/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/SystemUserManager.java |
---|
137,12 → 137,14 |
throws ModelException |
{ |
try { |
if(editor.isSuperuser()) |
if(editor.isSuperuser()) { |
return HibernateUtil.currentSession().find("from SystemUser"); |
else |
} |
else { |
return HibernateUtil.currentSession().find( |
"select u from SystemUser u left join u.owner o where o is null or o=?", |
editor, Hibernate.entity(User.class)); |
} |
} |
catch(HibernateException ex) |
{ |
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/User.java |
---|
164,12 → 164,12 |
public boolean viewableBy(User user) |
{ |
return user.isSuperuser() || user.equals(boss); |
return user.isSuperuser() || user.equals(boss) || user.equals(this); |
} |
public boolean editableBy(User user) |
{ |
return user.isSuperuser(); |
return user.isSuperuser() || user.equals(boss); |
} |
public boolean deleteableBy(User user) |
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/MailAliasDestinationManager.java |
---|
4,6 → 4,7 |
import net.sf.hibernate.*; |
import ak.hostcaptain.util.HibernateUtil; |
import ak.hostcaptain.util.ModelException; |
import ak.hostcaptain.util.ModelSecurityException; |
public class MailAliasDestinationManager |
{ |
33,16 → 34,27 |
{ |
} |
public MailAliasDestination create() |
public MailAliasDestination create(User editor) |
throws ModelException |
{ |
if(!allowedToCreate(editor)) throw new ModelSecurityException(); |
return new MailAliasDestination(); |
} |
public MailAliasDestination get(Long id) |
public boolean allowedToCreate(User editor) |
throws ModelException |
{ |
return true; |
} |
public MailAliasDestination get(User editor, Long id) |
throws ModelException |
{ |
MailAliasDestination dest; |
try { |
return (MailAliasDestination)HibernateUtil.currentSession() |
dest = (MailAliasDestination)HibernateUtil.currentSession() |
.load(MailAliasDestination.class, id); |
} |
catch(HibernateException ex) |
49,11 → 61,19 |
{ |
throw new ModelException(ex); |
} |
if(!dest.viewableBy(editor)) |
throw new ModelSecurityException(); |
return dest; |
} |
public void save(MailAliasDestination mailAliasDestination) |
public void save(User editor, MailAliasDestination mailAliasDestination) |
throws ModelException |
{ |
if(!mailAliasDestination.editableBy(editor)) |
throw new ModelSecurityException(); |
try { |
HibernateUtil.currentSession().saveOrUpdate(mailAliasDestination); |
} |
63,9 → 83,12 |
} |
} |
public void delete(MailAliasDestination mailAliasDestination) |
public void delete(User editor, MailAliasDestination mailAliasDestination) |
throws ModelException |
{ |
if(!mailAliasDestination.deleteableBy(editor)) |
throw new ModelSecurityException(); |
try { |
HibernateUtil.currentSession().delete(mailAliasDestination); |
} |
75,11 → 98,6 |
} |
} |
public Collection listMailAliasesDestination() |
{ |
return null; |
} |
public Collection listMailAliasesDestination(MailAlias alias) |
throws ModelException |
{ |
94,6 → 112,12 |
} |
} |
public boolean areMailAliasesDestinationsAvailable(User editor) |
throws ModelException |
{ |
return true; |
} |
private static MailAliasDestinationManager mailAliasDestinationManager = null; |
public static MailAliasDestinationManager getInstance() |
/sun/hostcaptain/trunk/src/ak/hostcaptain/core/model/UserManager.java |
---|
2,8 → 2,10 |
import java.util.*; |
import net.sf.hibernate.*; |
import net.sf.hibernate.type.Type; |
import ak.hostcaptain.util.HibernateUtil; |
import ak.hostcaptain.util.ModelException; |
import ak.hostcaptain.util.ModelSecurityException; |
public class UserManager |
{ |
33,21 → 35,37 |
{ |
} |
public User create() |
public User create(User editor) |
throws ModelException |
{ |
if(!allowedToCreate(editor)) throw new ModelSecurityException(); |
return new User(); |
} |
public User get(Long id) |
public boolean allowedToCreate(User editor) |
throws ModelException |
{ |
return editor.isSuperuser(); |
} |
public User get(User editor, Long id) |
throws ModelException |
{ |
User user; |
try { |
return (User)HibernateUtil.currentSession().load(User.class, id); |
user = (User)HibernateUtil.currentSession().load(User.class, id); |
} |
catch(HibernateException ex) |
{ |
throw new ModelException(ex); |
} |
if(!user.viewableBy(editor)) |
throw new ModelSecurityException(); |
return user; |
} |
public User findForLogin(String login) |
68,9 → 86,12 |
} |
} |
public void save(User user) |
public void save(User editor, User user) |
throws ModelException |
{ |
if(!user.editableBy(editor)) |
throw new ModelSecurityException(); |
try { |
HibernateUtil.currentSession().saveOrUpdate(user); |
} |
80,9 → 101,12 |
} |
} |
public void delete(User user) |
public void delete(User editor, User user) |
throws ModelException |
{ |
if(!user.deleteableBy(editor)) |
throw new ModelSecurityException(); |
try { |
HibernateUtil.currentSession().delete(user); |
} |
92,11 → 116,19 |
} |
} |
public Collection listUsers() |
public Collection listUsers(User editor) |
throws ModelException |
{ |
try { |
return HibernateUtil.currentSession().find("from User"); |
if(editor.isSuperuser()) { |
return HibernateUtil.currentSession().find("from User"); |
} |
else { |
return HibernateUtil.currentSession().find( |
"from User u where u = ? or u.boss = ?", |
new Object[] { editor, editor}, |
new Type[] { Hibernate.entity(User.class), Hibernate.entity(User.class) } ); |
} |
} |
catch(HibernateException ex) |
{ |
104,6 → 136,27 |
} |
} |
public boolean areSystemUsersAvailable(User editor) |
throws ModelException |
{ |
try { |
if(editor.isSuperuser()) { |
return true; |
} |
else { |
return ((Integer)HibernateUtil.currentSession().iterate( |
"from User u where u = ? or u.boss = ?", |
new Object[] { editor, editor}, |
new Type[] { Hibernate.entity(User.class), Hibernate.entity(User.class) } ) |
.next()).intValue() > 0; |
} |
} |
catch(HibernateException ex) |
{ |
throw new ModelException(ex); |
} |
} |
public User loginUser(String login, String password) |
throws ModelException |
{ |