public void saveFilterPrivilege(final PrivilegeInfo privilegeInfo) {
final CMQueryResult result =
view.select(anyAttribute(grantClass))
.from(grantClass)
.where(
and(
condition(
attribute(grantClass, GROUP_ID_ATTRIBUTE), eq(privilegeInfo.getGroupId())),
condition(
attribute(grantClass, TYPE_ATTRIBUTE),
eq(PrivilegedObjectType.FILTER.getValue())))) //
.run();
for (final CMQueryRow row : result) {
final CMCard grantCard = row.getCard(grantClass);
final Long storedViewId =
((Integer) grantCard.get(PRIVILEGED_OBJECT_ID_ATTRIBUTE)).longValue();
if (storedViewId.equals(privilegeInfo.getPrivilegedObjectId())) {
updateGrantCard(grantCard, privilegeInfo);
return;
}
}
createFilterGrantCard(privilegeInfo);
}
private String fetchDefaultGroupNameForUser(final String username) {
String defaultGroupName = null;
if (allowsDefaultGroup()) {
final CMQueryResult result =
view.select(
attribute(userClass(), userNameAttribute()),
attribute(userGroupDomain(), UserRole.DEFAULT_GROUP),
attribute(roleClass(), roleClass().getCodeAttributeName())) //
.from(userClass()) //
.join(roleClass(), over(userGroupDomain())) //
.where(
condition(
attribute(userClass(), userNameAttribute()), //
eq(username))) //
.run();
for (final CMQueryRow row : result) {
final CMCard group = row.getCard(roleClass());
final CMRelation relation = row.getRelation(userGroupDomain()).getRelation();
final String groupName = (String) group.getCode();
final Object isDefaultGroup = relation.get(UserRole.DEFAULT_GROUP);
if (isDefaultGroup != null) {
if ((Boolean) isDefaultGroup) {
defaultGroupName = groupName;
}
}
}
}
return defaultGroupName;
}
@Override
public List<Long> fetchUserIdsFromGroupId(final Long groupId) {
final CMQueryResult result =
view.select(anyAttribute(userClass())) //
.from(userClass()) //
.join(roleClass(), over(userGroupDomain())) //
.where(
condition(
attribute(roleClass(), roleClass().getKeyAttributeName()), eq(groupId))) //
.run();
final List<Long> userIdsForSpecifiedGroup = Lists.newArrayList();
for (final CMQueryRow row : result) {
final CMCard userCard = row.getCard(userClass());
userIdsForSpecifiedGroup.add(userCard.getId());
}
return userIdsForSpecifiedGroup;
}
@Override
protected CMPrivilege extractPrivilegeMode(final CMCard privilegeCard) {
final Object type = privilegeCard.get(MODE_ATTRIBUTE);
if (PrivilegeMode.READ.getValue().equals(type)) {
return DefaultPrivileges.READ;
} else if (PrivilegeMode.WRITE.getValue().equals(type)) {
return DefaultPrivileges.WRITE;
} else {
return DefaultPrivileges.NONE;
}
}
/**
* @param userBuilder
* @param groupName
*/
private void addGroupDescription( //
final UserImplBuilder userBuilder, //
final String groupName //
) {
try {
final CMCard roleCard =
view.select(anyAttribute(roleClass())) //
.from(roleClass()) //
.where(condition(attribute(roleClass(), ROLE_NAME_COLUMN), eq(groupName))) //
.run() //
.getOnlyRow() //
.getCard(roleClass());
final Object roleDescription = roleCard.getDescription();
if (roleDescription != null) {
userBuilder.withGroupDescription(roleDescription.toString());
}
} catch (final Exception e) {
logger.debug("Error reading description of group " + groupName);
}
}
public UIConfiguration fetchGroupUIConfiguration(final Long groupId) {
final CMClass roleClass = view.findClass("Role");
final CMQueryRow row =
view.select(anyAttribute(roleClass)) //
.from(roleClass) //
.where(condition(attribute(roleClass, "Id"), eq(groupId))) //
.run()
.getOnlyRow();
final CMCard roleCard = row.getCard(roleClass);
final UIConfiguration uiConfiguration = new UIConfiguration();
final String[] disabledModules = (String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDMODULES);
if (!isStringArrayNull(disabledModules)) {
uiConfiguration.setDisabledModules(disabledModules);
}
final String[] disabledCardTabs = (String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDCARDTABS);
if (!isStringArrayNull(disabledCardTabs)) {
uiConfiguration.setDisabledCardTabs(disabledCardTabs);
}
final String[] disabledProcessTabs =
(String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDPROCESSTABS);
if (!isStringArrayNull(disabledProcessTabs)) {
uiConfiguration.setDisabledProcessTabs(disabledProcessTabs);
}
uiConfiguration.setHideSidePanel((Boolean) roleCard.get(GROUP_ATTRIBUTE_HIDESIDEPANEL));
uiConfiguration.setFullScreenMode((Boolean) roleCard.get(GROUP_ATTRIBUTE_FULLSCREEN));
uiConfiguration.setSimpleHistoryModeForCard(
(Boolean) roleCard.get(GROUP_ATTRIBUTE_SIMPLE_HISTORY_CARD));
uiConfiguration.setSimpleHistoryModeForProcess(
(Boolean) roleCard.get(GROUP_ATTRIBUTE_SIMPLE_HISTORY_PROCESS));
uiConfiguration.setProcessWidgetAlwaysEnabled(
(Boolean) roleCard.get(GROUP_ATTRIBUTE_PROCESS_WIDGET_ALWAYS_ENABLED));
uiConfiguration.setCloudAdmin((Boolean) roleCard.get(GROUP_ATTRIBUTE_CLOUD_ADMIN));
return uiConfiguration;
}
private List<String> fetchGroupNamesForUser(final Long userId) {
final List<String> groupNames = new ArrayList<String>();
final Alias groupClassAlias = EntryTypeAlias.canonicalAlias(roleClass());
final Alias userClassAlias = EntryTypeAlias.canonicalAlias(userClass());
final CMQueryResult userGroupsRows =
view.select(attribute(groupClassAlias, Role.CODE)) //
.from(roleClass()) //
.join(userClass(), as(userClassAlias), over(userGroupDomain())) //
.where(
and( //
condition(
attribute(roleClass(), Role.ACTIVE), //
eq(true)), //
condition(
attribute(userClass(), userIdAttribute()), //
eq(userId)))) //
.run();
for (final CMQueryRow row : userGroupsRows) {
final CMCard groupCard = row.getCard(groupClassAlias);
groupNames.add((String) groupCard.getCode());
}
return groupNames;
}
private CMUser buildUserFromCard(final CMCard _userCard) {
final CMCard userCard = NullOnErrorOfGetCard.of(_userCard);
final Long userId = userCard.getId();
final String username = userCard.get(userNameAttribute(), String.class);
final String email = userCard.get(userEmailAttribute(), String.class);
final String userDescription = userCard.get(userDescriptionAttribute(), String.class);
final String defaultGroupName = fetchDefaultGroupNameForUser(username);
final UserImplBuilder userBuilder =
UserImpl.newInstanceBuilder() //
.withId(userId) //
.withUsername(defaultString(username)) //
.withEmail(defaultString(email)) //
.withDescription(defaultString(userDescription)) //
.withDefaultGroupName(defaultGroupName); //
final List<String> userGroups = fetchGroupNamesForUser(userId);
for (final String groupName : userGroups) {
userBuilder.withGroupName(groupName);
addGroupDescription(userBuilder, groupName);
}
userBuilder.withActiveStatus(isActive(userCard));
return userBuilder.build();
}
protected boolean isActive(final CMCard userCard) {
return userCard.get(User.ACTIVE, Boolean.class);
}
@Override
protected SerializablePrivilege extractPrivilegedObject(final CMCard privilegeCard) {
final Long etr = privilegeCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class);
return view.findClass(etr);
}
/*
* FIXME
*
* this methods is called for two different purposes
*
* 1) change the mode
*
* 2) change the row and column privilege configuration remove the mode
*
* Only flag and implement two different methods or uniform the values set
* in the privilegeInfo object to have always all the attributes and update
* them all
*/
public void saveClassPrivilege(final PrivilegeInfo privilegeInfo, final boolean modeOnly) {
/*
* Extract the grants defined for the given group id
*/
final CMQueryResult grantRows =
view.select(anyAttribute(grantClass))
.from(grantClass)
.where( //
and( //
condition(
attribute(grantClass, GROUP_ID_ATTRIBUTE),
eq(privilegeInfo.getGroupId())), //
condition(
attribute(grantClass, TYPE_ATTRIBUTE),
eq(PrivilegedObjectType.CLASS.getValue())) //
) //
) //
.run();
/*
* FIXME why does not add a condition to to the query, and extract only
* the row for the given entryTypeId ???
*/
for (final CMQueryRow row : grantRows) {
final CMCard grantCard = row.getCard(grantClass);
final Long entryTypeId = grantCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class);
if (entryTypeId.equals(privilegeInfo.getPrivilegedObjectId())) {
if (modeOnly) {
// replace the privilegeInfo with the
// data already stored to not override them
final Object filter = grantCard.get(PRIVILEGE_FILTER_ATTRIBUTE);
if (filter != null) {
privilegeInfo.setPrivilegeFilter((String) filter);
}
final Object attributes = grantCard.get(ATTRIBUTES_PRIVILEGES_ATTRIBUTE);
if (attributes != null) {
privilegeInfo.setAttributesPrivileges((String[]) attributes);
}
} else {
/*
* Iterate over the attributes privileges and keep only the
* ones that override the mode of the attribute
*/
final CMEntryType entryType = view.findClass(entryTypeId);
final Map<String, String> attributeModes = attributesMode(entryType);
final List<String> attributesPrivilegesToSave = new ArrayList<String>();
for (final String attributePrivilege : privilegeInfo.getAttributesPrivileges()) {
final String[] parts = attributePrivilege.split(":");
final String attributeName = parts[0];
final String privilege = parts[1];
if (attributeModes.containsKey(attributeName)) {
if (!attributeModes.get(attributeName).equals(privilege)) {
attributesPrivilegesToSave.add(attributePrivilege);
}
}
}
privilegeInfo.setAttributesPrivileges( //
attributesPrivilegesToSave.toArray( //
new String[attributesPrivilegesToSave.size()] //
));
}
updateGrantCard(grantCard, privilegeInfo);
return;
}
}
createClassGrantCard(privilegeInfo);
}