@Override
public List<Article> getArticlesForUser(Person person, int limit) {
String query;
List articles = Collections.EMPTY_LIST;
if (person.getAuthority().equals("ROLE_ADMIN")) {
// We can simply load the newest articles
query =
"select DISTINCT a from Article a left join fetch a.articleComments order by a.time desc";
articles = getSession().createQuery(query).setMaxResults(limit).list();
} else {
// We need to load only articles which can be viewed by the logged user.
// That is, we need to load only public articles or articles from the groups the logged user
// is member of.
query =
"select DISTINCT a from Article a left join fetch a.articleComments where "
+ "a.researchGroup.researchGroupId is null or "
+ "a.researchGroup.researchGroupId in "
+ "(select rm.id.researchGroupId from ResearchGroupMembership rm where rm.id.personId = :personId) "
+ "order by a.time desc";
articles =
getSession()
.createQuery(query)
.setParameter("personId", person.getPersonId())
.setMaxResults(limit)
.list();
}
return articles;
}
@Override
public int getArticleCountForPerson(Person person) {
if (person.getAuthority().equals("ROLE_ADMIN")) {
return ((Long) getSession().createQuery("select count(*) from Article").uniqueResult())
.intValue();
}
String query =
"select count(*) from Article a where a.person.personId = :personId or "
+ "a.researchGroup.researchGroupId is null or "
+ "a.researchGroup.researchGroupId in "
+ "(select rm.id.researchGroupId from ResearchGroupMembership rm where rm.id.personId = :personId)";
return ((Long)
getSession()
.createQuery(query)
.setParameter("personId", person.getPersonId())
.uniqueResult())
.intValue();
}
/**
* Gets article detail information for article detail page. Check the correct permission of the
* user to view requested article.
*
* @param id Id of the requested article
* @param loggedPerson User whose permission is checked - should be logged user
* @return If the user is permitted to view the article specified by id the Article object is
* returned. Otherwise, null is returned.
*/
@Override
public Article getArticleDetail(int id, Person loggedPerson) {
if (loggedPerson.getAuthority().equals("ROLE_ADMIN")) {
String query =
"from Article a left join fetch a.subscribers left join fetch a.articleComments "
+ "where a.articleId = :id";
return (Article) getSession().createQuery(query).setParameter("id", id).uniqueResult();
} else {
String query =
"from Article a left join fetch a.subscribers left join fetch a.articleComments "
+ "where a.articleId = :id and ("
+ "a.researchGroup.researchGroupId is null or "
+ "a.researchGroup.researchGroupId in "
+ "(select rm.id.researchGroupId from ResearchGroupMembership rm where rm.id.personId = :personId))";
return (Article)
getSession()
.createQuery(query)
.setParameter("id", id)
.setParameter("personId", loggedPerson.getPersonId())
.uniqueResult();
}
}
