Configuring permissions to access and to save the expenses

sheet with the role "Expenses tracking allowed". FEA: ItEr76S22ExpenseTrackingSystem
2012-04-20 18:38:10 +01:00 · 2012-04-20 18:38:10 +01:00 · 8445e59185
commit 8445e59185
parent aac024645b
3 changed files with 8 additions and 2 deletions
--- a/libreplan-business/src/main/java/org/libreplan/business/users/entities/UserRole.java
+++ b/libreplan-business/src/main/java/org/libreplan/business/users/entities/UserRole.java
@ -35,7 +35,8 @@ public enum UserRole {
    ROLE_WS_WRITER(_("Web service writer")),
    ROLE_READ_ALL_ORDERS(_("All projects read allowed")),
    ROLE_EDIT_ALL_ORDERS(_("All projects edition allowed")),
-    ROLE_CREATE_ORDER(_("Project creation allowed"));
+    ROLE_CREATE_ORDER(_("Project creation allowed")),
+    ROLE_EXPENSE_TRACKING(_("Expenses tracking allowed"));

    private final String displayName;

--- a/libreplan-webapp/src/main/java/org/libreplan/web/common/CustomMenuController.java
+++ b/libreplan-webapp/src/main/java/org/libreplan/web/common/CustomMenuController.java
@ -298,7 +298,11 @@ public class CustomMenuController extends Div implements IMenuItemsRegister {
        resourcesItems.add(subItem(_("Machines"), "/resources/machine/machines.zul","05-recursos.html#xesti-n-de-m-quinas"));
        resourcesItems.add(subItem(_("Virtual Workers Groups"),"/resources/worker/virtualWorkers.zul","05-recursos.html#xesti-n-de-traballadores"));
        resourcesItems.add(subItem(_("Work Reports"), "/workreports/workReport.zul", "09-partes.html#id3"));
-        resourcesItems.add(subItem(_("Expense Tracking"), "/expensesheet/expenseSheet.zul", ""));
+        if ((SecurityUtils.isUserInRole(UserRole.ROLE_ADMINISTRATION))
+                || (SecurityUtils.isUserInRole(UserRole.ROLE_EXPENSE_TRACKING))) {
+            resourcesItems
+                    .add(subItem(_("Expense Tracking"), "/expensesheet/expenseSheet.zul", ""));
+        }
        if (SecurityUtils.isUserInRole(UserRole.ROLE_ADMINISTRATION)) {
            resourcesItems.add(subItem(_("Companies"), "/externalcompanies/externalcompanies.zul",""));
        }
--- a/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
+++ b/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
@ -52,6 +52,7 @@
            access="ROLE_ADMINISTRATION" />
        <intercept-url pattern="/workreports/workReportTypes.zul"
            access="ROLE_ADMINISTRATION" />
+        <intercept-url pattern="/expensesheet/**" access="ROLE_ADMINISTRATION,ROLE_EXPENSE_TRACKING"/>
        <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />
        <form-login login-page="/common/layout/login.zul"
            authentication-failure-url="/common/layout/login.zul?login_error=true" />