Skip to content

Riina Antikainen / Moya

Go to a project
Commit b7957051 by Tuomas Riihimäki
Options

Implemented SessionHandlerBean.hasPermission()

1 parent 1ac734f9
Inline Side-by-side
Showing with 72 additions and 16 deletions
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
package fi.insomnia.bortal.beans; package fi.insomnia.bortal.beans;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.ejb.EJB; import javax.ejb.EJB;
import javax.ejb.Stateless; import javax.ejb.Stateless;
...@@ -16,10 +20,11 @@ import fi.insomnia.bortal.model.User; ...@@ -16,10 +20,11 @@ import fi.insomnia.bortal.model.User;
@Stateless @Stateless
public class SessionHandlerBean implements SessionHandlerBeanLocal { public class SessionHandlerBean implements SessionHandlerBeanLocal {
@EJB @EJB
private UserFacade userfacade; private UserFacade userfacade;
/** /**
* Default constructor. * Default constructor.
*/ */
public SessionHandlerBean() { public SessionHandlerBean() {
// TODO Auto-generated constructor stub // TODO Auto-generated constructor stub
...@@ -28,16 +33,53 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal { ...@@ -28,16 +33,53 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
@Override @Override
public boolean hasPermission(String target, User user, RolePermission permission) { public boolean hasPermission(String target, User user, RolePermission permission) {
User dbusr = userfacade.find(user.getId()); User dbusr = userfacade.find(user.getId());
Set<Role> checkedRoles = new HashSet<Role>();
for (Role r : dbusr.getRoles()) {
for(Role r : dbusr.getRoles()) if (getRights(r, target, permission, checkedRoles)) {
return true;
}
}
return false;
}
private static boolean getRights(Role role,String target,RolePermission permission, Set<Role> checkedRoles) {
if(checkedRoles.contains(role))
{ {
for(RoleRight rr : r.getRoleRights()) return false;
}
for (RoleRight rr : role.getRoleRights()) {
if (rr.getAccessRight().getAccessRight().equals(target)) {
switch (permission) {
case READ:
if (rr.getRead()) {
return true;
}
break;
case WRITE:
if (rr.getWrite()) {
return true;
}
break;
case EXECUTE:
if (rr.isExecute()) {
return true;
}
}
}
}
checkedRoles.add(role);
for (Role r : role.getParents()) {
if(getRights(r,target,permission,checkedRoles))
{ {
if(rr.get) return true;
} }
} }
return false;
} }
} }
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/RolePermission.java
package fi.insomnia.bortal; package fi.insomnia.bortal;
public enum RolePermission { public enum RolePermission {
READ, WRITE, EXECUTE
} }
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/SessionHandlerBeanLocal.java
package fi.insomnia.bortal; package fi.insomnia.bortal;
import javax.ejb.Local; import javax.ejb.Local;
import fi.insomnia.bortal.beans.RolePermission;
import fi.insomnia.bortal.model.User; import fi.insomnia.bortal.model.User;
@Local @Local
......
code/LanBortalWeb/src/fi/insomnia/bortal/handler/SessionHandler.java
...@@ -10,28 +10,42 @@ import javax.ejb.EJB; ...@@ -10,28 +10,42 @@ import javax.ejb.EJB;
import javax.enterprise.context.SessionScoped; import javax.enterprise.context.SessionScoped;
import javax.faces.bean.ManagedBean; import javax.faces.bean.ManagedBean;
import fi.insomnia.bortal.RolePermission;
import fi.insomnia.bortal.SessionHandlerBeanLocal; import fi.insomnia.bortal.SessionHandlerBeanLocal;
import fi.insomnia.bortal.model.User; import fi.insomnia.bortal.model.User;
/** /**
* *
* @author tuukka * @author tuukka
*/ */
@ManagedBean(name="SessionHandler") @ManagedBean(name = "SessionHandler")
@SessionScoped @SessionScoped
public class SessionHandler { public class SessionHandler {
@EJB @EJB
private SessionHandlerBeanLocal handlerbean; private SessionHandlerBeanLocal handlerbean;
private User user; private User user;
/** Creates a new instance of SessionHandler */ /** Creates a new instance of SessionHandler */
public SessionHandler() { public SessionHandler() {
} }
public boolean hasPermission(String target) { public boolean hasPermission(String target, String permission) {
handlerbean.hasPermission(target, getUser()); RolePermission perm = RolePermission.READ;
if (permission.equals("write")) {
throw new UnsupportedOperationException("Not yet implemented"); perm = RolePermission.WRITE;
} else if (permission.equals("execute")) {
perm = RolePermission.EXECUTE;
}
return hasPermission(target, perm);
}
public boolean hasPermission(String target, RolePermission permission) {
return handlerbean.hasPermission(target, getUser(), permission);
} }
public void setUser(User user) { public void setUser(User user) {
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!