001: /* ====================================================================
002: * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
003: *
004: * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions
008: * are met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in
015: * the documentation and/or other materials provided with the
016: * distribution.
017: *
018: * 3. The end-user documentation included with the redistribution,
019: * if any, must include the following acknowledgment:
020: * "This product includes software developed by Jcorporate Ltd.
021: * (http://www.jcorporate.com/)."
022: * Alternately, this acknowledgment may appear in the software itself,
023: * if and wherever such third-party acknowledgments normally appear.
024: *
025: * 4. "Jcorporate" and product names such as "Expresso" must
026: * not be used to endorse or promote products derived from this
027: * software without prior written permission. For written permission,
028: * please contact info@jcorporate.com.
029: *
030: * 5. Products derived from this software may not be called "Expresso",
031: * or other Jcorporate product names; nor may "Expresso" or other
032: * Jcorporate product names appear in their name, without prior
033: * written permission of Jcorporate Ltd.
034: *
035: * 6. No product derived from this software may compete in the same
036: * market space, i.e. framework, without prior written permission
037: * of Jcorporate Ltd. For written permission, please contact
038: * partners@jcorporate.com.
039: *
040: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
041: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
042: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
043: * DISCLAIMED. IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
044: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
045: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
046: * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
047: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
048: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
049: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
050: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
051: * SUCH DAMAGE.
052: * ====================================================================
053: *
054: * This software consists of voluntary contributions made by many
055: * individuals on behalf of the Jcorporate Ltd. Contributions back
056: * to the project(s) are encouraged when you make modifications.
057: * Please send them to support@jcorporate.com. For more information
058: * on Jcorporate Ltd. and its products, please see
059: * <http://www.jcorporate.com/>.
060: *
061: * Portions of this software are based upon other open source
062: * products and are subject to their respective licenses.
063: */
064:
065: package com.jcorporate.expresso.services.controller;
066:
067: /**
068: * JobSecurityMatrix.java
069: *
070: * Copyright 2000, 2001 Jcorporate Ltd.
071: */
072:
073: import com.jcorporate.expresso.core.controller.Block;
074: import com.jcorporate.expresso.core.controller.ControllerException;
075: import com.jcorporate.expresso.core.controller.ControllerRequest;
076: import com.jcorporate.expresso.core.controller.ControllerResponse;
077: import com.jcorporate.expresso.core.controller.DBController;
078: import com.jcorporate.expresso.core.controller.ErrorCollection;
079: import com.jcorporate.expresso.core.controller.Input;
080: import com.jcorporate.expresso.core.controller.NonHandleableException;
081: import com.jcorporate.expresso.core.controller.Output;
082: import com.jcorporate.expresso.core.controller.State;
083: import com.jcorporate.expresso.core.controller.Transition;
084: import com.jcorporate.expresso.core.db.DBException;
085: import com.jcorporate.expresso.core.dbobj.Schema;
086: import com.jcorporate.expresso.core.dbobj.SchemaFactory;
087: import com.jcorporate.expresso.core.dbobj.SecuredDBObject;
088: import com.jcorporate.expresso.core.dbobj.ValidValue;
089: import com.jcorporate.expresso.core.job.Job;
090: import com.jcorporate.expresso.core.misc.StringUtil;
091: import com.jcorporate.expresso.services.dbobj.JobSecurity;
092: import com.jcorporate.expresso.services.dbobj.SchemaList;
093: import com.jcorporate.expresso.services.dbobj.UserGroup;
094: import org.apache.log4j.Logger;
095:
096: import java.util.Enumeration;
097: import java.util.Hashtable;
098: import java.util.Iterator;
099: import java.util.Vector;
100:
101: /**
102: * The JobSecurityMatrix controller allows easy administration of the
103: * security rights of user groups to get to certain Jobs and to certain
104: * methods in those Jobs (assuming the job has more than one method).
105: *
106: * @author Michael Nash
107: * @version $Revision: 1.18 $ $Date: 2004/11/17 20:48:17 $
108: */
109: public class JobSecurityMatrix extends DBController {
110: private static final String this Class = JobSecurityMatrix.class
111: .getName()
112: + ".";
113: private static Logger log = Logger
114: .getLogger(JobSecurityMatrix.class);
115:
116: /**
117: * Constructor that specifies the states available in
118: * this Controller
119: */
120: public JobSecurityMatrix() {
121: State prompt = new State("prompt", "Prompt for Schema");
122: addState(prompt);
123: setInitialState("prompt");
124:
125: State seljob = new State("seljob", "Select Job");
126: seljob.addRequiredParameter("GroupName");
127: seljob.addRequiredParameter("SchemaClass");
128: addState(seljob);
129:
130: State setjob = new State("setjob", "Set Allowed Jobs");
131: setjob.addRequiredParameter("SchemaClass");
132: setjob.addRequiredParameter("GroupName");
133: addState(setjob);
134:
135: State updjob = new State("updjob", "Update Allowed Jobs");
136: updjob.addRequiredParameter("SchemaClass");
137: updjob.addRequiredParameter("GroupName");
138: addState(updjob);
139:
140: State selfunctions = new State("selfunctions",
141: "Select Allowed Functions");
142: selfunctions.addRequiredParameter("GroupName");
143: selfunctions.addRequiredParameter("JobClass");
144: addState(selfunctions);
145:
146: State updfunctions = new State("updfunctions",
147: "Update Allowed Functions");
148: updfunctions.addRequiredParameter("GroupName");
149: updfunctions.addRequiredParameter("JobClass");
150: addState(updfunctions);
151: this
152: .setSchema(com.jcorporate.expresso.core.ExpressoSchema.class);
153: } /* JobSecurityMatrix() */
154:
155: /**
156: * Instantiate & return the Job class
157: *
158: * @param className The name of the Job object to instantiate
159: * @return An instance of the named Job object
160: * @throws ControllerException upon error
161: */
162: private Job getJob(String className) throws ControllerException {
163: String myName = (this Class + "getController(String)");
164: Job myController;
165:
166: try {
167: myController = (Job) Class.forName(className).newInstance();
168: } catch (IllegalAccessException ie) {
169: throw new ControllerException(myName + ":Illegal Access "
170: + "Exception loading Job class " + className + ":"
171: + ie.getMessage());
172: } catch (InstantiationException ie) {
173: throw new ControllerException(myName
174: + ":Can't instantiate " + "Job class " + className
175: + ":" + ie.getMessage());
176: } catch (ClassNotFoundException se) {
177: throw new ControllerException(myName + ":Can't find a Job "
178: + "class called " + className + ":"
179: + se.getMessage());
180: } catch (Exception eo) {
181: log.error(eo);
182: throw new ControllerException(myName
183: + ":Exception loading " + "Job" + className
184: + "- see detailed message in server log:"
185: + eo.getMessage());
186: }
187:
188: return myController;
189: } /* getJob(String) */
190:
191: /**
192: * Instantiate & return the schema class given in the current parameter
193: *
194: * @param className Name of the Schema object to instantiate
195: * @param failIfNotLoaded if the schema cannot be loaded should we throw an exception
196: * @return A Schema object, ready for use
197: * @throws ControllerException upon error
198: */
199: private Schema getSchema(String className, boolean failIfNotLoaded)
200: throws ControllerException {
201: Schema mySchema = SchemaFactory.getInstance().getSchema(
202: className);
203:
204: if (mySchema == null && failIfNotLoaded) {
205: if (failIfNotLoaded) {
206: throw new ControllerException("Cannot access schema '"
207: + className + "'");
208: }
209: }
210:
211: return mySchema;
212: } /* getSchema(String) */
213:
214: /**
215: * Build the matrix for user to select the allowed jobs
216: * for this user and this schema
217: *
218: * @param params the ControllerRequest object
219: * @param myResponse the ControllerResponse object
220: * @throws ControllerException upon error
221: */
222: private void getSelJobMatrix(ControllerResponse myResponse,
223: ControllerRequest params) throws ControllerException {
224: String myName = (this Class + "getDBObjMatrix()");
225: Schema mySchema = getSchema(params.getParameter("SchemaClass"),
226: true);
227:
228: try { /* get each of the database objects for this schema */
229: Block matrix = new Block("matrix");
230: matrix.setAttribute("table", "Y");
231: matrix.setAttribute("header-row", ("Job|Allowed?"));
232: myResponse.add(matrix);
233:
234: Job oneController = null;
235: JobSecurity secur = new JobSecurity(
236: SecuredDBObject.SYSTEM_ACCOUNT);
237: secur.setDataContext(params.getDataContext());
238:
239: Input cb = null;
240: Block oneRow = null;
241:
242: for (Enumeration e = mySchema.getJobs(); e
243: .hasMoreElements();) {
244: oneRow = new Block("oneRow");
245: oneRow.setAttribute("row", "Y");
246: oneController = (Job) e.nextElement();
247: oneRow.add(new Output(oneController.getTitle()));
248:
249: /* now determine existing security for this group */
250:
251: /* and this object */
252: boolean conAllowed = false;
253: secur.clear();
254: secur.setField("JobClass", oneController.getClass()
255: .getName());
256: secur.setField("GroupName", params
257: .getParameter("GroupName"));
258:
259: if (secur.find()) {
260: conAllowed = true;
261: }
262:
263: cb = new Input(oneController.getClass().getName());
264: cb.setType("boolean");
265: cb.setAttribute("checkbox", "");
266:
267: if (conAllowed) {
268: cb.setDefaultValue("Y");
269: } else {
270: cb.setDefaultValue("N");
271: }
272:
273: oneRow.add(cb);
274: matrix.add(oneRow);
275: } /* for each job object */
276:
277: } catch (DBException de) {
278: throw new ControllerException(myName
279: + ":Database exception reading " + "security info:"
280: + de.getMessage());
281: }
282: } /* getSelJobMatrix() */
283:
284: /**
285: * Build the matrix for user to select the allowed functions
286: * for this user and this job
287: *
288: * @param params the ControllerRequest object
289: * @param myResponse the ControllerResponse object
290: * @throws ControllerException upon error
291: */
292: private void getSelFunctionsMatrix(ControllerResponse myResponse,
293: ControllerRequest params) throws ControllerException {
294: String myName = (this Class + "getSelFunctionsMatrix()");
295: Job con = getJob(params.getParameter("JobClass"));
296:
297: /* must have GroupName and JobClass fields */
298: try {
299:
300: /* get each of the database objects for this schema */
301: Block matrix = new Block("matrix");
302: matrix.setAttribute("table", "Y");
303:
304: String head = ("Function|Allowed?");
305: matrix.setAttribute("header-row", head);
306: myResponse.add(matrix);
307:
308: JobSecurity secur = new JobSecurity(
309: SecuredDBObject.SYSTEM_ACCOUNT);
310: secur.setDataContext(params.getDataContext());
311: secur.setField("JobClass", con.getClass().getName());
312: secur.setField("GroupName", params
313: .getParameter("GroupName"));
314:
315: String currentSecurity = ("");
316:
317: if (secur.find()) {
318: currentSecurity = secur.getField("Functions");
319: }
320:
321: Input cb = null;
322: Block oneRow = null;
323: Hashtable allStates = con.getFunctions();
324: String oneStateName;
325: State oneState;
326:
327: for (Enumeration e = allStates.keys(); e.hasMoreElements();) {
328: oneRow = new Block("oneRow");
329: oneRow.setAttribute("row", "Y");
330: oneStateName = (String) e.nextElement();
331: oneState = (State) allStates.get(oneStateName);
332: oneRow.add(new Output((String) oneState
333: .getDescription()));
334:
335: /* now determine existing security for this group */
336:
337: /* and this object */
338: boolean stateAllowed = false;
339:
340: if (currentSecurity.indexOf(oneStateName) != -1) {
341: stateAllowed = true;
342: }
343: if (currentSecurity.indexOf("*") != -1) {
344: stateAllowed = true;
345: }
346:
347: cb = new Input(oneStateName);
348: cb.setType("boolean");
349: cb.setAttribute("checkbox", "");
350:
351: if (stateAllowed) {
352: cb.setDefaultValue("Y");
353: } else {
354: cb.setDefaultValue("N");
355: }
356:
357: oneRow.add(cb);
358: matrix.add(oneRow);
359: } /* for each job object */
360:
361: } catch (DBException de) {
362: throw new ControllerException(myName
363: + ":Database exception reading " + "security info:"
364: + de.getMessage());
365: }
366: } /* getSelFunctionsMatrix(ControllerRequest, ControllerResponse) */
367:
368: /**
369: * Return the title of this Job
370: *
371: * @return The title of this Controller
372: */
373: public String getTitle() {
374: return ("Job Security Matrix");
375: } /* getTitle() */
376:
377: /**
378: * Specify a new state for this Controller to transition into
379: *
380: * @param newState The new state to transition into. Must be
381: * one of the valid states for this Controller
382: * @param params the ControllerRequest object
383: * @return a ControllerResponse object
384: * @throws NonHandleableException upon fatal error
385: */
386: public ControllerResponse newState(String newState,
387: ControllerRequest params) throws ControllerException,
388: NonHandleableException {
389: ControllerResponse myResponse = super
390: .newState(newState, params);
391:
392: if (newState.equals("prompt")) {
393: promptState(myResponse, params);
394: } else if (newState.equals("seljob")) {
395: selJobState(myResponse, params);
396: } else if (newState.equals("setjob")) {
397: setJobState(myResponse, params);
398: } else if (newState.equals("updjob")) {
399: updJobState(myResponse, params);
400: } else if (newState.equals("selfunctions")) {
401: selFunctionsState(myResponse, params);
402: } else if (newState.equals("updstates")) {
403: updFunctionsState(myResponse, params);
404: }
405: if (!newState.equals("prompt")) {
406: Transition again = new Transition("Start Again", getClass()
407: .getName());
408: again.setName("again");
409: again.addParam(STATE_PARAM_KEY, "prompt");
410: myResponse.addTransition(again);
411: }
412:
413: return myResponse;
414: } /* newState(String) */
415:
416: /**
417: * Prompt for a schema and usergroup
418: *
419: * @param params the ControllerRequest object
420: * @param myResponse the ControllerResponse object
421: */
422: private void promptState(ControllerResponse myResponse,
423: ControllerRequest params) throws ControllerException {
424: String myName = (this Class + "promptState()");
425:
426: try {
427: Input chooseGroup = new Input();
428: chooseGroup.setLabel("Choose Group");
429: chooseGroup.setName("GroupName");
430:
431: Vector vg = new Vector(2);
432: UserGroup gl = new UserGroup(SecuredDBObject.SYSTEM_ACCOUNT);
433: gl.setDataContext(params.getDataContext());
434:
435: UserGroup oneGroup = null;
436:
437: for (Iterator eg = gl.searchAndRetrieveList().iterator(); eg
438: .hasNext();) {
439: oneGroup = (UserGroup) eg.next();
440: vg.addElement(new ValidValue(oneGroup
441: .getField("GroupName"), oneGroup
442: .getField("Descrip")));
443: } /* for each group */
444:
445: if (vg.size() == 0) {
446: throw new ControllerException(myName
447: + ":There are no groups " + "defined.");
448: }
449:
450: chooseGroup.setValidValues(vg);
451: myResponse.addInput(chooseGroup);
452:
453: /* ..and a schema */
454: Input chooseSchema = new Input();
455: chooseSchema.setLabel("Choose Schema");
456: chooseSchema.setName("SchemaClass");
457:
458: Vector vs = new Vector(2);
459: vs.addElement(new ValidValue("com.jcorporate.expresso."
460: + "core.ExpressoSchema", "General"));
461:
462: Schema oneSchemaObj;
463: SchemaList sl = new SchemaList(
464: SecuredDBObject.SYSTEM_ACCOUNT);
465: sl.setDataContext(params.getDataContext());
466:
467: SchemaList oneSchema = null;
468:
469: for (Iterator es = sl.searchAndRetrieveList().iterator(); es
470: .hasNext();) {
471: oneSchema = (SchemaList) es.next();
472: oneSchemaObj = getSchema(oneSchema
473: .getField("SchemaClass"), false);
474:
475: if (oneSchemaObj != null) {
476: if (oneSchemaObj.getJobs().hasMoreElements()) {
477: vs.addElement(new ValidValue(oneSchema
478: .getField("SchemaClass"), oneSchema
479: .getField("Descrip")));
480: }
481: }
482: } /* for each listed schema */
483:
484: chooseSchema.setValidValues(vs);
485: myResponse.addInput(chooseSchema);
486: } catch (DBException de) {
487: throw new ControllerException(myName
488: + ":Unable to retrieve " + "schema information:"
489: + de.getMessage());
490: }
491:
492: Transition setjob = new Transition("Select Allowed Jobs",
493: getClass().getName());
494: setjob.setName("setjob");
495: setjob.setState("setjob");
496: myResponse.addTransition(setjob);
497:
498: Transition seljob = new Transition("Select Allowed Functions",
499: getClass().getName());
500: seljob.setName("seljob");
501: seljob.setState("seljob");
502: // seljob.setState("selfunctions");
503: myResponse.addTransition(seljob);
504: } /* promptState() */
505:
506: /**
507: * Select a Job to administer functions for.
508: *
509: * @param params the ControllerRequest object
510: * @param myResponse the ControllerResponse object
511: */
512: private void selJobState(ControllerResponse myResponse,
513: ControllerRequest params) throws ControllerException,
514: NonHandleableException {
515: String myName = (this Class + "selJobState()");
516: Schema mySchema = getSchema(params.getParameter("SchemaClass"),
517: true);
518: Job oneController;
519: Input chooseController = new Input();
520: chooseController.setLabel("Choose Job");
521: chooseController.setName("JobClass");
522:
523: Vector v = new Vector(2);
524:
525: for (Enumeration e = mySchema.getJobs(); e.hasMoreElements();) {
526: oneController = (Job) e.nextElement();
527:
528: /* if the job has no functions (e.g. it's all or nothing) then */
529: /* don't show it */
530: if (oneController.getFunctions().size() != 0) {
531: v.addElement(new ValidValue(oneController.getClass()
532: .getName(), oneController.getTitle()));
533: }
534: } /* for each job in the selected schema */
535:
536: if (v.size() == 0) {
537: ErrorCollection ec = new ErrorCollection();
538: ec
539: .addError(myName
540: + ":There are no jobs "
541: + "defined in the selected schema with functions defined."
542: + " Use 'Select Allowed Jobs' to enable access to jobs.");
543: myResponse.saveErrors(ec);
544: transition("prompt", params, myResponse);
545: return;
546: }
547:
548: chooseController.setValidValues(v);
549: myResponse.addInput(chooseController);
550:
551: try {
552: UserGroup myGroup = new UserGroup(
553: SecuredDBObject.SYSTEM_ACCOUNT);
554: myGroup.setDataContext(params.getDataContext());
555: myGroup.setField("GroupName", params
556: .getParameter("GroupName"));
557: myGroup.retrieve();
558: myResponse.addOutput(new Output(
559: "Choose a Job to administer functions "
560: + "for group '"
561: + myGroup.getField("Descrip") + "'"));
562: } catch (DBException de) {
563: throw new ControllerException(myName
564: + ":Unable to retrieve group:" + de.getMessage());
565: }
566:
567: Transition selfunctions = new Transition(
568: "Select Allowed Functions", getClass().getName());
569: selfunctions.setName("selfunctions");
570: selfunctions.addParam(STATE_PARAM_KEY, "selfunctions");
571: selfunctions.addParam("GroupName", params
572: .getParameter("GroupName"));
573: selfunctions.addParam("SchemaClass", params
574: .getParameter("SchemaClass"));
575: myResponse.addTransition(selfunctions);
576: } /* selControllerState() */
577:
578: /**
579: * Set allowed functions of a particular job for
580: * one group and job combination
581: *
582: * @param params the ControllerRequest object
583: * @param myResponse the ControllerResponse object
584: */
585: private void selFunctionsState(ControllerResponse myResponse,
586: ControllerRequest params) throws ControllerException {
587: String myName = (this Class + "selFunctionsState()");
588: Job oneController = getJob(params.getParameter("JobClass"));
589:
590: try {
591: UserGroup oneGroup = new UserGroup(
592: SecuredDBObject.SYSTEM_ACCOUNT);
593: oneGroup.setDataContext(params.getDataContext());
594: oneGroup.setField("GroupName", params
595: .getParameter("GroupName"));
596: oneGroup.retrieve();
597: myResponse.addOutput(new Output(
598: "Select allowed Functions for Job '"
599: + oneController.getTitle()
600: + "' and group '"
601: + oneGroup.getField("Descrip") + "'"));
602: } catch (DBException de) {
603: throw new ControllerException(myName
604: + ":Unable to locate group '"
605: + params.getParameter("GroupName"));
606: }
607:
608: getSelFunctionsMatrix(myResponse, params);
609:
610: Transition updstates = new Transition("Update", getClass()
611: .getName());
612: updstates.setName("updstates");
613: updstates.addParam(STATE_PARAM_KEY, "updstates");
614: updstates.addParam("GroupName", params
615: .getParameter("GroupName"));
616: updstates.addParam("JobClass", params.getParameter("JobClass"));
617: myResponse.addTransition(updstates);
618: } /* selStatesState() */
619:
620: /**
621: * Set allowed Job for a schema and group
622: *
623: * @param params the ControllerRequest object
624: * @param myResponse the ControllerResponse object
625: */
626: private void setJobState(ControllerResponse myResponse,
627: ControllerRequest params) throws ControllerException {
628: String myName = (this Class + "setControllerState()");
629:
630: /* present a list of controllers from the current */
631: /* schema to the user to check off the ones this group */
632: try {
633: UserGroup myGroup = new UserGroup(
634: SecuredDBObject.SYSTEM_ACCOUNT);
635: myGroup.setDataContext(params.getDataContext());
636: myGroup.setField("GroupName", params
637: .getParameter("GroupName"));
638: myGroup.retrieve();
639:
640: String schemaName;
641:
642: if (params.getParameter("SchemaClass").equals(
643: "com.jcorporate." + "expresso.core.ExpressoSchema")) {
644: schemaName = ("General");
645: } else {
646: SchemaList mySL = new SchemaList(
647: SecuredDBObject.SYSTEM_ACCOUNT);
648: mySL.setDataContext(params.getDataContext());
649: mySL.setField("SchemaClass", params
650: .getParameter("SchemaClass"));
651: mySL.retrieve();
652: schemaName = mySL.getField("Descrip");
653: }
654:
655: myResponse.addOutput(new Output(
656: "Select allowed Jobs for group '"
657: + myGroup.getField("Descrip")
658: + "' in Schema '" + schemaName + "'"));
659: getSelJobMatrix(myResponse, params);
660: } catch (DBException de) {
661: throw new ControllerException(myName
662: + ":Unable to read state or group "
663: + "information:" + de.getMessage());
664: }
665:
666: Transition updjob = new Transition("Update", getClass()
667: .getName());
668: updjob.setName("updjob");
669: updjob.addParam(STATE_PARAM_KEY, "updjob");
670: updjob.addParam("GroupName", params.getParameter("GroupName"));
671: updjob.addParam("SchemaClass", params
672: .getParameter("SchemaClass"));
673: myResponse.addTransition(updjob);
674: } /* setControllerState() */
675:
676: /**
677: * Update allowed states for a particular job
678: * and group
679: *
680: * @param params the ControllerRequest object
681: * @param myResponse the ControllerResponse object
682: */
683: private void updJobState(ControllerResponse myResponse,
684: ControllerRequest params) throws ControllerException {
685: String myName = (this Class + "updJobState()");
686: Schema mySchema = getSchema(params.getParameter("SchemaClass"),
687: true);
688:
689: try {
690: JobSecurity secur = new JobSecurity(
691: SecuredDBObject.SYSTEM_ACCOUNT);
692: secur.setDataContext(params.getDataContext());
693:
694: Job checkController;
695: int changes = 0;
696:
697: for (Enumeration pe = mySchema.getJobs(); pe
698: .hasMoreElements();) {
699: checkController = (Job) pe.nextElement();
700: secur.clear();
701: secur.setField("JobClass", checkController.getClass()
702: .getName());
703: secur.setField("GroupName", params
704: .getParameter("GroupName"));
705:
706: if (StringUtil.notNull(
707: params.getParameter(checkController.getClass()
708: .getName())).equals("Y")) {
709:
710: /* check that permission is allowed */
711: if (!secur.find()) {
712: secur.setField("Functions", "*");
713: secur.add();
714: myResponse.addOutput(new Output(
715: "Permission granted for " + "Job "
716: + checkController.getTitle()));
717: changes++;
718: }
719: } else {
720:
721: /* make sure permission is NOT allowed */
722: if (secur.find()) {
723: secur.delete();
724: myResponse.addOutput(new Output(
725: "Permission removed for " + "Job "
726: + checkController.getTitle()));
727: changes++;
728: }
729: } /* else not allowed */
730:
731: } /* for each controller in the schema */
732:
733: if (changes == 0) {
734: myResponse.addOutput(new Output("No changes required"));
735: }
736: } catch (DBException de) {
737: throw new ControllerException(myName
738: + ":Unable to update security " + "info", de);
739: }
740: } /* updControllerState() */
741:
742: /**
743: * Update the allowed states for this Job
744: *
745: * @param params the ControllerRequest object
746: * @param myResponse the ControllerResponse object
747: */
748: private void updFunctionsState(ControllerResponse myResponse,
749: ControllerRequest params) throws ControllerException {
750: String myName = (this Class + "updStatesState()");
751: Job con = getJob(params.getParameter("JobClass"));
752:
753: try {
754: Hashtable allStates = con.getFunctions();
755: String oneStateName;
756: State oneState;
757: StringBuffer newSecurity = new StringBuffer("");
758: boolean allAllowed = true;
759:
760: for (Enumeration e = allStates.keys(); e.hasMoreElements();) {
761: oneStateName = (String) e.nextElement();
762: oneState = (State) allStates.get(oneStateName);
763:
764: if (StringUtil.notNull(
765: params.getParameter(oneStateName)).equals("Y")) {
766: newSecurity.append(oneStateName);
767: newSecurity.append(", ");
768: myResponse.addOutput(new Output(
769: "Access granted to function '"
770: + oneState.getDescription() + "'"));
771: } else {
772: myResponse.addOutput(new Output(
773: "Access denied to function '"
774: + oneState.getDescription() + "'"));
775: allAllowed = false;
776: }
777: } /* for each state of this controller */
778:
779: JobSecurity secur = new JobSecurity(
780: SecuredDBObject.SYSTEM_ACCOUNT);
781: secur.setDataContext(params.getDataContext());
782: secur.setField("JobClass", con.getClass().getName());
783: secur.setField("GroupName", params
784: .getParameter("GroupName"));
785:
786: if (allAllowed) {
787: newSecurity = new StringBuffer("*");
788: }
789: if (secur.find()) {
790: secur.setField("Functions", newSecurity.toString());
791: secur.update();
792: } else {
793: secur.setField("Functions", newSecurity.toString());
794: secur.add();
795: }
796: } catch (DBException de) {
797: throw new ControllerException(myName
798: + ":Database exception reading " + "security info:"
799: + de.getMessage());
800: }
801: } /* updStatesState() */
802:
803: } /* JobSecurityMatrix */
|