contentpermissionservices.java

Sequoia ERP是一个真正的企业级开源ERP解决方案。它提供的模块包括：电子商务应用(e-commerce), POS系统(point of sales),知识管理,存货与仓库管理

        EntityPermissionChecker.StdPermissionConditionGetter permCondGetter = new EntityPermissionChecker.StdPermissionConditionGetter("ContentPurposeOperation",  "contentOperationId", "roleTypeId", "statusId", "contentPurposeTypeId", "privilegeEnumId");
        permCondGetter.setOperationList(targetOperations);
        
        EntityPermissionChecker.StdRelatedRoleGetter roleGetter = new EntityPermissionChecker.StdRelatedRoleGetter("Content",  "roleTypeId", "contentId", "partyId", "ownerContentId", "ContentRole");
        //Debug.logInfo("targetOperations(b):" + targetOperations, "");
        List passedRoles = (List) context.get("roleTypeList"); 
        if (passedRoles == null) passedRoles = new ArrayList();
        String roleTypeString = (String) context.get("roleTypeString"); 
        if (UtilValidate.isNotEmpty(roleTypeString)) {
            List rolesFromString = StringUtil.split(roleTypeString, "|");
            passedRoles.addAll(rolesFromString);
        }
        roleGetter.setList(passedRoles);
        
        String entityAction = (String) context.get("entityOperation");
        if (entityAction == null) entityAction = "_ADMIN";
        if (userLogin != null && entityAction != null) {
            passed = security.hasEntityPermission("CONTENTMGR", entityAction, userLogin);
        }
        
        StringBuffer errBuf = new StringBuffer();
        String permissionStatus = null;
        List entityIds = new ArrayList();
        if (passed) {
            results.put("permissionStatus", "granted");   
            permissionStatus = "granted";
            if (displayPassCond) {
                 errBuf.append("\n    hasEntityPermission(" + entityAction + "): PASSED" );
            } 
                
        } else {
            if (displayFailCond) {
                 errBuf.append("\n    hasEntityPermission(" + entityAction + "): FAILED" );
            } 

            if (content != null)
                entityIds.add(content);
            String quickCheckContentId = (String) context.get("quickCheckContentId");
            if (UtilValidate.isNotEmpty(quickCheckContentId)) {
               List quickList = StringUtil.split(quickCheckContentId, "|"); 
               if (UtilValidate.isNotEmpty(quickList)) entityIds.addAll(quickList);
            }
            try {
                boolean check = EntityPermissionChecker.checkPermissionMethod(delegator, partyId,  "Content", entityIds, auxGetter, roleGetter, permCondGetter);
                if (check) {
                    results.put("permissionStatus", "granted");
                } else {
                    results.put("permissionStatus", "rejected");
                }
            } catch (GenericEntityException e) {
                ServiceUtil.returnError(e.getMessage());   
            }
            permissionStatus = (String)results.get("permissionStatus");
            errBuf.append("\n    permissionStatus:" );
            errBuf.append(permissionStatus);
        }
            
        if ((permissionStatus.equals("granted") && displayPassCond)
            || (permissionStatus.equals("rejected") && displayFailCond)) {
            // Don't show this if passed on 'hasEntityPermission'
            if (displayFailCond || displayPassCond) {
              if (!passed) {
                 errBuf.append("\n    targetOperations:" );
                 errBuf.append(targetOperations);

                 String errMsg = permCondGetter.dumpAsText();
                 errBuf.append("\n" );
                 errBuf.append(errMsg);
                 errBuf.append("\n    partyId:" );
                 errBuf.append(partyId);
                 errBuf.append("\n    entityIds:" );
                 errBuf.append(entityIds);
                 
                 if (auxGetter != null) {
                     errBuf.append("\n    auxList:" );
                     errBuf.append(auxGetter.getList());
                 }
                 
                 if (roleGetter != null) {
                     errBuf.append("\n    roleList:" );
                     errBuf.append(roleGetter.getList());
                 }
              }
                 
            }
        }
        Debug.logInfo("displayPass/FailCond(0), errBuf:" + errBuf.toString(), "");
        results.put(ModelService.ERROR_MESSAGE, errBuf.toString());
        return results;
    }
    
    public static Map checkAssocPermission(DispatchContext dctx, Map context) {
    
        Map results = new HashMap();
        Security security = dctx.getSecurity();
        GenericDelegator delegator = dctx.getDelegator();
        LocalDispatcher dispatcher = dctx.getDispatcher();
        Boolean bDisplayFailCond = (Boolean)context.get("displayFailCond");
        String contentIdFrom = (String) context.get("contentIdFrom");
        String contentIdTo = (String) context.get("contentIdTo");
        GenericValue userLogin = (GenericValue) context.get("userLogin"); 
        String entityAction = (String) context.get("entityOperation");
        if (entityAction == null) entityAction = "_ADMIN";
        List roleIds = null;
        String permissionStatus = null;
    
        GenericValue contentTo = null;
        GenericValue contentFrom = null;
        try {
            contentTo = delegator.findByPrimaryKeyCache("Content", UtilMisc.toMap("contentId", contentIdTo) );
            contentFrom = delegator.findByPrimaryKeyCache("Content",  UtilMisc.toMap("contentId", contentIdFrom) );
        } catch (GenericEntityException e) {
            return ServiceUtil.returnError("Error in retrieving content To or From. " + e.getMessage());
        }
        if (contentTo == null || contentFrom == null) {
            return ServiceUtil.returnError("contentTo[" + contentTo + "]/From[" + contentFrom + "] is null. ");
        }
        Map resultsMap = null;
        boolean isMatch = false;
    
        boolean isMatchTo = false;
        boolean isMatchFrom = false;
        Map permResults = new HashMap();
        String skipPermissionCheck = null;
    
        if (skipPermissionCheck == null
            || skipPermissionCheck.length() == 0
            || (!skipPermissionCheck.equalsIgnoreCase("true") && !skipPermissionCheck.equalsIgnoreCase("granted"))) {
            // Use the purposes from the from entity for both cases.
            List relatedPurposes = EntityPermissionChecker.getRelatedPurposes(contentFrom, null);
            List relatedPurposesTo = EntityPermissionChecker.getRelatedPurposes(contentTo, relatedPurposes);
            Map serviceInMap = new HashMap();
            serviceInMap.put("userLogin", userLogin);
            serviceInMap.put("targetOperationList", UtilMisc.toList("CONTENT_LINK_TO"));
            serviceInMap.put("contentPurposeList", relatedPurposesTo);
            serviceInMap.put("currentContent", contentTo);
            serviceInMap.put("displayFailCond", bDisplayFailCond);
    
            try {
                permResults = dispatcher.runSync("checkContentPermission", serviceInMap);
            } catch (GenericServiceException e) {
                Debug.logError(e, "Problem checking permissions", "ContentServices");
            }
            permissionStatus = (String)permResults.get("permissionStatus");
            if(permissionStatus == null || !permissionStatus.equals("granted") ) {
                if (bDisplayFailCond != null && bDisplayFailCond.booleanValue()) {
                     String errMsg = (String)permResults.get(ModelService.ERROR_MESSAGE);
                     results.put(ModelService.ERROR_MESSAGE, errMsg);
                }
                return results;
            }
            serviceInMap.put("currentContent", contentFrom);
            serviceInMap.put("targetOperationList", UtilMisc.toList("CONTENT_LINK_FROM"));
            serviceInMap.put("contentPurposeList", relatedPurposes);
            try {
                permResults = dispatcher.runSync("checkContentPermission", serviceInMap);
            } catch (GenericServiceException e) {
                Debug.logError(e, "Problem checking permissions", "ContentServices");
            }
            permissionStatus = (String)permResults.get("permissionStatus");
            if(permissionStatus != null && permissionStatus.equals("granted") ) {
                results.put("permissionStatus", "granted");   
            } else {
                if (bDisplayFailCond != null && bDisplayFailCond.booleanValue()) {
                     String errMsg = (String)permResults.get(ModelService.ERROR_MESSAGE);
                     results.put(ModelService.ERROR_MESSAGE, errMsg);
                }
            }
        } else {
            results.put("permissionStatus", "granted");   
        }
        return results;
    }
    
}