/**
* Does this user be granted for the privilege?
*
* @param req
* @param privilegeId
* @return true--be granted; false--not be granted
*/
public static boolean hasPrivilege(HttpServletRequest req, int privilegeId) {
User user = (User) req.getSession().getAttribute(USER_KEY);
if (user == null) {
return false;
}
return Ralasafe.hasPrivilege(privilegeId, user);
}
/**
* Eval query policy, return query result.
*
* @param req HttpRequest, the login user be read from HttpSession with key USER_KEY
* @param privilegeId
* @param context context
* @return query result, collection of yourbean
*/
public static Collection query(HttpServletRequest req, int privilegeId, Map context) {
User user = (User) req.getSession().getAttribute(USER_KEY);
// String name = WebUtil.getCurrentApplication(req).getName();
QueryResult result = Ralasafe.query(privilegeId, user, context);
req.setAttribute(FIELDS, result.getFields());
req.setAttribute(READ_ONLY_FIELDS, result.getReadOnlyFields());
return result.getData();
}
/**
* Eval decision policy, return decision result.
*
* @param req HttpRequest, the login user be read from HttpSession with key USER_KEY
* @param privilegeId privilegeId
* @param businessObject business data
* @param context context
* @return decision result. true--permit; false--deny, deny reasion be store in request with key
* DENY_REASON
*/
public static boolean permit(
HttpServletRequest req, int privilegeId, Object businessObject, Map context) {
User user = (User) req.getSession().getAttribute(USER_KEY);
Decision decision = Ralasafe.permit(privilegeId, user, businessObject, context);
if (!decision.isPermit()) {
req.setAttribute(DENY_REASON, decision.getDenyReason());
}
return decision.isPermit();
}
/**
* Get the user's privilege tree, often for display operate menu.
*
* @param req
* @return privilege tree(menu tree)
*/
public static Privilege getBusinessPrivilegeTree(HttpServletRequest req) {
User user = getCurrentUser(req);
return Ralasafe.getBusinessPrivilegeTree(user);
}
/**
* Eval query policy, return query count.
*
* @param req
* @param privilegeId
* @param context
* @param where customized where condition
* @return
*/
public static int queryCount(
HttpServletRequest req, int privilegeId, Map context, CustomizedWhere where) {
User user = (User) req.getSession().getAttribute(USER_KEY);
// String name = WebUtil.getCurrentApplication(req).getName();
return Ralasafe.queryCount(privilegeId, user, context, where);
}