2,8 → 2,10 |
|
import java.util.*; |
import net.sf.hibernate.*; |
import net.sf.hibernate.type.Type; |
import ak.hostcaptain.util.HibernateUtil; |
import ak.hostcaptain.util.ModelException; |
import ak.hostcaptain.util.ModelSecurityException; |
|
public class UserManager |
{ |
33,21 → 35,37 |
{ |
} |
|
public User create() |
public User create(User editor) |
throws ModelException |
{ |
if(!allowedToCreate(editor)) throw new ModelSecurityException(); |
|
return new User(); |
} |
|
public User get(Long id) |
public boolean allowedToCreate(User editor) |
throws ModelException |
{ |
return editor.isSuperuser(); |
} |
|
public User get(User editor, Long id) |
throws ModelException |
{ |
User user; |
|
try { |
return (User)HibernateUtil.currentSession().load(User.class, id); |
user = (User)HibernateUtil.currentSession().load(User.class, id); |
} |
catch(HibernateException ex) |
{ |
throw new ModelException(ex); |
} |
|
if(!user.viewableBy(editor)) |
throw new ModelSecurityException(); |
|
return user; |
} |
|
public User findForLogin(String login) |
68,9 → 86,12 |
} |
} |
|
public void save(User user) |
public void save(User editor, User user) |
throws ModelException |
{ |
if(!user.editableBy(editor)) |
throw new ModelSecurityException(); |
|
try { |
HibernateUtil.currentSession().saveOrUpdate(user); |
} |
80,9 → 101,12 |
} |
} |
|
public void delete(User user) |
public void delete(User editor, User user) |
throws ModelException |
{ |
if(!user.deleteableBy(editor)) |
throw new ModelSecurityException(); |
|
try { |
HibernateUtil.currentSession().delete(user); |
} |
92,11 → 116,19 |
} |
} |
|
public Collection listUsers() |
public Collection listUsers(User editor) |
throws ModelException |
{ |
try { |
return HibernateUtil.currentSession().find("from User"); |
if(editor.isSuperuser()) { |
return HibernateUtil.currentSession().find("from User"); |
} |
else { |
return HibernateUtil.currentSession().find( |
"from User u where u = ? or u.boss = ?", |
new Object[] { editor, editor}, |
new Type[] { Hibernate.entity(User.class), Hibernate.entity(User.class) } ); |
} |
} |
catch(HibernateException ex) |
{ |
104,6 → 136,27 |
} |
} |
|
public boolean areSystemUsersAvailable(User editor) |
throws ModelException |
{ |
try { |
if(editor.isSuperuser()) { |
return true; |
} |
else { |
return ((Integer)HibernateUtil.currentSession().iterate( |
"from User u where u = ? or u.boss = ?", |
new Object[] { editor, editor}, |
new Type[] { Hibernate.entity(User.class), Hibernate.entity(User.class) } ) |
.next()).intValue() > 0; |
} |
} |
catch(HibernateException ex) |
{ |
throw new ModelException(ex); |
} |
} |
|
public User loginUser(String login, String password) |
throws ModelException |
{ |