multitenant
František Přibyl 11 years ago
commit a22be88e47

@ -80,6 +80,11 @@
<artifactId>spring-security-ldap</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-openid</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>

@ -11,8 +11,9 @@ import info.bukova.isspst.services.buildings.BuildingService;
import info.bukova.isspst.services.munits.MUnitService;
import info.bukova.isspst.services.reqsubjects.MaterialService;
import info.bukova.isspst.services.reqsubjects.ServiceItemService;
import info.bukova.isspst.services.requirement.RequirementBaseService;
import info.bukova.isspst.services.requirement.RequirementService;
import info.bukova.isspst.services.requirement.RequirementTypeService;
import info.bukova.isspst.services.requirement.TripRequirementService;
import info.bukova.isspst.services.tripbill.TripBillService;
import info.bukova.isspst.services.users.RoleService;
import info.bukova.isspst.services.users.UserService;
@ -63,6 +64,7 @@ public class Constants {
public final static String MOD_SERVICES = "SERVICES";
public final static String MOD_WORKGROUPS = "WORKGROUPS";
public final static String MOD_REQUIREMENTS = "REQUIREMENTS";
public final static String MOD_TRIPREQUIREMENTS = "TRIPREQUIREMENTS";
public final static String MOD_WORKFLOW = "WORKFLOW";
public final static String MOD_TRIPBILL = "TRIPBILL";
public final static Module MODULES[] = {
@ -74,7 +76,8 @@ public class Constants {
new Module(MOD_MATERIAL, "Materiál", MaterialService.class),
new Module(MOD_SERVICES, "Služby", ServiceItemService.class),
new Module(MOD_WORKGROUPS, "Pracovní skupiny", WorkgroupService.class),
new Module(MOD_REQUIREMENTS, "Požadavky", RequirementBaseService.class),
new Module(MOD_REQUIREMENTS, "Požadavky na nákupy", RequirementService.class),
new Module(MOD_TRIPREQUIREMENTS, "Pžadavky na služební cesty", TripRequirementService.class),
new Module(MOD_WORKFLOW, "Procesy schválení", RequirementTypeService.class),
new Module(MOD_TRIPBILL, "Cestovní příkazy", TripBillService.class)
};
@ -89,6 +92,11 @@ public class Constants {
new Permission(PERM_SHOW_CENTRE_REQ, "Zobrazení požadavků střediska", MOD_REQUIREMENTS, PermissionType.CENTRE),
new Permission(PERM_SHOW_ALL_REQ, "Zobrazení všech požadavků", MOD_REQUIREMENTS, PermissionType.GLOBAL),
new Permission(PERM_APPROVE, "Schválení", MOD_REQUIREMENTS, PermissionType.WORKGROUP),
new Permission(PERM_SHOW_WORKGROUP_REQ, "Zobrazení požadavků komise", MOD_TRIPREQUIREMENTS, PermissionType.WORKGROUP),
new Permission(PERM_SHOW_CENTRE_REQ, "Zobrazení požadavků střediska", MOD_TRIPREQUIREMENTS, PermissionType.CENTRE),
new Permission(PERM_SHOW_ALL_REQ, "Zobrazení všech požadavků", MOD_TRIPREQUIREMENTS, PermissionType.GLOBAL),
new Permission(PERM_APPROVE, "Schválení", MOD_TRIPREQUIREMENTS, PermissionType.WORKGROUP),
};
public final static String DYNAMIC_REPORT_NAME = "Tabulková sestava";

@ -1,5 +1,6 @@
package info.bukova.isspst.data;
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
@ -35,6 +36,10 @@ public class TripRequirement extends RequirementBase {
private List<User> passengers;
@Embedded
private Vehicle vehicle;
@Column(name = "REQUIRE_DOWN_PAYMENT")
private Boolean requireDownPayment;
@Column(name = "DOWN_PAYMENT", precision = 15, scale = 4)
private BigDecimal downPayment;
public TripRequirement() {
this.setOwnedBy(new User());
@ -97,4 +102,20 @@ public class TripRequirement extends RequirementBase {
this.vehicle = vehicle;
}
public Boolean getRequireDownPayment() {
return requireDownPayment;
}
public void setRequireDownPayment(Boolean requireDownPayment) {
this.requireDownPayment = requireDownPayment;
}
public BigDecimal getDownPayment() {
return downPayment;
}
public void setDownPayment(BigDecimal downPayment) {
this.downPayment = downPayment;
}
}

@ -4,6 +4,9 @@ import java.io.File;
import javax.servlet.ServletContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import net.sf.jasperreports.engine.JRException;
import net.sf.jasperreports.engine.JasperReport;
import net.sf.jasperreports.engine.JasperRunManager;
@ -16,6 +19,7 @@ public class PredefinedGenerator implements Generator {
private ReportDefinition definition;
private ServletContext ctx;
private final static Logger logger = LoggerFactory.getLogger(PredefinedGenerator.class);
public PredefinedGenerator(ReportDefinition definition, ServletContext ctx) {
this.definition = definition;
@ -30,8 +34,10 @@ public class PredefinedGenerator implements Generator {
JasperReport report = (JasperReport) JRLoader.loadObject(getReportFile());
JRProperties.setProperty("net.sf.jasperreports.default.pdf.encoding", "Cp1250");
loadLazyData();
definition.setParam("SUBREPORT_DIR", ctx.getRealPath("WEB-INF/reports") + "/");
bytes = JasperRunManager.runReportToPdf(report, definition.getParams(), new JRBeanCollectionDataSource(definition.getDataSet()));;
} catch (JRException e) {
logger.error("Generator error: " + e.getMessage());
throw new ReportException(e);
}

@ -0,0 +1,10 @@
package info.bukova.isspst.security;
import org.springframework.security.core.Authentication;
public interface Evaluator {
public boolean evaluate(Authentication authentication,
Object targetDomainObject, String permission);
}

@ -0,0 +1,41 @@
package info.bukova.isspst.security;
import java.util.Map;
public class EvaluatorsHolder {
private Map<Class<?>, Evaluator> globalEvaluators;
private Map<Class<?>, Evaluator> specialEvaluators;
public void setGlobalEvaluators(Map<Class<?>, Evaluator> globalEvaluators) {
this.globalEvaluators = globalEvaluators;
}
public void setSpecialEvaluators(Map<Class<?>, Evaluator> specialEvaluators) {
this.specialEvaluators = specialEvaluators;
}
public Evaluator getForObject(Object object, boolean special) {
Map<Class<?>, Evaluator> evals;
if (special) {
evals = specialEvaluators;
} else {
evals = globalEvaluators;
}
for (Class<?> key : evals.keySet()) {
if (key.equals(object.getClass())) {
return evals.get(key);
}
}
for (Class<?> key : evals.keySet()) {
if (key.isAssignableFrom(object.getClass())) {
return evals.get(key);
}
}
return null;
}
}

@ -0,0 +1,44 @@
package info.bukova.isspst.security;
import info.bukova.isspst.Constants;
import info.bukova.isspst.data.Permission;
import info.bukova.isspst.data.PermissionType;
import java.io.Serializable;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
public class IsPermissionEvaluator implements PermissionEvaluator {
@Autowired
private EvaluatorsHolder evalHolder;
@Override
public boolean hasPermission(Authentication authentication,
Object targetDomainObject, Object permission) {
Permission appPermission = null;
for (Permission p : Constants.SPECIAL_PERMISSIONS) {
if (p.getAuthority().equals(permission)) {
appPermission = p;
}
}
Evaluator eval = evalHolder.getForObject(targetDomainObject, appPermission != null && appPermission.getType() != PermissionType.GLOBAL);
if (eval != null) {
return eval.evaluate(authentication, targetDomainObject, (String)permission);
}
return false;
}
@Override
public boolean hasPermission(Authentication authentication,
Serializable targetId, String targetType, Object permission) {
return false;
}
}

@ -17,9 +17,8 @@ import java.util.List;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.transaction.annotation.Transactional;
@Transactional
@Deprecated
public class IsspstPermissionEvaluator implements PermissionEvaluator {
private WorkgroupService wgService;

@ -0,0 +1,68 @@
package info.bukova.isspst.security;
import info.bukova.isspst.Constants;
import info.bukova.isspst.data.Permission;
import info.bukova.isspst.data.PermissionType;
import info.bukova.isspst.data.RequirementBase;
import info.bukova.isspst.data.Role;
import info.bukova.isspst.data.User;
import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.workgroups.WorkgroupService;
import java.util.List;
import org.springframework.security.core.Authentication;
public class RequirementFilterEvaluator implements Evaluator {
private WorkgroupService wgService;
public RequirementFilterEvaluator(WorkgroupService wgService) {
this.wgService = wgService;
}
@Override
public boolean evaluate(Authentication authentication,
Object targetDomainObject, String permission) {
RequirementBase req = (RequirementBase) targetDomainObject;
Workgroup reqWg;
if (!(authentication.getPrincipal() instanceof User)) {
return false;
}
User user = (User)authentication.getPrincipal();
Permission appPermission = null;
for (Permission p : Constants.SPECIAL_PERMISSIONS) {
if (p.getAuthority().equals(permission)) {
appPermission = p;
}
}
if (appPermission == null) {
return false;
}
if (appPermission.getType() == PermissionType.CENTRE) {
reqWg = req.getCentre();
} else {
reqWg = req.getWorkgroup();
}
if (wgService.isMember(reqWg, user)) {
List<Role> roles = wgService.getUserWorkgroupRoles(reqWg, user);
for (Role r : roles) {
for (Permission p : r.getPermissions()) {
if (p.getAuthority().equals(appPermission.getAuthority())) {
return true;
}
}
}
}
return false;
}
}

@ -0,0 +1,46 @@
package info.bukova.isspst.security;
import info.bukova.isspst.Constants;
import info.bukova.isspst.Module;
import info.bukova.isspst.data.Role;
import java.util.List;
import org.springframework.security.core.Authentication;
public class ServiceEvaluator implements Evaluator {
@SuppressWarnings("unchecked")
@Override
public boolean evaluate(Authentication authentication,
Object targetDomainObject, String permission) {
List<Role> roles = (List<Role>) authentication.getAuthorities();
String moduleId = "";
String perm = permission;
for (Module m : Constants.MODULES) {
if (m.getServiceClass() != null && m.getServiceClass().isAssignableFrom(targetDomainObject.getClass())) {
moduleId = m.getId();
break;
}
}
perm += "_" + moduleId;
for (int i = 0; i < roles.size(); i++) {
if (!(roles.get(i) instanceof Role)) {
return false;
}
if (roles.get(i).getAuthority().equals(perm)) {
return true;
}
if (roles.get(i).getAuthority().equals(Constants.ROLE_ADMIN)) {
return true;
}
}
return false;
}
}

@ -0,0 +1,71 @@
package info.bukova.isspst.security;
import info.bukova.isspst.Constants;
import info.bukova.isspst.data.Permission;
import info.bukova.isspst.data.PermissionType;
import info.bukova.isspst.data.Role;
import info.bukova.isspst.data.User;
import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.workgroups.WorkgroupService;
import java.util.List;
import org.springframework.security.core.Authentication;
public class WorkgroupAwareServiceEvaluator implements Evaluator {
private WorkgroupService wgService;
public WorkgroupAwareServiceEvaluator(WorkgroupService wgService) {
this.wgService = wgService;
}
@Override
public boolean evaluate(Authentication authentication,
Object targetDomainObject, String permission) {
List<Workgroup> userWorkgroups;
if (!(authentication.getPrincipal() instanceof User)) {
return false;
}
User user = (User)authentication.getPrincipal();
Permission appPermission = null;
for (Permission p : Constants.SPECIAL_PERMISSIONS) {
if (p.getAuthority().equals(permission)) {
appPermission = p;
}
}
if (appPermission == null) {
return false;
}
if (appPermission.getType() == PermissionType.CENTRE) {
userWorkgroups = wgService.getUserCentres(user);
} else {
userWorkgroups = wgService.getUserWorkgroups(user);
}
for (Workgroup wg : userWorkgroups) {
List<Role> wgRoles = wgService.getUserWorkgroupRoles(wg, user);
if (wgRoles == null) {
continue;
}
for (Role r : wgRoles) {
for (Permission p : r.getPermissions()) {
if (p.getAuthority().equals(appPermission.getAuthority())) {
return true;
}
}
}
}
return false;
}
}

@ -1,6 +1,7 @@
package info.bukova.isspst.services.requirement;
import info.bukova.isspst.Constants;
import info.bukova.isspst.data.NumberSeries;
import info.bukova.isspst.data.RequirementState;
import info.bukova.isspst.data.TripBill;
import info.bukova.isspst.data.TripRequirement;
@ -66,4 +67,22 @@ public class TripRequirementServiceImpl extends RequirementBaseServiceImpl<TripR
}
}
@Override
protected String getNumberSerie() {
String currentNumber = "";
if (getNumberSeriesService() != null)
{
NumberSeries ns = getNumberSeriesService().getNumberSerie(Constants.MOD_REQUIREMENTS);
if (ns != null)
{
currentNumber = ns.getCurrentNumber();
getNumberSeriesService().increase(ns);
}
}
return currentNumber;
}
}

@ -92,6 +92,10 @@ public class TripBillServiceImpl extends AbstractOwnedService<TripBill> implemen
calculateItem(item);
bill.setTotal(bill.getTotal().add(item.getTotal()));
}
if (bill.getRequirement().getDownPayment() != null) {
bill.setTotal(bill.getTotal().subtract(bill.getRequirement().getDownPayment()));
}
}
private void calculateItem(TripBillItem item) {

@ -0,0 +1,93 @@
package info.bukova.isspst.services.users;
import info.bukova.isspst.Constants;
import info.bukova.isspst.data.Role;
import info.bukova.isspst.data.User;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationToken;
public class GmailUserService implements AuthenticationUserDetailsService<OpenIDAuthenticationToken> {
private static final Logger logger = LoggerFactory.getLogger(GmailUserService.class);
private UserService userService;
private RoleService roleService;
private String restrictDomain;
public GmailUserService(UserService userService, RoleService roleService) {
this.userService = userService;
this.roleService = roleService;
}
@Override
public UserDetails loadUserDetails(OpenIDAuthenticationToken token)
throws UsernameNotFoundException {
String email = null;
String firstName = null;
String lastName = null;
List<OpenIDAttribute> attributes = token.getAttributes();
for (OpenIDAttribute attribute : attributes) {
if (attribute.getName().equals("email")) {
email = attribute.getValues().get(0);
}
if (attribute.getName().equals("firstName")) {
firstName = attribute.getValues().get(0);
}
if (attribute.getName().equals("lastName")) {
lastName = attribute.getValues().get(0);
}
}
String userAndDomain[] = email.split("@");
String username = userAndDomain[0];
String domain = userAndDomain[1];
if (restrictDomain != null && !restrictDomain.isEmpty() && !restrictDomain.equals(domain)) {
logger.warn("Try to login from foreign domain");
throw new UsernameNotFoundException("Email from foreign domain");
}
UserDetails user;
try {
user = userService.loadUserByUsername(username);
} catch (UsernameNotFoundException e) {
logger.info("Username not found in database. Creating one");
User usr = new User();
usr.setUsername(username);
usr.setFirstName(firstName);
usr.setLastName(lastName);
usr.setEmail(email);
usr.setEnabled(true);
usr.setNotify(true);
Role role = roleService.getRoleByAuthority(Constants.ROLE_USER);
usr.addAuthority(role);
userService.grantAdmin();
userService.add(usr);
userService.removeAccess();
user = userService.loadUserByUsername(username);
}
return user;
}
public void setRestrictDomain(String restrictDomain) {
this.restrictDomain = restrictDomain;
}
}

@ -12,8 +12,8 @@ public interface RoleService extends Service<Role> {
public Role getRoleByAuthority(String authority);
public List<Role> getWorkgroupRoles();
public List<Role> getCentreRoles();
public List<Role> getRolesWithPermission(Permission perm, boolean centre);
public List<Role> getRolesWithPermission(String authority, boolean centre);
public List<Role> getRolesWithPermission(Permission perm, String modileId, boolean centre);
public List<Role> getRolesWithPermission(String authority, String modileId, boolean centre);
public boolean canChangeCenter(Role role);
public boolean canChangeWorkgroup(Role role);
public boolean isInWorkflow(Role role);

@ -35,7 +35,7 @@ public class RoleServiceImpl extends AbstractService<Role> implements RoleServic
@SuppressWarnings("unchecked")
@Override
@Transactional
public List<Role> getRolesWithPermission(Permission perm, boolean centre) {
public List<Role> getRolesWithPermission(Permission perm, String moduleId, boolean centre) {
String wgClausule;
if (centre) {
wgClausule = "centre";
@ -44,17 +44,18 @@ public class RoleServiceImpl extends AbstractService<Role> implements RoleServic
}
Set<Permission> perms = new HashSet<Permission>();
perms.add(perm);
Query q = dao.getQuery("select r from Role r join r.permissions p where r." + wgClausule + " = true and p in (:perms)");
Query q = dao.getQuery("select r from Role r join r.permissions p where r." + wgClausule + " = true and p.module = :module and p in (:perms)");
q.setParameterList("perms", perms);
q.setParameter("module", moduleId);
return q.list();
}
@Override
@Transactional
public List<Role> getRolesWithPermission(String authority, boolean centre) {
Query q = dao.getQuery("from Permission where authority = '" + authority + "'");
public List<Role> getRolesWithPermission(String authority, String moduleId, boolean centre) {
Query q = dao.getQuery("from Permission where authority = '" + authority + "' and module = '" + moduleId + "'");
Permission p = (Permission) q.uniqueResult();
return getRolesWithPermission(p, centre);
return getRolesWithPermission(p, moduleId, centre);
}
@Override

@ -191,6 +191,7 @@ public class ListViewModel<T extends DataModel> {
ListViewModel.this, "dataList");
BindUtils.postNotifyChange(null, null,
ListViewModel.this, "dataBean");
BindUtils.postGlobalCommand(null, null, "reloadRelated", null);
} catch (DataIntegrityViolationException e) {
Messagebox.show(StringUtils.localize("DbCannotDelete"), StringUtils.localize("Error"), Messagebox.OK, Messagebox.ERROR);
} catch (AccessDeniedException e) {
@ -237,9 +238,8 @@ public class ListViewModel<T extends DataModel> {
dataList.set(selIndex, editBean);
}
if (newRec) {
BindUtils.postGlobalCommand(null, null, "reloadRelated", null);
}
BindUtils.postGlobalCommand(null, null, "reloadRelated", null);
}
@GlobalCommand

@ -44,8 +44,21 @@ public class RequirementTypesVM {
}
private void initRoles() {
centreRoles = new ArrayList<Role>(roleService.getRolesWithPermission(Constants.PERM_APPROVE, true));
workgroupRoles = new ArrayList<Role>(roleService.getRolesWithPermission(Constants.PERM_APPROVE, false));
String moduleId;
if (selected != null) {
if (selected.getType().equals(Constants.REQTYPE_BUSINESSTRIP)) {
moduleId = Constants.MOD_TRIPREQUIREMENTS;
} else {
moduleId = Constants.MOD_REQUIREMENTS;
}
centreRoles = new ArrayList<Role>(roleService.getRolesWithPermission(Constants.PERM_APPROVE, moduleId, true));
workgroupRoles = new ArrayList<Role>(roleService.getRolesWithPermission(Constants.PERM_APPROVE, moduleId, false));
} else {
centreRoles = null;
workgroupRoles = null;
}
}
@Command
@ -196,6 +209,8 @@ public class RequirementTypesVM {
return;
}
this.selected = selected;
initRoles();
for (Workflow w : selected.getWorkflow()) {
@ -205,8 +220,6 @@ public class RequirementTypesVM {
workgroupRoles.remove(w.getRole());
}
}
this.selected = selected;
}
@Command

@ -274,6 +274,7 @@ Login=Přihlásit
Loggingin=Přihlášení
Logout=Odhlásit
WrongNameOrPassword=Špatné jméno nebo heslo
LoginViaGoogle=Přihlásit účtem Google
DateFormat=dd. MM. yyyy

@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<jasperReport xmlns="http://jasperreports.sourceforge.net/jasperreports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jasperreports.sourceforge.net/jasperreports http://jasperreports.sourceforge.net/xsd/jasperreport.xsd" name="tripBill" pageWidth="612" pageHeight="792" columnWidth="555" leftMargin="20" rightMargin="20" topMargin="20" bottomMargin="20" uuid="f59e8277-a431-4cdc-abaa-c82c1cf193af">
<property name="ireport.zoom" value="2.0"/>
<property name="ireport.x" value="0"/>
<property name="ireport.y" value="518"/>
<property name="ireport.x" value="593"/>
<property name="ireport.y" value="432"/>
<parameter name="SUBREPORT_DIR" class="java.lang.String" isForPrompting="false">
<defaultValueExpression><![CDATA["/home/pepa/Dokumenty/dev/java/isspst/"]]></defaultValueExpression>
</parameter>
@ -39,6 +39,7 @@
<field name="total" class="java.math.BigDecimal">
<fieldDescription><![CDATA[total]]></fieldDescription>
</field>
<field name="requirement.downPayment" class="java.math.BigDecimal"/>
<background>
<band splitType="Stretch"/>
</background>
@ -328,8 +329,8 @@ tuzemské pracovní cesty]]></text>
<text><![CDATA[K vyúčtování pracovní cesty připojuji počet příloh]]></text>
</staticText>
<staticText>
<reportElement uuid="c83e0050-7bac-43fa-8182-728243f702c2" x="243" y="107" width="328" height="15"/>
<textElement>
<reportElement uuid="c83e0050-7bac-43fa-8182-728243f702c2" x="1" y="107" width="570" height="15"/>
<textElement textAlignment="Center">
<font isBold="true" pdfFontName="Helvetica-Bold"/>
</textElement>
<text><![CDATA[Prohlašuji, že jsem všechny údaje uvedl úplně a správně.]]></text>
@ -354,6 +355,11 @@ tuzemské pracovní cesty]]></text>
<line>
<reportElement uuid="452bba4b-d293-4253-92c3-5fa58f58ea53" x="-1" y="168" width="572" height="1"/>
</line>
<textField pattern="###0.00;-###0.00" isBlankWhenNull="true">
<reportElement uuid="d5aa48e6-f801-4633-b18b-ccc7358da1e3" x="477" y="3" width="56" height="43"/>
<textElement textAlignment="Right" verticalAlignment="Middle"/>
<textFieldExpression><![CDATA[$F{requirement.downPayment}]]></textFieldExpression>
</textField>
</band>
</summary>
</jasperReport>

@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<jasperReport xmlns="http://jasperreports.sourceforge.net/jasperreports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://jasperreports.sourceforge.net/jasperreports http://jasperreports.sourceforge.net/xsd/jasperreport.xsd" name="tripRequirement" pageWidth="612" pageHeight="792" columnWidth="572" leftMargin="20" rightMargin="20" topMargin="20" bottomMargin="20" uuid="0b7fa2d2-d452-4a1f-b1c0-2d8e16a22525">
<property name="ireport.zoom" value="0.75"/>
<property name="ireport.zoom" value="1.5"/>
<property name="ireport.x" value="0"/>
<property name="ireport.y" value="0"/>
<property name="ireport.y" value="96"/>
<style name="table">
<box>
<pen lineWidth="1.0" lineColor="#000000"/>
@ -44,6 +44,8 @@
<field name="requirement.passengers" class="java.util.Collection"/>
<field name="requirement.vehicle" class="info.bukova.isspst.data.Vehicle"/>
<field name="requirement.vehicle.code" class="java.lang.String"/>
<field name="requirement.requireDownPayment" class="java.lang.Boolean"/>
<field name="requirement.downPayment" class="java.math.BigDecimal"/>
<background>
<band splitType="Stretch"/>
</background>
@ -52,14 +54,14 @@
<staticText>
<reportElement uuid="50f96189-2183-4afd-915d-b5342375e988" x="0" y="30" width="572" height="20"/>
<textElement textAlignment="Center">
<font size="16" isBold="true" isPdfEmbedded="true"/>
<font size="16" isBold="true" pdfFontName="Helvetica-Bold" isPdfEmbedded="true"/>
</textElement>
<text><![CDATA[Cestovní příkaz]]></text>
</staticText>
<staticText>
<reportElement uuid="5b2dc2ca-188e-4636-b617-dd5c1132246b" x="0" y="50" width="572" height="20"/>
<textElement textAlignment="Center">
<font size="16" isBold="true"/>
<font size="16" isBold="true" pdfFontName="Helvetica-Bold"/>
</textElement>
<text><![CDATA[k tuzemské pracovní cestě]]></text>
</staticText>
@ -80,7 +82,7 @@
<staticText>
<reportElement uuid="a3e2a5d3-ea50-48bd-94ea-4530f6624b52" x="0" y="51" width="572" height="20"/>
<textElement textAlignment="Center">
<font size="12"/>
<font size="12" pdfFontName="Helvetica-Bold"/>
</textElement>
<text><![CDATA[Souhlasím s vysláním na pracovní cestu]]></text>
</staticText>
@ -105,7 +107,7 @@
<staticText>
<reportElement uuid="a2912fef-ae4a-4c7e-b08c-3f5f6b92a534" x="0" y="157" width="572" height="20"/>
<textElement textAlignment="Center">
<font size="16" isBold="true" isPdfEmbedded="true"/>
<font size="16" isBold="true" pdfFontName="Helvetica-Bold" isPdfEmbedded="true"/>
</textElement>
<text><![CDATA[PODMÍNKY PRACOVNÍ CESTY]]></text>
</staticText>
@ -286,6 +288,25 @@ L - letadlo, P - pěšky, T - taxi]]></text>
<line>
<reportElement uuid="0e93a41e-d13e-4f12-83cb-70d69bb3c0fb" x="0" y="442" width="572" height="1"/>
</line>
<staticText>
<reportElement uuid="548c1550-c12d-42b3-a297-c9be96dbb2e8" x="144" y="76" width="31" height="20">
<printWhenExpression><![CDATA[$F{requirement.requireDownPayment}]]></printWhenExpression>
</reportElement>
<textElement/>
<text><![CDATA[Ano]]></text>
</staticText>
<staticText>
<reportElement uuid="e06aba6d-b74d-4ab1-9737-1134a6ac6519" x="144" y="76" width="32" height="20">
<printWhenExpression><![CDATA[$F{requirement}.getRequireDownPayment() == null || $F{requirement}.getRequireDownPayment() == false]]></printWhenExpression>
</reportElement>
<textElement/>
<text><![CDATA[Ne]]></text>
</staticText>
<textField pattern="###0.00;-###0.00" isBlankWhenNull="true">
<reportElement uuid="ac95738d-56c8-4ee2-8721-cad00e1b06e4" x="144" y="398" width="57" height="20"/>
<textElement textAlignment="Right"/>
<textFieldExpression><![CDATA[$F{requirement.downPayment}]]></textFieldExpression>
</textField>
</band>
</detail>
</jasperReport>

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<bean id="gmailUserService" class="info.bukova.isspst.services.users.GmailUserService">
<constructor-arg ref="userService"/>
<constructor-arg ref="roleService"/>
<property name="restrictDomain" value="${gmail.restrictDomain}"/>
</bean>
</beans>

@ -19,12 +19,8 @@
</bean>
<bean id="authenticator" class="org.springframework.security.ldap.authentication.BindAuthenticator">
<constructor-arg ref="contextSource"/>
<property name="userDnPatterns">
<list>
<value>${ldap.userDNPattern}</value>
</list>
</property>
<constructor-arg ref="contextSource"/>
<property name="userDnPatterns" value="#{'${ldap.userDNPattern}'.split(';')}"/>
</bean>
<bean id="populator" class="info.bukova.isspst.security.AuthPopulator">

@ -27,6 +27,7 @@
<value>/WEB-INF/jdbc.properties</value>
<value>/WEB-INF/ldap.properties</value>
<value>/WEB-INF/mail.properties</value>
<value>/WEB-INF/gmail.properties</value>
</list>
</property>
</bean>
@ -36,7 +37,10 @@
class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"
p:driverClassName="${jdbc.driverClassName}"
p:url="${jdbc.databaseurl}" p:username="${jdbc.username}"
p:password="${jdbc.password}"></bean>
p:password="${jdbc.password}">
<property name="validationQuery" value="SELECT 1"/>
<property name="testOnBorrow" value="true"/>
</bean>
<bean id="sessionFactory"
class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
@ -71,8 +75,32 @@
<property name="permissionEvaluator" ref="permissionEvaluator" />
</bean>
<bean id="permissionEvaluator" class="info.bukova.isspst.security.IsspstPermissionEvaluator">
<property name="workgroupService" ref="workgroupServiceNoTx"/>
<bean id="permissionEvaluator" class="info.bukova.isspst.security.IsPermissionEvaluator">
<!-- <property name="workgroupService" ref="workgroupServiceNoTx"/> -->
</bean>
<bean id="serviceEval" class="info.bukova.isspst.security.ServiceEvaluator"/>
<bean id="wgServiceEval" class="info.bukova.isspst.security.WorkgroupAwareServiceEvaluator">
<constructor-arg ref="workgroupServiceNoTx"/>
</bean>
<bean id="requirementEval" class="info.bukova.isspst.security.RequirementFilterEvaluator">
<constructor-arg ref="workgroupServiceNoTx"/>
</bean>
<bean id="evalHolder" class="info.bukova.isspst.security.EvaluatorsHolder">
<property name="globalEvaluators">
<map>
<entry key="#{T(info.bukova.isspst.services.Service)}" value-ref="serviceEval"/>
</map>
</property>
<property name="specialEvaluators">
<map>
<entry key="#{T(info.bukova.isspst.services.Service)}" value-ref="wgServiceEval"/>
<entry key="#{T(info.bukova.isspst.data.RequirementBase)}" value-ref="requirementEval"/>
</map>
</property>
</bean>
<security:http auto-config="true" use-expressions="true">
@ -85,12 +113,24 @@
authentication-failure-handler-ref="loginFail"
authentication-success-handler-ref="loginSuccess"/>
<security:http-basic/>
<security:openid-login authentication-failure-handler-ref="loginFail"
authentication-success-handler-ref="loginSuccess"
user-service-ref="gmailUserService">
<security:attribute-exchange identifier-match="https://www.google.com/.*">
<security:openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true" />
<security:openid-attribute name="firstName" type="http://axschema.org/namePerson/first" required="true" />
<security:openid-attribute name="lastName" type="http://axschema.org/namePerson/last" required="true" />
</security:attribute-exchange>
</security:openid-login>
<security:logout invalidate-session="true"/>
</security:http>
<import resource="database-auth.xml"/>
<import resource="gmail-auth.xml"/>
<!-- <import resource="ldap-auth.xml"/> -->
<import resource="mail-services.xml"/>
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">

@ -1,7 +1,11 @@
<?page title="${labels.RightsFormTitle}" contentType="text/html;charset=UTF-8"?>
<zk>
<window id="editWin" border="normal" closable="true" width="750px" apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.PermissionForm')">
<window id="editWin" border="normal"
closable="true"
width="750px"
apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.PermissionForm')"
height="100%">
<caption zclass="form-caption" label="${labels.AgendaRights}" />
<label value="@load(vm.dataBean.description)" style="font-weight: bold;"/>
<hbox>
@ -26,18 +30,22 @@
</vbox>
</popup>
<vbox children="@load(vm.modules)" width="730px">
<template name="children" var="module">
<groupbox closable="false" mold="3d" width="730px">
<caption label="@load(module.name)"/>
<hbox children="@load(vm.rolePerms.permissionChecks)">
<template name="children" var="perm">
<checkbox label="@load(perm.permission.description)" checked="@bind(perm.checked)" visible="@load(perm.permission.module eq module.id)" disabled="@load(vm.dataBean.authority eq 'ROLE_ADMIN')" />
</template>
</hbox>
</groupbox>
</template>
</vbox>
<panel vflex="1">
<panelchildren style="overflow:auto;">
<vbox children="@load(vm.modules)" width="705px">
<template name="children" var="module">
<groupbox closable="false" mold="3d" width="705px">
<caption label="@load(module.name)"/>
<hbox children="@load(vm.rolePerms.permissionChecks)">
<template name="children" var="perm">
<checkbox label="@load(perm.permission.description)" checked="@bind(perm.checked)" visible="@load(perm.permission.module eq module.id)" disabled="@load(vm.dataBean.authority eq 'ROLE_ADMIN')" />
</template>
</hbox>
</groupbox>
</template>
</vbox>
</panelchildren>
</panel>
<include src="/app/formButtons.zul"/>
</window>

@ -1,15 +1,19 @@
<?page title="${labels.AgendaRights}" contentType="text/html;charset=UTF-8"?>
<zk>
<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
<window border="normal" apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.PermissionsList')" height="570px">
<window border="normal"
apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.PermissionsList')"
vflex="1">
<caption zclass="form-caption" label="${labels.AgendaRights}" />
<toolbar>
<toolbarbutton image="/img/edit.png" tooltiptext="${labels.ToolbarRecEdit}" id="btnEdit" onClick="@command('edit')" disabled="@load(empty vm.dataBean ? 'true' : 'false')"/>
</toolbar>
<hbox width="100%">
<listbox model="@load(vm.dataList)" selectedItem="@bind(vm.dataBean)" width="300px">
<hbox width="100%" vflex="1">
<listbox model="@load(vm.dataList)"
selectedItem="@bind(vm.dataBean)"
width="300px">
<listhead>
<listheader label="${labels.RightsGridRole}" />
</listhead>
@ -19,7 +23,7 @@
</listitem>
</template>
</listbox>
<panel hflex="1" height="480px">
<panel hflex="1" vflex="1">
<panelchildren style="overflow:auto;">
<label value="${labels.RightsGridModules}:" style="font-weight: bold;"/>
<vbox children="@load(vm.modules)" hflex="1">

@ -1,12 +1,18 @@
<?page title="${labels.AgendaUsers}" contentType="text/html;charset=UTF-8"?>
<zk>
<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
<window border="normal" apply="org.zkoss.bind.BindComposer" viewModel="@id('vm') @init('info.bukova.isspst.ui.users.UsersList')" height="570px">
<window border="normal"
apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.users.UsersList')"
vflex="1">
<caption zclass="form-caption" label="${labels.AgendaUsers}" />
<include src="/app/toolbar.zul" />
<hbox width="100%" height="500px">
<listbox model="@load(vm.dataList)" selectedItem="@bind(vm.dataBean)" width="650px" height="480px">
<hbox width="100%" vflex="1">
<listbox model="@load(vm.dataList)"
selectedItem="@bind(vm.dataBean)"
width="650px"
vflex="1">
<listhead menupopup="auto">
<listheader label="${labels.UsersGridColumnLogin}" sort="czech(username)" />
<listheader label="${labels.UsersGridColumnPersonalID}" sort="czech(personalNumber)" />
@ -66,7 +72,7 @@
</listitem>
</template>
</listbox>
<panel hflex="1" height="480px" width="70%">
<panel hflex="1" vflex="1" width="70%">
<panelchildren style="overflow:auto;">
<label value="Efektivní práva:" style="font-weight: bold;" />
<vbox children="@load(vm.modules)" hflex="1">

@ -2,13 +2,17 @@
<zk>
<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
<window border="normal" apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.workgroups.WorkgroupList')">
viewModel="@id('vm') @init('info.bukova.isspst.ui.workgroups.WorkgroupList')"
vflex="1">
<caption zclass="form-caption" label="${labels.AgendaWorkgroups}" />
<include src="/app/toolbar.zul" />
<hbox width="100%" height="500px">
<hbox width="100%" vflex="1">
<listbox model="@load(vm.dataList)" selectedItem="@bind(vm.dataBean)" width="680px" height="480px">
<listbox model="@load(vm.dataList)"
selectedItem="@bind(vm.dataBean)"
width="680px"
vflex="1">
<listhead menupopup="auto">
<listheader label="${labels.code}" sort="czech(code)" width="10%" />
<listheader label="${labels.name}" sort="czech(name)" width="30%" />
@ -57,40 +61,45 @@
</template>
</listbox>
<vbox>
<vbox children="@load(vm.workgroupRoles)">
<template name="children">
<grid model="@load(vm.dataBean.members)" visible="@load(each.authority ne 'ROLE_USER')">
<columns>
<column label="@load(each.description)"/>
</columns>
<rows>
<template name="model" var="member">
<row visible="@load(member.role eq each)">
<hbox><image src="/img/user-small-red.png"/><label value="@load(member.member.fullName)"/></hbox>
</row>
<panel vflex="1">
<panelchildren style="overflow:auto;">
<vbox>
<vbox children="@load(vm.workgroupRoles)">
<template name="children">
<grid model="@load(vm.dataBean.members)" visible="@load(each.authority ne 'ROLE_USER')">
<columns>
<column label="@load(each.description)"/>
</columns>
<rows>
<template name="model" var="member">
<row visible="@load(member.role eq each)">
<hbox><image src="/img/user-small-red.png"/><label value="@load(member.member.fullName)"/></hbox>
</row>
</template>
</rows>
</grid>
</template>
</vbox>
<groupbox mold="3d" closable="false">
<caption label="členové"/>
<tree hflex="1" model="@load(vm.workgroupTreeModel)">
<treecols>
<treecol/>
</treecols>
<template name="model">
<treeitem>
<treerow>
<treecell image="@load(each.data.person ? '/img/user-small.png' : '/img/commission-small.png')" label="@load(each.data.fullName)"/>
</treerow>
</treeitem>
</template>
</rows>
</grid>
</template>
</vbox>
<groupbox mold="3d" closable="false">
<caption label="členové"/>
<tree hflex="1" model="@load(vm.workgroupTreeModel)">
<treecols>
<treecol/>
</treecols>
<template name="model">
<treeitem>
<treerow>
<treecell image="@load(each.data.person ? '/img/user-small.png' : '/img/commission-small.png')" label="@load(each.data.fullName)"/>
</treerow>
</treeitem>
</template>
</tree>
</groupbox>
</vbox>
</tree>
</groupbox>
</vbox>
</panelchildren>
</panel>
</hbox>
</window>
</zk>

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.6 KiB

@ -1,12 +1,18 @@
<?page title="${labels.AgendaSuppliers}" contentType="text/html;charset=UTF-8"?>
<zk>
<?variable-resolver class="org.zkoss.zkplus.spring.DelegatingVariableResolver"?>
<window border="normal" apply="org.zkoss.bind.BindComposer" height="570px" viewModel="@id('vm') @init('info.bukova.isspst.ui.addressbook.AddressList')">
<window border="normal" apply="org.zkoss.bind.BindComposer" vflex="1" viewModel="@id('vm') @init('info.bukova.isspst.ui.addressbook.AddressList')">
<caption zclass="form-caption" label="${labels.AgendaSuppliers}" />
<include src="/app/toolbar.zul" />
<hbox width="100%">
<listbox id="dataGrid" model="@load(vm.dataList)" selectedItem="@bind(vm.dataBean)" onAfterRender="@command('afterRender')" selectedIndex="@load(vm.selIndex)" hflex="6" height="480px">
<hbox width="100%" vflex="1">
<listbox id="dataGrid"
model="@load(vm.dataList)"
selectedItem="@bind(vm.dataBean)"
onAfterRender="@command('afterRender')"
selectedIndex="@load(vm.selIndex)"
hflex="6"
vflex="1">
<listhead vflex="true" menupopup="auto">
<listheader label="${labels.SuppliersGridColumnCompany}" sort="czech(company)" />
<listheader label="${labels.SuppliersGridColumnIC}" sort="auto(ic)" width="100px" />

@ -0,0 +1,21 @@
<html
xmlns="native"
xmlns:u="zul"
xmlns:zk="zk">
<head>
<title>${labels.Loggingin}</title>
</head>
<body style="height: 100%; padding: 0 5px;">
<div style="height: 15%" />
<div align="center">
<u:include src="login.zul" />
<br/>
<img src="img/google.png" alt="Google"/>
<form action="j_spring_openid_security_check" method="post">
<input name="openid_identifier" type="hidden" value="https://www.google.com/accounts/o8/id"/>
<input type="submit" value="${labels.LoginViaGoogle}" class="nicebutton"/>
</form>
</div>
</body>
</html>

@ -299,8 +299,16 @@
</rows>
</grid>
<div hflex="1" align="end" >
<label value="${labels.TripBillTotal}: " style="font-size: 14px; font-weight: bold;"/>
<label value="@load(vm.dataBean.total) @converter(vm.bigDecimalConverter)" style="font-size: 14px; font-weight: bold;"/>
<vbox>
<hbox>
<label value="Záloha: " style="font-size: 14px;"/>
<label value="@load(vm.dataBean.requirement.downPayment) @converter(vm.bigDecimalConverter)" style="font-size: 14px;"/>
</hbox>
<hbox>
<label value="${labels.TripBillTotal}: " style="font-size: 14px; font-weight: bold;"/>
<label value="@load(vm.dataBean.total) @converter(vm.bigDecimalConverter)" style="font-size: 14px; font-weight: bold;"/>
</hbox>
</vbox>
</div>
<include src="/app/formButtons.zul" />
</vlayout>

@ -150,16 +150,29 @@
</template>
</rows>
</grid>
<hbox>
<label value="${labels.RequirementsFormVehicle}"/>
<combobox model="@load(vm.settings.vehicles)"
selectedItem="@bind(fx.vehicle)"
readonly="true">
<template name="model">
<comboitem label="@load(each)"/>
</template>
</combobox>
</hbox>
<grid hflex="min">
<columns>
<column hflex="min"/>
<column hflex="min"/>
</columns>
<rows>
<row>
<label value="${labels.RequirementsFormVehicle}"/>
<combobox model="@load(vm.settings.vehicles)"
selectedItem="@bind(fx.vehicle)"
readonly="true">
<template name="model">
<comboitem label="@load(each)"/>
</template>
</combobox>
</row>
<row>
<checkbox label="Požaduji zálohu" checked="@bind(vm.dataBean.requireDownPayment)"/>
<textbox value="@bind(vm.dataBean.downPayment)" disabled="@bind(not vm.dataBean.requireDownPayment)"/>
</row>
</rows>
</grid>
</vbox>
<include src="/app/formButtons.zul" />
</vlayout>

@ -1,7 +1,8 @@
<?page title="${labels.AgendaWorkflow}" contentType="text/html;charset=UTF-8"?>
<zk>
<window border="normal" apply="org.zkoss.bind.BindComposer"
viewModel="@id('vm') @init('info.bukova.isspst.ui.requirement.RequirementTypesVM')">
viewModel="@id('vm') @init('info.bukova.isspst.ui.requirement.RequirementTypesVM')"
vflex="1">
<caption zclass="form-caption" label="${labels.AgendaWorkflow}" />
<vbox>
<hbox>

Loading…
Cancel
Save