Configure permissions for ROLE_BOUND_USER

Only bound users will have access to page "Personal Area > Home". Moreover bound users will have access to expenses sheet edition form, even if they don't have access to "Cost > Expenses" page. Finally users with role ROLE_SUERUSER, ROLE_SUERUSER or ROLE_TIMESHEETS will have access to monthly timesheets edition page. FEA: ItEr76S30PermissionsEnhancements
2012-06-15 12:54:26 +02:00 · 2012-06-15 12:54:26 +02:00 · b6889f7e7b
commit b6889f7e7b
parent 787355428a
2 changed files with 9 additions and 3 deletions
--- a/libreplan-webapp/src/main/java/org/libreplan/web/common/CustomMenuController.java
+++ b/libreplan-webapp/src/main/java/org/libreplan/web/common/CustomMenuController.java
@ -495,8 +495,10 @@ public class CustomMenuController extends Div implements IMenuItemsRegister {
        }

        List<CustomMenuItem> personalAreaItems = new ArrayList<CustomMenuItem>();
-        personalAreaItems.add(subItem(_("Home"),
-                "/myaccount/userDashboard.zul", ""));
+        if (SecurityUtils.isUserInRole(UserRole.ROLE_BOUND_USER)) {
+            personalAreaItems.add(subItem(_("Home"),
+                    "/myaccount/userDashboard.zul", ""));
+        }
        personalAreaItems.add(subItem(_("Preferences"),
                "/myaccount/settings.zul", ""));
        personalAreaItems.add(subItem(_("Change Password"),
--- a/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
+++ b/libreplan-webapp/src/main/resources/libreplan-webapp-spring-security-config.xml
@ -74,7 +74,7 @@
        <intercept-url pattern="/workreports/workReportTypes.zul"
            access="ROLE_SUPERUSER,ROLE_TIMESHEETS_TEMPLATES" />
        <intercept-url pattern="/expensesheet/*"
-            access="ROLE_SUPERUSER,ROLE_EXPENSES" />
+            access="ROLE_SUPERUSER,ROLE_EXPENSES,ROLE_BOUND_USER" />
        <intercept-url pattern="/costcategories/*"
            access="ROLE_SUPERUSER,ROLE_COST_CATEGORIES" />
        <intercept-url pattern="/typeofworkhours/*"
@ -113,6 +113,10 @@
            access="ROLE_SUPERUSER,ROLE_TASK_SCHEDULING_STATUS_IN_PROJECT_REPORT" />
        <intercept-url pattern="/reports/timeLineMaterialReport.zul"
            access="ROLE_SUPERUSER,ROLE_MATERIALS_NEED_AT_DATE_REPORT" />
+        <intercept-url pattern="/myaccount/userDashboard.zul"
+            access="ROLE_BOUND_USER" />
+        <intercept-url pattern="/myaccount/monthlyTimesheet.zul"
+            access="ROLE_SUPERUSER,ROLE_TIMESHEETS,ROLE_BOUND_USER" />

        <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />