11/03 11:28:24 jano
073: * commiting addressbook,
074: * tryinjg to fix deploying problem
075: *
076: * Revision 1.4 2003/10/17 12:36:12 jano
077: * fixing problems with building
078: * converting intranet -> portal
079: * Eclipse building
080: *
081: * Revision 1.3 2003/10/15 13:08:06 jano
082: * converting to XDoclet
083: *
084: * Revision 1.2 2003/10/15 13:04:21 colin
085: * fixing for XDoclet
086: *
087: * Revision 1.2 2003/02/25 14:38:13 colin
088: * implemented setModified methods on entity beans thro IvataEntityBean superclass
089: * -----------------------------------------------------------------------------
090: */
091: package com.ivata.groupware.admin.setting.right;
092:
093: import java.util.Collection;
094: import java.util.Iterator;
095:
096: import com.ivata.groupware.admin.security.server.SecuritySession;
097: import com.ivata.groupware.admin.setting.SettingDO;
098: import com.ivata.groupware.business.BusinessLogic;
099: import com.ivata.groupware.business.addressbook.person.group.GroupConstants;
100: import com.ivata.groupware.business.addressbook.person.group.GroupDO;
101: import com.ivata.groupware.business.addressbook.person.group.right.RightConstants;
102: import com.ivata.groupware.business.addressbook.person.group.right.RightDO;
103: import com.ivata.groupware.business.addressbook.person.group.right.detail.RightDetailDO;
104: import com.ivata.groupware.container.persistence.QueryPersistenceManager;
105: import com.ivata.mask.persistence.PersistenceSession;
106: import com.ivata.mask.util.SystemException;
107:
108: /**
109: * <p>This session bean manages rigths for changing settings.</p>
110: *
111: * @since 2003-02-11
112: * @author Peter Illes
113: * @version $Revision: 1.4 $
114: *
115: * @ejb.bean
116: * name="SettingsRights"
117: * display-name="SettingRights"
118: * type="Stateless"
119: * view-type="both"
120: * local-jndi-name="SettingsRightsLocal"
121: * jndi-name="SettingsRightsRemote"
122: *
123: *
124: * @ejb.home
125: * generate="false"
126: * remote-class="com.ivata.groupware.admin.setting.right.SettingsRightsRemoteHome"
127: *
128: * @ejb.interface
129: * remote-class="com.ivata.groupware.admin.setting.right.SettingsRightsRemote"
130: */
131: public class SettingsRightsImpl extends BusinessLogic implements
132: SettingsRights {
133: private QueryPersistenceManager persistenceManager;
134:
135: public SettingsRightsImpl(QueryPersistenceManager persistenceManager) {
136: this .persistenceManager = persistenceManager;
137: }
138:
139: /**
140: * <p>this method sets a setting to be allowed for users to override the
141: * system value</p>, {see canAmendSetting(name)}
142: * @param name the name of the setting
143: *
144: * @ejb.interface-method
145: * view-type="both"
146: */
147: public void addAmendRightForSetting(
148: final SecuritySession securitySession,
149: final String settingName) throws SystemException {
150: PersistenceSession persistenceSession = persistenceManager
151: .openSession(securitySession);
152: try {
153: // get the system setting - we always refer to system setting, as
154: // they can't be removed
155: SettingDO setting = (SettingDO) persistenceManager
156: .findInstance(persistenceSession,
157: "adminSettingByName",
158: new Object[] { settingName });
159: Integer settingId = setting.getId();
160:
161: // detail with meaning amend setting - user level
162: RightDetailDO amendDetail = (RightDetailDO) persistenceManager
163: .findByPrimaryKey(persistenceSession,
164: RightDetailDO.class,
165: RightConstants.DETAIL_SETTING_USER);
166:
167: Collection amendRight = persistenceManager.find(
168: persistenceSession, "rightByAccessDetailTargetId",
169: new Object[] { RightConstants.ACCESS_AMEND,
170: RightConstants.DETAIL_SETTING_USER,
171: settingId });
172:
173: // if there were no such rights set for this setting, do it now
174: if (amendRight.isEmpty()) {
175: GroupDO userGroup = (GroupDO) persistenceManager
176: .findByPrimaryKey(persistenceSession,
177: GroupDO.class,
178: GroupConstants.USER_GROUP);
179:
180: RightDO right = new RightDO();
181: right.setAccess(RightConstants.ACCESS_AMEND);
182: right.setDetail(amendDetail);
183:
184: right.setGroup(userGroup);
185: right.setTargetId(settingId);
186:
187: persistenceManager.add(persistenceSession, right);
188: }
189: } catch (Exception e) {
190: persistenceSession.cancel();
191: throw new SystemException(e);
192: } finally {
193: persistenceSession.close();
194: }
195: }
196:
197: /**
198: * <p>the method finds out whether a setting can be changed (overriden) by
199: * a user</p>
200: * @param name the name of the setting
201: * @return <code>true</code> when this setting can be overridden by user,
202: * <code>false</code> otherwise
203: *
204: * @ejb.interface-method
205: * view-type="both"
206: */
207: public boolean canAmendSetting(
208: final SecuritySession securitySession,
209: final String settingName) throws SystemException {
210: PersistenceSession persistenceSession = persistenceManager
211: .openSession(securitySession);
212: try {
213: // get the system setting - we always refer to system setting, as
214: // they can't be removed
215: SettingDO setting = (SettingDO) persistenceManager
216: .findInstance(persistenceSession,
217: "adminSettingByName",
218: new Object[] { settingName });
219: Integer settingId = setting.getId();
220:
221: Collection amendRight = persistenceManager.find(
222: persistenceSession, "rightByAccessDetailTargetId",
223: new Object[] { RightConstants.ACCESS_AMEND,
224: RightConstants.DETAIL_SETTING_USER,
225: settingId });
226:
227: // if there were rights, they must be ours
228: return !amendRight.isEmpty();
229: } catch (Exception e) {
230: persistenceSession.cancel();
231: throw new SystemException(e);
232: } finally {
233: persistenceSession.close();
234: }
235: }
236:
237: /**
238: * <p>the method tells whether a user can amend system settings</p>
239: * @param userName the name of the user
240: * @return <code>true</code> when this user can amend system settings or
241: * <code>false</code> when he can't
242: *
243: * @ejb.interface-method
244: * view-type="both"
245: */
246: public boolean canAmendSystemSettings(
247: final SecuritySession securitySession)
248: throws SystemException {
249: PersistenceSession persistenceSession = persistenceManager
250: .openSession(securitySession);
251: try {
252: Collection targetIds = persistenceManager.find(
253: persistenceSession, "rightByUserNameAccessDetail",
254: new Object[] { securitySession.getUser().getName(),
255: RightConstants.ACCESS_AMEND,
256: RightConstants.DETAIL_SETTING_SYSTEM });
257:
258: // if the collection is nonEmpty, the user has right to change
259: // system settings
260: return !targetIds.isEmpty();
261: } catch (Exception e) {
262: persistenceSession.cancel();
263: throw new SystemException(e);
264: } finally {
265: persistenceSession.close();
266: }
267: }
268:
269: /**
270: * <p>this method disables overriding the system value of one setting,
271: * {see canAmendSetting(name)}
272: * @param name the name of the setting
273: *
274: * @ejb.interface-method
275: * view-type="both"
276: */
277: public void removeAmendRightForSetting(
278: final SecuritySession securitySession,
279: final String settingName) throws SystemException {
280: PersistenceSession persistenceSession = persistenceManager
281: .openSession(securitySession);
282: try {
283: // get the system setting - we always refer to system setting, as
284: // they can't be removed
285: SettingDO setting = (SettingDO) persistenceManager
286: .findInstance(persistenceSession,
287: "adminSettingByName",
288: new Object[] { settingName });
289: Integer settingId = setting.getId();
290:
291: // detail with meaning amend setting - user level
292: RightDetailDO amendDetail = (RightDetailDO) persistenceManager
293: .findByPrimaryKey(persistenceSession,
294: RightDetailDO.class,
295: RightConstants.DETAIL_SETTING_USER);
296: Collection amendRight = persistenceManager.find(
297: persistenceSession, "rightByAccessDetailTargetId",
298: new Object[] { RightConstants.ACCESS_AMEND,
299: RightConstants.DETAIL_SETTING_USER,
300: settingId });
301:
302: // remove all rights found, there should be only one though...
303: for (Iterator i = amendRight.iterator(); i.hasNext();) {
304: RightDO currentRight = (RightDO) i.next();
305: persistenceManager.remove(persistenceSession,
306: currentRight);
307: }
308: } catch (Exception e) {
309: persistenceSession.cancel();
310: throw new SystemException(e);
311: } finally {
312: persistenceSession.close();
313: }
314: }
315: }
|