Merge branch 'master' of dev.intra.insomnia.fi:/data/bortal

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/RoleBean.java

@@ -5,7 +5,6 @@
 
 package fi.insomnia.bortal.beans;
 
-import fi.insomnia.bortal.RoleBeanLocal;
 import fi.insomnia.bortal.facade.RoleFacade;
 import fi.insomnia.bortal.model.Role;
 import java.util.List;

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SecurityBean.java

+package fi.insomnia.bortal.beans;
+
+import javax.ejb.Stateless;
+
+
+/**
+ * Session Bean implementation class SercurityBean
+ */
+@Stateless
+public class SecurityBean implements SecurityBeanLocal {
+
+    /**
+     * Default constructor. 
+     */
+    public SecurityBean() {
+        // TODO Auto-generated constructor stub
+    }
+
+    @Override
+    public void log(Exception permissionDeniedException) {
+        // TODO Auto-generated method stub
+        
+    }
+
+}

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java

@@ -10,8 +10,6 @@ import javax.ejb.Stateless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import fi.insomnia.bortal.RolePermission;
-import fi.insomnia.bortal.SessionHandlerBeanLocal;
 import fi.insomnia.bortal.facade.UserFacade;
 import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.RoleRight;

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java

@@ -9,7 +9,6 @@ import javax.ejb.Stateless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import fi.insomnia.bortal.UserBeanLocal;
 import fi.insomnia.bortal.facade.UserFacade;
 import fi.insomnia.bortal.model.User;
 

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/RoleBeanLocal.java → code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/RoleBeanLocal.java

@@ -3,7 +3,7 @@
  * and open the template in the editor.
  */
 
-package fi.insomnia.bortal;
+package fi.insomnia.bortal.beans;
 
 import fi.insomnia.bortal.model.Role;
 import java.util.List;

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/RolePermission.java → code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/RolePermission.java

-package fi.insomnia.bortal;
+package fi.insomnia.bortal.beans;
 
 public enum RolePermission {
     READ, WRITE, EXECUTE

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityBeanLocal.java

+package fi.insomnia.bortal.beans;
+
+import javax.ejb.Local;
+
+@Local
+public interface SecurityBeanLocal {
+
+    void log(Exception permissionDeniedException);
+
+}

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/SessionHandlerBeanLocal.java → code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBeanLocal.java

-package fi.insomnia.bortal;
+package fi.insomnia.bortal.beans;
 import javax.ejb.Local;
 
 import fi.insomnia.bortal.model.User;

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/UserBeanLocal.java → code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UserBeanLocal.java

-package fi.insomnia.bortal;
+package fi.insomnia.bortal.beans;
 
 import java.util.List;
 

code/LanBortalWeb/WebContent/WEB-INF/faces-config.xml

 <?xml version="1.0"?>
-<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
+<faces-config
+	xmlns="http://java.sun.com/xml/ns/javaee"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
             http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
-	version="2.0">
+	version="2.0"
+>
 	<application>
 		<resource-bundle>
 			<base-name>i18n</base-name>
@@ -22,34 +24,41 @@
 
 		</locale-config>
 	</application>
-    <navigation-rule>
-        <from-view-id>/user/list.xhtml</from-view-id>
-        <navigation-case>
-            <from-outcome>userEdit</from-outcome>
-            <to-view-id>/NotImplementedYet.xhtml</to-view-id>
-        </navigation-case>
-    </navigation-rule>
-    <navigation-rule>
-        <from-view-id>/user/edit.xhtml</from-view-id>
-        <navigation-case>
-            <from-outcome>userSave</from-outcome>
-            <to-view-id>/NotImplementedYet.xhtml</to-view-id>
-        </navigation-case>
-    </navigation-rule>
-    <navigation-rule>
-        <from-view-id>/resources/tools/user/list.xhtml</from-view-id>
-        <navigation-case>
-            <from-outcome>userEdit</from-outcome>
-            <to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
-        </navigation-case>
-    </navigation-rule>
-    <navigation-rule>
-        <from-view-id>/resources/tools/user/edit.xhtml</from-view-id>
-        <navigation-case>
-            <from-outcome>userSave</from-outcome>
-            <to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
-        </navigation-case>
-    </navigation-rule>
+	<navigation-rule>
+		<from-view-id>*</from-view-id>
+		<navigation-case>
+			<from-outcome>permissionDenied</from-outcome>
+			<to-view-id>/permissionDenied.xhtml</to-view-id>
+		</navigation-case>
+	</navigation-rule>
+	<navigation-rule>
+		<from-view-id>/user/list.xhtml</from-view-id>
+		<navigation-case>
+			<from-outcome>userEdit</from-outcome>
+			<to-view-id>/NotImplementedYet.xhtml</to-view-id>
+		</navigation-case>
+	</navigation-rule>
+	<navigation-rule>
+		<from-view-id>/user/edit.xhtml</from-view-id>
+		<navigation-case>
+			<from-outcome>userSave</from-outcome>
+			<to-view-id>/NotImplementedYet.xhtml</to-view-id>
+		</navigation-case>
+	</navigation-rule>
+	<navigation-rule>
+		<from-view-id>/resources/tools/user/list.xhtml</from-view-id>
+		<navigation-case>
+			<from-outcome>userEdit</from-outcome>
+			<to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
+		</navigation-case>
+	</navigation-rule>
+	<navigation-rule>
+		<from-view-id>/resources/tools/user/edit.xhtml</from-view-id>
+		<navigation-case>
+			<from-outcome>userSave</from-outcome>
+			<to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
+		</navigation-case>
+	</navigation-rule>
 </faces-config>
 
 

code/LanBortalWeb/WebContent/resources/tools/user/edit.xhtml

@@ -15,7 +15,7 @@
     </composite:interface>
 
     <composite:implementation>
-
+	
         <h:form>
             <h:panelGrid columns="2">
                 <h:outputLabel value="#{i18n['user.nick']}:" /><h:outputLabel value="#{userView.user.nick}" />

code/LanBortalWeb/src/fi/insomnia/bortal/exceptions/PermissionDeniedException.java

+package fi.insomnia.bortal.exceptions;
+
+import fi.insomnia.bortal.beans.SecurityBeanLocal;
+
+public class PermissionDeniedException extends RuntimeException {
+
+    public PermissionDeniedException(String message, SecurityBeanLocal bean) {
+        super(message);
+        bean.log(this);
+    }
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = 7909254489997475124L;
+
+}

code/LanBortalWeb/src/fi/insomnia/bortal/handler/SessionHandler.java

@@ -10,8 +10,8 @@ import javax.ejb.EJB;
 import javax.enterprise.context.SessionScoped;
 import javax.faces.bean.ManagedBean;
 
-import fi.insomnia.bortal.RolePermission;
-import fi.insomnia.bortal.SessionHandlerBeanLocal;
+import fi.insomnia.bortal.beans.RolePermission;
+import fi.insomnia.bortal.beans.SessionHandlerBeanLocal;
 import fi.insomnia.bortal.model.User;
 
 /**

code/LanBortalWeb/src/fi/insomnia/bortal/view/RoleView.java

@@ -5,7 +5,7 @@
 
 package fi.insomnia.bortal.view;
 
-import fi.insomnia.bortal.RoleBeanLocal;
+import fi.insomnia.bortal.beans.RoleBeanLocal;
 import fi.insomnia.bortal.model.Role;
 import fi.insomnia.bortal.model.User;
 import java.util.List;

code/LanBortalWeb/src/fi/insomnia/bortal/view/UserView.java

@@ -4,19 +4,27 @@ import java.util.List;
 
 import javax.ejb.EJB;
 import javax.faces.bean.ManagedBean;
+import javax.faces.bean.ManagedProperty;
 import javax.faces.bean.SessionScoped;
 import javax.faces.model.ListDataModel;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import fi.insomnia.bortal.UserBeanLocal;
+import fi.insomnia.bortal.beans.SecurityBeanLocal;
+import fi.insomnia.bortal.beans.UserBeanLocal;
+import fi.insomnia.bortal.exceptions.PermissionDeniedException;
+import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.model.User;
 
 @ManagedBean(name = "userView")
 @SessionScoped
 public class UserView {
 
+    @ManagedProperty("#{sessionHandler}")
+    private SessionHandler sessionhandler;
+    
+
     @EJB
     private UserBeanLocal userBean;
     private static final Logger logger = LoggerFactory.getLogger(UserView.class);
@@ -24,6 +32,8 @@ public class UserView {
     private ListDataModel<User> items;
     private String nick;
     private String password;
+    @EJB
+    private SecurityBeanLocal securitybean;
 
     public String edit() {
         setUser(items.getRowData());
@@ -35,6 +45,11 @@ public class UserView {
     }
 
     public String createUser() {
+        if (!sessionhandler.canWrite("userManagement")) {
+            // Give message to administration what happened here.
+            throw new PermissionDeniedException("User " + sessionhandler.getUser() + " does not have permission to create user!",securitybean);
+        }
+
         logger.info("Saving user");
         // Luodaan uusi kÔøΩyttÔøΩjÔøΩ UserBeanin funktiolla createNewUser jolle
         // annetaan parametrina pakolliset tiedot ( nick ja salasana )