/*
*
* Copyright (c) 2004 SourceTap - www.sourcetap.com
*
* The contents of this file are subject to the SourceTap Public License
* ("License"); You may not use this file except in compliance with the
* License. You may obtain a copy of the License at http://www.sourcetap.com/license.htm
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
* the specific language governing rights and limitations under the License.
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
*/
package com.sourcetap.sfa.security;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.core.entity.EntityAttribute;
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericEntityException;
import org.ofbiz.entity.GenericValue;
import org.ofbiz.entity.condition.EntityComparisonOperator;
import org.ofbiz.entity.condition.EntityCondition;
import org.ofbiz.entity.condition.EntityConditionList;
import org.ofbiz.entity.condition.EntityExpr;
import org.ofbiz.entity.condition.EntityOperator;
import org.ofbiz.entity.model.ModelEntity;
import org.ofbiz.entity.model.ModelField;
import org.ofbiz.entity.util.EntityListIterator;
import com.sourcetap.sfa.event.DataMatrix;
import com.sourcetap.sfa.replication.GenericReplicator;
import com.sourcetap.sfa.util.Preference;
import com.sourcetap.sfa.util.QueryInfo;
import com.sourcetap.sfa.util.UserInfo;
/**
* DOCUMENT ME!
*
*/
public class SecurityWrapper {
private static final String ROLE = "role";
private static final String TEAM = "team";
public static final String module = SecurityWrapper.class.getName();
/**
* DOCUMENT ME!
*
* @param entity
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findAll(String entity, List orderBy, UserInfo userInfo,
SecurityLinkInfo securityInfo, GenericDelegator delegator)
throws GenericEntityException {
return findByAnd(entity, new ArrayList(), orderBy, userInfo,
securityInfo, delegator);
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByAnd(String entity, List entityExpressions,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
return findByAnd( entity, entityExpressions, orderBy, userInfo, securityInfo, delegator, "TEAM");
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByAndRoleOnly(String entity, List entityExpressions,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
return findByAnd( entity, entityExpressions, orderBy, userInfo, securityInfo, delegator, "ROLE");
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByAnd(String entity, List entityExpressions,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator, String securityType) throws GenericEntityException {
HashMap equalsMap = new HashMap();
EntityExpr entityExpr = null;
QueryInfo queryInfo = new QueryInfo( delegator, entity);
//convert existing expressions into AND clauses.
for (int i = 0; i < entityExpressions.size(); i++) {
entityExpr = (EntityExpr) entityExpressions.get(i);
Object lhs = (Object) entityExpr.getLhs();
Object rhs = (Object) entityExpr.getRhs();
EntityComparisonOperator op = (EntityComparisonOperator) entityExpr.getOperator();
if (lhs instanceof EntityAttribute &&
rhs instanceof EntityAttribute) {
lhs = (EntityAttribute) lhs;
rhs = (EntityAttribute) rhs;
String firstEntity = ((EntityAttribute) lhs).getEntity();
String secondEntity = ((EntityAttribute) rhs).getEntity();
if ( !firstEntity.equals(secondEntity) )
{
if ( !op.equals( EntityOperator.EQUALS ))
throw new IllegalArgumentException("Join operator must be EQUALS");
queryInfo.addJoin(firstEntity, secondEntity, Boolean.FALSE, ((EntityAttribute) lhs).getField(),
((EntityAttribute) rhs).getField());
}
else
{
queryInfo.addCondition( firstEntity, ((EntityAttribute) lhs).getField(), op, ((EntityAttribute) rhs).getField());
}
} else {
if (lhs instanceof EntityAttribute) {
queryInfo.addCondition( ((EntityAttribute) lhs).getEntity(), ((EntityAttribute) lhs).getField(), op, rhs);
} else {
queryInfo.addCondition( entity, (String) lhs, op, rhs);
}
}
}
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, securityType);
queryInfo.setOrderBy( orderBy );
return queryInfo.executeQuery();
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByClause(String entity, List entityExpressions,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator, boolean old_not_used_anymore) throws GenericEntityException {
Debug.logVerbose("[findByClause] userInfo: " + userInfo.toString(), module);
QueryInfo queryInfo = new QueryInfo( delegator, entity);
ArrayList newExpressions = new ArrayList(entityExpressions);
HashMap equalsMap = new HashMap();
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, "TEAM");
throw new IllegalArgumentException("findByClause not supported");
// return delegator.findByClause(entity, newExpressions, equalsMap, orderBy);
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByClauseRoleOnly(String entity,
List entityExpressions, List orderBy, UserInfo userInfo,
SecurityLinkInfo securityInfo, GenericDelegator delegator, boolean old_not_used_anymore)
throws GenericEntityException {
ArrayList newExpressions = new ArrayList(entityExpressions);
HashMap equalsMap = new HashMap();
throw new IllegalArgumentException("findByClauseRoleOnly not supported");
// newExpressions = buildSecurityInfo(newExpressions, userInfo,
// securityInfo, entity, delegator, "ROLE");
// return delegator.findByClause(entity, newExpressions, equalsMap, orderBy);
}
public static List findByCondition(String entity, QueryInfo queryInfo,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
Debug.logVerbose("[findByClause] userInfo: " + userInfo.toString(), module);
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, "TEAM");
queryInfo.setOrderBy( orderBy );
return queryInfo.executeQuery();
}
public static List findByCondition(String entity, EntityCondition condition,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
Debug.logVerbose("[findByCondition] userInfo: " + userInfo.toString(), module);
QueryInfo queryInfo = new QueryInfo( delegator, entity );
queryInfo.addCondition( condition );
return findByCondition( entity, queryInfo, orderBy, userInfo, securityInfo, delegator );
}
public static EntityListIterator findListIteratorByCondition(String entity, EntityCondition condition,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
Debug.logVerbose("[findListIteratorByCondition] userInfo: " + userInfo.toString(), module);
QueryInfo queryInfo = new QueryInfo( delegator, entity );
queryInfo.addCondition( condition );
return findListIteratorByCondition( entity, queryInfo, orderBy, userInfo, securityInfo, delegator );
}
public static EntityListIterator findListIteratorByCondition(String entity, QueryInfo queryInfo,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException {
Debug.logVerbose("[findByClause] userInfo: " + userInfo.toString(), module);
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, "TEAM");
queryInfo.setOrderBy( orderBy );
return queryInfo.getQueryIterator();
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByLike(String entity, List entityExpressions,
List orderBy, UserInfo userInfo, SecurityLinkInfo securityInfo,
GenericDelegator delegator) throws GenericEntityException
{
return findByLike( entity, entityExpressions, orderBy, userInfo, securityInfo, delegator, "TEAM");
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByLikeRoleOnly(String entity,
List entityExpressions, List orderBy, UserInfo userInfo,
SecurityLinkInfo securityInfo, GenericDelegator delegator)
throws GenericEntityException
{
return findByLike( entity, entityExpressions, orderBy, userInfo, securityInfo, delegator, "ROLE");
}
/**
* DOCUMENT ME!
*
* @param entity
* @param entityExpressions
* @param orderBy
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByLike(String entity,
List entityExpressions, List orderBy, UserInfo userInfo,
SecurityLinkInfo securityInfo, GenericDelegator delegator, String securityType)
throws GenericEntityException
{
QueryInfo queryInfo = new QueryInfo( delegator, entity);
EntityExpr entityExpr = null;
//convert existing expressions into LIKE clauses.
for (int i = 0; i < entityExpressions.size(); i++) {
entityExpr = (EntityExpr) entityExpressions.get(i);
Object lhs = entityExpr.getLhs();
Object rhs = entityExpr.getRhs();
EntityComparisonOperator op = (EntityComparisonOperator) entityExpr.getOperator();
if ( !op.equals(EntityOperator.LIKE) && !op.equals(EntityOperator.EQUALS))
throw new IllegalArgumentException("Join Operator must be LIKE or EQUALS");
if (lhs instanceof EntityAttribute &&
rhs instanceof EntityAttribute) {
lhs = (EntityAttribute) lhs;
rhs = (EntityAttribute) rhs;
String firstEntity = ((EntityAttribute) lhs).getEntity();
String secondEntity = ((EntityAttribute) rhs).getEntity();
if ( !firstEntity.equals(secondEntity) )
{
if ( !op.equals( EntityOperator.EQUALS ))
throw new IllegalArgumentException("Join operator must be EQUALS");
queryInfo.addJoin(firstEntity, secondEntity, Boolean.FALSE, ((EntityAttribute) lhs).getField(),
((EntityAttribute) rhs).getField());
}
else
{
queryInfo.addCondition( firstEntity, ((EntityAttribute) lhs).getField(), op, ((EntityAttribute) rhs).getField());
}
} else {
if (lhs instanceof EntityAttribute) {
queryInfo.addCondition( ((EntityAttribute) lhs).getEntity(), ((EntityAttribute) lhs).getField(), op, rhs);
} else {
queryInfo.addCondition( entity, (String) lhs, op, rhs);
}
}
}
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, securityType);
queryInfo.setOrderBy( orderBy );
return queryInfo.executeQuery();
}
/**
* DOCUMENT ME!
*
* @param newExpressions
* @param userInfo
* @param securityInfo
* @param entity
* @param delegator
* @param roleOrTeam
*
* @return
*
* @throws GenericEntityException
*/
private static QueryInfo buildSecurityInfo(QueryInfo queryInfo,
UserInfo userInfo, SecurityLinkInfo securityInfo, String entity,
GenericDelegator delegator, String roleOrTeam)
throws GenericEntityException {
ModelEntity modelEntity = delegator.getModelEntity(entity);
Debug.logVerbose("[buildSecurityInfo] userInfo: " +
userInfo.toString(), module);
String linkEntity = null;
String linkAttribute = null;
String partyId = userInfo.getPartyId();
String roleId = userInfo.getRoleId();
Preference preference = new Preference(delegator);
String securityMode = preference.getPreference(userInfo.getAccountId(),
"SECURITY_MODE", "team");
Debug.logVerbose("[buildSecurityInfo] securityMode: " + securityMode, module);
if (securityInfo != null) {
linkEntity = securityInfo.getEntityName();
linkAttribute = securityInfo.getAttributeName();
}
if ((linkEntity == null) || (linkEntity.equals(""))) {
linkEntity = entity;
}
if ((linkAttribute == null) || (linkAttribute.equals(""))) {
List pks = modelEntity.getPksCopy();
linkAttribute = ((ModelField) pks.get(0)).getName();
}
Debug.logVerbose("[buildSecurityInfo] securityMode: " + securityMode, module);
Debug.logVerbose("[buildSecurityInfo] linkEntity: " + linkEntity, module);
Debug.logVerbose("[buildSecurityInfo] entity: " + entity, module);
Debug.logVerbose("[buildSecurityInfo] linkAttribute: " +
linkAttribute, module);
Debug.logVerbose("[buildSecurityInfo] userInfo.getAccountId(): " +
userInfo.getAccountId(), module);
Debug.logVerbose("[buildSecurityInfo] partyId: " + partyId, module);
if (securityMode.equals("none")) {
//Find Entities in the Entity_Access where the accountId for the role is the same as the user
//this makes anything anyone adds available to anyone in the company
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Role");
queryInfo.addJoin( "EntityAccess", "Role", Boolean.FALSE, "partyId", "roleId");
queryInfo.addAlias("Role", "accountId", "Role_accountId");
queryInfo.addCondition( "Role", "Role_accountId", EntityOperator.EQUALS, userInfo.getAccountId());
} else if (securityMode.equals("territory") ||
roleOrTeam.equalsIgnoreCase("ROLE")) {
//Find Entities in the Entity_Access table where the partyId has Role access
roleId = "%" + roleId + "%";
Debug.logVerbose(
"-->[SecurityWrapper.buildSecurityInfo] roleId: " + roleId, module);
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Role");
queryInfo.addJoin( "EntityAccess", "Role", Boolean.FALSE, "partyId", "roleId");
queryInfo.checkAttribute("EntityAccess", "entityCreatedBy");
queryInfo.checkAttribute("Role", "rolePath");
EntityCondition condition = new EntityConditionList( UtilMisc.toList(
new EntityExpr( "entityCreatedBy", EntityOperator.EQUALS, userInfo.getPartyId() ),
new EntityExpr( "rolePath", EntityOperator.LIKE, roleId)), EntityOperator.OR);
queryInfo.addCondition( condition );
} else if (roleOrTeam.equalsIgnoreCase("TEAM")) {
// Find Entities in the Entity_Access table where the partyId has Team_Member access.
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Team");
queryInfo.addJoin( "EntityAccess", "TeamMember", Boolean.FALSE, "partyId", "teamId");
queryInfo.addCondition( "TeamMember", "partyId", EntityOperator.EQUALS, partyId);
} else {
throw new GenericEntityException(
"SecurityWrapper.buildSecurityInfo() must use either role or team as a parameter.");
}
return queryInfo;
}
/**
* Combines two GenericValue-Lists into one. Does not add duplicate GenericValues.
*
*/
private static List unionLists(List one, List two) {
List returnList = null;
if (one.size() > two.size()) {
Iterator twoIter = two.iterator();
GenericValue value = null;
while (twoIter.hasNext()) {
value = (GenericValue) twoIter.next();
if (!one.contains(value)) {
one.add(value);
}
}
returnList = one;
} else {
Iterator oneIter = one.iterator();
GenericValue value = null;
while (oneIter.hasNext()) {
value = (GenericValue) oneIter.next();
if (!two.contains(value)) {
two.add(value);
}
}
returnList = two;
}
return returnList;
}
/**
* Add security information to the list of data to store with the specified entitiy
*/
public static boolean addRoleInformation(DataMatrix dataMatrix, int row,
UserInfo userInfo, String ownerPartyId, String accessEntityName,
String accessEntityAttributeValue, GenericDelegator delegator) {
// Create a new Team, with the current logged-in user as primary and the owner if it is different from the current user.
Timestamp now = new Timestamp(Calendar.getInstance().getTime().getTime());
List storeGVL = new LinkedList();
String userPartyId = userInfo.getPartyId();
String userRoleId = userInfo.getRoleId();
GenericValue party = new GenericValue(delegator.getModelEntity("Party"));
party.setDelegator(delegator);
String teamId = GenericReplicator.getNextSeqId("Party", delegator);
party.set("partyId", teamId);
dataMatrix.addEntity("Party", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(party);
GenericValue team = new GenericValue(delegator.getModelEntity("Team"));
team.setDelegator(delegator);
team.set("teamId", teamId);
team.set("createdBy", userPartyId);
team.set("createdDate", now);
team.set("modifiedBy", userPartyId);
team.set("modifiedDate", now);
dataMatrix.addEntity("Team", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(team);
// Add user to team_members
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Adding user to the team.", module);
GenericValue userTeamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
userTeamMember.setDelegator(delegator);
userTeamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
userTeamMember.set("teamId", teamId);
userTeamMember.set("partyId", userPartyId);
if (!ownerPartyId.equals(userPartyId) && !ownerPartyId.equals("") &&
(ownerPartyId != null)) {
// The current user is not the owner.
userTeamMember.set("teamOwner", "N");
} else {
// The current user is the owner.
userTeamMember.set("teamOwner", "Y");
}
userTeamMember.set("createdBy", userPartyId);
userTeamMember.set("createdDate", now);
userTeamMember.set("modifiedBy", userPartyId);
userTeamMember.set("modifiedDate", now);
dataMatrix.addEntity("TeamMember", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(userTeamMember);
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] userPartyId: " +
userPartyId, module);
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] ownerPartyId: " +
ownerPartyId, module);
if (!ownerPartyId.equals(userPartyId) && !ownerPartyId.equals("") &&
(ownerPartyId != null)) {
// Add owner to team_members since it is different from the current user.
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Adding owner to the team.", module);
GenericValue ownerTeamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
ownerTeamMember.setDelegator( delegator );
ownerTeamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
ownerTeamMember.set("teamId", teamId);
ownerTeamMember.set("partyId", ownerPartyId);
ownerTeamMember.set("teamOwner", "Y");
ownerTeamMember.set("createdBy", userPartyId);
ownerTeamMember.set("createdDate", now);
ownerTeamMember.set("modifiedBy", userPartyId);
ownerTeamMember.set("modifiedDate", now);
dataMatrix.addEntity("TeamMember", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(ownerTeamMember);
}
//add Team to Entity Access.
GenericValue entityAccess = new GenericValue(delegator.getModelEntity(
"EntityAccess"));
entityAccess.setDelegator( delegator );
entityAccess.set("entityAccessId",
GenericReplicator.getNextSeqId("EntityAccess", delegator));
entityAccess.set("entity", accessEntityName);
entityAccess.set("entityId", accessEntityAttributeValue);
entityAccess.set("partyId", team.getString("teamId"));
entityAccess.set("partyEntityType", "Team");
entityAccess.set("entityCreatedBy", userPartyId);
entityAccess.set("createdBy", userPartyId);
entityAccess.set("createdDate", now);
entityAccess.set("modifiedBy", userPartyId);
entityAccess.set("modifiedDate", now);
dataMatrix.addEntity("EntityAccess", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(entityAccess);
// Get the owner party's role.
String ownerRoleId = "";
HashMap roleFindMap = new HashMap();
roleFindMap.put("contactId", ownerPartyId);
try {
GenericValue ownerContactGV = delegator.findByPrimaryKey("Contact",
roleFindMap);
if (null != ownerContactGV) {
ownerRoleId = ownerContactGV.getString("roleId");
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Found owner's role ID.", module);
}
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.addRoleInformation] And error occurred while looking for the entity owner's contact. (" +
ownerPartyId + ")", module);
}
if ((ownerRoleId == null) || ownerRoleId.equals("")) {
// The owner does not have a role. Give access to the user that created the entity, and log a warning.
ownerRoleId = userRoleId;
Debug.logWarning(
"[SecurityWrapper.addRoleInformation] Warning! Owner of " +
accessEntityName + " " + accessEntityAttributeValue +
" does not have a role. Granting access to the current user's role ( " +
userRoleId + ") instead.", module);
}
//Add a Role entity to Entity_Access with the owner's role as the party_id
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Adding entity access for role ID " +
ownerRoleId + ".", module);
GenericValue entityRoleAccess = new GenericValue(delegator.getModelEntity(
"EntityAccess"));
entityRoleAccess.setDelegator( delegator );
entityRoleAccess.set("entityAccessId",
GenericReplicator.getNextSeqId("EntityAccess", delegator));
entityRoleAccess.set("entity", accessEntityName);
entityRoleAccess.set("entityId", accessEntityAttributeValue);
entityRoleAccess.set("partyId", ownerRoleId);
entityRoleAccess.set("partyEntityType", "Role");
entityRoleAccess.set("entityCreatedBy", userPartyId);
entityRoleAccess.set("createdBy", userPartyId);
entityRoleAccess.set("createdDate", now);
entityRoleAccess.set("modifiedBy", userPartyId);
entityRoleAccess.set("modifiedDate", now);
dataMatrix.addEntity("EntityAccess", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(entityRoleAccess);
return true;
}
/**
* Add security information to the list of data to store with the specified entitiy
*/
public static boolean updateRoleInformation(DataMatrix dataMatrix, int row,
UserInfo userInfo, String ownerPartyId, String accessEntityName,
String accessEntityAttributeValue, GenericDelegator delegator) {
// Add the owner to the team if it is different from the current user.
Timestamp now = new Timestamp(Calendar.getInstance().getTime().getTime());
String userPartyId = userInfo.getPartyId();
String userRoleId = userInfo.getRoleId();
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] userPartyId: " +
userPartyId, module);
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] ownerPartyId: " +
ownerPartyId, module);
// Find the team-type entity access for this entity.
List teamEntityAccessGVL = findEntityAccessGVL(accessEntityName,
accessEntityAttributeValue, "Team", delegator);
Iterator teamEntityAccessGVI = teamEntityAccessGVL.iterator();
if (teamEntityAccessGVI.hasNext()) {
// Team entity access was found. Get the team members.
GenericValue teamEntityAccessGV = (GenericValue) teamEntityAccessGVI.next();
String teamId = teamEntityAccessGV.getString("partyId");
HashMap teamMemberFindMap = new HashMap();
teamMemberFindMap.put("teamId", teamId);
try {
List teamMemberGVL = delegator.findByAnd("TeamMember",
teamMemberFindMap);
Iterator teamMemberGVI = teamMemberGVL.iterator();
boolean ownerFound = false;
while (teamMemberGVI.hasNext()) {
GenericValue teamMemberGV = (GenericValue) teamMemberGVI.next();
String teamMemberPartyId = (teamMemberGV.getString(
"partyId") == null) ? ""
: teamMemberGV.getString(
"partyId");
if (teamMemberPartyId.equals(ownerPartyId)) {
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Owner is already on the team.", module);
ownerFound = true;
break;
}
}
if (!ownerFound) {
// Need to add the owner to the team.
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Adding owner to the team.", module);
GenericValue ownerTeamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
ownerTeamMember.setDelegator ( delegator );
ownerTeamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
ownerTeamMember.set("teamId", teamId);
ownerTeamMember.set("partyId", ownerPartyId);
ownerTeamMember.set("teamOwner", "Y");
ownerTeamMember.set("createdBy", userPartyId);
ownerTeamMember.set("createdDate", now);
ownerTeamMember.set("modifiedBy", userPartyId);
ownerTeamMember.set("modifiedDate", now);
dataMatrix.addEntity("TeamMember", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(ownerTeamMember);
}
} catch (GenericEntityException e2) {
Debug.logError(
"[SecurityWrapper.updateRoleInformation] An error occurred while finding team " +
"members for team " + teamId, module);
}
} else {
Debug.logWarning(
"[SecurityWrapper.updateRoleInformation] Could not find the team for the " +
accessEntityName, module);
}
// Get the owner party's role.
String ownerRoleId = "";
HashMap roleFindMap = new HashMap();
roleFindMap.put("contactId", ownerPartyId);
try {
GenericValue ownerContactGV = delegator.findByPrimaryKey("Contact",
roleFindMap);
ownerRoleId = ownerContactGV.getString("roleId");
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Found owner's role ID.", module);
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.updateRoleInformation] An error occurred while looking for the " +
"entity owner's contact. (" + ownerPartyId + "):", module);
Debug.logError(e.getLocalizedMessage(), module);
}
if ((ownerRoleId == null) || ownerRoleId.equals("")) {
// The owner does not have a role. Give access to the user that created the entity, and log a warning.
ownerRoleId = userRoleId;
Debug.logWarning(
"[SecurityWrapper.updateRoleInformation] Warning! Owner of " +
accessEntityName + " " + accessEntityAttributeValue +
" does not have a role. Granting access to the current user's role ( " +
userRoleId + ") instead.", module);
}
// Check whether there is an entity access record for the owner's role.
List roleEntityAccessGVL = findEntityAccessGVL(accessEntityName,
accessEntityAttributeValue, "Role", delegator);
String entityCreatedBy = userPartyId;
boolean roleEntityAccessFound = false;
Iterator roleEntityAccessGVI = roleEntityAccessGVL.iterator();
while (roleEntityAccessGVI.hasNext()) {
GenericValue roleEntityAccessGV = (GenericValue) roleEntityAccessGVI.next();
String partyId = (roleEntityAccessGV.getString("partyId") == null)
? "" : roleEntityAccessGV.getString("partyId");
if (partyId.equals(ownerRoleId)) {
roleEntityAccessFound = true;
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Found entity access record for owner's role.", module);
} else {
// This entity access record is not for the owner's role. Remove it.
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Removing entity access record not " +
"for owner's role (" + roleEntityAccessGV.toString(), module);
entityCreatedBy = roleEntityAccessGV.getString(
"entityCreatedBy");
try {
roleEntityAccessGV.remove();
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.entityAccessGVL] Warning! An error occurred while removing an " +
"entity access record:", module);
Debug.logError(e.getLocalizedMessage(), module);
}
}
}
if (!roleEntityAccessFound) {
// No entity access was found for the owner's role. Need to add it.
Debug.logVerbose(
"-->[SecurityWrapper.updateRoleInformation] Adding entity access for role ID " +
ownerRoleId + ".", module);
GenericValue entityRoleAccess = new GenericValue(delegator.getModelEntity(
"EntityAccess"));
entityRoleAccess.setDelegator( delegator );
entityRoleAccess.set("entityAccessId",
GenericReplicator.getNextSeqId("EntityAccess", delegator));
entityRoleAccess.set("entity", accessEntityName);
entityRoleAccess.set("entityId", accessEntityAttributeValue);
entityRoleAccess.set("partyId", ownerRoleId);
entityRoleAccess.set("partyEntityType", "Role");
entityRoleAccess.set("entityCreatedBy", entityCreatedBy);
entityRoleAccess.set("createdBy", userPartyId);
entityRoleAccess.set("createdDate", now);
entityRoleAccess.set("modifiedBy", userPartyId);
entityRoleAccess.set("modifiedDate", now);
dataMatrix.addEntity("EntityAccess", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(entityRoleAccess);
}
return true;
}
/**
* DOCUMENT ME!
*
* @param accessEntityName
* @param accessEntityAttributeValue
* @param partyEntityType
* @param delegator
*
* @return
*/
protected static List findEntityAccessGVL(String accessEntityName,
String accessEntityAttributeValue, String partyEntityType,
GenericDelegator delegator) {
HashMap entityAccessFindMap = new HashMap();
entityAccessFindMap.put("entity", accessEntityName);
entityAccessFindMap.put("entityId", accessEntityAttributeValue);
entityAccessFindMap.put("partyEntityType", partyEntityType);
try {
return delegator.findByAnd("EntityAccess", entityAccessFindMap);
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.entityAccessGVL] Warning! An error occurred while looking for " +
"entity access records for {(accessEntityName, " +
accessEntityName + "), (accessEntityAttributeValue," +
accessEntityAttributeValue + "), (partyEntityType," +
partyEntityType + "):", module);
Debug.logError(e.getLocalizedMessage(), module);
return null;
}
}
/**
* DOCUMENT ME!
*
* @param teamId
* @param contactId
* @param userInfo
* @param delegator
*
* @return
*/
public static boolean addTeamMember(String teamId, String contactId,
UserInfo userInfo, GenericDelegator delegator) {
Debug.logVerbose("[SecurityWrapper.addTeamMember]", module);
try {
// Add the specified user as a non-primary member of the specified team.
String userPartyId = userInfo.getPartyId();
GenericValue teamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
teamMember.setDelegator( delegator );
Timestamp now = new Timestamp(Calendar.getInstance().getTime()
.getTime());
teamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
teamMember.set("teamId", teamId);
teamMember.set("partyId", contactId);
teamMember.set("teamOwner", "N");
teamMember.set("createdBy", userPartyId);
teamMember.set("createdDate", now);
teamMember.set("modifiedBy", userPartyId);
teamMember.set("modifiedDate", now);
Debug.logVerbose(
"[SecurityWrapper.addTeamMember] About to insert team member " +
teamMember.toString(), module);
delegator.create(teamMember);
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.addTeamMember] Error inserting new team member: " +
e.getLocalizedMessage(), module);
return false;
}
return true;
}
/**
* DOCUMENT ME!
*
* @param teamId
* @param contactId
* @param userInfo
* @param delegator
*
* @return
*/
public static boolean removeTeamMember(String teamId, String contactId,
UserInfo userInfo, GenericDelegator delegator) {
Debug.logVerbose("[SecurityWrapper.removeTeamMember]", module);
try {
//Delete a team member
HashMap fields = new HashMap();
fields.put("teamId", teamId);
fields.put("partyId", contactId);
Debug.logVerbose(
"[SecurityWrapper.removeTeamMember] About to remove by and: " +
fields.toString(), module);
delegator.removeByAnd("TeamMember", fields);
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.removeTeamMember] Error removing team member: " +
e.getLocalizedMessage(), module);
return false;
}
return true;
}
}