Mercurial > lada > lada-server
comparison src/main/java/de/intevation/lada/util/auth/MessungAuthorizer.java @ 1028:1c41c7b8f7c2 schema-update
Updated server application to new database model. THIS IS STILL WIP!!!
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Fri, 08 Jul 2016 15:32:36 +0200 |
parents | ad69878b7280 |
children |
comparison
equal
deleted
inserted
replaced
1027:9971471d562c | 1028:1c41c7b8f7c2 |
---|---|
8 package de.intevation.lada.util.auth; | 8 package de.intevation.lada.util.auth; |
9 | 9 |
10 import java.util.ArrayList; | 10 import java.util.ArrayList; |
11 import java.util.List; | 11 import java.util.List; |
12 | 12 |
13 import de.intevation.lada.model.land.LMessung; | 13 import de.intevation.lada.model.land.Messung; |
14 import de.intevation.lada.model.land.LProbe; | 14 import de.intevation.lada.model.land.Probe; |
15 import de.intevation.lada.model.land.LStatusProtokoll; | 15 import de.intevation.lada.model.land.StatusProtokoll; |
16 import de.intevation.lada.model.stamm.AuthLstUmw; | 16 import de.intevation.lada.model.stammdaten.AuthLstUmw; |
17 import de.intevation.lada.model.stammdaten.MessStelle; | |
18 import de.intevation.lada.model.stammdaten.StatusKombi; | |
17 import de.intevation.lada.util.data.QueryBuilder; | 19 import de.intevation.lada.util.data.QueryBuilder; |
18 import de.intevation.lada.util.rest.RequestMethod; | 20 import de.intevation.lada.util.rest.RequestMethod; |
19 import de.intevation.lada.util.rest.Response; | 21 import de.intevation.lada.util.rest.Response; |
20 | 22 |
21 public class MessungAuthorizer extends BaseAuthorizer { | 23 public class MessungAuthorizer extends BaseAuthorizer { |
25 Object data, | 27 Object data, |
26 RequestMethod method, | 28 RequestMethod method, |
27 UserInfo userInfo, | 29 UserInfo userInfo, |
28 Class<T> clazz | 30 Class<T> clazz |
29 ) { | 31 ) { |
30 LMessung messung = (LMessung)data; | 32 Messung messung = (Messung)data; |
31 Response response = | 33 Response response = |
32 repository.getById(LProbe.class, messung.getProbeId(), "land"); | 34 repository.getById(Probe.class, messung.getProbeId(), "land"); |
33 LProbe probe = (LProbe)response.getData(); | 35 Probe probe = (Probe)response.getData(); |
34 if (method == RequestMethod.PUT || | 36 if (method == RequestMethod.PUT || |
35 method == RequestMethod.DELETE) { | 37 method == RequestMethod.DELETE) { |
36 return !this.isMessungReadOnly(messung.getId()) && | 38 return !this.isMessungReadOnly(messung.getId()) && |
37 getAuthorization(userInfo, probe); | 39 getAuthorization(userInfo, probe); |
38 } | 40 } |
39 if (method == RequestMethod.POST) { | 41 if (method == RequestMethod.POST) { |
40 return getAuthorization(userInfo, probe); | 42 return getAuthorization(userInfo, probe); |
41 } | 43 } |
42 LStatusProtokoll status = repository.getByIdPlain( | 44 StatusProtokoll status = repository.getByIdPlain( |
43 LStatusProtokoll.class, | 45 StatusProtokoll.class, |
44 messung.getStatus(), | 46 messung.getStatus(), |
45 "land"); | 47 "land"); |
46 return status.getStatusWert() > 0 || getAuthorization(userInfo, probe); | 48 StatusKombi kombi = repository.getByIdPlain( |
49 StatusKombi.class, | |
50 status.getStatusKombi(), | |
51 "stamm"); | |
52 return kombi.getStatusWert().getId() > 0 || | |
53 getAuthorization(userInfo, probe); | |
47 } | 54 } |
48 | 55 |
49 @SuppressWarnings("unchecked") | 56 @SuppressWarnings("unchecked") |
50 @Override | 57 @Override |
51 public <T> Response filter( | 58 public <T> Response filter( |
52 Response data, | 59 Response data, |
53 UserInfo userInfo, | 60 UserInfo userInfo, |
54 Class<T> clazz | 61 Class<T> clazz |
55 ) { | 62 ) { |
56 if (data.getData() instanceof List<?>) { | 63 if (data.getData() instanceof List<?>) { |
57 List<LMessung> messungen = new ArrayList<LMessung>(); | 64 List<Messung> messungen = new ArrayList<Messung>(); |
58 for (LMessung messung :(List<LMessung>)data.getData()) { | 65 for (Messung messung :(List<Messung>)data.getData()) { |
59 messungen.add(setAuthData(userInfo, messung)); | 66 messungen.add(setAuthData(userInfo, messung)); |
60 } | 67 } |
61 data.setData(messungen); | 68 data.setData(messungen); |
62 } | 69 } |
63 else if (data.getData() instanceof LMessung) { | 70 else if (data.getData() instanceof Messung) { |
64 LMessung messung = (LMessung)data.getData(); | 71 Messung messung = (Messung)data.getData(); |
65 data.setData(setAuthData(userInfo, messung)); | 72 data.setData(setAuthData(userInfo, messung)); |
66 } | 73 } |
67 return data; | 74 return data; |
68 } | 75 } |
69 | 76 |
72 * | 79 * |
73 * @param userInfo The user information. | 80 * @param userInfo The user information. |
74 * @param messung The messung object. | 81 * @param messung The messung object. |
75 * @return The messung. | 82 * @return The messung. |
76 */ | 83 */ |
77 private LMessung setAuthData( | 84 private Messung setAuthData( |
78 UserInfo userInfo, | 85 UserInfo userInfo, |
79 LMessung messung | 86 Messung messung |
80 ) { | 87 ) { |
81 LProbe probe = | 88 Probe probe = |
82 (LProbe)repository.getById( | 89 (Probe)repository.getById( |
83 LProbe.class, messung.getProbeId(), "land").getData(); | 90 Probe.class, messung.getProbeId(), "land").getData(); |
84 if (!userInfo.getNetzbetreiber().contains(probe.getNetzbetreiberId()) && | 91 MessStelle mst = repository.getByIdPlain(MessStelle.class, probe.getMstId(), "stamm"); |
92 if (!userInfo.getNetzbetreiber().contains(mst.getNetzbetreiberId()) && | |
85 !userInfo.getFunktionen().contains(3)) { | 93 !userInfo.getFunktionen().contains(3)) { |
86 messung.setOwner(false); | 94 messung.setOwner(false); |
87 messung.setReadonly(true); | 95 messung.setReadonly(true); |
88 messung.setStatusEdit(false); | 96 messung.setStatusEdit(false); |
89 return messung; | 97 return messung; |
99 if (messung.getStatus() == null) { | 107 if (messung.getStatus() == null) { |
100 messung.setReadonly(false); | 108 messung.setReadonly(false); |
101 messung.setStatusEdit(false); | 109 messung.setStatusEdit(false); |
102 } | 110 } |
103 else { | 111 else { |
104 LStatusProtokoll status = repository.getByIdPlain( | 112 StatusProtokoll status = repository.getByIdPlain( |
105 LStatusProtokoll.class, | 113 StatusProtokoll.class, |
106 messung.getStatus(), | 114 messung.getStatus(), |
107 "land"); | 115 "land"); |
108 int stufe = status.getStatusStufe(); | 116 StatusKombi kombi = repository.getByIdPlain( |
109 int wert = status.getStatusWert(); | 117 StatusKombi.class, status.getStatusKombi(), "stamm"); |
118 int stufe = kombi.getStatusStufe().getId(); | |
119 int wert = kombi.getStatusWert().getId(); | |
110 | 120 |
111 messung.setReadonly(wert != 0 && wert != 4); | 121 messung.setReadonly(wert != 0 && wert != 4); |
112 | 122 |
113 boolean statusEdit = false; | 123 boolean statusEdit = false; |
114 | 124 |
116 edit status? */ | 126 edit status? */ |
117 if (userInfo.getFunktionen().contains(3)) { | 127 if (userInfo.getFunktionen().contains(3)) { |
118 QueryBuilder<AuthLstUmw> lstFilter = new QueryBuilder<AuthLstUmw>( | 128 QueryBuilder<AuthLstUmw> lstFilter = new QueryBuilder<AuthLstUmw>( |
119 repository.entityManager("stamm"), | 129 repository.entityManager("stamm"), |
120 AuthLstUmw.class); | 130 AuthLstUmw.class); |
121 lstFilter.or("lstId", userInfo.getMessstellen()); | 131 lstFilter.or("mstId", userInfo.getMessstellen()); |
122 List<AuthLstUmw> lsts = | 132 List<AuthLstUmw> lsts = |
123 repository.filterPlain(lstFilter.getQuery(), "stamm"); | 133 repository.filterPlain(lstFilter.getQuery(), "stamm"); |
124 for (int i = 0; i < lsts.size(); i++) { | 134 for (int i = 0; i < lsts.size(); i++) { |
125 if (lsts.get(i).getUmwId().equals(probe.getUmwId()) | 135 if (lsts.get(i).getUmwId().equals(probe.getUmwId()) |
126 && (stufe == 2 || stufe == 3) | 136 && (stufe == 2 || stufe == 3) |
130 } | 140 } |
131 } | 141 } |
132 | 142 |
133 // Has the user the right to edit status for the 'Netzbetreiber'? | 143 // Has the user the right to edit status for the 'Netzbetreiber'? |
134 if (userInfo.getFunktionenForNetzbetreiber( | 144 if (userInfo.getFunktionenForNetzbetreiber( |
135 probe.getNetzbetreiberId()).contains(2) | 145 mst.getNetzbetreiberId()).contains(2) |
136 && (stufe == 1 || stufe == 2) | 146 && (stufe == 1 || stufe == 2) |
137 && wert >= 1 | 147 && wert >= 1 |
138 ) { | 148 ) { |
139 statusEdit = true; | 149 statusEdit = true; |
140 } | 150 } |