public Object fillBackingObject(Object incomingModel, Map request, Map session, Map application) throws Exception { String scaffoldingId = (String) request.get("scaffolding_id"); if (scaffoldingId == null) { scaffoldingId = (String) session.get("scaffolding_id"); // session.remove("page_id"); } EditedScaffoldingStorage sessionBean = (EditedScaffoldingStorage) session.get(EditedScaffoldingStorage.EDITED_SCAFFOLDING_STORAGE_SESSION_KEY); Scaffolding scaffolding = sessionBean.getScaffolding(); if (session.get(StyleHelper.CURRENT_STYLE) != null) { Style style = (Style) session.get(StyleHelper.CURRENT_STYLE); scaffolding.setStyle(style); } else if (session.get(StyleHelper.UNSELECTED_STYLE) != null) { scaffolding.setStyle(null); session.remove(StyleHelper.UNSELECTED_STYLE); } return null; }
/* (non-Javadoc) * @see org.theospi.portfolio.security.app.ApplicationAuthorizer#isAuthorized(org.theospi.portfolio.security.AuthorizationFacade, org.theospi.portfolio.shared.model.Agent, java.lang.String, org.theospi.portfolio.shared.model.Id) */ public Boolean isAuthorized(AuthorizationFacade facade, Agent agent, String function, Id id) { logger.debug("isAuthorized?(...) invoked in MatrixAuthorizer"); if (MatrixFunctionConstants.EVALUATE_MATRIX.equals(function) || MatrixFunctionConstants.REVIEW_MATRIX.equals(function) || MatrixFunctionConstants.USE_SCAFFOLDING.equals(function)) { return new Boolean(facade.isAuthorized(function, id)); } else if (MatrixFunctionConstants.DELETE_SCAFFOLDING.equals(function)) { Scaffolding scaffolding = getMatrixManager().getScaffolding(id); if (scaffolding == null) return new Boolean(facade.isAuthorized(agent, function, id)); if (!scaffolding.isPublished() && (scaffolding.getOwner().equals(agent)) || facade.isAuthorized(agent, function, scaffolding.getWorksiteId())) return new Boolean(true); } else if (ContentHostingService.EVENT_RESOURCE_READ.equals(function)) { return isFileAuth(facade, agent, id); } else if (function.equals(MatrixFunctionConstants.CREATE_SCAFFOLDING)) { return new Boolean(facade.isAuthorized(agent, function, id)); } else if (function.equals(MatrixFunctionConstants.EDIT_SCAFFOLDING)) { return new Boolean(facade.isAuthorized(agent, function, id)); } else if (function.equals(MatrixFunctionConstants.EXPORT_SCAFFOLDING)) { return new Boolean(facade.isAuthorized(agent, function, id)); } else if (function.equals(MatrixFunctionConstants.VIEW_SCAFFOLDING_GUIDANCE)) { // If I can eval, review, or own it ScaffoldingCell sCell = getMatrixManager().getScaffoldingCellByWizardPageDef(id); // sCell.getWizardPageDefinition().get if (sCell == null) throw new NullPointerException( "The cell was not found. Wizard Page Def for cell: " + id.getValue()); Boolean returned = null; Id worksiteId = sCell.getScaffolding().getWorksiteId(); // first check global perms for the site if (checkPerms( facade, new String[] { MatrixFunctionConstants.USE_SCAFFOLDING, MatrixFunctionConstants.EVALUATE_MATRIX, MatrixFunctionConstants.REVIEW_MATRIX }, worksiteId)) { return Boolean.valueOf(true); } for (Iterator iter = sCell.getCells().iterator(); iter.hasNext(); ) { Cell cell = (Cell) iter.next(); if (checkPerms( facade, new String[] { MatrixFunctionConstants.EVALUATE_MATRIX, MatrixFunctionConstants.REVIEW_MATRIX }, cell.getId())) { return Boolean.valueOf(true); } } returned = Boolean.valueOf(sCell.getScaffolding().getOwner().equals(agent)); if (returned.booleanValue()) return returned; } else if (function.equals(MatrixFunctionConstants.EDIT_SCAFFOLDING_GUIDANCE)) { ScaffoldingCell sCell = getMatrixManager().getScaffoldingCellByWizardPageDef(id); Agent owner = null; if (sCell != null) { owner = sCell.getScaffolding().getOwner(); } return new Boolean(agent.equals(owner)); } else if (function.equals(MatrixFunctionConstants.EVALUATE_SPECIFIC_MATRIXCELL)) { WizardPage page = getMatrixManager().getWizardPage(id); Id siteId = idManager.getId(page.getPageDefinition().getSiteId()); // make sure that the target site gets tested facade.pushAuthzGroups(siteId.getValue()); return new Boolean( facade.isAuthorized(agent, MatrixFunctionConstants.EVALUATE_MATRIX, siteId)); } return null; // don't care }
public Map referenceData(Map request, Object command, Errors errors) { Map model = new HashMap(); model.put("feedbackSent", false); ToolSession session = getSessionManager().getCurrentToolSession(); CellFormBean cell = (CellFormBean) command; if (cell == null || cell.getCell() == null) { logger.error("Cell backing bean or cell.getCell() is null"); clearSession(session); model.put("nullCellError", true); return model; } if (request.get("feedbackReturn") != null) { // feedbackReturn is returned from FeedbackHelperController and is the Id of the wizardPage of // the cell. cell.setCell( matrixManager.getCellFromPage(idManager.getId(request.get("feedbackReturn").toString()))); if (request.get("feedbackAction") != null && request.get("feedbackAction").toString().equals("save")) { model.put("feedbackSent", true); } } model.put("matrixCanViewCell", false); if (request.get("comingFromWizard") == null) { // depending on isDefaultFeedbackEval, either send the scaffolding id or the scaffolding // cell's id boolean matrixCanEvaluate = getMatrixManager() .hasPermission( cell.getCell().getScaffoldingCell().isDefaultEvaluators() ? cell.getCell().getScaffoldingCell().getScaffolding().getId() : cell.getCell().getScaffoldingCell().getWizardPageDefinition().getId(), cell.getCell().getScaffoldingCell().getScaffolding().getWorksiteId(), MatrixFunctionConstants.EVALUATE_MATRIX); model.put("matrixCanEvaluate", matrixCanEvaluate); // depending on isDefaultFeedbackEval, either send the scaffolding id or the scaffolding // cell's id // also, compare first result with the user's cell review list by sending the user's cell id boolean allowParticipantFeedback = cell.getCell().getScaffoldingCell().isDefaultReviewers() ? cell.getCell().getScaffoldingCell().getScaffolding().isAllowRequestFeedback() : cell.getCell() .getScaffoldingCell() .getWizardPageDefinition() .isAllowRequestFeedback(); boolean matrixCanReview = getMatrixManager() .hasPermission( cell.getCell().getScaffoldingCell().isDefaultReviewers() ? cell.getCell().getScaffoldingCell().getScaffolding().getId() : cell.getCell().getScaffoldingCell().getWizardPageDefinition().getId(), cell.getCell().getScaffoldingCell().getScaffolding().getWorksiteId(), MatrixFunctionConstants.REVIEW_MATRIX) || (allowParticipantFeedback && getMatrixManager() .hasPermission( cell.getCell().getWizardPage().getId(), cell.getCell().getScaffoldingCell().getScaffolding().getWorksiteId(), MatrixFunctionConstants.FEEDBACK_MATRIX)); model.put("matrixCanReview", matrixCanReview); boolean hasAnyReviewers = cell.getCell().getScaffoldingCell().isDefaultReviewers() ? !getMatrixManager() .getSelectedUsers( cell.getCell().getScaffoldingCell().getScaffolding(), MatrixFunctionConstants.REVIEW_MATRIX) .isEmpty() : !getMatrixManager() .getSelectedUsers( cell.getCell().getScaffoldingCell().getWizardPageDefinition(), MatrixFunctionConstants.REVIEW_MATRIX) .isEmpty(); model.put("hasAnyReviewers", hasAnyReviewers); // NOTE: matrixCanEval or Review both return true if the user is a // super user: if (getMatrixManager().canAccessMatrixCell(cell.getCell())) { model.put("matrixCanViewCell", true); } } else { WizardPage currentWizPage = getMatrixManager().getWizardPage(cell.getCell().getWizardPage().getId()); Id wizPageDefId = currentWizPage.getPageDefinition().getId(); String wizardId = getWizardManager() .getWizardPageSeqByDef(wizPageDefId) .getCategory() .getWizard() .getId() .getValue(); model.put("wizardId", wizardId); model.put( "isWizardOwner", getSessionManager() .getCurrentSessionUserId() .equals(currentWizPage.getOwner().getId().getValue())); } if (request.get("decPageId") != null && request.get("decWrapperTag") != null && request.get("decSiteId") != null) { // make sure that we are not coming from another wizard page which should grant you access to // this page String pageId = (String) request.get("decPageId"); String siteId = (String) request.get("decSiteId"); if (getMatrixManager() .canUserAccessWizardPageAndLinkedArtifcact( siteId, pageId, "/wizard/page/" + cell.getCell().getWizardPage().getId().getValue())) { model.put("matrixCanViewCell", true); } } model.put("isMatrix", "true"); model.put("isWizard", "false"); model.put("enableReviewEdit", getEnableReviewEdit()); model.put("currentUser", getSessionManager().getCurrentSessionUserId()); model.put("CURRENT_GUIDANCE_ID_KEY", "session." + GuidanceManager.CURRENT_GUIDANCE_ID); model.put("isEvaluation", "false"); // This is the tool session so evaluation tool gets "is_eval_page_id" // and the matrix/wizard does not if (session.getAttribute("is_eval_page_id") != null) { String eval_page_id = (String) session.getAttribute("is_eval_page_id"); model.put("isEvaluation", "true"); } model.put("pageTitleKey", "view_cell"); // Check for cell being deleted while user was attempting to view if (cell.getCell() == null) { clearSession(session); return model; } String pageId = cell.getCell().getWizardPage().getId().getValue(); String siteId = cell.getCell().getWizardPage().getPageDefinition().getSiteId(); model.put("siteId", idManager.getId(siteId)); List reviews = getReviewManager() .getReviewsByParentAndType(pageId, Review.FEEDBACK_TYPE, siteId, getEntityProducer()); ArrayList<Node> cellForms = new ArrayList<Node>(getMatrixManager().getPageForms(cell.getCell().getWizardPage())); Collections.sort(cellForms, new NodeNameComparator()); if (cell.getCell().getScaffoldingCell().getWizardPageDefinition().isDefaultCustomForm() && request.get("comingFromWizard") == null) { model.put( "cellFormDefs", processAdditionalForms( cell.getCell().getScaffoldingCell().getScaffolding().getAdditionalForms())); } else { model.put( "cellFormDefs", processAdditionalForms(cell.getCell().getScaffoldingCell().getAdditionalForms())); } model.put("assignments", getUserAssignments(cell)); model.put("reviews", reviews); // feedback model.put( "evaluations", getReviewManager() .getReviewsByParentAndType( pageId, Review.EVALUATION_TYPE, siteId, getEntityProducer())); model.put( "reflections", getReviewManager() .getReviewsByParentAndType( pageId, Review.REFLECTION_TYPE, siteId, getEntityProducer())); model.put("cellForms", cellForms); model.put("numCellForms", cellForms.size()); Boolean readOnly = Boolean.valueOf(false); // Matrix-only initializations if (cell.getCell().getMatrix() != null) { model.put( "allowItemFeedback", getAllowItemFeedback( cell.getCell().getScaffoldingCell().getScaffolding().getItemFeedbackOption(), reviews, cellForms, cell.getNodes())); model.put( "allowGeneralFeedback", getAllowGeneralFeedback( cell.getCell().getScaffoldingCell().getScaffolding().getGeneralFeedbackOption(), reviews)); model.put( "generalFeedbackNone", cell.getCell().getScaffoldingCell().getScaffolding().isGeneralFeedbackNone()); Agent owner = cell.getCell().getMatrix().getOwner(); readOnly = isReadOnly( owner, getIdManager().getId(cell.getCell().getMatrix().getScaffolding().getReference())); Cell pageCell = getMatrixManager().getCellFromPage(getIdManager().getId(pageId)); Scaffolding scaffolding = pageCell.getMatrix().getScaffolding(); model.put("objectId", scaffolding.getId().getValue()); model.put("objectTitle", scaffolding.getTitle()); model.put("objectDesc", scaffolding.getDescription()); model.put( "wizardOwner", rb.getFormattedMessage("matrix_of", new Object[] {owner.getDisplayName()})); } model.put("readOnlyMatrix", readOnly); model.put( "styles", getStyleManager() .createStyleUrlList(getStyleManager().getStyles(getIdManager().getId(pageId)))); if (getTaggingManager().isTaggable()) { TaggableItem item = wizardActivityProducer.getItem(cell.getCell().getWizardPage()); model.put("taggable", "true"); // getMatrixManager().getTaggableItems will put the providers into the session Set<DecoratedTaggableItem> decoTaggableItems = getMatrixManager() .getDecoratedTaggableItems( item, cell.getCell().getWizardPage().getPageDefinition().getReference(), cell.getCell().getWizardPage().getOwner().getId().getValue()); List<DecoratedTaggableItem> decoTaggableItemList = new ArrayList<DecoratedTaggableItem>(decoTaggableItems); Collections.sort(decoTaggableItemList, decoTaggableItemComparator); model.put("taggableItems", decoTaggableItemList); ToolSession toolSession = getSessionManager().getCurrentToolSession(); List<DecoratedTaggingProvider> providers = (List) toolSession.getAttribute(HibernateMatrixManagerImpl.PROVIDERS_PARAM); // but just double check to make sure that providers doesn't exist if (providers == null) { providers = getMatrixManager().getDecoratedProviders(item.getActivity()); toolSession.setAttribute(HibernateMatrixManagerImpl.PROVIDERS_PARAM, providers); } model.put("helperInfoList", getHelperInfo(item)); model.put("providers", providers); model.put("criteriaRef", cell.getCell().getWizardPage().getPageDefinition().getReference()); model.put("decoWrapper", "ospMatrix_" + siteId + "_" + pageId); } clearSession(session); return model; }