/**
* Saves the persistent object in the database.
*
* @param obj The object to be saved.
* @param session The session in which the object is saved.
* @throws DAOException
* @throws HibernateException Exception thrown during hibernate operations.
*/
public void insert(
Object obj, SessionDataBean sessionDataBean, boolean isAuditable, boolean isSecureInsert)
throws DAOException, UserNotAuthorizedException {
// Logger.out.info("inser call---------------------");
boolean isAuthorized = true;
try {
if (isSecureInsert) {
if (null != sessionDataBean) {
String userName = sessionDataBean.getUserName();
if (userName != null) {
isAuthorized =
SecurityManager.getInstance(this.getClass())
.isAuthorized(userName, obj.getClass().getName(), Permissions.CREATE);
} else {
isAuthorized = false;
}
} else {
isAuthorized = false;
}
}
// Logger.out.debug(" User's Authorization to insert "+obj.getClass()+" , "+isAuthorized);
if (isAuthorized) {
session.save(obj);
if (obj instanceof Auditable && isAuditable)
auditManager.compare((Auditable) obj, null, "INSERT");
isUpdated = true;
} else {
throw new UserNotAuthorizedException("Not Authorized to insert");
}
} catch (HibernateException hibExp) {
throw handleError("", hibExp);
} catch (AuditException hibExp) {
throw handleError("", hibExp);
} catch (SMException smex) {
throw handleError("", smex);
}
}
/**
* Updates the persistent object in the database.
*
* @param obj The object to be updated.
* @param session The session in which the object is saved.
* @throws DAOException
* @throws HibernateException Exception thrown during hibernate operations.
*/
public void update(
Object obj,
SessionDataBean sessionDataBean,
boolean isAuditable,
boolean isSecureUpdate,
boolean hasObjectLevelPrivilege)
throws DAOException, UserNotAuthorizedException {
boolean isAuthorized = true;
try {
if (isSecureUpdate) {
if (null != sessionDataBean) {
if (!(obj instanceof AbstractDomainObject) || !hasObjectLevelPrivilege) {
isAuthorized =
SecurityManager.getInstance(this.getClass())
.isAuthorized(
sessionDataBean.getUserName(),
obj.getClass().getName(),
Permissions.UPDATE);
Logger.out.debug(
" User's Authorization to update " + obj.getClass().getName() + " " + isAuthorized);
} else {
isAuthorized =
SecurityManager.getInstance(this.getClass())
.isAuthorized(
sessionDataBean.getUserName(),
obj.getClass().getName() + "_" + ((AbstractDomainObject) obj).getId(),
Permissions.UPDATE);
Logger.out.debug(
" User's Authorization to update " + obj.getClass().getName() + " " + isAuthorized);
}
} else {
isAuthorized = false;
Logger.out.debug(
" User's Authorization to update "
+ obj.getClass().getName()
+ "_"
+ ((AbstractDomainObject) obj).getId()
+ " "
+ isAuthorized);
}
}
if (isAuthorized) {
session.update(obj);
// Object oldObj = retrieve(obj.getClass().getName(),
// ((Auditable)obj).getId());
// if (obj instanceof Auditable && isAuditable)
// auditManager.compare((Auditable) obj, (Auditable)oldObj, "UPDATE");
isUpdated = true;
} else {
throw new UserNotAuthorizedException("Not Authorized to update");
}
} catch (HibernateException hibExp) {
// Logger.out.error(hibExp.getMessage(), hibExp);
// throw new DAOException("Error in update", hibExp);
throw handleError("", hibExp);
}
// catch (AuditException hibExp)
// {
// throw handleError("", hibExp);
// }
catch (SMException smex) {
// Logger.out.error(smex.getMessage(), smex);
// throw new DAOException("Error in update", smex);
throw handleError("", smex);
}
}