public SecurityLogic( // final CMDataView view, // final ViewConverter viewConverter, // final DataViewFilterStore filterStore // ) { this.view = view; this.grantClass = view.findClass(GRANT_CLASS_NAME); this.viewConverter = viewConverter; this.filterStore = filterStore; }
public UIConfiguration fetchGroupUIConfiguration(final Long groupId) { final CMClass roleClass = view.findClass("Role"); final CMQueryRow row = view.select(anyAttribute(roleClass)) // .from(roleClass) // .where(condition(attribute(roleClass, "Id"), eq(groupId))) // .run() .getOnlyRow(); final CMCard roleCard = row.getCard(roleClass); final UIConfiguration uiConfiguration = new UIConfiguration(); final String[] disabledModules = (String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDMODULES); if (!isStringArrayNull(disabledModules)) { uiConfiguration.setDisabledModules(disabledModules); } final String[] disabledCardTabs = (String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDCARDTABS); if (!isStringArrayNull(disabledCardTabs)) { uiConfiguration.setDisabledCardTabs(disabledCardTabs); } final String[] disabledProcessTabs = (String[]) roleCard.get(GROUP_ATTRIBUTE_DISABLEDPROCESSTABS); if (!isStringArrayNull(disabledProcessTabs)) { uiConfiguration.setDisabledProcessTabs(disabledProcessTabs); } uiConfiguration.setHideSidePanel((Boolean) roleCard.get(GROUP_ATTRIBUTE_HIDESIDEPANEL)); uiConfiguration.setFullScreenMode((Boolean) roleCard.get(GROUP_ATTRIBUTE_FULLSCREEN)); uiConfiguration.setSimpleHistoryModeForCard( (Boolean) roleCard.get(GROUP_ATTRIBUTE_SIMPLE_HISTORY_CARD)); uiConfiguration.setSimpleHistoryModeForProcess( (Boolean) roleCard.get(GROUP_ATTRIBUTE_SIMPLE_HISTORY_PROCESS)); uiConfiguration.setProcessWidgetAlwaysEnabled( (Boolean) roleCard.get(GROUP_ATTRIBUTE_PROCESS_WIDGET_ALWAYS_ENABLED)); uiConfiguration.setCloudAdmin((Boolean) roleCard.get(GROUP_ATTRIBUTE_CLOUD_ADMIN)); return uiConfiguration; }
public void saveGroupUIConfiguration(final Long groupId, final UIConfiguration configuration) { final CMClass roleClass = view.findClass("Role"); final CMQueryRow row = view.select(anyAttribute(roleClass)) // .from(roleClass) // .where(condition(attribute(roleClass, "Id"), eq(groupId))) // .run() .getOnlyRow(); final CMCard roleCard = row.getCard(roleClass); final CMCardDefinition cardDefinition = view.update(roleCard); if (isStringArrayNull(configuration.getDisabledModules())) { cardDefinition.set(GROUP_ATTRIBUTE_DISABLEDMODULES, null); } else { cardDefinition.set(GROUP_ATTRIBUTE_DISABLEDMODULES, configuration.getDisabledModules()); } if (isStringArrayNull(configuration.getDisabledCardTabs())) { cardDefinition.set(GROUP_ATTRIBUTE_DISABLEDCARDTABS, null); } else { cardDefinition.set(GROUP_ATTRIBUTE_DISABLEDCARDTABS, configuration.getDisabledCardTabs()); } if (isStringArrayNull(configuration.getDisabledProcessTabs())) { cardDefinition.set(GROUP_ATTRIBUTE_DISABLEDPROCESSTABS, null); } else { cardDefinition.set( GROUP_ATTRIBUTE_DISABLEDPROCESSTABS, configuration.getDisabledProcessTabs()); } cardDefinition.set(GROUP_ATTRIBUTE_HIDESIDEPANEL, configuration.isHideSidePanel()); cardDefinition.set(GROUP_ATTRIBUTE_FULLSCREEN, configuration.isFullScreenMode()); cardDefinition.set( GROUP_ATTRIBUTE_SIMPLE_HISTORY_CARD, configuration.isSimpleHistoryModeForCard()); cardDefinition.set( GROUP_ATTRIBUTE_SIMPLE_HISTORY_PROCESS, configuration.isSimpleHistoryModeForProcess()); cardDefinition.set( GROUP_ATTRIBUTE_PROCESS_WIDGET_ALWAYS_ENABLED, configuration.isProcessWidgetAlwaysEnabled()); // FIXME: manage cloud admin cardDefinition.save(); }
@Override protected SerializablePrivilege extractPrivilegedObject(final CMCard privilegeCard) { final Long etr = privilegeCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class); return view.findClass(etr); }
/* * FIXME * * this methods is called for two different purposes * * 1) change the mode * * 2) change the row and column privilege configuration remove the mode * * Only flag and implement two different methods or uniform the values set * in the privilegeInfo object to have always all the attributes and update * them all */ public void saveClassPrivilege(final PrivilegeInfo privilegeInfo, final boolean modeOnly) { /* * Extract the grants defined for the given group id */ final CMQueryResult grantRows = view.select(anyAttribute(grantClass)) .from(grantClass) .where( // and( // condition( attribute(grantClass, GROUP_ID_ATTRIBUTE), eq(privilegeInfo.getGroupId())), // condition( attribute(grantClass, TYPE_ATTRIBUTE), eq(PrivilegedObjectType.CLASS.getValue())) // ) // ) // .run(); /* * FIXME why does not add a condition to to the query, and extract only * the row for the given entryTypeId ??? */ for (final CMQueryRow row : grantRows) { final CMCard grantCard = row.getCard(grantClass); final Long entryTypeId = grantCard.get(PRIVILEGED_CLASS_ID_ATTRIBUTE, Long.class); if (entryTypeId.equals(privilegeInfo.getPrivilegedObjectId())) { if (modeOnly) { // replace the privilegeInfo with the // data already stored to not override them final Object filter = grantCard.get(PRIVILEGE_FILTER_ATTRIBUTE); if (filter != null) { privilegeInfo.setPrivilegeFilter((String) filter); } final Object attributes = grantCard.get(ATTRIBUTES_PRIVILEGES_ATTRIBUTE); if (attributes != null) { privilegeInfo.setAttributesPrivileges((String[]) attributes); } } else { /* * Iterate over the attributes privileges and keep only the * ones that override the mode of the attribute */ final CMEntryType entryType = view.findClass(entryTypeId); final Map<String, String> attributeModes = attributesMode(entryType); final List<String> attributesPrivilegesToSave = new ArrayList<String>(); for (final String attributePrivilege : privilegeInfo.getAttributesPrivileges()) { final String[] parts = attributePrivilege.split(":"); final String attributeName = parts[0]; final String privilege = parts[1]; if (attributeModes.containsKey(attributeName)) { if (!attributeModes.get(attributeName).equals(privilege)) { attributesPrivilegesToSave.add(attributePrivilege); } } } privilegeInfo.setAttributesPrivileges( // attributesPrivilegesToSave.toArray( // new String[attributesPrivilegesToSave.size()] // )); } updateGrantCard(grantCard, privilegeInfo); return; } } createClassGrantCard(privilegeInfo); }