return false; final UserRightValue[] availableValues = getAvailableValues(userGroupCache, user); if (availableValues == null || availableValues.length <= 1) { return false; continue; // Should not be configurable. if (matches(userGroupCache, user, value) == false) { final UserRightValue[] includedByValues = value.includedBy(); if (includedByValues != null) { for (final UserRightValue includedByValue : includedByValues) { if (matches(userGroupCache, user, includedByValue) == true) {
/** * @param userGroupCache * @return isAvailable(userGroupCache, user) at default or if dependsOn is given dependsOn.available(userGroupCache, * user, value); */ public boolean isAvailable(final UserGroupCache userGroupCache, final PFUserDO user, final UserRightValue value) { if (this.dependsOn == null) { return isAvailable(userGroupCache, user); } else { return this.dependsOn.isAvailable(userGroupCache, user, value); } }
final UserRight right = rightVO.getRight(); final UserGroupCache userGroupCache = getTenantRegistry().getUserGroupCache(); final UserRightValue[] availableValues = right.getAvailableValues(userGroupCache, data); if (right.isConfigurable(userGroupCache, data) == false) { continue; gridBuilder.newSplitPanel(GridSize.COL50); rightsData.addRight(rightVO); final String label = getString(right.getId().getI18nKey()); final FieldsetPanel fs = gridBuilder.newFieldset(label); if (right.isBooleanType() == true) { fs.addCheckBox(new PropertyModel<Boolean>(rightVO, "booleanValue"), null); } else {
public List<UserRightVO> getUserRights(final PFUserDO user) { final List<UserRightVO> list = new ArrayList<UserRightVO>(); if (user == null || user.getId() == null) { return list; } final List<UserRightDO> dbList = getList(user); final UserGroupCache userGroupCache = getUserGroupCache(); for (final UserRight right : userRightService.getOrderedRights()) { if (right.isAvailable(userGroupCache, user) == false) { continue; } final UserRightVO rightVO = new UserRightVO(right); for (final UserRightDO rightDO : dbList) { if (StringUtils.equals(rightDO.getRightIdString(), right.getId().getId()) == true) { rightVO.setValue(rightDO.getValue()); } } list.add(rightVO); } return list; }
@Test public void testConfigurable() { final UserGroupCache userGroupCache = TenantRegistryMap.getInstance().getTenantRegistry().getUserGroupCache(); final UserRight right = userRights.getRight(UserRightId.PM_HR_PLANNING); logon(TEST_PROJECT_MANAGER_USER); assertFalse( "Right is not configurable, because all available right values are automatically assigned to the current user", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); logon(TEST_ADMIN_USER); assertFalse("Right is not configurable, because no right values are available.", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); PFUserDO user = new PFUserDO(); user.setUsername("testConfigurableRight"); user = userService.getById(userService.save(user)); GroupDO group = getGroup(ProjectForgeGroup.FINANCE_GROUP.toString()); group.getAssignedUsers().add(user); groupDao.update(group); logon(user.getUsername()); assertTrue("Right is configurable, because serveral right values are available.", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); logon(TEST_ADMIN_USER); group = getGroup(ProjectForgeGroup.PROJECT_MANAGER.toString()); group.getAssignedUsers().add(user); groupDao.update(group); logon(user.getUsername()); assertFalse( "Right is not configurable, because all available right values are automatically assigned to the current user", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); }
private void copy(final UserRightDO dest, final UserRightVO src) { if (src.getRight().isBooleanType() == true) { if (src.isBooleanValue() == true) { dest.setValue(UserRightValue.TRUE); } else { dest.setValue(UserRightValue.FALSE); } } else { dest.setValue(src.getValue()); } }
final UserRight right = userRights.getRight(rightId); for (final UserRightValue value : values) { if ((rightDO == null || rightDO.getValue() == null) && right.matches(userGroupCache, user, value) == true) { return true; if (right != null && right.isAvailable(userGroupCache, user, value) == true) { return true;
for (final UserRightDO dbItem : dbList) { IUserRightId rightid = userRightService.getRightId(dbItem.getRightIdString()); if (rightid == rightVO.getRight().getId()) { rightDO = dbItem; rightDO = new UserRightDO(user, rightVO.getRight().getId()).setUser(user); copy(rightDO, rightVO); save(rightDO); IUserRightId rightId = userRightService.getRightId(rightDO.getRightIdString()); final UserRight right = userRightService.getRight(rightId); if (right.isAvailable(userGroupCache, user) == false || right.isAvailable(userGroupCache, user, rightDO.getValue()) == false) { rightDO.setValue(null); String rightId = rightDO.getRightIdString(); UserRight right = userRightService.getRight(rightId); if (right.isAvailable(userGroupCache, user) == false || right.isAvailable(userGroupCache, user, rightDO.getValue()) == false) { rightDO.setValue(null); update(rightDO);
accessChecker.hasLoggedInUserRight(UserRightId.PM_HR_PLANNING, false, UserRightValue.READWRITE)); assertFalse("Right is not configurable, because no right values are available.", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); PFUserDO user = new PFUserDO(); user.setUsername("testHRPlanningRight"); accessChecker.hasLoggedInUserRight(UserRightId.PM_HR_PLANNING, false, UserRightValue.READWRITE)); assertTrue("Right is configurable, because serveral right values are available.", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser())); logon(TEST_ADMIN_USER); group = getGroup(ProjectForgeGroup.PROJECT_MANAGER.toString()); assertFalse( "Right is not configurable, because all available right values are automatically assigned to the current user", right.isConfigurable(userGroupCache, ThreadLocalUserContext.getUser()));
@Override public IUserRightId getRightIdFromEntity(Class<?> entClass) { AUserRightId rightId = entClass.getAnnotation(AUserRightId.class); if (rightId != null) { IUserRightId ret = userRights.getRightId(rightId.value()); return ret; } BaseDao<ExtendedBaseDO<Integer>> dao = getBaseDao(entClass); UserRight userRight = dao.getUserRight(); if (userRight == null) { throw new IllegalArgumentException( "No UserRight for entity: " + entClass.getName() + " via dao: " + dao.getClass().getName()); } return userRight.getId(); }
/** * Is this right for the given user potentially available (independent from the configured value)? * * @param userGroupCache * @return true at default or if dependsOn is given dependsOn.available(AccessChecker) */ public boolean isAvailable(final UserGroupCache userGroupCache, final PFUserDO user) { if (this.dependsOn == null) { return true; } else { return this.dependsOn.isAvailable(userGroupCache, user); } }
if (UserRightId.ADMIN_CORE.equals(right.getId())) { return isUserMemberOfGroup(ThreadLocalUserContext.getUser(), ProjectForgeGroup.ADMIN_GROUP);
/** * @return false if the logged in user is not a member of the dependent groups, otherwise super.isAvailable(...). * @see org.projectforge.business.user.UserRight#isAvailable(org.projectforge.framework.access.AccessChecker) */ @Override public boolean isAvailable(final UserGroupCache userGroupCache, final PFUserDO user) { if (userGroupCache.isUserMemberOfGroup(user, dependsOnGroups) == true) { return super.isAvailable(userGroupCache, user); } return false; }
UserRightVO right2 = null; for (final UserRightVO item : list) { if (item.getRight().getId() == UserRightId.FIBU_AUSGANGSRECHNUNGEN) { right1 = item; } else if (item.getRight().getId() == UserRightId.FIBU_EINGANGSRECHNUNGEN) { right2 = item; right1 = right2 = null; for (final UserRightVO item : list) { if (item.getRight().getId() == UserRightId.FIBU_AUSGANGSRECHNUNGEN) { right1 = item; } else if (item.getRight().getId() == UserRightId.FIBU_EINGANGSRECHNUNGEN) { right2 = item; right1 = right2 = null; for (final UserRightVO item : list) { if (item.getRight().getId() == UserRightId.FIBU_AUSGANGSRECHNUNGEN) { right1 = item; } else if (item.getRight().getId() == UserRightId.FIBU_EINGANGSRECHNUNGEN) { right2 = item;
/** * If userGroupsRight is initialized then {@link UserGroupsRight#isAvailable(UserGroupCache, PFUserDO)} is called, * otherwise super. * * @see org.projectforge.business.user.UserRight#isAvailable(org.projectforge.business.user.UserGroupCache, * org.projectforge.framework.persistence.user.entities.PFUserDO) */ @Override public boolean isAvailable(final UserGroupCache userGroupCache, final PFUserDO user) { if (userGroupsRight != null) { return userGroupsRight.isAvailable(userGroupCache, user); } return super.isAvailable(userGroupCache, user); }
/** * Get all right values which are potentially available for the user. If the user value stored in the user data is not * part of available values then the AccessChecker returns that the user has no right. * * @param userGroupCache * @param user * @return */ public UserRightValue[] getAvailableValues(final UserGroupCache userGroupCache, final PFUserDO user) { if (values == null) { return null; } final List<UserRightValue> list = new ArrayList<UserRightValue>(); for (final UserRightValue value : values) { if (isAvailable(userGroupCache, user, value) == true) { list.add(value); } } final UserRightValue[] oa = new UserRightValue[list.size()]; list.toArray(oa); return oa; }
/** * If userGroupsRight is initialized then * {@link UserGroupsRight#isAvailable(UserGroupCache, PFUserDO, UserRightValue)} is called, otherwise super. * * @see org.projectforge.business.user.UserRight#isAvailable(org.projectforge.business.user.UserGroupCache, * org.projectforge.framework.persistence.user.entities.PFUserDO, org.projectforge.business.user.UserRightValue) */ @Override public boolean isAvailable(final UserGroupCache userGroupCache, final PFUserDO user, final UserRightValue value) { if (userGroupsRight != null) { return userGroupsRight.isAvailable(userGroupCache, user, value); } return super.isAvailable(userGroupCache, user, value); } }
/** * Gets the UserRight and calls {@link UserRight#isAvailable(UserGroupCache, PFUserDO)}. * * @param rightId * @return */ @Override public boolean isAvailable(final PFUserDO user, final IUserRightId rightId) { final UserGroupCache userGroupCache = TenantRegistryMap.getInstance().getTenantRegistry().getUserGroupCache(); final UserRight right = userRights.getRight(rightId); return right != null && right.isAvailable(userGroupCache, user) == true; }
&& userRights.getRight(right.getRightIdString()).isAvailable(this, right.getUser()) == true) { list.add(right);