RenJuan/TASKPM
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ItEr44S14CUAsignarUsuarioAProxectoPlanificacionItEr43S19: Added restrictions in the creation of orders.

Browse source 
Only users with ROLE_CREATE_ORDER will find the 'create' button and the 'save'
buttons in a new order enabled.
The user creating an order will be added as authorized to write that order
by default.
This commit is contained in:
Jacobo Aragunde Pérez 2010-01-22 13:48:14 +01:00 committed by Javier Moran Rua
parent 13309b3809
commit 45b6069430
5 changed files with 81 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
navalplanner-webapp/src/main/java/org/navalplanner/web/orders/OrderCRUDController.java
View file

@ -42,6 +42,8 @@ import org.navalplanner.business.orders.entities.OrderElement;
import org.navalplanner.business.orders.entities.OrderLine;
import org.navalplanner.business.orders.entities.OrderStatusEnum;
import org.navalplanner.business.templates.entities.OrderTemplate;
import org.navalplanner.business.orders.entities.OrderLineGroup;
import org.navalplanner.business.users.entities.UserRole;
import org.navalplanner.web.common.IMessagesForUser;
import org.navalplanner.web.common.Level;
import org.navalplanner.web.common.MessagesForUser;
@ -57,6 +59,7 @@ import org.navalplanner.web.orders.labels.LabelsAssignmentToOrderElementComponen
import org.navalplanner.web.orders.materials.AssignedMaterialsToOrderElementController;
import org.navalplanner.web.orders.materials.OrderElementMaterialAssignmentsComponent;
import org.navalplanner.web.planner.order.IOrderPlanningGate;
import org.navalplanner.web.security.SecurityUtils;
import org.navalplanner.web.templates.IOrderTemplatesControllerEntryPoints;
import org.navalplanner.web.tree.TreeComponent;
import org.navalplanner.web.users.OrderAuthorizationController;
@ -148,7 +151,7 @@ public class OrderCRUDController extends GenericForwardComposer {
orderModel.prepareCreationFrom(template);
showEditWindow(_("Create order from Template"));
orderAuthorizationController
.setOrder((Order) orderModel.getOrder());
.initCreate((Order) orderModel.getOrder());
}
});
}
@ -178,6 +181,11 @@ public class OrderCRUDController extends GenericForwardComposer {
super.doAfterCompose(comp);
messagesForUser = new MessagesForUser(messagesContainer);
comp.setVariable("controller", this, true);
if(SecurityUtils.isUserInRole(UserRole.ROLE_CREATE_ORDER)) {
((Button)listWindow.getFellowIfAny("show_create_form")).setDisabled(false);
((Button)listWindow.getFellowIfAny("create_from_template_button")).setDisabled(false);
}
}
private void addEditWindowIfNeeded() {
@ -333,7 +341,7 @@ public class OrderCRUDController extends GenericForwardComposer {
if (couldSave) {
selectTab(getCurrentTab().getId());
orderModel.initEdit((Order) orderModel.getOrder());
orderAuthorizationController.setOrder((Order) orderModel.getOrder());
orderAuthorizationController.initEdit((Order) orderModel.getOrder());
initializeTabs();
showWindow(editWindow);
}
@ -463,7 +471,7 @@ public class OrderCRUDController extends GenericForwardComposer {
public void initEdit(Order order) {
orderModel.initEdit(order);
addEditWindowIfNeeded();
orderAuthorizationController.setOrder(order);
orderAuthorizationController.initEdit(order);
showEditWindow(_("Edit order"));
}
@ -497,7 +505,7 @@ public class OrderCRUDController extends GenericForwardComposer {
try {
orderModel.prepareForCreate();
showEditWindow(_("Create order"));
orderAuthorizationController.setOrder((Order) orderModel.getOrder());
orderAuthorizationController.initCreate((Order) orderModel.getOrder());
} catch (ConcurrentModificationException e) {
messagesForUser.showMessage(Level.ERROR, e.getMessage());
}

4
navalplanner-webapp/src/main/java/org/navalplanner/web/users/IOrderAuthorizationModel.java
View file

@ -17,7 +17,9 @@ import org.navalplanner.business.users.entities.UserOrderAuthorization;
*/
public interface IOrderAuthorizationModel {
void initSetOrder(Order order);
void initCreate(Order order);
void initEdit(Order order);
void confirmSave();

26
navalplanner-webapp/src/main/java/org/navalplanner/web/users/OrderAuthorizationController.java
View file

@ -32,6 +32,7 @@ import org.navalplanner.business.users.entities.Profile;
import org.navalplanner.business.users.entities.ProfileOrderAuthorization;
import org.navalplanner.business.users.entities.User;
import org.navalplanner.business.users.entities.UserOrderAuthorization;
import org.navalplanner.business.users.entities.UserRole;
import org.navalplanner.web.common.IMessagesForUser;
import org.navalplanner.web.common.Level;
import org.navalplanner.web.common.Util;
@ -60,8 +61,14 @@ public class OrderAuthorizationController extends GenericForwardComposer{
this.window = comp;
}
public void setOrder(Order order) {
orderAuthorizationModel.initSetOrder(order);
public void initCreate(Order order) {
orderAuthorizationModel.initCreate(order);
checkCreationPermissions();
Util.reloadBindings(window);
}
public void initEdit(Order order) {
orderAuthorizationModel.initEdit(order);
Util.reloadBindings(window);
}
@ -127,4 +134,19 @@ public class OrderAuthorizationController extends GenericForwardComposer{
public void setMessagesForUserComponent(IMessagesForUser component) {
messagesForUser = component;
}
/**
* Checks the creation permissions of the current user and enables/disables
* the save buttons accordingly.
*/
private void checkCreationPermissions() {
if(SecurityUtils.isUserInRole(UserRole.ROLE_CREATE_ORDER)) {
((Button)window.getFellowIfAny("save")).setDisabled(false);
((Button)window.getFellowIfAny("save_and_continue")).setDisabled(false);
}
else {
((Button)window.getFellowIfAny("save")).setDisabled(true);
((Button)window.getFellowIfAny("save_and_continue")).setDisabled(true);
}
}
}

56
navalplanner-webapp/src/main/java/org/navalplanner/web/users/OrderAuthorizationModel.java
View file

@ -11,12 +11,14 @@ import org.navalplanner.business.common.exceptions.ValidationException;
import org.navalplanner.business.orders.daos.IOrderDAO;
import org.navalplanner.business.orders.entities.Order;
import org.navalplanner.business.users.daos.IOrderAuthorizationDAO;
import org.navalplanner.business.users.daos.IUserDAO;
import org.navalplanner.business.users.entities.OrderAuthorization;
import org.navalplanner.business.users.entities.OrderAuthorizationType;
import org.navalplanner.business.users.entities.Profile;
import org.navalplanner.business.users.entities.ProfileOrderAuthorization;
import org.navalplanner.business.users.entities.User;
import org.navalplanner.business.users.entities.UserOrderAuthorization;
import org.navalplanner.web.security.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
@ -46,6 +48,9 @@ public class OrderAuthorizationModel implements IOrderAuthorizationModel {
@Autowired
private IOrderDAO orderDAO;
@Autowired
private IUserDAO userDAO;
@Override
public List<OrderAuthorizationType> addProfileOrderAuthorization(
Profile profile, List<OrderAuthorizationType> authorizations) {
@ -128,29 +133,48 @@ public class OrderAuthorizationModel implements IOrderAuthorizationModel {
@Override
@Transactional(readOnly = true)
public void initSetOrder(Order order) {
public void initCreate(Order order) {
this.order = order;
initializeLists();
//add write authorization for current user
try {
User user = userDAO.findByLoginName(SecurityUtils.getSessionUserLoginName());
UserOrderAuthorization orderAuthorization =
createUserOrderAuthorization(order, user);
orderAuthorization.setAuthorizationType(OrderAuthorizationType.WRITE_AUTHORIZATION);
userOrderAuthorizationList.add(orderAuthorization);
}
catch(InstanceNotFoundException e) {
//this case shouldn't happen, because it would mean that there isn't a logged user
}
}
@Override
@Transactional(readOnly = true)
public void initEdit(Order order) {
this.order = order;
initializeLists();
//Retrieve the OrderAuthorizations associated with this order
for(OrderAuthorization authorization : dao.listByOrder(order)) {
forceLoadEntities(authorization);
if(authorization instanceof UserOrderAuthorization) {
userOrderAuthorizationList.add(
(UserOrderAuthorization) authorization);
}
if(authorization instanceof ProfileOrderAuthorization) {
profileOrderAuthorizationList.add(
(ProfileOrderAuthorization) authorization);
}
}
}
private void initializeLists() {
profileOrderAuthorizationList =
new ArrayList<ProfileOrderAuthorization>();
userOrderAuthorizationList =
new ArrayList<UserOrderAuthorization>();
orderAuthorizationRemovalList =
new ArrayList<OrderAuthorization>();
if(!order.isNewObject()) {
//Retrieve the OrderAuthorizations associated with this order
for(OrderAuthorization authorization : dao.listByOrder(order)) {
forceLoadEntities(authorization);
if(authorization instanceof UserOrderAuthorization) {
userOrderAuthorizationList.add(
(UserOrderAuthorization) authorization);
}
if(authorization instanceof ProfileOrderAuthorization) {
profileOrderAuthorizationList.add(
(ProfileOrderAuthorization) authorization);
}
}
}
}
private void forceLoadEntities(OrderAuthorization authorization) {

4
navalplanner-webapp/src/main/webapp/orders/_list.zul
View file

@ -35,8 +35,8 @@
<column label="${i18n:_('Operations')}" align="center"/>
</columns>
</grid>
<button id="show_create_form" label="${i18n:_('Create')}"
<button id="show_create_form" label="${i18n:_('Create')}" disabled="true"
onClick="controller.goToCreateForm()" sclass="create-button global-action" />
<button id="create_from_template_button" label="${i18n:_('Create From Template')}" onClick="controller.createOrderFromTemplate()"
sclass="global-action"/>
disabled="true" sclass="global-action"/>
</window>