01: /*
02: * $Id: HasPermissionCondition.java,v 1.1 2003/08/17 06:06:12 ajzeneski Exp $
03: *
04: * Copyright (c) 2001, 2002 The Open For Business Project - www.ofbiz.org
05: *
06: * Permission is hereby granted, free of charge, to any person obtaining a
07: * copy of this software and associated documentation files (the "Software"),
08: * to deal in the Software without restriction, including without limitation
09: * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10: * and/or sell copies of the Software, and to permit persons to whom the
11: * Software is furnished to do so, subject to the following conditions:
12: *
13: * The above copyright notice and this permission notice shall be included
14: * in all copies or substantial portions of the Software.
15: *
16: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
17: * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18: * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
19: * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
20: * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
21: * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
22: * THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23: */
24: package org.ofbiz.minilang.method.conditional;
25:
26: import org.ofbiz.entity.GenericValue;
27: import org.ofbiz.minilang.SimpleMethod;
28: import org.ofbiz.minilang.method.MethodContext;
29: import org.ofbiz.security.Security;
30: import org.w3c.dom.Element;
31:
32: /**
33: * Implements compare to a constant condition.
34: *
35: * @author <a href="mailto:jonesde@ofbiz.org">David E. Jones</a>
36: * @version $Revision: 1.1 $
37: * @since 2.1
38: */
39: public class HasPermissionCondition implements Conditional {
40:
41: SimpleMethod simpleMethod;
42:
43: String permission;
44: String action;
45:
46: public HasPermissionCondition(Element element,
47: SimpleMethod simpleMethod) {
48: this .simpleMethod = simpleMethod;
49:
50: this .permission = element.getAttribute("permission");
51: this .action = element.getAttribute("action");
52: }
53:
54: public boolean checkCondition(MethodContext methodContext) {
55: // only run subOps if element is empty/null
56: boolean runSubOps = false;
57:
58: // if no user is logged in, treat as if the user does not have permission: do not run subops
59: GenericValue userLogin = methodContext.getUserLogin();
60: if (userLogin != null) {
61: String permission = methodContext
62: .expandString(this .permission);
63: String action = methodContext.expandString(this .action);
64:
65: Security security = methodContext.getSecurity();
66: if (action != null && action.length() > 0) {
67: // run hasEntityPermission
68: if (security.hasEntityPermission(permission, action,
69: userLogin)) {
70: runSubOps = true;
71: }
72: } else {
73: // run hasPermission
74: if (security.hasPermission(permission, userLogin)) {
75: runSubOps = true;
76: }
77: }
78: }
79:
80: return runSubOps;
81: }
82: }
|