📄 securitywrapper.java
字号:
* @param userInfo
* @param securityInfo
* @param delegator
*
* @return
*
* @throws GenericEntityException
*/
public static List findByLike(String entity,
List entityExpressions, List orderBy, UserInfo userInfo,
SecurityLinkInfo securityInfo, GenericDelegator delegator, String securityType)
throws GenericEntityException
{
QueryInfo queryInfo = new QueryInfo( delegator, entity);
EntityExpr entityExpr = null;
//convert existing expressions into LIKE clauses.
for (int i = 0; i < entityExpressions.size(); i++) {
entityExpr = (EntityExpr) entityExpressions.get(i);
Object lhs = entityExpr.getLhs();
Object rhs = entityExpr.getRhs();
EntityComparisonOperator op = (EntityComparisonOperator) entityExpr.getOperator();
if ( !op.equals(EntityOperator.LIKE) && !op.equals(EntityOperator.EQUALS))
throw new IllegalArgumentException("Join Operator must be LIKE or EQUALS");
if (lhs instanceof EntityAttribute &&
rhs instanceof EntityAttribute) {
lhs = (EntityAttribute) lhs;
rhs = (EntityAttribute) rhs;
String firstEntity = ((EntityAttribute) lhs).getEntity();
String secondEntity = ((EntityAttribute) rhs).getEntity();
if ( !firstEntity.equals(secondEntity) )
{
if ( !op.equals( EntityOperator.EQUALS ))
throw new IllegalArgumentException("Join operator must be EQUALS");
queryInfo.addJoin(firstEntity, secondEntity, Boolean.FALSE, ((EntityAttribute) lhs).getField(),
((EntityAttribute) rhs).getField());
}
else
{
queryInfo.addCondition( firstEntity, ((EntityAttribute) lhs).getField(), op, ((EntityAttribute) rhs).getField());
}
} else {
if (lhs instanceof EntityAttribute) {
queryInfo.addCondition( ((EntityAttribute) lhs).getEntity(), ((EntityAttribute) lhs).getField(), op, rhs);
} else {
queryInfo.addCondition( entity, (String) lhs, op, rhs);
}
}
}
buildSecurityInfo(queryInfo, userInfo, securityInfo, entity, delegator, securityType);
queryInfo.setOrderBy( orderBy );
return queryInfo.executeQuery();
}
/**
* DOCUMENT ME!
*
* @param newExpressions
* @param userInfo
* @param securityInfo
* @param entity
* @param delegator
* @param roleOrTeam
*
* @return
*
* @throws GenericEntityException
*/
private static QueryInfo buildSecurityInfo(QueryInfo queryInfo,
UserInfo userInfo, SecurityLinkInfo securityInfo, String entity,
GenericDelegator delegator, String roleOrTeam)
throws GenericEntityException {
ModelEntity modelEntity = delegator.getModelEntity(entity);
Debug.logVerbose("[buildSecurityInfo] userInfo: " +
userInfo.toString(), module);
String linkEntity = null;
String linkAttribute = null;
String partyId = userInfo.getPartyId();
String roleId = userInfo.getRoleId();
Preference preference = new Preference(delegator);
String securityMode = preference.getPreference(userInfo.getAccountId(),
"SECURITY_MODE", "team");
Debug.logVerbose("[buildSecurityInfo] securityMode: " + securityMode, module);
if (securityInfo != null) {
linkEntity = securityInfo.getEntityName();
linkAttribute = securityInfo.getAttributeName();
}
if ((linkEntity == null) || (linkEntity.equals(""))) {
linkEntity = entity;
}
if ((linkAttribute == null) || (linkAttribute.equals(""))) {
List pks = modelEntity.getPksCopy();
linkAttribute = ((ModelField) pks.get(0)).getName();
}
Debug.logVerbose("[buildSecurityInfo] securityMode: " + securityMode, module);
Debug.logVerbose("[buildSecurityInfo] linkEntity: " + linkEntity, module);
Debug.logVerbose("[buildSecurityInfo] entity: " + entity, module);
Debug.logVerbose("[buildSecurityInfo] linkAttribute: " +
linkAttribute, module);
Debug.logVerbose("[buildSecurityInfo] userInfo.getAccountId(): " +
userInfo.getAccountId(), module);
Debug.logVerbose("[buildSecurityInfo] partyId: " + partyId, module);
if (securityMode.equals("none")) {
//Find Entities in the Entity_Access where the accountId for the role is the same as the user
//this makes anything anyone adds available to anyone in the company
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Role");
queryInfo.addJoin( "EntityAccess", "Role", Boolean.FALSE, "partyId", "roleId");
queryInfo.addAlias("Role", "accountId", "Role_accountId");
queryInfo.addCondition( "Role", "Role_accountId", EntityOperator.EQUALS, userInfo.getAccountId());
} else if (securityMode.equals("territory") ||
roleOrTeam.equalsIgnoreCase("ROLE")) {
//Find Entities in the Entity_Access table where the partyId has Role access
roleId = "%" + roleId + "%";
Debug.logVerbose(
"-->[SecurityWrapper.buildSecurityInfo] roleId: " + roleId, module);
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Role");
queryInfo.addJoin( "EntityAccess", "Role", Boolean.FALSE, "partyId", "roleId");
queryInfo.checkAttribute("EntityAccess", "entityCreatedBy");
queryInfo.checkAttribute("Role", "rolePath");
EntityCondition condition = new EntityConditionList( UtilMisc.toList(
new EntityExpr( "entityCreatedBy", EntityOperator.EQUALS, userInfo.getPartyId() ),
new EntityExpr( "rolePath", EntityOperator.LIKE, roleId)), EntityOperator.OR);
queryInfo.addCondition( condition );
} else if (roleOrTeam.equalsIgnoreCase("TEAM")) {
// Find Entities in the Entity_Access table where the partyId has Team_Member access.
queryInfo.addJoin( entity, "EntityAccess", Boolean.FALSE, linkAttribute, "entityId");
queryInfo.addCondition( "EntityAccess", "entity", EntityOperator.EQUALS, linkEntity);
queryInfo.addCondition( "EntityAccess", "partyEntityType", EntityOperator.EQUALS, "Team");
queryInfo.addJoin( "EntityAccess", "TeamMember", Boolean.FALSE, "partyId", "teamId");
queryInfo.addCondition( "TeamMember", "partyId", EntityOperator.EQUALS, partyId);
} else {
throw new GenericEntityException(
"SecurityWrapper.buildSecurityInfo() must use either role or team as a parameter.");
}
return queryInfo;
}
/**
* Combines two GenericValue-Lists into one. Does not add duplicate GenericValues.
*
*/
private static List unionLists(List one, List two) {
List returnList = null;
if (one.size() > two.size()) {
Iterator twoIter = two.iterator();
GenericValue value = null;
while (twoIter.hasNext()) {
value = (GenericValue) twoIter.next();
if (!one.contains(value)) {
one.add(value);
}
}
returnList = one;
} else {
Iterator oneIter = one.iterator();
GenericValue value = null;
while (oneIter.hasNext()) {
value = (GenericValue) oneIter.next();
if (!two.contains(value)) {
two.add(value);
}
}
returnList = two;
}
return returnList;
}
/**
* Add security information to the list of data to store with the specified entitiy
*/
public static boolean addRoleInformation(DataMatrix dataMatrix, int row,
UserInfo userInfo, String ownerPartyId, String accessEntityName,
String accessEntityAttributeValue, GenericDelegator delegator) {
// Create a new Team, with the current logged-in user as primary and the owner if it is different from the current user.
Timestamp now = new Timestamp(Calendar.getInstance().getTime().getTime());
List storeGVL = new LinkedList();
String userPartyId = userInfo.getPartyId();
String userRoleId = userInfo.getRoleId();
GenericValue party = new GenericValue(delegator.getModelEntity("Party"));
party.setDelegator(delegator);
String teamId = GenericReplicator.getNextSeqId("Party", delegator);
party.set("partyId", teamId);
dataMatrix.addEntity("Party", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(party);
GenericValue team = new GenericValue(delegator.getModelEntity("Team"));
team.setDelegator(delegator);
team.set("teamId", teamId);
team.set("createdBy", userPartyId);
team.set("createdDate", now);
team.set("modifiedBy", userPartyId);
team.set("modifiedDate", now);
dataMatrix.addEntity("Team", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(team);
// Add user to team_members
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Adding user to the team.", module);
GenericValue userTeamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
userTeamMember.setDelegator(delegator);
userTeamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
userTeamMember.set("teamId", teamId);
userTeamMember.set("partyId", userPartyId);
if (!ownerPartyId.equals(userPartyId) && !ownerPartyId.equals("") &&
(ownerPartyId != null)) {
// The current user is not the owner.
userTeamMember.set("teamOwner", "N");
} else {
// The current user is the owner.
userTeamMember.set("teamOwner", "Y");
}
userTeamMember.set("createdBy", userPartyId);
userTeamMember.set("createdDate", now);
userTeamMember.set("modifiedBy", userPartyId);
userTeamMember.set("modifiedDate", now);
dataMatrix.addEntity("TeamMember", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(userTeamMember);
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] userPartyId: " +
userPartyId, module);
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] ownerPartyId: " +
ownerPartyId, module);
if (!ownerPartyId.equals(userPartyId) && !ownerPartyId.equals("") &&
(ownerPartyId != null)) {
// Add owner to team_members since it is different from the current user.
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Adding owner to the team.", module);
GenericValue ownerTeamMember = new GenericValue(delegator.getModelEntity(
"TeamMember"));
ownerTeamMember.setDelegator( delegator );
ownerTeamMember.set("teamMemberId",
GenericReplicator.getNextSeqId("TeamMember", delegator));
ownerTeamMember.set("teamId", teamId);
ownerTeamMember.set("partyId", ownerPartyId);
ownerTeamMember.set("teamOwner", "Y");
ownerTeamMember.set("createdBy", userPartyId);
ownerTeamMember.set("createdDate", now);
ownerTeamMember.set("modifiedBy", userPartyId);
ownerTeamMember.set("modifiedDate", now);
dataMatrix.addEntity("TeamMember", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(ownerTeamMember);
}
//add Team to Entity Access.
GenericValue entityAccess = new GenericValue(delegator.getModelEntity(
"EntityAccess"));
entityAccess.setDelegator( delegator );
entityAccess.set("entityAccessId",
GenericReplicator.getNextSeqId("EntityAccess", delegator));
entityAccess.set("entity", accessEntityName);
entityAccess.set("entityId", accessEntityAttributeValue);
entityAccess.set("partyId", team.getString("teamId"));
entityAccess.set("partyEntityType", "Team");
entityAccess.set("entityCreatedBy", userPartyId);
entityAccess.set("createdBy", userPartyId);
entityAccess.set("createdDate", now);
entityAccess.set("modifiedBy", userPartyId);
entityAccess.set("modifiedDate", now);
dataMatrix.addEntity("EntityAccess", false, true);
dataMatrix.getCurrentBuffer().getContentsRow(row).add(entityAccess);
// Get the owner party's role.
String ownerRoleId = "";
HashMap roleFindMap = new HashMap();
roleFindMap.put("contactId", ownerPartyId);
try {
GenericValue ownerContactGV = delegator.findByPrimaryKey("Contact",
roleFindMap);
if (null != ownerContactGV) {
ownerRoleId = ownerContactGV.getString("roleId");
Debug.logVerbose(
"-->[SecurityWrapper.addRoleInformation] Found owner's role ID.", module);
}
} catch (GenericEntityException e) {
Debug.logError(
"[SecurityWrapper.addRoleInformation] And error occurred while looking for the entity owner's contact. (" +
ownerPartyId + ")", module);
}
if ((ownerRoleId == null) || ownerRoleId.equals("")) {
// The owner does not have a role. Give access to the user that created the entity, and log a warning.
ownerRoleId = userRoleId;
Debug.logWarning(
"[SecurityWrapper.addRoleInformation] Warning! Owner of " +
accessEntityName + " " + accessEntityAttributeValue +
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -