Package org.projectforge.access

Examples of org.projectforge.access.AccessChecker

83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
   * @see org.projectforge.core.BaseDao#hasAccess(Object, OperationType)
   */
  @Override
  public boolean hasAccess(final PFUserDO user, final AuftragDO obj, final  AuftragDO oldObj, final OperationType operationType)
  {
    final AccessChecker accessChecker = UserRights.getAccessChecker();
    final UserGroupCache userGroupCache = UserRights.getUserGroupCache();
    if (operationType == OperationType.SELECT) {
      if (accessChecker.isUserMemberOfGroup(user, ProjectForgeGroup.CONTROLLING_GROUP) == true) {
        return true;
      }
      if (accessChecker.hasRight(user, getId(), UserRightValue.READONLY, UserRightValue.PARTLYREADWRITE, UserRightValue.READWRITE) == false) {
        return false;
      }
    } else {
      if (accessChecker.hasRight(user, getId(), UserRightValue.PARTLYREADWRITE, UserRightValue.READWRITE) == false) {
        return false;
      }
    }
    if (obj != null
        && accessChecker.isUserMemberOfGroup(user, ProjectForgeGroup.FINANCE_GROUP) == false
        && CollectionUtils.isNotEmpty(obj.getPositionen()) == true) {
      // Special field check for non finance administrative staff members:
      if (operationType == OperationType.INSERT) {
        for (final AuftragsPositionDO position : obj.getPositionen()) {
          if (position.isVollstaendigFakturiert() == true) {
            throw new AccessException("fibu.auftrag.error.vollstaendigFakturiertProtection");
          }
        }
      } else if (oldObj != null) {
        for (short number = 1; number <= obj.getPositionen().size(); number++) {
          final AuftragsPositionDO position = obj.getPosition(number);
          final AuftragsPositionDO dbPosition = oldObj.getPosition(number);
          if (dbPosition == null) {
            if (position.isVollstaendigFakturiert() == true) {
              throw new AccessException("fibu.auftrag.error.vollstaendigFakturiertProtection");
            }
          } else if (position.isVollstaendigFakturiert() != dbPosition.isVollstaendigFakturiert()) {
            throw new AccessException("fibu.auftrag.error.vollstaendigFakturiertProtection");
          }
        }
      }
    }
    if (accessChecker.isUserMemberOfGroup(user, UserRights.FIBU_ORGA_GROUPS) == true
        && accessChecker.hasRight(user, getId(), UserRightValue.READONLY, UserRightValue.READWRITE)) {
      // No further access checking (but not for users with right PARTLY_READWRITE.
    } else if (obj != null) {
      // User should be a PROJECT_MANAGER or PROJECT_ASSISTANT or user has PARTLYREADWRITE access:
      boolean hasAccess = false;
      if (accessChecker.userEquals(user, obj.getContactPerson()) == true) {
        hasAccess = true;
      }
      if (obj.getProjekt() != null && userGroupCache.isUserMemberOfGroup(user.getId(), obj.getProjekt().getProjektManagerGroupId())) {
        hasAccess = true;
      }
View Full Code Here
TOP

Related Classes of org.projectforge.access.AccessChecker

  • org.projectforge.fibu.AuftragRight
  • org.projectforge.task.TaskNode
  • org.projectforge.user.PFUserDO
  • org.projectforge.user.UserRight
  • org.projectforge.user.UserRightDO
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.