Byl omezen výběr středisek u nového požadavku, aby bylo zamezeno schvalování sobě samému.

closes #266
master
Josef Rokos 9 years ago
parent b321b3e25f
commit f938403cea

@ -17,6 +17,7 @@ public class SessionData implements Serializable {
private static final long serialVersionUID = -764426911263559759L;
private List<Workgroup> userCentres;
private List<Workgroup> userOnlyCentres;
private List<Workgroup> userWorkgroups;
private User currentUser;
private Map<Integer, List<Role>> workgroupRoles;
@ -75,4 +76,12 @@ public class SessionData implements Serializable {
public Object getProperty(String key) {
return properties.get(key);
}
public List<Workgroup> getUserOnlyCentres() {
return userOnlyCentres;
}
public void setUserOnlyCentres(List<Workgroup> userOnlyCentres) {
this.userOnlyCentres = userOnlyCentres;
}
}

@ -7,16 +7,6 @@ import info.bukova.isspst.data.UserSettingsData;
import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.users.UserService;
import info.bukova.isspst.services.workgroups.WorkgroupService;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@ -24,6 +14,14 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Autowired
@ -45,6 +43,7 @@ public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessH
logger.info("User " + u.getUsername() + " logged in");
sessionData.setUserCentres(workgroupService.getUserCentres((User) auth.getPrincipal()));
sessionData.setUserOnlyCentres(workgroupService.getUserCentres((User) auth.getPrincipal(), true));
sessionData.setUserWorkgroups(workgroupService.getUserWorkgroups((User) auth.getPrincipal()));
workgroupService.loadParents(u);
sessionData.setCurrentUser(u);

@ -10,6 +10,7 @@ import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.AbstractOwnedService;
import info.bukova.isspst.services.LazyLoader;
import info.bukova.isspst.services.settings.GlobalSettingsService;
import info.bukova.isspst.services.settings.SeasonService;
import org.hibernate.Hibernate;
import org.hibernate.Query;
import org.springframework.beans.factory.annotation.Autowired;
@ -28,6 +29,9 @@ public class OrderServiceImpl extends AbstractOwnedService<Order> implements
@Autowired
private RequirementItemDao requirementItemDao;
@Autowired
private SeasonService seasonService;
@Override
@PreAuthorize("hasPermission(this, 'PERM_ADD')")
public Order createOrder(List<JoinedItem> items) {
@ -45,6 +49,7 @@ public class OrderServiceImpl extends AbstractOwnedService<Order> implements
}
order.setTotal(total);
order.setSeason(seasonService.getActive());
return order;
}

@ -94,9 +94,13 @@ public abstract class RequirementBaseServiceImpl<T extends RequirementBase> exte
Workgroup reqWorkgroup = null;
for (Workgroup w : workgroupService.getUserWorkgroups(getLoggedInUser())) {
if (workgroupService.getMembers(entity.getCentre()).contains(w)) {
for (Role r : workgroupService.getUserWorkgroupRoles(w, getLoggedInUser())) {
if (r.getAuthority().equals(Constants.ROLE_USER)) {
reqWorkgroup = w;
}
}
}
}
entity.setWorkgroup(reqWorkgroup);
@ -106,6 +110,8 @@ public abstract class RequirementBaseServiceImpl<T extends RequirementBase> exte
throw new AddRequirementException();
}
entity.setSeason(seasonService.getActive());
this.addWorkflow(entity);
entity.setNumser(this.getNumberSerie());

@ -1,7 +1,5 @@
package info.bukova.isspst.services.workgroups;
import java.util.List;
import info.bukova.isspst.data.JobMapping;
import info.bukova.isspst.data.Member;
import info.bukova.isspst.data.Role;
@ -9,6 +7,8 @@ import info.bukova.isspst.data.User;
import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.Service;
import java.util.List;
public interface WorkgroupService extends Service<Workgroup> {
public void addMember(Workgroup workgroup, Member member, Role role);
@ -17,6 +17,7 @@ public interface WorkgroupService extends Service<Workgroup> {
public List<Workgroup> getCentres();
public boolean isMember(Workgroup workgroup, Member member);
public List<Workgroup> getUserCentres(User user);
public List<Workgroup> getUserCentres(User user, boolean userOnly);
public List<Workgroup> getUserWorkgroups(User user);
public List<Role> getUserWorkgroupRoles(Workgroup workgroup, User user);
public List<Member> getMembers(Workgroup workgroup);

@ -8,15 +8,14 @@ import info.bukova.isspst.data.User;
import info.bukova.isspst.data.Workgroup;
import info.bukova.isspst.services.AbstractOwnedService;
import info.bukova.isspst.services.LazyLoader;
import java.util.ArrayList;
import java.util.List;
import org.hibernate.LazyInitializationException;
import org.hibernate.Query;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList;
import java.util.List;
public class WorkgroupServiceImpl extends AbstractOwnedService<Workgroup> implements WorkgroupService {
@Override
@ -125,7 +124,7 @@ public class WorkgroupServiceImpl extends AbstractOwnedService<Workgroup> implem
@Override
@Transactional
public List<Workgroup> getUserCentres(User user) {
if (user.equals(getLoggedInUser()) && sessionData.getUserCentres() != null) {
/*if (user.equals(getLoggedInUser()) && sessionData.getUserCentres() != null) {
return sessionData.getUserCentres();
}
@ -150,6 +149,67 @@ public class WorkgroupServiceImpl extends AbstractOwnedService<Workgroup> implem
}
}
}
return centres;*/
return getUserCentres(user, false);
}
@Override
@Transactional
public List<Workgroup> getUserCentres(User user, boolean userOnly) {
if (!userOnly && user.equals(getLoggedInUser()) && sessionData.getUserCentres() != null) {
return sessionData.getUserCentres();
}
if (userOnly && user.equals(getLoggedInUser()) && sessionData.getUserOnlyCentres() != null) {
return sessionData.getUserOnlyCentres();
}
List<Workgroup> parents;
if (userOnly) {
parents = filterUserOnly(user, getParents(user));
} else {
parents = getParents(user);
}
if (parents == null) {
return null;
}
List<Workgroup> centres = new ArrayList<Workgroup>();
for (Workgroup w : parents) {
if (w.isCentre()) {
centres.add(w);
}
}
for (Workgroup w : getUserWorkgroups(user)) {
loadParents(w);
for (Workgroup centre : w.getParents()) {
if (!centres.contains(centre)) {
centres.add(centre);
}
}
}
return centres;
}
private List<Workgroup> filterUserOnly(User user, List<Workgroup> wgList) {
List<Workgroup> centres = new ArrayList<Workgroup>();
for (Workgroup wg : wgList) {
List<Role> roles = getUserWorkgroupRoles(wg, user);
if (roles == null) {
continue;
}
for (Role r : roles) {
if (r.getAuthority().equals(Constants.ROLE_USER)) {
centres.add(wg);
}
}
}
return centres;
}

@ -290,6 +290,7 @@ public class ListViewModel<T extends DataModel> extends DocumentViewModel
public void reload() {
dataBean = null;
dataList.clear();
setHqlFilter();
loadFromDbSync();
}

@ -12,10 +12,6 @@ import info.bukova.isspst.services.users.UserService;
import info.bukova.isspst.services.workgroups.WorkgroupService;
import info.bukova.isspst.ui.FormViewModel;
import info.bukova.isspst.validators.RequirementFormValidator;
import java.math.BigDecimal;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.zkoss.bind.BindUtils;
@ -29,6 +25,10 @@ import org.zkoss.zk.ui.select.annotation.WireVariable;
import org.zkoss.zul.Window;
import org.zkoss.zul.impl.InputElement;
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.List;
public class RequirementForm extends FormViewModel<Requirement>
{
private final static Logger log = LoggerFactory.getLogger(RequirementForm.class.getName());
@ -112,7 +112,14 @@ public class RequirementForm extends FormViewModel<Requirement>
this.setRequirementFormValidator(new RequirementFormValidator());
this.setSyncItems(this.getDataBean().getItems());
requirementService.loadType(getDataBean());
this.centres = reqTypeService.filterCentres(getDataBean().getType(), workgroupService.getUserCentres(userService.getCurrent()));
if (isEditRec()) {
List<Workgroup> current = new ArrayList<Workgroup>();
current.add(getDataBean().getCentre());
this.centres = current;
} else {
this.centres = reqTypeService.filterCentres(getDataBean().getType(), workgroupService.getUserCentres(userService.getCurrent(), true));
}
}
public List<RequirementItem> getSyncItems()

@ -24,6 +24,7 @@ import org.zkoss.zk.ui.select.annotation.WireVariable;
import org.zkoss.zul.Messagebox;
import org.zkoss.zul.Window;
import java.util.ArrayList;
import java.util.List;
public class TripRequirementForm extends FormWithUpload<TripRequirement> {
@ -73,7 +74,14 @@ public class TripRequirementForm extends FormWithUpload<TripRequirement> {
@Init(superclass = true)
public void init() {
tripRequirementService.loadType(getDataBean());
centres = reqTypeService.filterCentres(getDataBean().getType(), workgroupService.getUserCentres(userService.getCurrent()));
if (isEditRec()) {
List<Workgroup> current = new ArrayList<Workgroup>();
current.add(getDataBean().getCentre());
this.centres = current;
} else {
this.centres = reqTypeService.filterCentres(getDataBean().getType(), workgroupService.getUserCentres(userService.getCurrent(), true));
}
users = userService.getUsersForCombo();
passengers = getDataBean().getPassengers();
validator = new TripRequirementFormValidator();

@ -63,7 +63,8 @@
<combobox
model="@load(vm.centres)"
readonly="true"
selectedItem="@bind(fx.centre)">
selectedItem="@bind(fx.centre)"
disabled="@load(vm.editRec)">
<template name="model">
<comboitem label="@load(each.fullName)" />
</template>

Loading…
Cancel
Save