Merge branch 'devel' of codecrew.fi:bortal into devel

Conflicts:
	code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/MenuBean.java

code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/MenuBean.java

@@ -118,9 +118,9 @@ public class MenuBean implements MenuBeanLocal {
 
 
 		userprofile.addPage(menuitemfacade.findOrCreate("/user/edit"), UserPermission.VIEW_SELF);
 		userprofile.addPage(menuitemfacade.findOrCreate("/user/edit"), UserPermission.VIEW_SELF);
 		userprofile.addPage(menuitemfacade.findOrCreate("/user/changePassword"), UserPermission.VIEW_SELF);
 		userprofile.addPage(menuitemfacade.findOrCreate("/user/changePassword"), UserPermission.VIEW_SELF);
-		userprofile.addPage(menuitemfacade.findOrCreate("/user/gameids"), TournamentPermission.PARTICIPATE);
+		userprofile.addPage(menuitemfacade.findOrCreate("/user/gameids"), UserPermission.MODIFY_OWN_GAMEIDS);
 		userprofile.addPage(menuitemfacade.findOrCreate("/auth/logout"), UserPermission.LOGOUT);
 		userprofile.addPage(menuitemfacade.findOrCreate("/auth/logout"), UserPermission.LOGOUT);
-
+		
 		MenuNavigation tournaments = usermenu.addPage(null, null);
 		MenuNavigation tournaments = usermenu.addPage(null, null);
 		tournaments.setKey("tournaments.menutitle");
 		tournaments.setKey("tournaments.menutitle");
 		tournaments.addPage(menuitemfacade.findOrCreate("/tournaments/index"), TournamentPermission.VIEW);
 		tournaments.addPage(menuitemfacade.findOrCreate("/tournaments/index"), TournamentPermission.VIEW);
@@ -240,7 +240,7 @@ public class MenuBean implements MenuBeanLocal {
 		// shopnavi.addPage(menuitemfacade.findOrCreate("/index3"),
 		// shopnavi.addPage(menuitemfacade.findOrCreate("/index3"),
 		// UserPermission.ANYUSER);
 		// UserPermission.ANYUSER);
 		navifacade.create(shopmenu);
 		navifacade.create(shopmenu);
-
+		
 		MenuNavigation tournamentsadm = adminmenu.addPage(null, null);
 		MenuNavigation tournamentsadm = adminmenu.addPage(null, null);
 		tournamentsadm.setKey("tournaments.menutitle");
 		tournamentsadm.setKey("tournaments.menutitle");
 		tournamentsadm.addPage(menuitemfacade.findOrCreate("/tournaments/admin/index"), TournamentPermission.MANAGE_ALL);
 		tournamentsadm.addPage(menuitemfacade.findOrCreate("/tournaments/admin/index"), TournamentPermission.MANAGE_ALL);

code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/UserBean.java

@@ -526,7 +526,7 @@ public class UserBean implements UserBeanLocal {
 		return evu;
 		return evu;
 	}
 	}
 	@Override
 	@Override
-	@RolesAllowed(SpecialPermission.S_USER)
+	@RolesAllowed(UserPermission.S_MODIFY_OWN_GAMEIDS)
 	public void addGameID(TournamentGame game, String gameid) {
 	public void addGameID(TournamentGame game, String gameid) {
 		EventUser u = permbean.getCurrentUser();
 		EventUser u = permbean.getCurrentUser();
 		
 		
@@ -541,19 +541,23 @@ public class UserBean implements UserBeanLocal {
 	}
 	}
 	
 	
 	@Override
 	@Override
-	@RolesAllowed(SpecialPermission.S_USER)
+	@RolesAllowed(UserPermission.S_MODIFY_OWN_GAMEIDS)
 	public void removeGameIdById(Integer gameIdId) {
 	public void removeGameIdById(Integer gameIdId) {
 		GameID gi = gameIDFacade.find(gameIdId);
 		GameID gi = gameIDFacade.find(gameIdId);
+		
+		// In the future we may edit other peoples' gameids, leave this as a placeholder for now
+		// At the very least it safeguards the situation if user gets another users gameid in somehow..
 		if(!permbean.isCurrentUser(gi.getEventUser())) {
 		if(!permbean.isCurrentUser(gi.getEventUser())) {
 			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "User tried to remove GameID from another user: " + gi.getEventUser());
 			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "User tried to remove GameID from another user: " + gi.getEventUser());
 			throw new EJBAccessException("Not enough rights to remove another users' GameIDs");
 			throw new EJBAccessException("Not enough rights to remove another users' GameIDs");
 		}
 		}
+		
 		gi.getEventUser().getGameIDs().remove(gi);
 		gi.getEventUser().getGameIDs().remove(gi);
 		gameIDFacade.remove(gi);
 		gameIDFacade.remove(gi);
 	}
 	}
 	
 	
 	@Override
 	@Override
-	@RolesAllowed(SpecialPermission.S_USER)
+	@RolesAllowed(UserPermission.S_VIEW_ALL_GAMEIDS)
 	public GameID getGameIDByGameAndUser(TournamentGame tg, EventUser user) {
 	public GameID getGameIDByGameAndUser(TournamentGame tg, EventUser user) {
 		return gameIDFacade.getGameIDByGame(tg, user);
 		return gameIDFacade.getGameIDByGame(tg, user);
 	}
 	}

code/MoyaUtilities/src/main/java/fi/codecrew/moya/enums/apps/UserPermission.java

@@ -19,7 +19,9 @@ public enum UserPermission implements IAppPermission {
 	READ_ORGROLES, // ("View organization roles"),
 	READ_ORGROLES, // ("View organization roles"),
 	WRITE_ORGROLES, // ("Modify organization roles"),
 	WRITE_ORGROLES, // ("Modify organization roles"),
 	VITUTTAAKO,
 	VITUTTAAKO,
-	LOGGED_IN_USER;
+	LOGGED_IN_USER,
+	MODIFY_OWN_GAMEIDS,
+	VIEW_ALL_GAMEIDS;
 
 
 	public static final String S_VIEW_ALL = "USER/VIEW_ALL";
 	public static final String S_VIEW_ALL = "USER/VIEW_ALL";
 	public static final String S_MODIFY = "USER/MODIFY";
 	public static final String S_MODIFY = "USER/MODIFY";
@@ -37,6 +39,8 @@ public enum UserPermission implements IAppPermission {
 	public static final String S_READ_ORGROLES = "USER/READ_ORGROLES";
 	public static final String S_READ_ORGROLES = "USER/READ_ORGROLES";
 	public static final String S_WRITE_ORGROLES = "USER/WRITE_ORGROLES";
 	public static final String S_WRITE_ORGROLES = "USER/WRITE_ORGROLES";
 	public static final String S_VITUTTAAKO = "USER/VITUTTAAKO";
 	public static final String S_VITUTTAAKO = "USER/VITUTTAAKO";
+	public static final String S_MODIFY_OWN_GAMEIDS = "USER/MODIFY_OWN_GAMEIDS";
+	public static final String S_VIEW_ALL_GAMEIDS = "USER/VIEW_ALL_GAMEIDS";
 
 
 	private final String fullName;
 	private final String fullName;
 	private final String key;
 	private final String key;