001: /*
002: * Copyright (c) 2001 - 2005 ivata limited.
003: * All rights reserved.
004: * -----------------------------------------------------------------------------
005: * ivata groupware may be redistributed under the GNU General Public
006: * License as published by the Free Software Foundation;
007: * version 2 of the License.
008: *
009: * These programs are free software; you can redistribute them and/or
010: * modify them under the terms of the GNU General Public License
011: * as published by the Free Software Foundation; version 2 of the License.
012: *
013: * These programs are distributed in the hope that they will be useful,
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
016: *
017: * See the GNU General Public License in the file LICENSE.txt for more
018: * details.
019: *
020: * If you would like a copy of the GNU General Public License write to
021: *
022: * Free Software Foundation, Inc.
023: * 59 Temple Place - Suite 330
024: * Boston, MA 02111-1307, USA.
025: *
026: *
027: * To arrange commercial support and licensing, contact ivata at
028: * http://www.ivata.com/contact.jsp
029: * -----------------------------------------------------------------------------
030: * $Log: GroupRights.java,v $
031: * Revision 1.4.2.1 2005/10/08 16:14:31 colinmacleod
032: * Added new rule that parent groups cannot be deleted.
033: *
034: * Revision 1.4 2005/04/28 18:47:10 colinmacleod
035: * Fixed XHMTL, styles and resin compatibility.
036: * Added support for URL rewriting.
037: *
038: * Revision 1.3 2005/04/10 18:47:35 colinmacleod
039: * Changed i tag to em and b tag to strong.
040: *
041: * Revision 1.2 2005/04/09 17:19:07 colinmacleod
042: * Changed copyright text to GPL v2 explicitly.
043: *
044: * Revision 1.1.1.1 2005/03/10 17:50:35 colinmacleod
045: * Restructured ivata op around Hibernate/PicoContainer.
046: * Renamed ivata groupware.
047: *
048: * -----------------------------------------------------------------------------
049: */
050: package com.ivata.groupware.business.addressbook.person.group.right;
051:
052: import java.io.Serializable;
053: import java.util.List;
054:
055: import com.ivata.groupware.business.addressbook.AddressBook;
056: import com.ivata.groupware.business.addressbook.person.group.GroupConstants;
057: import com.ivata.groupware.business.addressbook.person.group.GroupDO;
058: import com.ivata.mask.persistence.right.PersistenceRights;
059: import com.ivata.mask.valueobject.ValueObject;
060:
061: import com.ivata.groupware.admin.security.server.SecurityServer;
062: import com.ivata.groupware.admin.security.server.SecuritySession;
063: import com.ivata.mask.util.SystemException;
064:
065: /**
066: * This class will implement ivata groupware rights, by checking against the
067: * group right table/entities.
068: * To keep things simple for this release, however, it returns <code>true</code>
069: * for <em>almost</em> everything - it doesn't let you delete major things like
070: * the system-wide address book, but that is about it.
071: *
072: * @since ivata groupware 0.10 (2005-01-14)
073: * @author Colin MacLeod
074: * <a href="mailto:colin.macleod@ivata.com">colin.macleod@ivata.com</a>
075: * @version $Revision: 1.4.2.1 $
076: */
077:
078: public class GroupRights implements PersistenceRights, Serializable {
079: private AddressBook addressBook;
080: private SecurityServer securityServer;
081:
082: public GroupRights(AddressBook addressBook,
083: SecurityServer securityServer) {
084: this .addressBook = addressBook;
085: this .securityServer = securityServer;
086: }
087:
088: /**
089: * Refer to {@link PersistenceRights#canAdd}.
090: * @param valueObjectClassParam Refer to {@link PersistenceRights#canAdd}.
091: *
092: * @return Refer to {@link PersistenceRights#canAdd}.
093: */
094: public boolean canAdd(String userName, Class valueObjectClassParam) {
095: return true;
096: }
097:
098: /**
099: * Refer to
100: * {@link PersistenceRights#canAmend(String, ValueObject)}.
101: * @param valueObjectParam Refer to
102: * {@link PersistenceRights#canAmend(String, ValueObject)}.
103: *
104: * @return Refer to
105: * {@link PersistenceRights#canAmend(String, ValueObject)}.
106: */
107: public boolean canAmend(String userNameParam,
108: ValueObject valueObjectParam) {
109: return true;
110: }
111:
112: /**
113: * Refer to {@link PersistenceRights#canAmend(String,
114: * ValueObject, String)}.
115: * @param valueObjectParam Refer to
116: * {@link PersistenceRights#canAmend(String,
117: * ValueObject, String)}.
118: * @param fieldNameParam Refer to
119: * {@link PersistenceRights#canAmend(String,
120: * ValueObject, String)}.
121: * @return Refer to
122: * {@link PersistenceRights#canAmend(String,
123: * ValueObject, String)}.
124: * @see PersistenceRights#canAmend(String, com.ivata.mask.valueobject.ValueObject, java.lang.String)
125: */
126: public boolean canAmend(String userNameParam,
127: ValueObject valueObjectParam, String fieldNameParam) {
128: // you can only change the name of an address book if it is not
129: // private
130: if (valueObjectParam instanceof GroupDO) {
131: GroupDO group = (GroupDO) valueObjectParam;
132: GroupDO parent = group.getParent();
133: // you can't rename a private address book
134: if ((parent != null)
135: && "name".equals(fieldNameParam)
136: && (GroupConstants.equals(parent.getId(),
137: GroupConstants.ADDRESS_BOOK_PRIVATE))) {
138: return false;
139: }
140: }
141:
142: // everything else goes...
143: return true;
144: }
145:
146: /**
147: * Refer to {@link PersistenceRights#canRemove}.
148: * @param valueObjectParam Refer to {@link
149: * PersistenceRights#canRemove}.
150: *
151: * @return Refer to {@link PersistenceRights#canRemove}.
152: */
153: public boolean canRemove(String userNameParam,
154: ValueObject valueObjectParam) {
155: // only return false if this is a major component
156: if (valueObjectParam instanceof GroupDO) {
157: GroupDO group = (GroupDO) valueObjectParam;
158: // you can't delete the default, system-wide address book
159: if (GroupConstants.equals(group.getId(),
160: GroupConstants.ADDRESS_BOOK_DEFAULT)) {
161: return false;
162: }
163: GroupDO parent = group.getParent();
164: // you can't delete a private address book
165: if ((parent == null)
166: || (GroupConstants.equals(parent.getId(),
167: GroupConstants.ADDRESS_BOOK_PRIVATE))) {
168: return false;
169: }
170: // you can't delete a group which has users, people
171: if ((group.getPeople().size() > 0)
172: || (group.getUsers().size() > 0)) {
173: return false;
174: }
175: // you can't delete a group which has children groups
176: try {
177: SecuritySession guestSession = securityServer
178: .loginGuest();
179: List children = addressBook.findGroupsByParent(
180: guestSession, group.getId());
181: if ((children != null) && (children.size() > 0)) {
182: return false;
183: }
184: } catch (SystemException e) {
185: throw new RuntimeException(e);
186: }
187: }
188: // everything else goes...
189: return true;
190: }
191: }
|