Rolehärdelliä, ja aika paljon muita pikkufiksejä.

code/LanBortalBeans/as3/fi/insomnia/bortal/beans/UserBeanBase.as

@@ -15,12 +15,14 @@ package fi.insomnia.bortal.beans {
     import flash.utils.IDataOutput;
     import flash.utils.IDataOutput;
     import flash.utils.IExternalizable;
     import flash.utils.IExternalizable;
     import javax.ejb.SessionContext;
     import javax.ejb.SessionContext;
+    import javax.persistence.EntityManager;
 
 
     [Bindable]
     [Bindable]
     public class UserBeanBase implements IExternalizable {
     public class UserBeanBase implements IExternalizable {
 
 
         private var _accessRightFacade:AccessRightFacade;
         private var _accessRightFacade:AccessRightFacade;
         private var _context:SessionContext;
         private var _context:SessionContext;
+        private var _em:EntityManager;
         private var _eventBean:EventBeanLocal;
         private var _eventBean:EventBeanLocal;
         private var _rolebean:RoleBeanLocal;
         private var _rolebean:RoleBeanLocal;
         private var _rolefacade:RoleFacade;
         private var _rolefacade:RoleFacade;
@@ -31,6 +33,7 @@ package fi.insomnia.bortal.beans {
         public function readExternal(input:IDataInput):void {
         public function readExternal(input:IDataInput):void {
             _accessRightFacade = input.readObject() as AccessRightFacade;
             _accessRightFacade = input.readObject() as AccessRightFacade;
             _context = input.readObject() as SessionContext;
             _context = input.readObject() as SessionContext;
+            _em = input.readObject() as EntityManager;
             _eventBean = input.readObject() as EventBeanLocal;
             _eventBean = input.readObject() as EventBeanLocal;
             _rolebean = input.readObject() as RoleBeanLocal;
             _rolebean = input.readObject() as RoleBeanLocal;
             _rolefacade = input.readObject() as RoleFacade;
             _rolefacade = input.readObject() as RoleFacade;
@@ -42,6 +45,7 @@ package fi.insomnia.bortal.beans {
         public function writeExternal(output:IDataOutput):void {
         public function writeExternal(output:IDataOutput):void {
             output.writeObject(_accessRightFacade);
             output.writeObject(_accessRightFacade);
             output.writeObject(_context);
             output.writeObject(_context);
+            output.writeObject(_em);
             output.writeObject(_eventBean);
             output.writeObject(_eventBean);
             output.writeObject(_rolebean);
             output.writeObject(_rolebean);
             output.writeObject(_rolefacade);
             output.writeObject(_rolefacade);

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java

@@ -11,10 +11,10 @@ import fi.insomnia.bortal.beanutil.AuthorisationBeanLocal;
 import fi.insomnia.bortal.beanutil.AuthorisationBeanLocal.Right;
 import fi.insomnia.bortal.beanutil.AuthorisationBeanLocal.Right;
 import fi.insomnia.bortal.beanutil.AuthorisationBeanLocal.RightType;
 import fi.insomnia.bortal.beanutil.AuthorisationBeanLocal.RightType;
 import fi.insomnia.bortal.beanutil.PdfPrinter;
 import fi.insomnia.bortal.beanutil.PdfPrinter;
+import fi.insomnia.bortal.enums.BillFacade;
 import fi.insomnia.bortal.enums.Permission;
 import fi.insomnia.bortal.enums.Permission;
 import fi.insomnia.bortal.enums.RolePermission;
 import fi.insomnia.bortal.enums.RolePermission;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
-import fi.insomnia.bortal.facade.BillFacade;
 import fi.insomnia.bortal.facade.BillLineFacade;
 import fi.insomnia.bortal.facade.BillLineFacade;
 import fi.insomnia.bortal.facade.EventFacade;
 import fi.insomnia.bortal.facade.EventFacade;
 import fi.insomnia.bortal.model.Bill;
 import fi.insomnia.bortal.model.Bill;

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventBean.java

@@ -10,11 +10,10 @@ import org.slf4j.LoggerFactory;
 
 
 import fi.insomnia.bortal.facade.EventFacade;
 import fi.insomnia.bortal.facade.EventFacade;
 import fi.insomnia.bortal.facade.EventOrganiserFacade;
 import fi.insomnia.bortal.facade.EventOrganiserFacade;
-import fi.insomnia.bortal.facade.UserFacade;
 import fi.insomnia.bortal.model.EventOrganiser;
 import fi.insomnia.bortal.model.EventOrganiser;
 import fi.insomnia.bortal.model.LanEvent;
 import fi.insomnia.bortal.model.LanEvent;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.model.User;
-import fi.insomnia.bortal.utilities.ThreadLocalContextHolder;
+import fi.insomnia.bortal.utilities.BortalLocalContextHolder;
 
 
 /**
 /**
  * Session Bean implementation class EventBean
  * Session Bean implementation class EventBean
@@ -51,17 +50,15 @@ public class EventBean implements EventBeanLocal {
 
 
     public LanEvent findOrCreateDefaultEvent() {
     public LanEvent findOrCreateDefaultEvent() {
         LanEvent ret = eventFacade.findByName(DEFAULT_EVENT_NAME);
         LanEvent ret = eventFacade.findByName(DEFAULT_EVENT_NAME);
-        logger.debug("Checking if event exists in database!: {}", ret);
         if (ret == null) {
         if (ret == null) {
             logger.info("Default Event does not exist! creating new.");
             logger.info("Default Event does not exist! creating new.");
             ret = new LanEvent();
             ret = new LanEvent();
-            ret.setReferer("");
+
             ret.setName(DEFAULT_EVENT_NAME);
             ret.setName(DEFAULT_EVENT_NAME);
             ret.setOrganiser(findOrCreateDefaultEventOrganisation());
             ret.setOrganiser(findOrCreateDefaultEventOrganisation());
             ret.setStatus(eventStatusBean.findOrCreateDefaultEventStatus());
             ret.setStatus(eventStatusBean.findOrCreateDefaultEventStatus());
             eventFacade.create(ret);
             eventFacade.create(ret);
             em.flush();
             em.flush();
-            logger.debug("Persisted new event to database: {}", ret);
         }
         }
         return ret;
         return ret;
     }
     }
@@ -82,10 +79,10 @@ public class EventBean implements EventBeanLocal {
     }
     }
 
 
     public LanEvent getCurrentEvent() {
     public LanEvent getCurrentEvent() {
-        LanEvent ret = getEventByHostname((String) ThreadLocalContextHolder.get(HTTP_URL_HOSTNAME));
-        logger.debug("Returning currentEvent: {}", ret);
+        LanEvent ret = getEventByHostname( BortalLocalContextHolder.getHostname());
 
 
         return ret;
         return ret;
     }
     }
-
+    
+    
 }
 }

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SecurityBean.java

@@ -105,4 +105,13 @@ public class SecurityBean implements SecurityBeanLocal {
     public LogEntry logPermissionDenied(User currentuser, String message) {
     public LogEntry logPermissionDenied(User currentuser, String message) {
         return logMessage(SecurityLogType.permissionDenied, currentuser, message);
         return logMessage(SecurityLogType.permissionDenied, currentuser, message);
     }
     }
+
+    @Override
+    public LogEntry logMessage(User currentUser, String... message) {
+        StringBuilder msg = new StringBuilder();
+        for (String msgpart : message) {
+            msg.append(msgpart);
+        }
+        return logMessage(currentUser, msg.toString());
+    }
 }
 }

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/TestDataBean.java

@@ -18,7 +18,7 @@ import javax.persistence.Query;
 
 
 import org.slf4j.LoggerFactory;
 import org.slf4j.LoggerFactory;
 
 
-import fi.insomnia.bortal.facade.BillFacade;
+import fi.insomnia.bortal.enums.BillFacade;
 import fi.insomnia.bortal.facade.BillLineFacade;
 import fi.insomnia.bortal.facade.BillLineFacade;
 import fi.insomnia.bortal.facade.CompoEntryFacade;
 import fi.insomnia.bortal.facade.CompoEntryFacade;
 import fi.insomnia.bortal.facade.CompoFacade;
 import fi.insomnia.bortal.facade.CompoFacade;
@@ -34,7 +34,7 @@ import fi.insomnia.bortal.model.LanEvent;
 import fi.insomnia.bortal.model.EventMap;
 import fi.insomnia.bortal.model.EventMap;
 import fi.insomnia.bortal.model.Place;
 import fi.insomnia.bortal.model.Place;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.model.User;
-import fi.insomnia.bortal.utilities.ThreadLocalContextHolder;
+import fi.insomnia.bortal.utilities.BortalLocalContextHolder;
 import fi.insomnia.bortal.utilities.apachecodec.binary.Base64;
 import fi.insomnia.bortal.utilities.apachecodec.binary.Base64;
 
 
 /**
 /**
@@ -313,7 +313,7 @@ public class TestDataBean implements TestDataBeanLocal {
     }
     }
 
 
     public void contextTest() {
     public void contextTest() {
-        logger.debug("Hostname: {}",ThreadLocalContextHolder.get("HTTP_URL_HOSTNAME"));
+        logger.debug("Hostname: {}",BortalLocalContextHolder.getHostname());
       
       
     }
     }
 }
 }

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java

@@ -13,6 +13,8 @@ import javax.ejb.EJB;
 import javax.ejb.LocalBean;
 import javax.ejb.LocalBean;
 import javax.ejb.SessionContext;
 import javax.ejb.SessionContext;
 import javax.ejb.Stateless;
 import javax.ejb.Stateless;
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
 
 
 import org.slf4j.Logger;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.LoggerFactory;
@@ -28,7 +30,7 @@ import fi.insomnia.bortal.model.AccessRight;
 import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.RoleRight;
 import fi.insomnia.bortal.model.RoleRight;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.model.User;
-import fi.insomnia.bortal.utilities.ThreadLocalContextHolder;
+import fi.insomnia.bortal.utilities.BortalLocalContextHolder;
 
 
 /**
 /**
  * Session Bean implementation class UserBean
  * Session Bean implementation class UserBean
@@ -49,6 +51,8 @@ public class UserBean implements UserBeanLocal {
      */
      */
     @EJB
     @EJB
     private UserFacade userFacade;
     private UserFacade userFacade;
+    @PersistenceContext
+    private EntityManager em;
     @Resource
     @Resource
     private SessionContext context;
     private SessionContext context;
 
 
@@ -79,6 +83,7 @@ public class UserBean implements UserBeanLocal {
         returnUser.resetPassword(password);
         returnUser.resetPassword(password);
         // Tallennetaan olio kantaan...
         // Tallennetaan olio kantaan...
         userFacade.create(returnUser);
         userFacade.create(returnUser);
+        em.flush();
         return returnUser;
         return returnUser;
     }
     }
 
 
@@ -86,14 +91,12 @@ public class UserBean implements UserBeanLocal {
         fatalPermission(Permission.USER_MANAGEMENT, RolePermission.READ);
         fatalPermission(Permission.USER_MANAGEMENT, RolePermission.READ);
 
 
         List<User> ret = userFacade.findAll();
         List<User> ret = userFacade.findAll();
-        logger.info("Found {} users from database ", ret.size());
         return ret;
         return ret;
     }
     }
 
 
     @Override
     @Override
     public User mergeChanges(User user) {
     public User mergeChanges(User user) {
         fatalPermission(Permission.USER_MANAGEMENT, RolePermission.WRITE);
         fatalPermission(Permission.USER_MANAGEMENT, RolePermission.WRITE);
-
         return userFacade.merge(user);
         return userFacade.merge(user);
     }
     }
 
 
@@ -130,6 +133,7 @@ public class UserBean implements UserBeanLocal {
             defaultUser = new User();
             defaultUser = new User();
             defaultUser.setLogin(DEFAULT_USER_LOGIN);
             defaultUser.setLogin(DEFAULT_USER_LOGIN);
             userFacade.create(defaultUser);
             userFacade.create(defaultUser);
+            defaultUser.setSuperadmin(true);
 
 
             ArrayList<Role> userRoles = new ArrayList<Role>();
             ArrayList<Role> userRoles = new ArrayList<Role>();
             userRoles.add(rolebean.getOrCreatePublicRole());
             userRoles.add(rolebean.getOrCreatePublicRole());
@@ -143,60 +147,68 @@ public class UserBean implements UserBeanLocal {
     public boolean hasPermission(Permission target, RolePermission permission) {
     public boolean hasPermission(Permission target, RolePermission permission) {
 
 
         User user = getCurrentUser();
         User user = getCurrentUser();
-        logger.info("checking permission {}, {}", target, permission);
         Calendar start = Calendar.getInstance();
         Calendar start = Calendar.getInstance();
 
 
-        AccessRight expectedRight = accessRightFacade.findByPermission(target);
+        Boolean ret = BortalLocalContextHolder.hasPermission(target, permission);
+        if (ret == null) {
+            ret = false;
+            AccessRight expectedRight = accessRightFacade.findByPermission(target);
 
 
-        Set<Role> checkedRoles = new HashSet<Role>();
+            Set<Role> checkedRoles = new HashSet<Role>();
 
 
-        List<Role> rolelist = rolefacade.findForUser(user, eventBean.getCurrentEvent());
-        if (getRights(rolelist, expectedRight, permission, checkedRoles)) {
-            return true;
+            List<Role> rolelist = rolefacade.findForUser(user, eventBean.getCurrentEvent());
+            if (getRights(rolelist, expectedRight, permission, checkedRoles)) {
+                ret = true;
+            }
+            logger.debug("Perm not found from cache. saving to cache");
+            BortalLocalContextHolder.setPermission(target, permission, ret);
+        } else {
+            logger.debug("VALUE from cache: {}", ret);
         }
         }
 
 
-        long diffMs = Calendar.getInstance().getTimeInMillis() - start.getTimeInMillis();
-        logger.debug("");
+        if (logger.isDebugEnabled()) {
+            long diffMs = Calendar.getInstance().getTimeInMillis() - start.getTimeInMillis();
+            logger.debug("Target {}, permission {} checktime {}ms", new Object[] { target, permission, diffMs });
+        }
         // TODO: FIX THIS!! really bad idea....
         // TODO: FIX THIS!! really bad idea....
 
 
         if (user.isSuperadmin()) {
         if (user.isSuperadmin()) {
-            logger.debug("Returning true for superadmin for {} perm {}", target.name(), permission);
             return true;
             return true;
         }
         }
-        return false;
+        return ret;
     }
     }
 
 
     private boolean getRights(Collection<Role> roles, AccessRight expectedRight, RolePermission permission, Set<Role> checkedRoles) {
     private boolean getRights(Collection<Role> roles, AccessRight expectedRight, RolePermission permission, Set<Role> checkedRoles) {
 
 
-        if(roles == null || roles.isEmpty())
-        {
+        if (roles == null || roles.isEmpty()) {
             return false;
             return false;
         }
         }
-        for (RoleRight rr : rrfacade.find(roles, expectedRight)) {
+        for (Role role : roles)
+            for (RoleRight rr : role.getRoleRights())// rrfacade.find(roles,
+                                                     // expectedRight))
+            {
+                BortalLocalContextHolder.setPermission(rr);
+                switch (permission) {
+                case READ:
+                    if (rr.isRead()) {
+                        return true;
+                    }
+                    break;
+                case WRITE:
+                    if (rr.isWrite()) {
+                        return true;
+                    }
+                    break;
+                case EXECUTE:
+                    if (rr.isExecute()) {
+                        return true;
+                    }
 
 
-            switch (permission) {
-            case READ:
-                if (rr.isRead()) {
-                    return true;
-                }
-                break;
-            case WRITE:
-                if (rr.isWrite()) {
-                    return true;
-                }
-                break;
-            case EXECUTE:
-                if (rr.isExecute()) {
-                    return true;
                 }
                 }
-
             }
             }
-        }
         checkedRoles.addAll(roles);
         checkedRoles.addAll(roles);
-        
-        return getRights(rolefacade.findAllParentsExcluding(roles,checkedRoles), expectedRight,permission, checkedRoles);
-        
 
 
+        return getRights(rolefacade.findAllParentsExcluding(roles, checkedRoles), expectedRight, permission, checkedRoles);
 
 
     }
     }
 
 

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventFacade.java

@@ -34,7 +34,6 @@ public class EventFacade extends GenericFacade<Integer, LanEvent> {
     }
     }
 
 
     public LanEvent findByHostname(String hostname) {
     public LanEvent findByHostname(String hostname) {
-        logger.debug("finding LanEvent with hostname {}", hostname);
         TypedQuery<LanEvent> q = em.createNamedQuery("LanEvent.findByReferer", LanEvent.class);
         TypedQuery<LanEvent> q = em.createNamedQuery("LanEvent.findByReferer", LanEvent.class);
         q.setParameter("referer", hostname);
         q.setParameter("referer", hostname);
         return this.getSingleNullableResult(q);
         return this.getSingleNullableResult(q);

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/RoleRightFacade.java

 package fi.insomnia.bortal.facade;
 package fi.insomnia.bortal.facade;
 
 
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.List;
+import java.util.Set;
 
 
 import javax.ejb.LocalBean;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
 import javax.ejb.Stateless;
@@ -40,8 +43,21 @@ public class RoleRightFacade extends EventChildGenericFacade<RoleRight> {
     }
     }
 
 
     public List<RoleRight> find(Collection<Role> roles, AccessRight accessright) {
     public List<RoleRight> find(Collection<Role> roles, AccessRight accessright) {
+        if(roles.size() == 0)
+        {
+            return new ArrayList<RoleRight>();
+        }
         TypedQuery<RoleRight> q = getEm().createNamedQuery("RoleRight.findByRolesForAccessRight", RoleRight.class);
         TypedQuery<RoleRight> q = getEm().createNamedQuery("RoleRight.findByRolesForAccessRight", RoleRight.class);
-        q.setParameter("roles", roles);
+        Set<Integer> roleids = new HashSet<Integer>();
+
+        for(Role r: roles)
+        {
+            roleids.add(r.getId().getId());
+        }
+        Integer eventId = roles.iterator().next().getEvent().getId();
+
+        q.setParameter("eventId", eventId);
+        q.setParameter("roleids", roleids);
         q.setParameter("accessright", accessright);
         q.setParameter("accessright", accessright);
         return q.getResultList();
         return q.getResultList();
     }
     }

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityBeanLocal.java

@@ -22,4 +22,6 @@ public interface SecurityBeanLocal {
 
 
     LogEntry logPermissionDenied(User currentuser, String message);
     LogEntry logPermissionDenied(User currentuser, String message);
 
 
+    LogEntry logMessage(User currentUser, String...message);
+
 }
 }

code/LanBortalDatabase/src/META-INF/persistence.xml

@@ -6,7 +6,8 @@ xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/x
     <jta-data-source>jdbc/bortal</jta-data-source>
     <jta-data-source>jdbc/bortal</jta-data-source>
     <properties>
     <properties>
       <property name="eclipselink.ddl-generation" value="create-tables"/>
       <property name="eclipselink.ddl-generation" value="create-tables"/>
-      <property name="eclipselink.ddl-generation.output-mode" value="both"/>      
+      <property name="eclipselink.ddl-generation.output-mode" value="both"/>  
+          
     </properties>
     </properties>
   </persistence-unit>
   </persistence-unit>
 </persistence>
 </persistence>

code/LanBortalDatabase/src/fi/insomnia/bortal/model/Gender.java → code/LanBortalDatabase/src/fi/insomnia/bortal/enums/Gender.java

-package fi.insomnia.bortal.model;
+package fi.insomnia.bortal.enums;
 
 
 public enum Gender {
 public enum Gender {
 MALE,FEMALE,UNDEFINED
 MALE,FEMALE,UNDEFINED

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/enums/Permission.java → code/LanBortalDatabase/src/fi/insomnia/bortal/enums/Permission.java

@@ -11,7 +11,7 @@ package fi.insomnia.bortal.enums;
 public enum Permission {
 public enum Permission {
 
 
     // PERMISSION("Description"),
     // PERMISSION("Description"),
-    LOGIN("User can see loginbutton(r). (only defaultuser should have permission to that one), LoggedIn user has (x)"),
+    LOGIN("User can see loginbutton(r), create new user(w)"),
     USER_MANAGEMENT("User has right to view all users(r), modify users(w), execute actions for user(x), Eg shop! "),
     USER_MANAGEMENT("User has right to view all users(r), modify users(w), execute actions for user(x), Eg shop! "),
     TICKET_SALES("User has right to view(r), administer(w) and buy(x)"),
     TICKET_SALES("User has right to view(r), administer(w) and buy(x)"),
     ROLE_MANAGEMENT("User has right to view(r), modify(w) and assign(x) roles"),
     ROLE_MANAGEMENT("User has right to view(r), modify(w) and assign(x) roles"),

code/LanBortalDatabase/src/fi/insomnia/bortal/model/Discount.java

@@ -5,6 +5,7 @@
 
 
 package fi.insomnia.bortal.model;
 package fi.insomnia.bortal.model;
 
 
+import java.math.BigDecimal;
 import java.util.List;
 import java.util.List;
 
 
 import javax.persistence.CascadeType;
 import javax.persistence.CascadeType;
@@ -45,9 +46,12 @@ public class Discount implements EventChildInterface {
     @Column(name = "percentage", nullable = false, columnDefinition = "integer default 0")
     @Column(name = "percentage", nullable = false, columnDefinition = "integer default 0")
     private int percentage = 0;
     private int percentage = 0;
 
 
+    @Column(name = "unitPrice", nullable = false,precision = 24, scale = 4)
+    private BigDecimal unitPrice;
+    
     @Column(name = "code")
     @Column(name = "code")
     private String code;
     private String code;
-
+    
     @Lob
     @Lob
     @Column(name = "details")
     @Column(name = "details")
     private String details;
     private String details;
@@ -242,4 +246,12 @@ public class Discount implements EventChildInterface {
         return product;
         return product;
     }
     }
 
 
+    public void setUnitPrice(BigDecimal unitPrice) {
+        this.unitPrice = unitPrice;
+    }
+
+    public BigDecimal getUnitPrice() {
+        return unitPrice;
+    }
+
 }
 }

code/LanBortalDatabase/src/fi/insomnia/bortal/model/LanEvent.java

@@ -56,10 +56,10 @@ public class LanEvent implements ModelInterface {
     @Temporal(TemporalType.TIMESTAMP)
     @Temporal(TemporalType.TIMESTAMP)
     private Calendar endTime;
     private Calendar endTime;
 
 
-    @Column(name = "name", nullable = false)
+    @Column(name = "name", nullable = false, unique=true)
     private String name;
     private String name;
 
 
-    @Column(name = "referer")
+    @Column(name = "referer", unique=true, nullable=true)
     private String referer;
     private String referer;
 
 
     /**
     /**

code/LanBortalDatabase/src/fi/insomnia/bortal/model/Role.java

@@ -31,8 +31,7 @@ import javax.persistence.Version;
 @NamedQueries({
 @NamedQueries({
         @NamedQuery(name = "Role.findAll", query = "SELECT r FROM Role r"),
         @NamedQuery(name = "Role.findAll", query = "SELECT r FROM Role r"),
         @NamedQuery(name = "Role.findByRoleName", query = "SELECT r FROM Role r WHERE r.name = :name"),
         @NamedQuery(name = "Role.findByRoleName", query = "SELECT r FROM Role r WHERE r.name = :name"),
-        // @NamedQuery(name="Role.findParentsExcluding",
-        // query="select r from Role where r.children in :roles and r not in :excluded"),
+        // @NamedQuery(name="Role.findParentsExcluding", query="select r from Role r, RoleRight rr where :user member of r.users   ),
         @NamedQuery(name = "Role.findForUserAndEvent", query = "SELECT r FROM Role r WHERE :user MEMBER OF r.users and r.event = :event") })
         @NamedQuery(name = "Role.findForUserAndEvent", query = "SELECT r FROM Role r WHERE :user MEMBER OF r.users and r.event = :event") })
 public class Role implements EventChildInterface {
 public class Role implements EventChildInterface {
 
 

code/LanBortalDatabase/src/fi/insomnia/bortal/model/RoleRight.java

@@ -16,17 +16,27 @@ import javax.persistence.Table;
 import javax.persistence.UniqueConstraint;
 import javax.persistence.UniqueConstraint;
 import javax.persistence.Version;
 import javax.persistence.Version;
 
 
+import org.eclipse.persistence.annotations.ConversionValue;
+import org.eclipse.persistence.annotations.ObjectTypeConverter;
+
+import fi.insomnia.bortal.enums.Permission;
+
 /**
 /**
  * 
  * 
  * @author jkj
  * @author jkj
  */
  */
 @Entity
 @Entity
-@Table(name = "role_rights", uniqueConstraints = {@UniqueConstraint(columnNames = { "event_id","role_id", "access_right_id" })})
-@NamedQueries( { @NamedQuery(name = "RoleRight.findAll", query = "SELECT r FROM RoleRight r"),
-    @NamedQuery(name = "RoleRight.findByRightAndRole", query = "SELECT r FROM RoleRight r where r.role = :role and r.accessRight = :accessright "),
-    @NamedQuery(name="RoleRight.findByRolesForAccessRight", query ="SELECT rr from RoleRight rr where rr.role in :roles and rr.accessRight = :accessright")
- })
-    
+@Table(name = "role_rights", uniqueConstraints = { @UniqueConstraint(columnNames = { "event_id", "role_id", "access_right_id" }) })
+@NamedQueries({ @NamedQuery(name = "RoleRight.findAll", query = "SELECT r FROM RoleRight r"),
+        @NamedQuery(name = "RoleRight.findByRightAndRole", query = "SELECT r FROM RoleRight r where r.role = :role and r.accessRight = :accessright "),
+        @NamedQuery(name = "RoleRight.findByRolesForAccessRight", query = "SELECT rr from RoleRight rr where rr.role.id.eventId = :eventId and rr.role.id.id in :roleids and rr.accessRight = :accessright") })
+@ObjectTypeConverter(name = "accessright", objectType = Permission.class, dataType = String.class, conversionValues = {
+        @ConversionValue(dataValue = "LOGIN", objectValue = "LOGIN"),
+        @ConversionValue(dataValue = "USER_MANAGEMENT", objectValue = "USER_MANAGEMENT"),
+        @ConversionValue(dataValue = "TICKET_SALES", objectValue = "TICKET_SALES"),
+        @ConversionValue(dataValue = "ROLE_MANAGEMENT", objectValue = "ROLE_MANAGEMENT"),
+        @ConversionValue(dataValue = "PRODUCT", objectValue = "PRODUCT")
+                })
 public class RoleRight implements EventChildInterface {
 public class RoleRight implements EventChildInterface {
 
 
     private static final long serialVersionUID = 1L;
     private static final long serialVersionUID = 1L;
@@ -42,11 +52,12 @@ public class RoleRight implements EventChildInterface {
     @Column(name = "execute_permission", nullable = false)
     @Column(name = "execute_permission", nullable = false)
     private boolean execute = false;
     private boolean execute = false;
 
 
-    @JoinColumn(name = "access_right_id", referencedColumnName = "id")
-    @ManyToOne
-    private AccessRight accessRight;
+    // @JoinColumn(name = "access_right_id", referencedColumnName = "id")
+    // @ManyToOne
+    // private AccessRight accessRight;
+    private Permission permission;
 
 
-    @JoinColumns( {
+    @JoinColumns({
             @JoinColumn(name = "role_id", referencedColumnName = "id", nullable = false, updatable = false),
             @JoinColumn(name = "role_id", referencedColumnName = "id", nullable = false, updatable = false),
             @JoinColumn(name = "event_id", referencedColumnName = "event_id", nullable = false, updatable = false, insertable = false) })
             @JoinColumn(name = "event_id", referencedColumnName = "event_id", nullable = false, updatable = false, insertable = false) })
     @ManyToOne(optional = false)
     @ManyToOne(optional = false)
@@ -60,12 +71,12 @@ public class RoleRight implements EventChildInterface {
     }
     }
 
 
     public RoleRight(Role role) {
     public RoleRight(Role role) {
-        
+
         this.id = new EventPk(role.getEvent());
         this.id = new EventPk(role.getEvent());
-        this.role=role;
+        this.role = role;
     }
     }
 
 
-    public RoleRight( Role role, AccessRight right, boolean read, boolean write, boolean execute) {
+    public RoleRight(Role role, AccessRight right, boolean read, boolean write, boolean execute) {
         this(role);
         this(role);
         this.accessRight = right;
         this.accessRight = right;
         this.read = read;
         this.read = read;

code/LanBortalDatabase/src/fi/insomnia/bortal/model/User.java

@@ -4,6 +4,7 @@
  */
  */
 package fi.insomnia.bortal.model;
 package fi.insomnia.bortal.model;
 
 
+import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Calendar;
 import java.util.List;
 import java.util.List;
 
 
@@ -30,6 +31,7 @@ import org.eclipse.persistence.annotations.ObjectTypeConverter;
 import org.slf4j.Logger;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.LoggerFactory;
 
 
+import fi.insomnia.bortal.enums.Gender;
 import fi.insomnia.bortal.utilities.PasswordFunctions;
 import fi.insomnia.bortal.utilities.PasswordFunctions;
 
 
 /**
 /**
@@ -130,7 +132,7 @@ public class User implements ModelInterface {
     private List<Vote> votes;
     private List<Vote> votes;
 
 
     @ManyToMany(cascade = CascadeType.ALL, mappedBy = "users")
     @ManyToMany(cascade = CascadeType.ALL, mappedBy = "users")
-    private List<Role> roles;
+    private List<Role> roles = new ArrayList<Role>();
 
 
     @OneToMany(mappedBy = "user")
     @OneToMany(mappedBy = "user")
     private List<LogEntry> logEntryList;
     private List<LogEntry> logEntryList;

code/LanBortalUtilities/.classpath

@@ -12,5 +12,6 @@
 			<attribute name="owner.project.facets" value="java"/>
 			<attribute name="owner.project.facets" value="java"/>
 		</attributes>
 		</attributes>
 	</classpathentry>
 	</classpathentry>
+	<classpathentry kind="src" path="/LanBortalBeansClient"/>
 	<classpathentry kind="output" path="build/classes"/>
 	<classpathentry kind="output" path="build/classes"/>
 </classpath>
 </classpath>

code/LanBortalUtilities/as3/fi/insomnia/bortal/utilities/BortalLocalContextHolder.as

+/**
+ * Generated by Gas3 v2.2.0 (Granite Data Services).
+ *
+ * NOTE: this file is only generated if it does not exist. You may safely put
+ * your custom code here.
+ */
+
+package fi.insomnia.bortal.utilities {
+
+    [Bindable]
+    [RemoteClass(alias="fi.insomnia.bortal.utilities.BortalLocalContextHolder")]
+    public class BortalLocalContextHolder extends BortalLocalContextHolderBase {
+    }
+}
\ No newline at end of file

code/LanBortalUtilities/as3/fi/insomnia/bortal/utilities/BortalLocalContextHolderBase.as

+/**
+ * Generated by Gas3 v2.2.0 (Granite Data Services).
+ *
+ * WARNING: DO NOT CHANGE THIS FILE. IT MAY BE OVERWRITTEN EACH TIME YOU USE
+ * THE GENERATOR. INSTEAD, EDIT THE INHERITED CLASS (BortalLocalContextHolder.as).
+ */
+
+package fi.insomnia.bortal.utilities {
+
+    import flash.utils.IDataInput;
+    import flash.utils.IDataOutput;
+    import flash.utils.IExternalizable;
+    import org.granite.collections.IMap;
+
+    [Bindable]
+    public class BortalLocalContextHolderBase implements IExternalizable {
+
+        private var _hostname:String;
+        private var _rightcache:IMap;
+
+        public function readExternal(input:IDataInput):void {
+            _hostname = input.readObject() as String;
+            _rightcache = input.readObject() as IMap;
+        }
+
+        public function writeExternal(output:IDataOutput):void {
+            output.writeObject(_hostname);
+            output.writeObject(_rightcache);
+        }
+    }
+}
\ No newline at end of file

code/LanBortalUtilities/src/fi/insomnia/bortal/utilities/BortalLocalContextHolder.java

+package fi.insomnia.bortal.utilities;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import fi.insomnia.bortal.enums.Permission;
+import fi.insomnia.bortal.enums.RolePermission;
+import fi.insomnia.bortal.model.RoleRight;
+
+public class BortalLocalContextHolder {
+
+	private static final ThreadLocal<BortalLocalContextHolder> THREAD_WITH_CONTEXT = new ThreadLocal<BortalLocalContextHolder>();
+
+	private String hostname;
+	private Map<Permission, Map<RolePermission, Boolean>> rightcache = new HashMap<Permission, Map<RolePermission, Boolean>>();
+
+	public BortalLocalContextHolder(String hostname) {
+		this.hostname = hostname;
+	}
+
+	public static void setHostname(String hostname) {
+
+		if (THREAD_WITH_CONTEXT.get() == null) {
+
+			THREAD_WITH_CONTEXT.set(new BortalLocalContextHolder(hostname));
+
+		}
+
+	}
+
+	public static String getHostname() {
+
+		return THREAD_WITH_CONTEXT.get().getHolderHostname();
+
+	}
+
+	public static void cleanupThread() {
+
+		THREAD_WITH_CONTEXT.remove();
+
+	}
+
+	public String getHolderHostname() {
+		return hostname;
+	}
+
+	public static Boolean hasPermission(Permission target, RolePermission permission) {
+		return THREAD_WITH_CONTEXT.get().hasHolderPermission(target, permission);
+	}
+
+	private Boolean hasHolderPermission(Permission target, RolePermission permission) {
+		Map<RolePermission, Boolean> permmap = rightcache.get(target);
+		if (permmap == null) {
+			permmap = new HashMap<RolePermission, Boolean>();
+			rightcache.put(target, permmap);
+		}
+		return permmap.get(permission);
+	}
+
+	public static void setPermission(Permission target, RolePermission permission, Boolean ret) {
+		THREAD_WITH_CONTEXT.get().setHolderPermission(target, permission, ret);
+
+	}
+
+	private void setHolderPermission(Permission target, RolePermission permission, Boolean ret) {
+		Map<RolePermission, Boolean> permmap = rightcache.get(target);
+		if (permmap == null) {
+			permmap = new HashMap<RolePermission, Boolean>();
+			rightcache.put(target, permmap);
+		}
+		permmap.put(permission, ret);
+	}
+
+	public static void setPermission( RoleRight rr) {
+		Permission target = Permission.valueOf(rr.getAccessRight().getName());
+		if (rr.isExecute()) {
+			setPermission(target, RolePermission.EXECUTE, true);
+		}
+		if (rr.isWrite()) {
+			setPermission(target, RolePermission.WRITE, true);
+		}
+		if (rr.isRead()) {
+			setPermission(target, RolePermission.READ, true);
+		}
+	}
+
+
+}
\ No newline at end of file

code/LanBortalUtilities/src/fi/insomnia/bortal/utilities/ThreadLocalContextHolder.java

-package fi.insomnia.bortal.utilities;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class ThreadLocalContextHolder {
-
-	private static final ThreadLocal<Map<String, Object>> THREAD_WITH_CONTEXT = new ThreadLocal<Map<String, Object>>();
-
-	private ThreadLocalContextHolder() {
-	}
-
-	public static void put(String key, Object payload) {
-
-		if (THREAD_WITH_CONTEXT.get() == null) {
-
-			THREAD_WITH_CONTEXT.set(new HashMap<String, Object>());
-
-		}
-
-		THREAD_WITH_CONTEXT.get().put(key, payload);
-
-	}
-
-	public static Object get(String key) {
-
-		return THREAD_WITH_CONTEXT.get().get(key);
-
-	}
-
-	public static void cleanupThread() {
-
-		THREAD_WITH_CONTEXT.remove();
-
-	}
-
-}
\ No newline at end of file

code/LanBortalWeb/WebContent/generateTestData.xhtml

@@ -21,6 +21,8 @@
              <br />
              <br />
              <h:commandButton value="Context Test" action="#{TestDataView.contextTest}" />
              <h:commandButton value="Context Test" action="#{TestDataView.contextTest}" />
              <br />
              <br />
+             <h:commandButton value="Role Test" action="#{TestDataView.roletest}" />
+             <br />
              
              
              </h:form>
              </h:form>
     </h:body>
     </h:body>

code/LanBortalWeb/WebContent/layout/insomnia1/sidebar-shop.xhtml

@@ -12,7 +12,7 @@
 		<ui:define name="sidebarcontent">
 		<ui:define name="sidebarcontent">
 			<ul>
 			<ul>
 				<li><h:link outcome="/product/create" value="#{i18n['sidebar.product.create']}"/></li>
 				<li><h:link outcome="/product/create" value="#{i18n['sidebar.product.create']}"/></li>
-				<li><h:link outcome="/user/create" value="#{i18n['sidebar.product.list']}"/></li>
+				<li><h:link outcome="/product/list" value="#{i18n['sidebar.product.list']}"/></li>
 				<li><h:link outcome="/user/createBill" value="#{i18n['sidebar.product.createBill']}"/></li>
 				<li><h:link outcome="/user/createBill" value="#{i18n['sidebar.product.createBill']}"/></li>
 				<li><h:link outcome="/map/placemap" value="#{i18n['sidebar.map.placemap']}"/></li>
 				<li><h:link outcome="/map/placemap" value="#{i18n['sidebar.map.placemap']}"/></li>
 			</ul>
 			</ul>

code/LanBortalWeb/WebContent/layout/insomnia1/template.xhtml

@@ -29,10 +29,8 @@
 		<div id="content">
 		<div id="content">
 			<div id="cwrap">
 			<div id="cwrap">
 				 <ui:include src="/layout/insomnia1/sidebar-#{i18n[util.concat(thispage,'.pagegroup')]}.xhtml" /> 
 				 <ui:include src="/layout/insomnia1/sidebar-#{i18n[util.concat(thispage,'.pagegroup')]}.xhtml" /> 
-				asd
 				<h:messages globalOnly="true" />
 				<h:messages globalOnly="true" />
 				<h:messages />
 				<h:messages />
-				foo
 				<ui:insert name="content" />
 				<ui:insert name="content" />
 			</div>
 			</div>
 		</div>
 		</div>

code/LanBortalWeb/WebContent/product/createBill.xhtml

@@ -13,8 +13,6 @@
 
 
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 		<ui:param name="thispage" value="page.product.createBill" />
 		<ui:param name="thispage" value="page.product.createBill" />
-		<h:outputScript target="head" library="script" name="jquery.min.js" /> 
-		<h:outputScript target="head" library="script" name="shopscript.js" /> 
 	
 	
 		<ui:define name="content">
 		<ui:define name="content">
 			<products:shop  items="#{productShopView.billCart}" commitValue="#{i18n['productshop.commit']}" >
 			<products:shop  items="#{productShopView.billCart}" commitValue="#{i18n['productshop.commit']}" >

code/LanBortalWeb/WebContent/product/edit.xhtml

@@ -15,7 +15,9 @@
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 		<ui:param name="thispage" value="page.product.edit" />
 		<ui:param name="thispage" value="page.product.edit" />
 		<ui:define name="content">
 		<ui:define name="content">
-			<products:edit />
+			<products:edit commitvalue="#{i18n['products.save']}">
+				<f:actionListener for="commitbutton" binding="#{productView.saveProduct()}" />
+			</products:edit>
 		</ui:define>
 		</ui:define>
 	</ui:composition>
 	</ui:composition>
 </h:body>
 </h:body>

code/LanBortalWeb/WebContent/resources/tools/fatalPermission.xhtml

@@ -15,9 +15,7 @@
 </composite:interface>
 </composite:interface>
 
 
 <composite:implementation>
 <composite:implementation>
-prefatbean
 <h:outputText rendered="#{sessionHandler.fatalPermission(cc.attrs.target, cc.attrs.permission)}" value=""/>
 <h:outputText rendered="#{sessionHandler.fatalPermission(cc.attrs.target, cc.attrs.permission)}" value=""/>
-postfatbean
 </composite:implementation>
 </composite:implementation>
 
 
 </html>
 </html>
\ No newline at end of file

code/LanBortalWeb/WebContent/resources/tools/isSuperadmin.xhtml

+<?xml version='1.0' encoding='UTF-8' ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
+	xmlns="http://www.w3.org/1999/xhtml"
+	xmlns:h="http://java.sun.com/jsf/html"
+	xmlns:f="http://java.sun.com/jsf/core"
+	xmlns:composite="http://java.sun.com/jsf/composite"
+	xmlns:ui="http://java.sun.com/jsf/facelets"
+	xmlns:c="http://java.sun.com/jsp/jstl/core"
+	xmlns:tools="http://java.sun.com/jsf/composite/tools">
+<composite:interface>
+	<composite:facet name="errormessage" />
+
+</composite:interface>
+
+<composite:implementation>
+	<c:choose>
+		<c:when test='#{sessionHandler.isSuperadmin() }'>
+			<composite:insertChildren />
+		</c:when>
+		<c:otherwise>
+			<c:if test="#{not empty compositeComponent.facets.errormessage}">
+				<composite:insertFacet name="errormessage" />
+			</c:if>
+		</c:otherwise>
+
+	</c:choose>
+
+</composite:implementation>
+
+</html>
\ No newline at end of file

code/LanBortalWeb/WebContent/resources/tools/map/placeSelect.xhtml

@@ -17,8 +17,8 @@
 
 
     <composite:implementation>
     <composite:implementation>
 
 
-        <h:form>
-            <h:commandButton image="#{mapView.selectPlaceMapUrl}" actionListener="#{mapView.placeSelectActionListener}" />
+        <h:form id="placeselectform">
+            <h:commandButton id="commandbutton" image="#{mapView.selectPlaceMapUrl}" actionListener="#{mapView.placeSelectActionListener}" />
             <h:outputText value="#{i18n['placeSelect.placesleft']}: #{mapView.placeLeftToSelect()}" /> 
             <h:outputText value="#{i18n['placeSelect.placesleft']}: #{mapView.placeLeftToSelect()}" /> 
         </h:form>
         </h:form>
 
 

code/LanBortalWeb/WebContent/resources/tools/products/edit.xhtml

@@ -12,11 +12,13 @@
 
 
 
 
     <composite:interface>
     <composite:interface>
+    	<composite:attribute name="commitvalue" required="true" />
+    	<composite:actionSource name="commitbutton" targets="productform:commitbtn" />
     </composite:interface>
     </composite:interface>
 
 
     <composite:implementation>
     <composite:implementation>
 	
 	
-        <h:form>
+        <h:form id="productform">
             <h:panelGrid columns="2">
             <h:panelGrid columns="2">
                 <h:outputLabel value="#{i18n['product.name']}:" /><h:inputText value="#{productView.product.name}" />
                 <h:outputLabel value="#{i18n['product.name']}:" /><h:inputText value="#{productView.product.name}" />
                 <h:outputLabel value="#{i18n['product.price']}:" /><h:inputText value="#{productView.product.price}" />
                 <h:outputLabel value="#{i18n['product.price']}:" /><h:inputText value="#{productView.product.price}" />
@@ -25,7 +27,7 @@
                 <h:outputLabel value="#{i18n['product.sort']}:" /><h:inputText value="#{productView.product.sort}" />
                 <h:outputLabel value="#{i18n['product.sort']}:" /><h:inputText value="#{productView.product.sort}" />
                 <h:outputLabel value="#{i18n['product.barcode']}:" /><h:inputText value="#{productView.product.barcode}" />
                 <h:outputLabel value="#{i18n['product.barcode']}:" /><h:inputText value="#{productView.product.barcode}" />
 				<h:outputLabel value="#{i18n['product.prepaid']}" /><h:selectBooleanCheckbox value="#{productView.product.prepaid}" />
 				<h:outputLabel value="#{i18n['product.prepaid']}" /><h:selectBooleanCheckbox value="#{productView.product.prepaid}" />
-                <h:commandButton action="#{productView.saveProduct()}" value="#{i18n['product.save']}" />
+                <h:commandButton id="commitbtn" value="#{cc.attrs.commitvalue}" />
             </h:panelGrid>
             </h:panelGrid>
         </h:form>
         </h:form>
 
 

code/LanBortalWeb/WebContent/resources/tools/products/shop.xhtml

@@ -14,15 +14,19 @@
     <composite:interface>
     <composite:interface>
 	    <composite:attribute name="items" required="true" />
 	    <composite:attribute name="items" required="true" />
 		<composite:attribute name="commitValue" required="true" />
 		<composite:attribute name="commitValue" required="true" />
+		<composite:attribute name="outcome" required="false" />
 	    <composite:actionSource name="commitbutton" targets="shopform:commitbutton" />
 	    <composite:actionSource name="commitbutton" targets="shopform:commitbutton" />
     </composite:interface>
     </composite:interface>
 
 
     <composite:implementation>
     <composite:implementation>
+    	<h:outputScript target="head" library="script" name="jquery.min.js" /> 
+		<h:outputScript target="head" library="script" name="shopscript.js" /> 
+	
 	<h:form id="shopform">
 	<h:form id="shopform">
        	<h:dataTable border="1" id="billcart" value="#{cc.attrs.items}" var="cart">
        	<h:dataTable border="1" id="billcart" value="#{cc.attrs.items}" var="cart">
 			<h:column>
 			<h:column>
 				<f:facet name="header">
 				<f:facet name="header">
-					<h:outputText value="${i18n['product.name']}" />
+					<h:outputText id="name" value="${i18n['product.name']}" />
 				</f:facet>
 				</f:facet>
 				<h:outputText value="#{cart.product.name}" />
 				<h:outputText value="#{cart.product.name}" />
 			</h:column>
 			</h:column>
@@ -30,22 +34,22 @@
 				<f:facet name="header">
 				<f:facet name="header">
 					<h:outputText value="${i18n['product.price']}" />
 					<h:outputText value="${i18n['product.price']}" />
 				</f:facet>
 				</f:facet>
-				<h:outputText value="#{cart.product.price}" />
+				<h:outputText id="price" value="#{cart.product.price}" />
 			</h:column>
 			</h:column>
 			<h:column>
 			<h:column>
 				<f:facet name="header">
 				<f:facet name="header">
-					<h:outputText value="${i18n['product.cart.count']}" />
+					<h:outputText id="count" value="${i18n['product.cart.count']}" />
 				</f:facet>
 				</f:facet>
 				<a href="#" onclick="return changeCartCount($(this).next().next(), -1)" >-1</a>
 				<a href="#" onclick="return changeCartCount($(this).next().next(), -1)" >-1</a>
 				<a href="#" onclick="return changeCartCount($(this).next(), -10)" >-10</a>
 				<a href="#" onclick="return changeCartCount($(this).next(), -10)" >-10</a>
-				<h:inputText size="4"  id="cartcount" value="#{cart.count}"></h:inputText>
+				<h:inputText  size="4"  id="cartcount" value="#{cart.count}" />
 				<a href="#" onclick="return changeCartCount($(this).prev(), +1)" >+1</a>
 				<a href="#" onclick="return changeCartCount($(this).prev(), +1)" >+1</a>
 				<a href="#" onclick="return changeCartCount($(this).prev().prev(), +10)" >+10</a>
 				<a href="#" onclick="return changeCartCount($(this).prev().prev(), +10)" >+10</a>
 			
 			
 			</h:column>
 			</h:column>
 
 
 		</h:dataTable>		
 		</h:dataTable>		
-		<h:commandButton id="commitbutton" value="#{cc.attrs.commitValue}" />
+		<h:commandButton outcome="#{cc.attrs.outcome}" id="commitbutton" value="#{cc.attrs.commitValue}" />
 	</h:form>
 	</h:form>
 		
 		
 
 

code/LanBortalWeb/WebContent/resources/tools/role/create.xhtml

@@ -17,10 +17,10 @@
 
 
     <composite:implementation>
     <composite:implementation>
 
 
-		<tools:fatalRight permission="ROLE_MANAGEMENT" right="WRITE" />
+		<tools:fatalPermission target="ROLE_MANAGEMENT" permission="WRITE" />
         <h:form>
         <h:form>
            <ui:include src="form.xhtml" />
            <ui:include src="form.xhtml" />
-           <h:commandButton value="#{i18n['role.create']}" action="#{roleView.create}" />
+           <h:commandButton id="createrole" value="#{i18n['role.create']}" action="#{roleView.create}" />
         </h:form>
         </h:form>
 
 
 
 

code/LanBortalWeb/WebContent/resources/tools/role/edit.xhtml

@@ -9,16 +9,17 @@
 
 
 <composite:implementation>
 <composite:implementation>
 
 
-	
+	<p>
 	<h:form>
 	<h:form>
 		<f:facet name="errorMessage">
 		<f:facet name="errorMessage">
 			<h:outputText value="#{i18n['nasty.user']}" />
 			<h:outputText value="#{i18n['nasty.user']}" />
 		</f:facet>
 		</f:facet>
 		<ui:include src="form.xhtml" />
 		<ui:include src="form.xhtml" />
-
-		<h:commandButton value="#{i18n['save']}" action="#{roleView.save}" />
-
+		<h:commandButton id="saverole" value="#{i18n['save']}" action="#{roleView.save}" />
 	</h:form>
 	</h:form>
+	</p>
+	
+	<p>
 	<h:form>
 	<h:form>
 		<h:dataTable border="1" id="rights" value="#{roleView.roleRights}" var="rr">
 		<h:dataTable border="1" id="rights" value="#{roleView.roleRights}" var="rr">
 			<h:column>
 			<h:column>
@@ -37,25 +38,26 @@
 				<f:facet name="header">
 				<f:facet name="header">
 					<h:outputText value="#{i18n['role.read']}" />
 					<h:outputText value="#{i18n['role.read']}" />
 				</f:facet>
 				</f:facet>
-				<h:selectBooleanCheckbox value="#{rr.read}" />
+				<h:selectBooleanCheckbox id="readrole" value="#{rr.read}" />
 			</h:column>
 			</h:column>
 			<h:column>
 			<h:column>
 				<f:facet name="header">
 				<f:facet name="header">
 					<h:outputText value="#{i18n['role.write']}" />
 					<h:outputText value="#{i18n['role.write']}" />
 				</f:facet>
 				</f:facet>
-				<h:selectBooleanCheckbox value="#{rr.write}" />
+				<h:selectBooleanCheckbox id="writerole" value="#{rr.write}" />
 			</h:column>
 			</h:column>
 			<h:column>
 			<h:column>
 				<f:facet name="header">
 				<f:facet name="header">
 					<h:outputText value="#{i18n['role.execute']}" />
 					<h:outputText value="#{i18n['role.execute']}" />
 				</f:facet>
 				</f:facet>
-				<h:selectBooleanCheckbox value="#{rr.execute}" />
+				<h:selectBooleanCheckbox id="executerole" value="#{rr.execute}" />
 			</h:column>
 			</h:column>
 			<h:column>
 			<h:column>
-				<h:commandButton value="#{i18n['role.edit.save']}" action="#{roleView.editRoleRight}" />
+				<h:commandButton id="save" value="#{i18n['role.edit.save']}" action="#{roleView.editRoleRight}" />
 			</h:column>
 			</h:column>
 		</h:dataTable>
 		</h:dataTable>
 	</h:form>
 	</h:form>
+</p>
 
 
 
 
 </composite:implementation>
 </composite:implementation>

code/LanBortalWeb/WebContent/resources/tools/role/form.xhtml

@@ -17,9 +17,9 @@
             <h:inputText value="#{roleView.role.name}" />
             <h:inputText value="#{roleView.role.name}" />
 
 
 			<h:outputText value="#{i18n['role.parents']}" />
 			<h:outputText value="#{i18n['role.parents']}" />
-            <h:selectManyListbox value="#{roleView.role.parents}">
-                <f:selectItems var="par" itemLabel="${par.name}" value="#{roleView.possibleParents}" />
-            </h:selectManyListbox>
+            <h:selectManyCheckbox id ="roleparents" value="#{roleView.roleParents}">
+                <f:selectItems var="par" itemValue="#{par.id.id}" itemLabel="#{par.name}" value="#{roleView.possibleParents}" />
+            </h:selectManyCheckbox>
         </h:panelGrid>
         </h:panelGrid>
     </ui:composition>
     </ui:composition>
 </html>
 </html>

code/LanBortalWeb/WebContent/resources/tools/role/list.xhtml

@@ -12,12 +12,13 @@
 
 
 
 
     <composite:interface>
     <composite:interface>
+    	<composite:attribute name="valuelist" required="true" />
     </composite:interface>
     </composite:interface>
 
 
     <composite:implementation>
     <composite:implementation>
 
 
-	<h:form>
-			<h:dataTable border="1" id="user" value="#{roleView.roles}" var="role">
+	<h:form id="rolelist">
+			<h:dataTable border="1" id="user" value="#{cc.attrs.valuelist}" var="role">
 				<h:column>
 				<h:column>
 					<f:facet name="header">
 					<f:facet name="header">
 						<h:outputText value="#" />
 						<h:outputText value="#" />
@@ -31,9 +32,9 @@
 					<h:outputText value="#{role.name}" />
 					<h:outputText value="#{role.name}" />
 				</h:column>
 				</h:column>
 				<h:column>
 				<h:column>
-					<h:commandButton action="#{roleView.edit()}" value="#{i18n['role.edit']}" />
+					<h:commandButton id="saverole" action="#{roleView.edit()}" value="#{i18n['role.edit']}" />
 				</h:column>
 				</h:column>
-			</h:dataTable>
+				</h:dataTable>
 	</h:form>
 	</h:form>
 
 
 
 

code/LanBortalWeb/WebContent/resources/tools/user/edit.xhtml

@@ -12,27 +12,32 @@
 
 
 
 
     <composite:interface>
     <composite:interface>
+    	<composite:attribute name="user" required="true" />
+    	<composite:attribute name="commitvalue" required="true" />
+        <composite:actionSource name="commitbutton" targets="userform:commitbtn" />
     </composite:interface>
     </composite:interface>
 
 
     <composite:implementation>
     <composite:implementation>
 	
 	
-        <h:form>
+        <h:form id="userform">
             <h:panelGrid columns="2">
             <h:panelGrid columns="2">
-                <h:outputLabel value="#{i18n['user.login']}:" /><h:inputText value="#{userView.user.login}" />
-                <h:outputLabel value="#{i18n['user.nick']}:" /><h:inputText value="#{userView.user.nick}" />
-                <h:outputLabel value="#{i18n['user.email']}:" /><h:inputText value="#{userView.user.email}" />
-                <h:outputLabel value="#{i18n['user.firstNames']}:" /><h:inputText value="#{userView.user.firstnames}" />
-                <h:outputLabel value="#{i18n['user.lastName']}:" /><h:inputText value="#{userView.user.lastname}" />
-                <h:outputLabel value="#{i18n['user.address']}:" /><h:inputText value="#{userView.user.address}" />
-                <h:outputLabel value="#{i18n['user.zipCode']}:" /><h:inputText value="#{userView.user.zip}" />
-                <h:outputLabel value="#{i18n['user.town']}:" /><h:inputText value="#{userView.user.town}" />
-                <h:outputLabel value="#{i18n['user.sex']}:" />
-                <h:selectOneRadio id="sex" value="#{userView.user.gender}">
+                <h:outputLabel value="#{i18n['user.login']}:" for="login"/><h:inputText id="login" value="#{cc.attrs.user.login}" />
+                <h:outputLabel value="#{i18n['user.nick']}:" for="nick" /><h:inputText id="nick" value="#{cc.attrs.user.nick}" />
+                <h:outputLabel value="#{i18n['user.email']}:" for="email"/><h:inputText id="email" value="#{cc.attrs.user.email}" />
+                <h:outputLabel value="#{i18n['user.firstNames']}:" for="firstnames" /><h:inputText id="firstnames" value="#{cc.attrs.user.firstnames}" />
+                <h:outputLabel value="#{i18n['user.lastName']}:" for="lastname" /><h:inputText id="lastname" value="#{cc.attrs.user.lastname}" />
+                <h:outputLabel value="#{i18n['user.address']}:" for="address" /><h:inputText id="address" value="#{cc.attrs.user.address}" />
+                <h:outputLabel value="#{i18n['user.zipCode']}:" for="zip" /><h:inputText id="zip" value="#{cc.attrs.user.zip}" />
+                <h:outputLabel value="#{i18n['user.town']}:" for="town"/><h:inputText id="town" value="#{cc.attrs.user.town}" />
+                <h:outputLabel rendered="#{sessionHandler.superadmin}" value="#{i18n['user.superadmin']}:" for="superadmin" />
+               	<h:selectBooleanCheckbox rendered="#{sessionHandler.superadmin}" id="superadmin" value="#{cc.attrs.user.superadmin}" />
+                <h:outputLabel value="#{i18n['user.sex']}:" for="sex"/>
+                <h:selectOneRadio id="sex" value="#{cc.attrs.user.gender}">
                     <f:selectItem id="undefined" itemLabel="#{i18n['user.sex.UNDEFINED']}" itemValue="UNDEFINED" />
                     <f:selectItem id="undefined" itemLabel="#{i18n['user.sex.UNDEFINED']}" itemValue="UNDEFINED" />
                     <f:selectItem id="male" itemLabel="#{i18n['user.sex.MALE']}" itemValue="MALE" />
                     <f:selectItem id="male" itemLabel="#{i18n['user.sex.MALE']}" itemValue="MALE" />
                     <f:selectItem id="female" itemLabel="#{i18n['user.sex.FEMALE']}" itemValue="FEMALE" />
                     <f:selectItem id="female" itemLabel="#{i18n['user.sex.FEMALE']}" itemValue="FEMALE" />
                 </h:selectOneRadio>
                 </h:selectOneRadio>
-                <h:commandButton action="#{userView.saveUser()}" value="#{i18n['user.save']}" />
+		        <h:commandButton id="commitbtn" value="#{cc.attrs.commitvalue}" />
             </h:panelGrid>
             </h:panelGrid>
         </h:form>
         </h:form>
 
 

code/LanBortalWeb/WebContent/resources/tools/user/editroles.xhtml

+<?xml version='1.0' encoding='UTF-8' ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
+    xmlns="http://www.w3.org/1999/xhtml"
+    xmlns:h="http://java.sun.com/jsf/html"
+    xmlns:f="http://java.sun.com/jsf/core"
+    xmlns:composite="http://java.sun.com/jsf/composite"
+    xmlns:ui="http://java.sun.com/jsf/facelets"
+    xmlns:c="http://java.sun.com/jsp/jstl/core"
+    xmlns:tools="http://java.sun.com/jsf/composite/tools">
+
+
+    <composite:interface>
+    </composite:interface>
+
+    <composite:implementation>
+	
+        <h:form id="userroleform">
+            <h:panelGrid columns="2">
+        	   	<h:selectManyCheckbox disabled="#{!sessionHandler.hasPermission('ROLE_MANAGEMENT', 'WRITE')}" layout="pageDirection" id="roles" value="#{userView.userRoleIds}">
+					<f:selectItems var="roleitem" itemValue="#{roleitem.id.id}" itemLabel="#{roleitem.name}" value="#{userView.userRoles}" />
+				</h:selectManyCheckbox>
+           		<h:commandButton value="#{i18n['user.rolesave']}" action="#{userView.saveRoles()}" />
+            </h:panelGrid>
+        </h:form>
+
+
+    </composite:implementation>
+</html>
+

code/LanBortalWeb/WebContent/resources/tools/user/list.xhtml

@@ -2,65 +2,55 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html
 <html
-    xmlns="http://www.w3.org/1999/xhtml"
-    xmlns:h="http://java.sun.com/jsf/html"
-    xmlns:f="http://java.sun.com/jsf/core"
-    xmlns:composite="http://java.sun.com/jsf/composite"
-    xmlns:ui="http://java.sun.com/jsf/facelets"
-    xmlns:c="http://java.sun.com/jsp/jstl/core"
-    xmlns:tools="http://java.sun.com/jsf/composite/tools">
-
-
-    <composite:interface>
-    </composite:interface>
-
-    <composite:implementation >
-    prefatal
-	
-		<h:form>
-			<h:dataTable border="1" id="user" value="#{userView.users}" var="user">
-				<h:column>
-					<f:facet name="header">
-						<h:outputText value="Id" />
-					</f:facet>
-					<h:outputText value="#{user.id}" />
-				</h:column>
-				<h:column>
-					<f:facet name="header">
-						<h:outputText value="#{i18n['user.nick']}" />
-					</f:facet>
-					<h:outputText value="#{user.nick}" />
-				</h:column>
-
-				<h:column>
-					<f:facet name="header">
-						<h:outputText value="#{i18n['user.firstnames']}" />
-					</f:facet>
-					<h:outputText value="#{user.firstnames}" />
-				</h:column>
-				<h:column>
-					<f:facet name="header">
-						<h:outputText value="#{i18n['user.lastname']}" />
-					</f:facet>
-					<h:outputText value="#{user.lastname}" />
-				</h:column>
-				<h:column>
-					<f:facet name="header">
-						<h:outputText value="#{i18n['user.email']}" />
-					</f:facet>
-					<h:outputText value="#{user.email}" />
-				</h:column>
-
-				<h:column>
-					<h:commandButton action="#{userView.edit()}" value="#{i18n['user.edit']}" />
-				</h:column>
-
-			</h:dataTable>
-
-		</h:form>
-        
-
-
-    </composite:implementation>
+	xmlns="http://www.w3.org/1999/xhtml"
+	xmlns:h="http://java.sun.com/jsf/html"
+	xmlns:f="http://java.sun.com/jsf/core"
+	xmlns:composite="http://java.sun.com/jsf/composite"
+	xmlns:ui="http://java.sun.com/jsf/facelets"
+	xmlns:c="http://java.sun.com/jsp/jstl/core"
+	xmlns:tools="http://java.sun.com/jsf/composite/tools">
+<composite:interface>
+</composite:interface>
+
+<composite:implementation>
+	<tools:fatalPermission target="USER_MANAGEMENT" permission="READ" />
+	<h:form id="userlistform">
+		<h:dataTable border="1" id="user" value="#{userView.users}" var="user">
+			<h:column>
+				<f:facet name="header">
+					<h:outputText  value="Id" />
+				</f:facet>
+				<h:outputText value="#{user.id}" />
+			</h:column>
+			<h:column>
+				<f:facet name="header">
+					<h:outputText   value="#{i18n['user.nick']}" />
+				</f:facet>
+				<h:outputText value="#{user.nick}" />
+			</h:column>
+			<h:column>
+				<f:facet name="header">
+					<h:outputText  value="#{i18n['user.firstnames']}" />
+				</f:facet>
+				<h:outputText value="#{user.firstnames}" />
+			</h:column>
+			<h:column>
+				<f:facet name="header">
+					<h:outputText value="#{i18n['user.lastname']}" />
+				</f:facet>
+				<h:outputText value="#{user.lastname}" />
+			</h:column>
+			<h:column>
+				<f:facet name="header">
+					<h:outputText value="#{i18n['user.email']}" />
+				</f:facet>
+				<h:outputText value="#{user.email}" />
+			</h:column>
+			<h:column>
+				<h:commandButton action="#{userView.edit()}" value="#{i18n['user.edit']}" />
+			</h:column>
+		</h:dataTable>
+	</h:form>
+</composite:implementation>
 </html>
 </html>
 
 

code/LanBortalWeb/WebContent/role/list.xhtml

@@ -11,7 +11,8 @@
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 		<ui:param name="thispage" value="page.role.list" />
 		<ui:param name="thispage" value="page.role.list" />
          <ui:define name="content">
          <ui:define name="content">
-            <role:list />
+            <role:list valuelist="#{roleView.roles}" >
+            </role:list>
         </ui:define>
         </ui:define>
     </ui:composition>
     </ui:composition>
 </h:body>
 </h:body>

code/LanBortalWeb/WebContent/user/create.xhtml

@@ -10,11 +10,11 @@
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 		<ui:param name="thispage" value="page.user.create" />
 		<ui:param name="thispage" value="page.user.create" />
 		<ui:define name="content">
 		<ui:define name="content">
- 		<h:form>
+ 		<h:form id="userform">
 			<h:panelGrid columns="2">
 			<h:panelGrid columns="2">
-				<h:outputLabel value="#{i18n['user.username']}:" /><h:inputText value="#{userView.login}" />
-				<h:outputLabel value="#{i18n['user.password']}:" /><h:inputSecret value="#{userView.password}" />
-				<h:commandButton action="#{userView.createUser()}" value="#{i18n['user.create']}" />
+				<h:outputLabel value="#{i18n['user.username']}:" /><h:inputText id="username" value="#{userView.login}" />
+				<h:outputLabel value="#{i18n['user.password']}:" /><h:inputSecret id="password" value="#{userView.password}" />
+				<h:commandButton id="createuserbtn" action="#{userView.createUser()}" value="#{i18n['user.create']}" />
 			</h:panelGrid>
 			</h:panelGrid>
 		</h:form>
 		</h:form>
 	</ui:define>
 	</ui:define>

code/LanBortalWeb/WebContent/user/edit.xhtml

@@ -11,7 +11,11 @@
 <ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 <ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:param name="thispage" value="page.user.create" />
 	<ui:param name="thispage" value="page.user.create" />
 		<ui:define name="content">
 		<ui:define name="content">
-			<users:edit />
+			<users:edit user="#{userView.user}" commitvalue="#{i18n['user.save']}">
+				<f:actionListener for="commitbutton" binding="#{userView.saveUser()}" />
+			</users:edit>
+			<users:editroles />
+
 		</ui:define>
 		</ui:define>
 	</ui:composition>
 	</ui:composition>
 </h:body>
 </h:body>

code/LanBortalWeb/WebContent/user/editself.xhtml

@@ -11,8 +11,12 @@
 <ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 <ui:composition template="/layout/#{sessionHandler.layout}/template.xhtml">
 	<ui:param name="thispage" value="page.user.editself" />
 	<ui:param name="thispage" value="page.user.editself" />
 		<ui:define name="content">
 		<ui:define name="content">
-			#{userView.initSelfedit()}
-			<users:edit />
+			
+			<users:edit user="#{userView.self}" commitvalue="#{i18n['user.save']}">
+				<f:actionListener for="commitbutton" binding="#{userView.saveUser()}" />
+			</users:edit>
+			
+			<users:editroles />
 		</ui:define>
 		</ui:define>
 	</ui:composition>
 	</ui:composition>
 </h:body>
 </h:body>

code/LanBortalWeb/as3/fi/insomnia/bortal/enums/Gender.as

+/**
+ * Generated by Gas3 v2.2.0 (Granite Data Services).
+ *
+ * WARNING: DO NOT CHANGE THIS FILE. IT MAY BE OVERWRITTEN EACH TIME YOU USE
+ * THE GENERATOR.
+ */
+
+package fi.insomnia.bortal.enums {
+
+    import org.granite.util.Enum;
+
+    [Bindable]
+    [RemoteClass(alias="fi.insomnia.bortal.enums.Gender")]
+    public class Gender extends Enum {
+
+        public static const MALE:Gender = new Gender("MALE", _);
+        public static const FEMALE:Gender = new Gender("FEMALE", _);
+        public static const UNDEFINED:Gender = new Gender("UNDEFINED", _);
+
+        function Gender(value:String = null, restrictor:* = null) {
+            super((value || MALE.name), restrictor);
+        }
+
+        override protected function getConstants():Array {
+            return constants;
+        }
+
+        public static function get constants():Array {
+            return [MALE, FEMALE, UNDEFINED];
+        }
+
+        public static function valueOf(name:String):Gender {
+            return Gender(MALE.constantOf(name));
+        }
+    }
+}
\ No newline at end of file

code/LanBortalWeb/as3/fi/insomnia/bortal/enums/Permission.as

+/**
+ * Generated by Gas3 v2.2.0 (Granite Data Services).
+ *
+ * WARNING: DO NOT CHANGE THIS FILE. IT MAY BE OVERWRITTEN EACH TIME YOU USE
+ * THE GENERATOR.
+ */
+
+package fi.insomnia.bortal.enums {
+
+    import org.granite.util.Enum;
+
+    [Bindable]
+    [RemoteClass(alias="fi.insomnia.bortal.enums.Permission")]
+    public class Permission extends Enum {
+
+        public static const LOGIN:Permission = new Permission("LOGIN", _);
+        public static const USER_MANAGEMENT:Permission = new Permission("USER_MANAGEMENT", _);
+        public static const TICKET_SALES:Permission = new Permission("TICKET_SALES", _);
+        public static const ROLE_MANAGEMENT:Permission = new Permission("ROLE_MANAGEMENT", _);
+        public static const PRODUCT:Permission = new Permission("PRODUCT", _);
+
+        function Permission(value:String = null, restrictor:* = null) {
+            super((value || LOGIN.name), restrictor);
+        }
+
+        override protected function getConstants():Array {
+            return constants;
+        }
+
+        public static function get constants():Array {
+            return [LOGIN, USER_MANAGEMENT, TICKET_SALES, ROLE_MANAGEMENT, PRODUCT];
+        }
+
+        public static function valueOf(name:String):Permission {
+            return Permission(LOGIN.constantOf(name));
+        }
+    }
+}
\ No newline at end of file

code/LanBortalWeb/as3/fi/insomnia/bortal/model/DiscountBase.as

@@ -35,6 +35,7 @@ package fi.insomnia.bortal.model {
         private var _percentage:int;
         private var _percentage:int;
         private var _product:Product;
         private var _product:Product;
         private var _role:Role;
         private var _role:Role;
+        private var _unitPrice:Number;
 
 
         meta function isInitialized(name:String = null):Boolean {
         meta function isInitialized(name:String = null):Boolean {
             if (!name)
             if (!name)
@@ -138,6 +139,13 @@ package fi.insomnia.bortal.model {
             return _role;
             return _role;
         }
         }
 
 
+        public function set unitPrice(value:Number):void {
+            _unitPrice = value;
+        }
+        public function get unitPrice():Number {
+            return _unitPrice;
+        }
+
         public function readExternal(input:IDataInput):void {
         public function readExternal(input:IDataInput):void {
             __initialized = input.readObject() as Boolean;
             __initialized = input.readObject() as Boolean;
             __detachedState = input.readObject() as String;
             __detachedState = input.readObject() as String;
@@ -155,6 +163,7 @@ package fi.insomnia.bortal.model {
                 _percentage = input.readObject() as int;
                 _percentage = input.readObject() as int;
                 _product = input.readObject() as Product;
                 _product = input.readObject() as Product;
                 _role = input.readObject() as Role;
                 _role = input.readObject() as Role;
+                _unitPrice = function(o:*):Number { return (o is Number ? o as Number : Number.NaN) } (input.readObject());
             }
             }
             else {
             else {
                 _id = input.readObject() as EventPk;
                 _id = input.readObject() as EventPk;
@@ -178,6 +187,7 @@ package fi.insomnia.bortal.model {
                 output.writeObject(_percentage);
                 output.writeObject(_percentage);
                 output.writeObject(_product);
                 output.writeObject(_product);
                 output.writeObject(_role);
                 output.writeObject(_role);
+                output.writeObject(_unitPrice);
             }
             }
             else {
             else {
                 output.writeObject(_id);
                 output.writeObject(_id);

code/LanBortalWeb/as3/fi/insomnia/bortal/model/RoleRightBase.as

@@ -7,11 +7,13 @@
 
 
 package fi.insomnia.bortal.model {
 package fi.insomnia.bortal.model {
 
 
+    import fi.insomnia.bortal.enums.Permission;
     import flash.utils.IDataInput;
     import flash.utils.IDataInput;
     import flash.utils.IDataOutput;
     import flash.utils.IDataOutput;
     import flash.utils.IExternalizable;
     import flash.utils.IExternalizable;
     import org.granite.collections.IPersistentCollection;
     import org.granite.collections.IPersistentCollection;
     import org.granite.meta;
     import org.granite.meta;
+    import org.granite.util.Enum;
 
 
     use namespace meta;
     use namespace meta;
 
 
@@ -21,10 +23,10 @@ package fi.insomnia.bortal.model {
         private var __initialized:Boolean = true;
         private var __initialized:Boolean = true;
         private var __detachedState:String = null;
         private var __detachedState:String = null;
 
 
-        private var _accessRight:AccessRight;
         private var _execute:Boolean;
         private var _execute:Boolean;
         private var _id:EventPk;
         private var _id:EventPk;
         private var _jpaVersionField:int;
         private var _jpaVersionField:int;
+        private var _permission:Permission;
         private var _read:Boolean;
         private var _read:Boolean;
         private var _role:Role;
         private var _role:Role;
         private var _write:Boolean;
         private var _write:Boolean;
@@ -40,13 +42,6 @@ package fi.insomnia.bortal.model {
             );
             );
         }
         }
 
 
-        public function set accessRight(value:AccessRight):void {
-            _accessRight = value;
-        }
-        public function get accessRight():AccessRight {
-            return _accessRight;
-        }
-
         public function set execute(value:Boolean):void {
         public function set execute(value:Boolean):void {
             _execute = value;
             _execute = value;
         }
         }
@@ -93,10 +88,10 @@ package fi.insomnia.bortal.model {
             __initialized = input.readObject() as Boolean;
             __initialized = input.readObject() as Boolean;
             __detachedState = input.readObject() as String;
             __detachedState = input.readObject() as String;
             if (meta::isInitialized()) {
             if (meta::isInitialized()) {
-                _accessRight = input.readObject() as AccessRight;
                 _execute = input.readObject() as Boolean;
                 _execute = input.readObject() as Boolean;
                 _id = input.readObject() as EventPk;
                 _id = input.readObject() as EventPk;
                 _jpaVersionField = input.readObject() as int;
                 _jpaVersionField = input.readObject() as int;
+                _permission = Enum.readEnum(input) as Permission;
                 _read = input.readObject() as Boolean;
                 _read = input.readObject() as Boolean;
                 _role = input.readObject() as Role;
                 _role = input.readObject() as Role;
                 _write = input.readObject() as Boolean;
                 _write = input.readObject() as Boolean;
@@ -110,10 +105,10 @@ package fi.insomnia.bortal.model {
             output.writeObject(__initialized);
             output.writeObject(__initialized);
             output.writeObject(__detachedState);
             output.writeObject(__detachedState);
             if (meta::isInitialized()) {
             if (meta::isInitialized()) {
-                output.writeObject(_accessRight);
                 output.writeObject(_execute);
                 output.writeObject(_execute);
                 output.writeObject(_id);
                 output.writeObject(_id);
                 output.writeObject(_jpaVersionField);
                 output.writeObject(_jpaVersionField);
+                output.writeObject(_permission);
                 output.writeObject(_read);
                 output.writeObject(_read);
                 output.writeObject(_role);
                 output.writeObject(_role);
                 output.writeObject(_write);
                 output.writeObject(_write);

code/LanBortalWeb/as3/fi/insomnia/bortal/model/UserBase.as

@@ -7,6 +7,7 @@
 
 
 package fi.insomnia.bortal.model {
 package fi.insomnia.bortal.model {
 
 
+    import fi.insomnia.bortal.enums.Gender;
     import flash.utils.IDataInput;
     import flash.utils.IDataInput;
     import flash.utils.IDataOutput;
     import flash.utils.IDataOutput;
     import flash.utils.IExternalizable;
     import flash.utils.IExternalizable;

code/LanBortalWeb/src/fi/insomnia/bortal/HostnameFilter.java

@@ -19,7 +19,7 @@ import org.slf4j.LoggerFactory;
 
 
 import fi.insomnia.bortal.beans.EventBeanLocal;
 import fi.insomnia.bortal.beans.EventBeanLocal;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
-import fi.insomnia.bortal.utilities.ThreadLocalContextHolder;
+import fi.insomnia.bortal.utilities.BortalLocalContextHolder;
 
 
 /**
 /**
  * Servlet Filter implementation class HostnameFilter
  * Servlet Filter implementation class HostnameFilter
@@ -52,9 +52,9 @@ public class HostnameFilter implements Filter {
             httpRequest = ((HttpServletRequest) request);
             httpRequest = ((HttpServletRequest) request);
             StringBuffer url = httpRequest.getRequestURL();
             StringBuffer url = httpRequest.getRequestURL();
             Subject subj = Subject.getSubject(AccessController.getContext());
             Subject subj = Subject.getSubject(AccessController.getContext());
-            logger.debug("request URL: {}", url);
             int beginindex = 7; // Let's skip http://
             int beginindex = 7; // Let's skip http://
 
 
+            
             int slashindex = url.indexOf("/", beginindex);
             int slashindex = url.indexOf("/", beginindex);
             // Find the first / from URL after http://
             // Find the first / from URL after http://
             int colonindex = url.indexOf(":", beginindex);
             int colonindex = url.indexOf(":", beginindex);
@@ -66,20 +66,19 @@ public class HostnameFilter implements Filter {
                 lastindex = url.length() - 1;
                 lastindex = url.length() - 1;
             }
             }
             String hostname = url.substring(beginindex, lastindex);
             String hostname = url.substring(beginindex, lastindex);
-            logger.debug("Setting hostname to {} ", hostname);
+
             httpRequest.getSession().setAttribute(EventBeanLocal.HTTP_URL_HOSTNAME, hostname);
             httpRequest.getSession().setAttribute(EventBeanLocal.HTTP_URL_HOSTNAME, hostname);
 
 
-            ThreadLocalContextHolder.put(EventBeanLocal.HTTP_URL_HOSTNAME, hostname);
+            BortalLocalContextHolder.setHostname( hostname);
         }
         }
         // pass the request along the filter chain
         // pass the request along the filter chain
 
 
         try {
         try {
             chain.doFilter(request, response);
             chain.doFilter(request, response);
-        } catch (Throwable t) {
-            logger.debug("Got exception {} at hostnamefilter", t.getClass());
+        } catch (ServletException t) {
+
             Throwable cause = t.getCause();
             Throwable cause = t.getCause();
             while (cause != null) {
             while (cause != null) {
-                logger.debug("exception cause: {}", cause.getClass());
                 cause = cause.getCause();
                 cause = cause.getCause();
                 if(cause instanceof PermissionDeniedException)
                 if(cause instanceof PermissionDeniedException)
                 {
                 {
@@ -89,14 +88,16 @@ public class HostnameFilter implements Filter {
                         httpresp.reset();
                         httpresp.reset();
                         httpresp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                         httpresp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                         httpresp.getWriter().println("Permission denied!!");
                         httpresp.getWriter().println("Permission denied!!");
+                        logger.debug("Got PermissionDenied wrapped in stuff. Throwing PermissionDenied without stuff.!");
                         throw (PermissionDeniedException)cause;
                         throw (PermissionDeniedException)cause;
                     }
                     }
 
 
                 }
                 }
             }
             }
+            throw t;
 
 
         } finally {
         } finally {
-            ThreadLocalContextHolder.cleanupThread();
+            BortalLocalContextHolder.cleanupThread();
         }
         }
     }
     }
 
 

code/LanBortalWeb/src/fi/insomnia/bortal/handler/SessionHandler.java

@@ -152,6 +152,11 @@ public class SessionHandler {
         boolean ret = userbean.isLoggedIn();
         boolean ret = userbean.isLoggedIn();
         return ret;
         return ret;
     }
     }
+    public boolean isSuperadmin()
+    {
+        return userbean.getCurrentUser().isSuperadmin();
+        
+    }
 
 
   
   
 }
 }

code/LanBortalWeb/src/fi/insomnia/bortal/view/RoleView.java

@@ -4,7 +4,9 @@
  */
  */
 package fi.insomnia.bortal.view;
 package fi.insomnia.bortal.view;
 
 
+import java.util.HashSet;
 import java.util.List;
 import java.util.List;
+import java.util.Set;
 
 
 import javax.ejb.EJB;
 import javax.ejb.EJB;
 import javax.faces.bean.ManagedBean;
 import javax.faces.bean.ManagedBean;
@@ -39,21 +41,29 @@ public class RoleView {
     @EJB
     @EJB
     private RoleBeanLocal roleBean;
     private RoleBeanLocal roleBean;
     private static final Logger logger = LoggerFactory.getLogger(RoleView.class);
     private static final Logger logger = LoggerFactory.getLogger(RoleView.class);
-
-    @EJB
-    private SecurityBeanLocal securitybean;
     @EJB
     @EJB
     private UserBeanLocal userbean;
     private UserBeanLocal userbean;
+    private Set<String> roleParents;
 
 
     private Role role;
     private Role role;
     private DataModel<Role> items;
     private DataModel<Role> items;
 
 
     private ListDataModel<RoleRight> rolerights;
     private ListDataModel<RoleRight> rolerights;
 
 
-    public DataModel<Role> getRoles() {
+    public List<Role> getRoleList() {
+        userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.READ);
+        return roleBean.listRoles();
+    }
+
+    public DataModel<Role> getItems() {
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.READ);
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.READ);
 
 
-        items = new ListDataModel<Role>(roleBean.listRoles());
+        return items;
+    }
+
+    public DataModel<Role> getRoles() {
+
+        items = new ListDataModel<Role>(getRoleList());
         logger.info("Fetching roles. Found {}", items.getRowCount());
         logger.info("Fetching roles. Found {}", items.getRowCount());
 
 
         return items;
         return items;
@@ -95,13 +105,32 @@ public class RoleView {
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.WRITE, "Does not have permission to create role!");
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.WRITE, "Does not have permission to create role!");
         logger.debug("Creating role {}", getRole());
         logger.debug("Creating role {}", getRole());
         role = roleBean.create(getRole());
         role = roleBean.create(getRole());
-
+        saveParents();
         return "roleCreated";
         return "roleCreated";
     }
     }
 
 
+    private void saveParents() {
+        for(Role parent: getPossibleParents())
+        {
+            Integer parentid = parent.getId().getId();
+            boolean contains = this.roleParents.contains(parentid.toString());
+            if(contains)
+            {
+                if(!parent.getChildren().contains(role));
+                {
+                    parent.getChildren().add(role);
+                }
+            }
+            else {
+                parent.getChildren().remove(role);
+            }
+        }
+    }
+
     public String edit() {
     public String edit() {
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.READ);
         userbean.fatalPermission(Permission.ROLE_MANAGEMENT, RolePermission.READ);
 
 
+        logger.info("Editing row from items");
         setRole(items.getRowData());
         setRole(items.getRowData());
         rolerights = null;
         rolerights = null;
         items = null;
         items = null;
@@ -130,15 +159,25 @@ public class RoleView {
      *            the role to set
      *            the role to set
      */
      */
     public void setRole(Role role) {
     public void setRole(Role role) {
+        roleParents = new HashSet<String>();
+        for (Role parent : role.getParents()) {
+            roleParents.add(parent.getId().getId().toString());
+        }
         this.role = role;
         this.role = role;
     }
     }
 
 
-    
-
     /**
     /**
      * @return the possibleParents
      * @return the possibleParents
      */
      */
     public List<Role> getPossibleParents() {
     public List<Role> getPossibleParents() {
         return roleBean.getPossibleParents(getRole());
         return roleBean.getPossibleParents(getRole());
     }
     }
+
+    public void setRoleParents(Set<String> roleParents) {
+        this.roleParents = roleParents;
+    }
+
+    public Set<String> getRoleParents() {
+        return roleParents;
+    }
 }
 }

code/LanBortalWeb/src/fi/insomnia/bortal/view/TestDataView.java

@@ -4,6 +4,8 @@
  */
  */
 package fi.insomnia.bortal.view;
 package fi.insomnia.bortal.view;
 
 
+import java.util.List;
+
 import javax.ejb.EJB;
 import javax.ejb.EJB;
 import javax.faces.bean.ManagedBean;
 import javax.faces.bean.ManagedBean;
 import javax.faces.bean.ManagedProperty;
 import javax.faces.bean.ManagedProperty;
@@ -12,10 +14,12 @@ import javax.faces.bean.RequestScoped;
 import org.slf4j.Logger;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.LoggerFactory;
 
 
+import fi.insomnia.bortal.beans.RoleBeanLocal;
 import fi.insomnia.bortal.beans.TestDataBeanLocal;
 import fi.insomnia.bortal.beans.TestDataBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.model.EventMap;
 import fi.insomnia.bortal.model.EventMap;
+import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.model.User;
 
 
 /**
 /**
@@ -32,12 +36,15 @@ public class TestDataView {
     private TestDataBeanLocal testdatabean;
     private TestDataBeanLocal testdatabean;
     @EJB
     @EJB
     private UserBeanLocal userbean;
     private UserBeanLocal userbean;
- public void generateData() {
-        
+    @EJB
+    private RoleBeanLocal rolebean;
+
+    public void generateData() {
+
         User user = testdatabean.createUser();
         User user = testdatabean.createUser();
         User admin = testdatabean.createAdmin();
         User admin = testdatabean.createAdmin();
 
 
-        testdatabean.createBill( user);
+        testdatabean.createBill(user);
         EventMap map = testdatabean.generateTestMap();
         EventMap map = testdatabean.generateTestMap();
 
 
         testdatabean.generateTestPlaces(map);
         testdatabean.generateTestPlaces(map);
@@ -50,7 +57,7 @@ public class TestDataView {
         testdatabean.generateTestMap();
         testdatabean.generateTestMap();
         for (long i = 100; i < 1024 * 100; i += 100) {
         for (long i = 100; i < 1024 * 100; i += 100) {
             logger.debug("Writing data with {} chars", i);
             logger.debug("Writing data with {} chars", i);
-            testdatabean.writeMap( i);
+            testdatabean.writeMap(i);
         }
         }
 
 
     }
     }
@@ -71,16 +78,24 @@ public class TestDataView {
     public TestDataView() {
     public TestDataView() {
     }
     }
 
 
-
     public String printPlacesInfo() {
     public String printPlacesInfo() {
         testdatabean.printPlacesInfo();
         testdatabean.printPlacesInfo();
 
 
         return null;
         return null;
     }
     }
 
 
-    public void contextTest()
-    {
+    public void contextTest() {
         testdatabean.contextTest();
         testdatabean.contextTest();
     }
     }
-    
+
+    public void roletest() {
+        User usr = userbean.getCurrentUser();
+        List<Role> roles = rolebean.listRoles();
+         Role role = roles.get(roles.size() - 1);
+        role.getUsers().add(usr);
+        logger.debug("roles before: {}", role.getUsers());
+        rolebean.mergeChanges(role);
+        logger.debug("roles after: {}", usr.getRoles());
+
+    }
 }
 }

code/LanBortalWeb/src/fi/insomnia/bortal/view/UserView.java

 package fi.insomnia.bortal.view;
 package fi.insomnia.bortal.view;
 
 
+import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
 import java.util.List;
+import java.util.Set;
 
 
 import javax.ejb.EJB;
 import javax.ejb.EJB;
 import javax.faces.application.FacesMessage;
 import javax.faces.application.FacesMessage;
@@ -8,19 +11,25 @@ import javax.faces.bean.ManagedBean;
 import javax.faces.bean.ManagedProperty;
 import javax.faces.bean.ManagedProperty;
 import javax.faces.bean.SessionScoped;
 import javax.faces.bean.SessionScoped;
 import javax.faces.context.FacesContext;
 import javax.faces.context.FacesContext;
+import javax.faces.event.AbortProcessingException;
+import javax.faces.event.ActionEvent;
+import javax.faces.event.ActionListener;
 import javax.faces.model.ListDataModel;
 import javax.faces.model.ListDataModel;
 
 
 import org.slf4j.Logger;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.LoggerFactory;
 
 
 import fi.insomnia.bortal.I18n;
 import fi.insomnia.bortal.I18n;
+import fi.insomnia.bortal.beans.RoleBeanLocal;
 import fi.insomnia.bortal.beans.SecurityBeanLocal;
 import fi.insomnia.bortal.beans.SecurityBeanLocal;
 import fi.insomnia.bortal.beans.JaasBeanLocal;
 import fi.insomnia.bortal.beans.JaasBeanLocal;
+import fi.insomnia.bortal.beans.SecurityLogType;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.enums.Permission;
 import fi.insomnia.bortal.enums.Permission;
 import fi.insomnia.bortal.enums.RolePermission;
 import fi.insomnia.bortal.enums.RolePermission;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
 import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.handler.SessionHandler;
+import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.model.User;
 
 
 @ManagedBean(name = "userView")
 @ManagedBean(name = "userView")
@@ -31,41 +40,76 @@ public class UserView {
     private SessionHandler sessionhandler;
     private SessionHandler sessionhandler;
 
 
     @EJB
     @EJB
-    private JaasBeanLocal sessionbean;
-
-    @EJB
     private UserBeanLocal userBean;
     private UserBeanLocal userBean;
+    @EJB
+    private SecurityBeanLocal securitybean;
+    @EJB
+    private RoleBeanLocal roleBean;
+
     private static final Logger logger = LoggerFactory.getLogger(UserView.class);
     private static final Logger logger = LoggerFactory.getLogger(UserView.class);
     private User user;
     private User user;
     private ListDataModel<User> items;
     private ListDataModel<User> items;
     private String login;
     private String login;
     private String password;
     private String password;
-    @EJB
-    private SecurityBeanLocal securitybean;
 
 
     public String edit() {
     public String edit() {
         userBean.fatalPermission(Permission.USER_MANAGEMENT, RolePermission.READ);
         userBean.fatalPermission(Permission.USER_MANAGEMENT, RolePermission.READ);
 
 
         setUser(items.getRowData());
         setUser(items.getRowData());
-        logger.info("Editing: Firstname: {} ", getUser().getFirstnames());
 
 
         return "userEdit";
         return "userEdit";
     }
     }
 
 
-    public void initSelfedit() {
+    private Set<String> userRoleIds;
+
+    public List<Role> getUserRoles() {
+        userRoleIds = new HashSet<String>();
+        List<Role> roles = user.getRoles();
+        if (roles == null) {
+            roles = new ArrayList<Role>();
+        } else {
+            for (Role role : roles) {
+                userRoleIds.add(role.getId().getId().toString());
+            }
+        }
+        return roleBean.listRoles();
+    }
+
+    public void saveRoles() {
+        logger.debug("saving roles: {}", userRoleIds);
+        for (Role role : roleBean.listRoles()) {
+            Integer roleid = role.getId().getId();
+            boolean contains = userRoleIds.contains(roleid.toString());
+            logger.debug("Roleid {} is contained in roleids {}", roleid, contains);
+            if (contains) {
+                if (!role.getUsers().contains(user)) {
+                    logger.debug("Adding role {} to user {}", role.getName(), user.getLogin());
+                    role.getUsers().add(user);
+                    roleBean.mergeChanges(role);
+                }
+            } else {
+                role.getUsers().remove(user);
+                logger.debug("Removing role {} form user {}", role.getName(), user.getLogin());
+                roleBean.mergeChanges(role);
+            }
+        }
+
+    }
+
+    public User getSelf() {
         userBean.fatalNotLoggedIn();
         userBean.fatalNotLoggedIn();
         user = userBean.getCurrentUser();
         user = userBean.getCurrentUser();
+        return user;
     }
     }
 
 
     public String createUser() {
     public String createUser() {
-        userBean.fatalPermission(Permission.USER_MANAGEMENT, RolePermission.WRITE, "does not have permission to create user!");
+        userBean.fatalPermission(Permission.LOGIN, RolePermission.WRITE, "does not have permission to create user!");
 
 
         if (null != userBean.getUser(login)) {
         if (null != userBean.getUser(login)) {
             FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(I18n.get("userview.userExists")));
             FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(I18n.get("userview.userExists")));
             return "create";
             return "create";
         }
         }
-
-        logger.info("Saving user");
+        logger.debug("Creating new user: {}", login);
         // Luodaan uusi käyttäjä UserBeanin funktiolla createNewUser jolle
         // Luodaan uusi käyttäjä UserBeanin funktiolla createNewUser jolle
         // annetaan parametrina pakolliset tiedot ( login ja salasana )
         // annetaan parametrina pakolliset tiedot ( login ja salasana )
         // Paluuarvona saadaan uusi uljas käyttäjä-olio.
         // Paluuarvona saadaan uusi uljas käyttäjä-olio.
@@ -76,17 +120,19 @@ public class UserView {
             logger.warn("Could not create user. function returned null!");
             logger.warn("Could not create user. function returned null!");
             return "create";
             return "create";
         }
         }
+        securitybean.logMessage(userBean.getCurrentUser(), "Created new user ", getUser().getLogin(), " with id: ", getUser().getId().toString());
 
 
         return "edit";
         return "edit";
     }
     }
 
 
-    public String saveUser() {
-        userBean.fatalPermission(Permission.USER_MANAGEMENT, RolePermission.WRITE);
-
+    public void saveUser() {
+        User thisusr = getUser();
+        if (!userBean.isCurrentUser(thisusr)) {
+            userBean.fatalPermission(Permission.USER_MANAGEMENT, RolePermission.WRITE);
+        }
         setUser(userBean.mergeChanges(getUser()));
         setUser(userBean.mergeChanges(getUser()));
-        logger.info("Firstname: {} ", getUser().getFirstnames());
+        FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(I18n.get("user.successfullySaved")));
 
 
-        return "userSave";
     }
     }
 
 
     public ListDataModel<User> getUsers() {
     public ListDataModel<User> getUsers() {
@@ -134,4 +180,16 @@ public class UserView {
     public SessionHandler getSessionhandler() {
     public SessionHandler getSessionhandler() {
         return sessionhandler;
         return sessionhandler;
     }
     }
+
+    public void setUserRoleIds(Set<String> userRoleIds) {
+        logger.debug("Set new user role id:s {}", userRoleIds);
+        this.userRoleIds = userRoleIds;
+    }
+
+    public Set<String> getUserRoleIds() {
+
+        logger.debug("Getting user role id:s: {}", userRoleIds);
+        return userRoleIds;
+    }
+
 }
 }

code/LanBortalWeb/src/resources/i18n_en.properties

@@ -104,3 +104,5 @@ permissiondenied.header=Permission denied!
 permissiondenied.notLoggedIn=You are not authorized to view this page. Logging in may help.
 permissiondenied.notLoggedIn=You are not authorized to view this page. Logging in may help.
 permissiondenied.alreadyLoggedIn=You are not authorized to view this page. If you think this is an error please contact the admins.
 permissiondenied.alreadyLoggedIn=You are not authorized to view this page. If you think this is an error please contact the admins.
 
 
+viewexpired.title=This view has expired
+viewexpired.body=Please login again.
\ No newline at end of file

code/LanBortalWeb/src/resources/i18n_fi.properties

@@ -54,3 +54,6 @@ user.sex.MALE=Mies
 user.sex.UNDEFINED=M\u00e4\u00e4rittelem\u00e4tt\u00e4
 user.sex.UNDEFINED=M\u00e4\u00e4rittelem\u00e4tt\u00e4
 user.username=K\u00e4ytt\u00e4j\u00e4tunnus
 user.username=K\u00e4ytt\u00e4j\u00e4tunnus
 user.validate.notUniqueUsername=K\u00e4ytt\u00e4j\u00e4tunnus on jo olemassa. Ole hyv\u00e4 ja valitse toinen tunnus
 user.validate.notUniqueUsername=K\u00e4ytt\u00e4j\u00e4tunnus on jo olemassa. Ole hyv\u00e4 ja valitse toinen tunnus
+
+viewexpired.title=Nkym on vanhentumut
+viewexpired.body=Ole hyv ja kirjaudu sisn uudelleen.
\ No newline at end of file