WebSVN - bacoAlunos - Path Comparison - /branches/v3/impl/src/java Rev 1731 and /branches/v3/impl/src/java Rev 1732

Ignore whitespace Rev 1731 → Rev 1732

/branches/v3/impl/src/java/pt/estgp/estgweb/services/users/UserRoleConfigService.java
478,9 → 478,11
"user.role.courseValidateProgramTPB=Comissão de Curso de Tecnologias de Produção de Biocombustíveis\n"+
"user.role.board.institution=Board de Direcção do Instituto Politecnico\n"+
"user.role.repositoryDocs=Administração do Repositório Digital\n"+
"user.role.repositoryDeposit=Depositante do Repositório Digital\n"+




//ESCOLAS

 /branches/v3/impl/src/java/pt/estgp/estgweb/services/data/repositorydocuments/RepositoryDocumentService.java
 ,7 → 362,7
             collections.add((RepositoryDocumentCollectionImpl) col);
             collections.addAll(loadChildsOrderedAsTree(col));
         }
-        return RepositoryDocumentCollectionImpl.toJsonArray(collections);
+        return RepositoryDocumentCollectionImpl.toJsonArraySimpleFields(collections);
     }
     private ArrayList<RepositoryDocumentCollectionImpl> loadChildsOrderedAsTree(RepositoryDocumentCollection rootCol)
 ,7 → 405,6
         DaoFactory.getRepositoryDocumentInterfaceDaoImpl().delete(persistent);
     }
     public void saveRepositoryInterfaceData(Long id,String dataJson, UserSession userSession) throws IOException, TransformationException, JSONException, AccessDeniedException, ServiceException {
         RepositoryInterface repositoryInterface = RepositoryInterface.loadFromJson(dataJson);
 ,6 → 425,26
         persistent.setRepositoryInterface(repositoryInterface);
     }
+    public void addManagerToCollection(long collectionId, long managerId, UserSession sess)
+    {
+        RepositoryDocumentCollection col = DaoFactory.getRepositoryDocumentCollectionDaoImpl().get(collectionId);
+        User u = DaoFactory.getUserDaoImpl().get(managerId);
+        col.getCollectionManagers().add((UserImpl) u);
+    }
+    public void removeManagerInCollection(long collectionId, long managerId, UserSession sess)
+    {
+        RepositoryDocumentCollection col = DaoFactory.getRepositoryDocumentCollectionDaoImpl().get(collectionId);
+        for(User user : col.getCollectionManagers())
+        {
+            if(user.getId() == managerId)
+            {
+                col.getCollectionManagers().remove(user);
+                break;
+            }
+        }
+    }
     public static void main(String[] args) throws TransformationException, JSONException, IOException
     {
         AbstractDao.getCurrentSession().beginTransaction();

 /branches/v3/impl/src/java/pt/estgp/estgweb/services/data/repositorydocuments/interfaces/InterfaceBlock.java
 ,7 → 13,9
     String type = "block";
     String title;
     String description;
+    //HELPER para interface
     boolean showTitle = true;
     boolean showDescription = false;
 ,6 → 227,8
         return "block";
     }
     public void setType(String type){}
 }

 /branches/v3/impl/src/java/pt/estgp/estgweb/domain/RepositoryDocumentCollectionImpl.java
 ,15 → 25,39
     static Genson genson;
+    static Genson gensonSimpleFields;
     static {
         Genson.Builder gensonBuilder =  new Genson.Builder()
             .exclude(Object.class)
             .include(RepositoryDocumentCollectionImpl.class)
-            .include(String.class)
+            .include("name", RepositoryDocumentCollection.class)
+            .include("description",RepositoryDocumentCollection.class)
+            .include("legacyUrl", RepositoryDocumentCollection.class)
+            .include("treeName", RepositoryDocumentCollection.class)
+            .include("pathName", RepositoryDocumentCollection.class)
+            .include("treeHiffens", RepositoryDocumentCollection.class)
+            .include("collectionManagers", RepositoryDocumentCollection.class)
+            .include("id",UserImpl.class)
+            .include("name",UserImpl.class)
+            .include("sigesCode",SigesUserImpl.class)
             .exclude("parent", RepositoryDocumentCollection.class);
         genson = gensonBuilder.create();
+        Genson.Builder gensonBuilderSimpleFields =  new Genson.Builder()
+                .exclude(Object.class)
+                .include(RepositoryDocumentCollectionImpl.class)
+                .include("name", RepositoryDocumentCollection.class)
+                .include("description",RepositoryDocumentCollection.class)
+                .include("legacyUrl", RepositoryDocumentCollection.class)
+                .include("treeName", RepositoryDocumentCollection.class)
+                .include("pathName", RepositoryDocumentCollection.class)
+                .include("treeHiffens", RepositoryDocumentCollection.class)
+                .exclude("parent", RepositoryDocumentCollection.class);
+        gensonSimpleFields = gensonBuilderSimpleFields.create();
     }
     public String toJson() throws IOException, TransformationException
     {
 ,6 → 77,10
         return new JSONArray(genson.serialize(collections));
     }
+    public static JSONArray toJsonArraySimpleFields(List<RepositoryDocumentCollectionImpl> collections) throws IOException, TransformationException, JSONException {
+        return new JSONArray(gensonSimpleFields.serialize(collections));
+    }
     public static RepositoryDocumentCollectionImpl loadFromJson(String json) throws IOException, TransformationException {
         return genson.deserialize(json, RepositoryDocumentCollectionImpl.class);
     }
 ,5 → 114,27
     }
     public void setTreeName(String name)
     {}
+    public boolean isManager(UserSession userSession)
+    {
+        if(userSession.getUser() == null)
+            return false;
+        return checkCollectionManagerInTree(userSession.getUser());
+    }
+    private boolean checkCollectionManagerInTree(User u)
+    {
+        if(getCollectionManagers() != null)
+        {
+            for(User manager :getCollectionManagers())
+            {
+                if(manager.getId() == u.getId())
+                    return true;
+            }
+            return getParent() != null && getParent().checkCollectionManagerInTree(u);
+        }
+        return false;
+    }
 }

 /branches/v3/impl/src/java/pt/estgp/estgweb/filters/filters/CheckRepositoryCollectionManager.java
 New file
 ,0 → 1,94
+package pt.estgp.estgweb.filters.filters;
+import org.apache.log4j.Logger;
+import org.json.JSONArray;
+import pt.estgp.estgweb.Globals;
+import pt.estgp.estgweb.domain.RepositoryDocument;
+import pt.estgp.estgweb.domain.RepositoryDocumentCollectionImpl;
+import pt.estgp.estgweb.domain.RepositoryDocumentImpl;
+import pt.estgp.estgweb.domain.UserSession;
+import pt.estgp.estgweb.domain.dao.DaoFactory;
+import pt.estgp.estgweb.filters.chains.AdminControlFilter;
+import pt.estgp.estgweb.filters.exceptions.NeedAuthenticationException;
+import pt.estgp.estgweb.utils.ConfigProperties;
+import pt.estgp.estgweb.web.exceptions.NotAuthorizedException;
+import pt.utl.ist.berserk.ServiceRequest;
+import pt.utl.ist.berserk.ServiceResponse;
+import pt.utl.ist.berserk.logic.filterManager.FilterParameters;
+import pt.utl.ist.berserk.logic.filterManager.exceptions.FilterException;
+public class CheckRepositoryCollectionManager extends AdminControlFilter {
+    private static final Logger logger = Logger.getLogger(CheckRepositoryCollectionManager.class);
+    private static final String ALL_ROLE = ConfigProperties.getProperty("user.super");
+    public void execute(ServiceRequest request, ServiceResponse response)
+                throws FilterException, Exception
+        {
+    }
+    public void execute(ServiceRequest request, ServiceResponse response, FilterParameters filterParameters) throws FilterException, Exception
+    {
+        UserSession userSession = (UserSession) request.getServiceParameters().getParameter(Globals.USER_SESSION_KEY);
+        Long targetCollectionId = (Long) request.getServiceParameters().getParameter("newCollectionId");
+        JSONArray docsIds = (JSONArray) request.getServiceParameters().getParameter("jsonArrayDocumentsIds");
+        String docJson = (String) request.getServiceParameters().getParameter("docJson");
+        if(userSession.getUser() == null)
+        {
+            logger.info("try access restricted area:" + request.getRequester());
+            throw new NeedAuthenticationException();
+        }
+        if(userSession.getUser().isSuperuserOrAdmin())
+            return;
+        if(docJson != null)
+        {
+            RepositoryDocumentImpl view = RepositoryDocumentImpl.loadFromJson(docJson);
+            targetCollectionId = view.getCollection().getId();
+            if(view.getCollection() == null || view.getCollection().getId() <= 0)
+            {
+                throw new NotAuthorizedException("Não pode depositar documentos sem colecção");
+            }
+            Long id = view.getId();
+            checkDocAndTargetCollectionManager(targetCollectionId, id,userSession);
+            return;
+        }
+        else if(docsIds != null && targetCollectionId != null)
+        {
+            for(int i  = 0; i < docsIds.length(); i++)
+            {
+                long docId = docsIds.getLong(i);
+                checkDocAndTargetCollectionManager(targetCollectionId, docId,userSession);
+            }
+            return;
+        }
+        throw new NotAuthorizedException("Não tem permissão para fazer esta operação");
+    }
+    public void checkDocAndTargetCollectionManager(long targetColId, Long id,UserSession sess) throws NotAuthorizedException {
+        if(id != null && id > 0)
+        {
+            RepositoryDocument persistentDoc = DaoFactory.getRepositoryDocumentDaoImpl().get(id);
+            if(persistentDoc.getCollection() != null)
+            {
+                boolean isManager = persistentDoc.getCollection().isManager(sess);
+                if(!isManager)
+                    throw new NotAuthorizedException("O seu perfil não lhe permite atualizar documentos da colecção " + persistentDoc.getCollection().getName());
+            }
+            else
+            {
+                throw new NotAuthorizedException("Não tem permissão para fazer esta operação, este documento necessita de colecção");
+            }
+        }
+        RepositoryDocumentCollectionImpl targetCollection = (RepositoryDocumentCollectionImpl) DaoFactory.getRepositoryDocumentCollectionDaoImpl().get(targetColId);
+        boolean isManager = targetCollection.isManager(sess);
+        if(!isManager)
+            throw new NotAuthorizedException("O seu perfil não lhe permite atualizar documentos da colecção " + targetCollection.getName());
+    }
+}

 /branches/v3/impl/src/java/pt/estgp/estgweb/web/controllers/repositorydocs/RepositoryDocController.java
 ,7 → 35,7
         IServiceManager sm = ServiceManager.getInstance();
-        String[] names = new String[]{};
+        String[] names = new String[]{"docJson"};
         Object[] args = new Object[]{docJson,uploadedProvisorios};
         JSONObject persistent = (JSONObject) sm.execute(RequestUtils.getRequester(request, response), "SaveRepositoryDocument", args, names);
         if(persistent.get("title") != null)
 ,7 → 52,7
         JSONObject similar = new JSONObject();
         IServiceManager sm = ServiceManager.getInstance();
-        String[] names = new String[]{};
+        String[] names = new String[]{"docJson"};
         Object[] args = new Object[]{docJson};
         JSONArray found  = (JSONArray) sm.execute(RequestUtils.getRequester(request, response), "CheckRepositoryDocumentExistence", args, names);
         similar.put("found",found);
 ,7 → 103,7
         JSONArray documentIds = new JSONArray(request.getParameter("documentIds"));
         IServiceManager sm = ServiceManager.getInstance();
-        String[] names = new String[]{};
+        String[] names = new String[]{"newCollectionId","jsonArrayDocumentsIds"};
         Object[] args = new Object[]{collectionId,documentIds};
         sm.execute(RequestUtils.getRequester(request, response), "ChangeDocumentCollection", args, names);
         return true;
 ,5 → 510,30
         return sectionsObj;
     }
+    public boolean addManagerToCollection(ActionForm form,HttpServletRequest request, HttpServletResponse response) throws Throwable
+    {
+        Long collectionId = Long.parseLong(request.getParameter("collectionId"));
+        Long managerId = Long.parseLong(request.getParameter("managerId"));
+        IServiceManager sm = ServiceManager.getInstance();
+        String[] names = new String[]{};
+        Object[] args = new Object[]{collectionId,managerId};
+        sm.execute(RequestUtils.getRequester(request, response), "RepositoryDocumentsAddManagerToCollection", args, names);
+        addMessageAsString(request,"Utilizador adicionado com sucesso");
+        return true;
+    }
+    public boolean removeManagerInCollection(ActionForm form,HttpServletRequest request, HttpServletResponse response) throws Throwable
+    {
+        Long collectionId = Long.parseLong(request.getParameter("collectionId"));
+        Long managerId = Long.parseLong(request.getParameter("managerId"));
+        IServiceManager sm = ServiceManager.getInstance();
+        String[] names = new String[]{};
+        Object[] args = new Object[]{collectionId,managerId};
+        sm.execute(RequestUtils.getRequester(request, response), "RepositoryDocumentsRemoveManagerInCollection", args, names);
+        addMessageAsString(request,"Utilizador removido com sucesso");
+        return true;
+    }
 }

 /branches/v3/impl/src/java/pt/estgp/estgweb/web/controllers/utils/AbstractWidgetAjaxController.java
 ,6 → 7,7
 import org.json.JSONException;
 import org.json.JSONObject;
 import pt.estgp.estgweb.web.controllers.ApplicationDispatchController;
+import pt.utl.ist.berserk.logic.serviceManager.exceptions.FilterChainFailedException;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 ,6 → 49,7
         try
         {
             String serviceJson = request.getParameter("serviceJson");
+            logger.info("Calling abstract widget service: " + serviceJson);
             Method serviceChild = this.getClass().getMethod(serviceJson,new Class[]{ActionForm.class,HttpServletRequest.class,HttpServletResponse.class});
 ,12 → 61,27
         }
         catch(InvocationTargetException e)
         {
-            prepareError(e.getCause(),request,response);
+            Throwable cause = e;
+            if(e.getTargetException() != null)
+            {
+                cause = e.getTargetException();
+                if(e.getTargetException().getCause() != null)
+                    cause = e.getTargetException().getCause();
+            }
+            prepareError(cause,request,response);
             return mapping.findForward("JSON_WidgetAjax_RESPONSE_ERROR");
         }
         catch(Throwable e)
         {
-            prepareError(e,request,response);
+            if(e instanceof FilterChainFailedException)
+            {
+                logger.error(e,e);
+            }
+            else
+            {
+                prepareError(e,request,response);
+            }
             return mapping.findForward("JSON_WidgetAjax_RESPONSE_ERROR");
         }
     }
 ,6 → 96,7
         try
         {
             String serviceJson = request.getParameter("serviceJson");
+            logger.info("Calling abstract widget service: " + serviceJson);
             Method serviceChild = this.getClass().getMethod(serviceJson,new Class[]{ActionForm.class,HttpServletRequest.class,HttpServletResponse.class});
             Boolean responseBoolean = (Boolean) serviceChild.invoke(this, form, request, response);
 ,12 → 133,26
         }
         catch(InvocationTargetException e)
         {
-            prepareError(e.getCause(),request,response);
+            Throwable cause = e.getCause();
+            if(e.getTargetException() != null)
+            {
+                cause = e.getTargetException();
+                if(e.getTargetException().getCause() != null)
+                    cause = e.getTargetException().getCause();
+            }
+            prepareError(cause,request,response);
             return mapping.findForward("JSON_WidgetAjax_RESPONSE_ERROR");
         }
         catch(Throwable e)
         {
-            prepareError(e,request,response);
+            if(e instanceof FilterChainFailedException)
+            {
+                logger.error(e,e);
+            }
+            else
+            {
+                prepareError(e,request,response);
+            }
             return mapping.findForward("JSON_WidgetAjax_RESPONSE_ERROR");
         }

Subversion Repositories bacoAlunos

Compare Revisions

Ignore whitespace Rev 1731 → Rev 1732