001: /*
002: * $Id: IfHasPermission.java,v 1.1 2003/08/17 06:06:13 ajzeneski Exp $
003: *
004: * Copyright (c) 2001, 2002 The Open For Business Project - www.ofbiz.org
005: *
006: * Permission is hereby granted, free of charge, to any person obtaining a
007: * copy of this software and associated documentation files (the "Software"),
008: * to deal in the Software without restriction, including without limitation
009: * the rights to use, copy, modify, merge, publish, distribute, sublicense,
010: * and/or sell copies of the Software, and to permit persons to whom the
011: * Software is furnished to do so, subject to the following conditions:
012: *
013: * The above copyright notice and this permission notice shall be included
014: * in all copies or substantial portions of the Software.
015: *
016: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
017: * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
018: * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
019: * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
020: * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
021: * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
022: * THE USE OR OTHER DEALINGS IN THE SOFTWARE.
023: */
024: package org.ofbiz.minilang.method.ifops;
025:
026: import java.util.LinkedList;
027: import java.util.List;
028:
029: import org.ofbiz.base.util.UtilXml;
030: import org.ofbiz.entity.GenericValue;
031: import org.ofbiz.minilang.SimpleMethod;
032: import org.ofbiz.minilang.method.MethodContext;
033: import org.ofbiz.minilang.method.MethodOperation;
034: import org.ofbiz.security.Security;
035: import org.w3c.dom.Element;
036:
037: /**
038: * Iff the user has the specified permission, process the sub-operations. Otherwise
039: * process else operations if specified.
040: *
041: * @author <a href="mailto:jonesde@ofbiz.org">David E. Jones</a>
042: * @version $Revision: 1.1 $
043: * @since 2.0
044: */
045: public class IfHasPermission extends MethodOperation {
046:
047: List subOps = new LinkedList();
048: List elseSubOps = null;
049:
050: String permission;
051: String action;
052:
053: public IfHasPermission(Element element, SimpleMethod simpleMethod) {
054: super (element, simpleMethod);
055: this .permission = element.getAttribute("permission");
056: this .action = element.getAttribute("action");
057:
058: SimpleMethod.readOperations(element, subOps, simpleMethod);
059:
060: Element elseElement = UtilXml
061: .firstChildElement(element, "else");
062: if (elseElement != null) {
063: elseSubOps = new LinkedList();
064: SimpleMethod.readOperations(elseElement, elseSubOps,
065: simpleMethod);
066: }
067: }
068:
069: public boolean exec(MethodContext methodContext) {
070: // if conditions fails, always return true; if a sub-op returns false
071: // return false and stop, otherwise return true
072: // return true;
073:
074: // only run subOps if element is empty/null
075: boolean runSubOps = false;
076:
077: // if no user is logged in, treat as if the user does not have permission: do not run subops
078: GenericValue userLogin = methodContext.getUserLogin();
079: if (userLogin != null) {
080: String permission = methodContext
081: .expandString(this .permission);
082: String action = methodContext.expandString(this .action);
083:
084: Security security = methodContext.getSecurity();
085: if (action != null && action.length() > 0) {
086: // run hasEntityPermission
087: if (security.hasEntityPermission(permission, action,
088: userLogin)) {
089: runSubOps = true;
090: }
091: } else {
092: // run hasPermission
093: if (security.hasPermission(permission, userLogin)) {
094: runSubOps = true;
095: }
096: }
097: }
098:
099: if (runSubOps) {
100: return SimpleMethod.runSubOps(subOps, methodContext);
101: } else {
102: if (elseSubOps != null) {
103: return SimpleMethod
104: .runSubOps(elseSubOps, methodContext);
105: } else {
106: return true;
107: }
108: }
109: }
110: }
|