* Permission checking before EJB checks.

* Convert users login to lowercase before trying to find from database

code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/JaasBean.java

@@ -50,7 +50,7 @@ public class JaasBean implements MoyaRealmBeanRemote {
 
 	public EventUser tryLogin(String username, String password) {
 
-		EventUser eventUser = eventUserFacade.findByLogin(username.trim());
+		EventUser eventUser = eventUserFacade.findByLogin(username.trim().toLowerCase());
 
 		User user = null;
 		// Might not have EventUser
@@ -106,7 +106,7 @@ public class JaasBean implements MoyaRealmBeanRemote {
 	@Override
 	public Enumeration<String> getGroupNames(String user) {
 		logger.info("Fetching groupNames for user {} event {}", user, eventbean.getCurrentEvent().getName());
-		EventUser usr = eventUserFacade.findByLogin(user);
+		EventUser usr = eventUserFacade.findByLogin(user.toLowerCase().trim());
 		HashSet<String> roleset = new HashSet<String>();
 		roleset.add(UserPermission.ANYUSER.getFullName());
 

code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/TournamentBean.java

@@ -16,14 +16,12 @@ import fi.codecrew.moya.facade.TournamentFacade;
 import fi.codecrew.moya.facade.TournamentGameFacade;
 import fi.codecrew.moya.facade.TournamentParticipantFacade;
 import fi.codecrew.moya.facade.TournamentRuleFacade;
-import fi.codecrew.moya.facade.UserFacade;
 import fi.codecrew.moya.model.EventUser;
 import fi.codecrew.moya.model.Tournament;
 import fi.codecrew.moya.model.TournamentGame;
 import fi.codecrew.moya.model.TournamentParticipant;
 import fi.codecrew.moya.model.TournamentRule;
 import fi.codecrew.moya.model.TournamentTeamMember;
-import fi.codecrew.moya.model.User;
 
 /**
  * Session Bean implementation class TournamentBean
@@ -32,43 +30,49 @@ import fi.codecrew.moya.model.User;
 @LocalBean
 public class TournamentBean implements TournamentBeanLocal {
 
-	@EJB private TournamentRuleFacade tournamentRuleFacade;
-	@EJB private TournamentGameFacade tournamentGameFacade;
-	@EJB private TournamentFacade tournamentFacade;
-	@EJB private TournamentParticipantFacade tournamentParticipantFacade;
-	@EJB private EventUserFacade eventUserFacade;
-	@EJB private EventBean eventBean;
-	
-    /**
-     * Default constructor. 
-     */
-    public TournamentBean() {
-        // TODO Auto-generated constructor stub
-    }
-    
-    @Override
-    @RolesAllowed(TournamentPermission.S_VIEW)
-    public List<TournamentRule> getRulesByGame(TournamentGame tg) {
-    	return tournamentRuleFacade.getRulesByGame(tg);
-    }
-    
-    @Override
-    @RolesAllowed(TournamentPermission.S_VIEW)
-    public List<TournamentGame> getGames() {
-    	return tournamentGameFacade.getGames();
-    }
-    
-    @Override
-    @RolesAllowed(TournamentPermission.S_MANAGE_ALL)
-    public TournamentGame createGame(TournamentGame tg) {
-    	return tournamentGameFacade.create(tg);
-    }
-    
-    @Override
-    @RolesAllowed(TournamentPermission.S_MANAGE_ALL)
-    public TournamentRule createRule(TournamentRule tr) {
-    	return tournamentRuleFacade.create(tr);
-    }
+	@EJB
+	private TournamentRuleFacade tournamentRuleFacade;
+	@EJB
+	private TournamentGameFacade tournamentGameFacade;
+	@EJB
+	private TournamentFacade tournamentFacade;
+	@EJB
+	private TournamentParticipantFacade tournamentParticipantFacade;
+	@EJB
+	private EventUserFacade eventUserFacade;
+	@EJB
+	private EventBean eventBean;
+
+	/**
+	 * Default constructor.
+	 */
+	public TournamentBean() {
+		// TODO Auto-generated constructor stub
+	}
+
+	@Override
+	@RolesAllowed(TournamentPermission.S_VIEW)
+	public List<TournamentRule> getRulesByGame(TournamentGame tg) {
+		return tournamentRuleFacade.getRulesByGame(tg);
+	}
+
+	@Override
+	@RolesAllowed(TournamentPermission.S_VIEW)
+	public List<TournamentGame> getGames() {
+		return tournamentGameFacade.getGames();
+	}
+
+	@Override
+	@RolesAllowed(TournamentPermission.S_MANAGE_ALL)
+	public TournamentGame createGame(TournamentGame tg) {
+		return tournamentGameFacade.create(tg);
+	}
+
+	@Override
+	@RolesAllowed(TournamentPermission.S_MANAGE_ALL)
+	public TournamentRule createRule(TournamentRule tr) {
+		return tournamentRuleFacade.create(tr);
+	}
 
 	@Override
 	@RolesAllowed(TournamentPermission.S_VIEW)
@@ -86,18 +90,18 @@ public class TournamentBean implements TournamentBeanLocal {
 	@RolesAllowed(TournamentPermission.S_MANAGE_ALL)
 	public void createTournament(Tournament tournament) throws Exception {
 		// Assert correct event
-		if(eventBean.getCurrentEvent().equals(tournament.getLanEvent()))
+		if (eventBean.getCurrentEvent().equals(tournament.getLanEvent()))
 			tournamentFacade.create(tournament);
 		else
 			throw new Exception("tournament.invalid_event");
 	}
-	
+
 	@Override
 	@RolesAllowed(TournamentPermission.S_VIEW)
 	public List<Tournament> getTournamentsInStatus(TournamentStatus status, boolean useTimeConstraints) {
 		return tournamentFacade.getTournamentsInStatusWithParticipationTimeIn(status, eventBean.getCurrentEvent());
 	}
-	
+
 	@Override
 	@RolesAllowed(TournamentPermission.S_VIEW)
 	public List<Tournament> getActiveTournaments() {
@@ -127,21 +131,23 @@ public class TournamentBean implements TournamentBeanLocal {
 	@RolesAllowed(TournamentPermission.S_PARTICIPATE)
 	public void createParticipation(TournamentParticipant tournamentParticipant) throws Exception {
 		Tournament t = tournamentFacade.find(tournamentParticipant.getTournament().getId());
-		
+
 		Date currentTime = new Date();
-		
+
 		// Assert registration time is correct
-		if(t.getRegistrationOpensAt() != null && t.getRegistrationClosesAt() != null && currentTime.after(t.getRegistrationOpensAt()) && currentTime.before(t.getRegistrationClosesAt())) {
+		if (t.getRegistrationOpensAt() != null && t.getRegistrationClosesAt() != null && currentTime.after(t.getRegistrationOpensAt()) && currentTime.before(t.getRegistrationClosesAt())) {
 			// Assert participant size is smaller than max
-			if(t.getParticipants().size() < t.getMaxParticipants()) {
+			if (t.getParticipants().size() < t.getMaxParticipants()) {
 				TournamentTeamMember capt = null;
-				for(TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) if(ttm.getRole() == TournamentTeamMemberRole.CAPTAIN) capt=ttm;
-				
+				for (TournamentTeamMember ttm : tournamentParticipant.getTeamMembers())
+					if (ttm.getRole() == TournamentTeamMemberRole.CAPTAIN)
+						capt = ttm;
+
 				// Assert team has a captain
-				if(capt != null) {
-					
+				if (capt != null) {
+
 					// Assert team has the correct number of players for a match
-					if(tournamentParticipant.getTeamMembers().size() >= tournamentParticipant.getTournament().getPlayersPerMatch()) {
+					if (tournamentParticipant.getTeamMembers().size() >= tournamentParticipant.getTournament().getPlayersPerMatch()) {
 						tournamentParticipant = tournamentParticipantFacade.create(tournamentParticipant);
 						t.getParticipants().add(tournamentParticipant);
 					} else {
@@ -161,25 +167,26 @@ public class TournamentBean implements TournamentBeanLocal {
 	@Override
 	@RolesAllowed(TournamentPermission.S_VIEW)
 	public boolean hasParticipations(EventUser currentUser, Tournament tournament) {
-		for(TournamentParticipant tp : tournament.getParticipants()) {
-			for(TournamentTeamMember tm : tp.getTeamMembers()) {
+		for (TournamentParticipant tp : tournament.getParticipants()) {
+			for (TournamentTeamMember tm : tp.getTeamMembers()) {
 				EventUser eu = tm.getEventUser();
 				System.out.println(eu.getNick());
-				if(eu.equals(currentUser)) {
+				if (eu.equals(currentUser)) {
 					return true;
 				}
 			}
 		}
-		
+
 		return false;
 	}
-	
+
 	@Override
 	@RolesAllowed(TournamentPermission.S_VIEW)
 	public EventUser findAvailablePlayerForTournamentByLogin(Tournament t, String login) throws Exception {
-		EventUser u = eventUserFacade.findByLogin(login);
-		if(u != null) {
-			if(!hasParticipations(u,t))
+
+		EventUser u = eventUserFacade.findByLogin(login.toLowerCase().trim());
+		if (u != null) {
+			if (!hasParticipations(u, t))
 				return u;
 			else
 				throw new Exception("tournaments.participation_already_exists");

code/MoyaWeb/src/fi/codecrew/moya/resources/i18n_fi.properties

@@ -912,7 +912,7 @@ submenu.shop.listReaders             = N\u00E4yt\u00E4 lukijat
 submenu.shop.shopToUser              = Osta k\u00E4ytt\u00E4j\u00E4lle
 submenu.shop.showReaderEvents        = Lukijan tapahtumat
 submenu.tournaments.admin.index      = Katsele ja hallinnoi
-submenu.tournaments.index            = Katsele ja osallistu
+submenu.tournaments.index            = Listaa turnaukset
 submenu.user.accountEvents           = Tilitapahtumat
 submenu.user.changePassword          = Vaihda salasana
 submenu.user.create                  = Luo k\u00E4ytt\u00E4j\u00E4

code/MoyaWeb/src/fi/codecrew/moya/web/cdiview/tournaments/TournamentListView.java

@@ -8,22 +8,29 @@ import javax.inject.Named;
 
 import fi.codecrew.moya.beans.TournamentBeanLocal;
 import fi.codecrew.moya.enums.TournamentStatus;
+import fi.codecrew.moya.enums.apps.TournamentPermission;
 import fi.codecrew.moya.model.Tournament;
+import fi.codecrew.moya.web.cdiview.GenericCDIView;
 
 @Named
 @RequestScoped
-public class TournamentListView {
-	
-	@EJB private TournamentBeanLocal tournamentBean;
-	
+public class TournamentListView extends GenericCDIView {
+
+	@EJB
+	private TournamentBeanLocal tournamentBean;
+
+	public void initView() {
+		super.requirePermissions(TournamentPermission.VIEW);
+	}
+
 	public List<Tournament> getSetupPhaseTournaments() {
 		return tournamentBean.getTournamentsInStatus(TournamentStatus.SETUP, true);
 	}
-	
+
 	public List<Tournament> getInProgressTournaments() {
 		return tournamentBean.getTournamentsInStatus(TournamentStatus.IN_PROGRESS, false);
 	}
-	
+
 	public List<Tournament> getCompletedTournaments() {
 		return tournamentBean.getTournamentsInStatus(TournamentStatus.COMPLETED, false);
 	}

code/MoyaWeb/src/fi/codecrew/moya/web/cdiview/tournaments/TournamentParticipateView.java

@@ -10,11 +10,11 @@ import javax.inject.Named;
 import fi.codecrew.moya.beans.PermissionBeanLocal;
 import fi.codecrew.moya.beans.TournamentBeanLocal;
 import fi.codecrew.moya.enums.TournamentTeamMemberRole;
+import fi.codecrew.moya.enums.apps.TournamentPermission;
 import fi.codecrew.moya.model.EventUser;
 import fi.codecrew.moya.model.Tournament;
 import fi.codecrew.moya.model.TournamentParticipant;
 import fi.codecrew.moya.model.TournamentTeamMember;
-import fi.codecrew.moya.utilities.I18n;
 import fi.codecrew.moya.utilities.jsf.MessageHelper;
 import fi.codecrew.moya.web.cdiview.GenericCDIView;
 
@@ -24,54 +24,56 @@ public class TournamentParticipateView extends GenericCDIView {
 	private static final long serialVersionUID = 8002140932622853455L;
 	private Tournament tournament;
 	private TournamentParticipant tournamentParticipant;
-	@EJB private TournamentBeanLocal tournamentBean;
-	@EJB private PermissionBeanLocal permissionBean; 
-	
+	@EJB
+	private TournamentBeanLocal tournamentBean;
+	@EJB
+	private PermissionBeanLocal permissionBean;
+
 	private String selectedPlayerLogin;
 	private String selectedBackupPlayerLogin;
-	
+
 	public Integer getTeamMax() {
 		return tournament.getPlayersPerMatch();
 	}
-	
+
 	public Integer getBackupMax() {
 		return (tournament.getPlayersPerTeam() - tournament.getPlayersPerMatch());
 	}
-	
+
 	public Integer getPlayerCount() {
 		return getPlayers().size();
 	}
-	
+
 	public Integer getBackupPlayerCount() {
 		return getBackupPlayers().size();
 	}
-	
+
 	public void removePlayerFromTeam(Integer euid) {
 		TournamentTeamMember ttcand = null;
-		for(TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
-			if(ttm.getEventUser().getId() == euid) {
+		for (TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
+			if (ttm.getEventUser().getId() == euid) {
 				ttcand = ttm;
 			}
 		}
-		
-		if(ttcand != null) {
-			if(ttcand.getRole() == TournamentTeamMemberRole.CAPTAIN) {
+
+		if (ttcand != null) {
+			if (ttcand.getRole() == TournamentTeamMemberRole.CAPTAIN) {
 				MessageHelper.err("tournament.cannot_remove_captain");
 			} else {
 				tournamentParticipant.getTeamMembers().remove(ttcand);
 			}
 		}
 	}
-	
+
 	public String participate(Integer tournamentId) {
 		tournament = tournamentBean.getTournamentById(tournamentId);
-		if(tournamentBean.hasParticipations(permissionBean.getCurrentUser(), tournament)) {
+		if (tournamentBean.hasParticipations(permissionBean.getCurrentUser(), tournament)) {
 			MessageHelper.err("tournament.already_participated_into_tournament");
 			return "/tournaments/index.xhtml";
 		}
 		this.beginConversation();
-		
-		if(tournament != null) {
+
+		if (tournament != null) {
 			tournamentParticipant = new TournamentParticipant();
 			tournamentParticipant.setTournament(tournament);
 			tournamentParticipant.setParticipator(permissionBean.getCurrentUser());
@@ -81,8 +83,8 @@ public class TournamentParticipateView extends GenericCDIView {
 			captain.setEventUser(permissionBean.getCurrentUser());
 			captain.setTeam(tournamentParticipant);
 			tournamentParticipant.getTeamMembers().add(captain);
-			
-			if(tournament.getPlayersPerTeam() == 1) {
+
+			if (tournament.getPlayersPerTeam() == 1) {
 				return "/tournaments/participate_single.xhtml";
 			} else {
 				return "/tournaments/participate_multi.xhtml";
@@ -91,97 +93,101 @@ public class TournamentParticipateView extends GenericCDIView {
 			return "/tournaments/index.xhtml";
 		}
 	}
-	
+
 	public String addMainPlayerToTeam() {
 		try {
 			EventUser p = tournamentBean.findAvailablePlayerForTournamentByLogin(this.tournament, selectedPlayerLogin);
-			for(TournamentTeamMember member : tournamentParticipant.getTeamMembers())
-				if(member.getEventUser().equals(p))
+			for (TournamentTeamMember member : tournamentParticipant.getTeamMembers())
+				if (member.getEventUser().equals(p))
 					throw new Exception("tournament.player_already_exists_in_team");
-			
-			if(p.isAnonymous()) {
+
+			if (p.isAnonymous()) {
 				throw new Exception("tournament.cannot_add_anon_user");
 			}
-			
+
 			TournamentTeamMember ttm = new TournamentTeamMember();
 			ttm.setEventUser(p);
 			ttm.setRole(TournamentTeamMemberRole.PLAYER);
 			ttm.setTeam(tournamentParticipant);
 			this.tournamentParticipant.getTeamMembers().add(ttm);
 			MessageHelper.info("tournament.player_successfully_added_to_team");
-			
+
 			this.selectedPlayerLogin = "";
 		} catch (Exception e) {
 			MessageHelper.err(e.getMessage());
 		}
 		return "";
 	}
-	
+
 	public String addBackupPlayerToTeam() {
 		try {
 			EventUser p = tournamentBean.findAvailablePlayerForTournamentByLogin(this.tournament, selectedBackupPlayerLogin);
-			for(TournamentTeamMember member : tournamentParticipant.getTeamMembers())
-				if(member.getEventUser().equals(p))
+			for (TournamentTeamMember member : tournamentParticipant.getTeamMembers())
+				if (member.getEventUser().equals(p))
 					throw new Exception("tournament.player_already_exists_in_team");
-			
-			if(p.isAnonymous()) {
+
+			if (p.isAnonymous()) {
 				throw new Exception("tournament.cannot_add_anon_user");
 			}
-			
+
 			TournamentTeamMember ttm = new TournamentTeamMember();
 			ttm.setEventUser(p);
 			ttm.setRole(TournamentTeamMemberRole.BACKUP_PLAYER);
 			ttm.setTeam(tournamentParticipant);
 			this.tournamentParticipant.getTeamMembers().add(ttm);
 			MessageHelper.info("tournament.backup_player_successfully_added_to_team");
-			
+
 			this.selectedBackupPlayerLogin = "";
 		} catch (Exception e) {
 			MessageHelper.err(e.getMessage());
 		}
 		return "";
 	}
-	
+
 	public List<TournamentTeamMember> getPlayers() {
 		ArrayList<TournamentTeamMember> ttms = new ArrayList<>();
-		for(TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
-			if(ttm.getRole() == TournamentTeamMemberRole.CAPTAIN || ttm.getRole() == TournamentTeamMemberRole.PLAYER) {
+		for (TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
+			if (ttm.getRole() == TournamentTeamMemberRole.CAPTAIN || ttm.getRole() == TournamentTeamMemberRole.PLAYER) {
 				ttms.add(ttm);
 			}
 		}
 		return ttms;
 	}
-	
+
 	public List<TournamentTeamMember> getBackupPlayers() {
 		ArrayList<TournamentTeamMember> ttms = new ArrayList<>();
-		for(TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
-			if(ttm.getRole() == TournamentTeamMemberRole.BACKUP_PLAYER) {
+		for (TournamentTeamMember ttm : tournamentParticipant.getTeamMembers()) {
+			if (ttm.getRole() == TournamentTeamMemberRole.BACKUP_PLAYER) {
 				ttms.add(ttm);
 			}
 		}
 		return ttms;
 	}
-	
+
 	public String saveParticipation() {
-		if(tournamentParticipant != null) {
+		if (tournamentParticipant != null) {
 			try {
 				tournamentBean.createParticipation(tournamentParticipant);
 				MessageHelper.info("tournament.participation_success");
-			} catch(Exception e) {
+			} catch (Exception e) {
 				MessageHelper.err(e.getMessage());
 			}
 		} else {
 			MessageHelper.err("tournament.participation_failed");
 		}
-		
+
 		this.endConversation();
 		return "/tournaments/index.xhtml";
 	}
-	
+
 	public String cancelParticipation() {
 		this.endConversation();
 		return "/tournaments/index.xhtml";
-	} 
+	}
+
+	public boolean canParticipate() {
+		return super.hasPermission(TournamentPermission.PARTICIPATE);
+	}
 
 	public Tournament getTournament() {
 		return tournament;
@@ -190,11 +196,11 @@ public class TournamentParticipateView extends GenericCDIView {
 	public void setTournament(Tournament tournament) {
 		this.tournament = tournament;
 	}
-	
+
 	public TournamentParticipant getTournamentParticipant() {
 		return this.tournamentParticipant;
 	}
-	
+
 	public void setTournamentParticipant(TournamentParticipant tp) {
 		this.tournamentParticipant = tp;
 	}