You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hise-commits@incubator.apache.org by rr...@apache.org on 2010/07/14 15:39:31 UTC
svn commit: r964085 [1/2] - in /incubator/hise/trunk:
hise-services/src/main/java/org/apache/hise/engine/
hise-services/src/main/java/org/apache/hise/engine/jaxws/
hise-test-example-osgi/src/main/java/org/apache/hise/test/
hise-test-example-osgi/src/ma...
Author: rr
Date: Wed Jul 14 15:39:30 2010
New Revision: 964085
URL: http://svn.apache.org/viewvc?rev=964085&view=rev
Log:
HISE-12: Implement permissions for tasks viewing / modifying (Thanks to Michał Więcław)
Added:
incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
Modified:
incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml
incubator/hise/trunk/itest/hise-soapui-project.xml
Added: incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java?rev=964085&view=auto
==============================================================================
--- incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java (added)
+++ incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java Wed Jul 14 15:39:30 2010
@@ -0,0 +1,254 @@
+package org.apache.hise.engine;
+
+
+
+import java.util.Collection;
+import java.util.HashSet;
+
+
+import org.apache.bcel.generic.GETFIELD;
+import org.apache.hise.dao.GenericHumanRole;
+import org.apache.hise.dao.HISEDao;
+import org.apache.hise.dao.OrgEntity;
+import org.apache.hise.dao.TaskOrgEntity;
+import org.apache.hise.runtime.Task;
+/**
+ * Check user authorization to use operation method
+ *
+ * @author MichaÅ WiÄcÅaw
+ *
+ */
+public class TaskChecker {
+
+ /**
+ * Human operation name
+ */
+ public static enum HumanOperationName {
+ //Participant Operations
+ CLAIM,
+ START,
+ STOP,
+ RELEASE,
+ SUSPEND,
+ SUSPEND_UNTIL,
+ RESUME,
+ COMPLETE,
+ REMOVE,
+ FAIL,
+ SET_PRIORITY,
+ ADD_ATTACHMENT,
+ GET_ATTACHMENT_INFOS,
+ GET_ATTACHMENTS,
+ DELETE_ATTACHMENTS,
+ ADD_COMMENT,
+ GET_COMMENTS,
+ SKIP,
+ FORWARD,
+ DELEGATE,
+ GET_RENDERING,
+ GET_RENDERING_TYPES,
+ GET_TASK_INFO,
+ GET_TASK_DESCRIPTION,
+ SET_OUTPUT,
+ DELETE_OUTPUT,
+ SET_FAULT,
+ DELELE_FAULT,
+ GET_INPUT,
+ GET_OUTPUT,
+ GET_FAULT,
+ ACTIVATE,
+ NOMINATE,
+ SET_GENERIC_HUMAN_ROLE
+ }
+
+ /**
+ * check user authorization and give permission to action
+ *
+ * @return true if is permission
+ */
+ static public boolean checkPermission(TaskChecker.HumanOperationName operaionName, String userID, Task task, HISEEngineImpl engine)
+ {
+ Collection<GenericHumanRole> humanRoles = new HashSet<GenericHumanRole>();
+ humanRoles = getGenericHumanRolesForTask(userID, task, engine);
+
+ switch(operaionName){
+ //every group of operations have the same conditions to get permission
+
+ //conditions: user is ActualOwner
+ case COMPLETE:
+ case FAIL:
+ case SET_OUTPUT:
+ case DELETE_OUTPUT:
+ case SET_FAULT:
+ case DELELE_FAULT:
+ if(isActualOwner(userID, task))
+ return true;
+ else return false;
+
+ //conditions: user is PotentialOwner or BusinessOwner or TaskStakeholders
+ case CLAIM:
+ if(isPotentialOwners(humanRoles) || isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is ActualOwner or (is PotentalOwner and task's state is ready)
+ case START:
+ if(isActualOwner(userID, task) || isPotentialOwnersWithReadyState(humanRoles, task))
+ return true;
+ else return false;
+
+ //conditions: user is ActualOwner or BusinessOwner or TaskStakeholders
+ case STOP:
+ case RELEASE:
+ case SET_PRIORITY:
+ case ADD_ATTACHMENT:
+ case DELETE_ATTACHMENTS:
+ case GET_OUTPUT:
+ case GET_FAULT:
+ if(isActualOwner(userID, task) || isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is (PotentalOwner and task's state is ready) or ActualOwner or BusinessOwner or TaskStakeholders
+ case SUSPEND:
+ case SUSPEND_UNTIL:
+ case RESUME:
+ case DELEGATE:
+ if(isPotentialOwnersWithReadyState(humanRoles, task) || isActualOwner(userID, task) ||
+ isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is PotentalOwner or ActualOwner or BusinessOwner or TaskStakeholders
+ case GET_ATTACHMENT_INFOS:
+ case GET_ATTACHMENTS:
+ case ADD_COMMENT:
+ case GET_COMMENTS:
+ case FORWARD:
+ case GET_INPUT:
+ if(isPotentialOwners(humanRoles) || isActualOwner(userID, task) ||
+ isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is TaskInitiator or ActualOwner or BusinessOwner or TaskStakeholders
+ case SKIP:
+ if(isTaskInitiator(userID, task) || isActualOwner(userID, task) ||
+ isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is Recipients
+ case REMOVE:
+ if(isRecipients(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: user is BusinessOwner or TaskStakeholders
+ case ACTIVATE:
+ case NOMINATE:
+ case SET_GENERIC_HUMAN_ROLE:
+ if(isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+ return true;
+ else return false;
+
+ //conditions: none conditions
+ case GET_RENDERING:
+ case GET_RENDERING_TYPES:
+ case GET_TASK_INFO:
+ case GET_TASK_DESCRIPTION:
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Give list of user's GenericHumanRole for Task
+ *
+ * @return list of user's GenericHumanRole
+ */
+ static public Collection<GenericHumanRole> getGenericHumanRolesForTask(String userID, Task task, HISEEngineImpl engine)
+ {
+ Collection<GenericHumanRole> humanRoles = new HashSet<GenericHumanRole>();
+ HISEDao dao = engine.getHiseDao();
+ org.apache.hise.dao.OrgEntity user = dao.find(org.apache.hise.dao.OrgEntity.class, userID);
+
+ Collection<String> userGrupsName = new HashSet<String>();
+
+ for(OrgEntity i : user.getUserGroups()){
+ userGrupsName.add(i.getName());
+ }
+
+ for(TaskOrgEntity i : task.getTaskDto().getPeopleAssignments()){
+ if((i.getType() == TaskOrgEntity.OrgEntityType.USER)&&(i.getName().equals(userID))){
+ humanRoles.add(i.getGenericHumanRole());
+ }
+ else if((i.getType() == TaskOrgEntity.OrgEntityType.GROUP)&&(userGrupsName.contains(i.getName()))){
+ humanRoles.add(i.getGenericHumanRole());
+ }
+ }
+
+ return humanRoles;
+ }
+
+ static private boolean isActualOwner(String userID, Task task)
+ {
+ String actualOwner = task.getTaskDto().getActualOwner();
+ if((actualOwner != null)&&(actualOwner.equals(userID)))
+ return true;
+
+ return false;
+ }
+
+ static private boolean isPotentialOwnersWithReadyState(Collection<GenericHumanRole> humanRoles,Task task)
+ {
+ if((humanRoles.contains(GenericHumanRole.POTENTIALOWNERS)&&
+ (task.getTaskDto().getStatus().equals(org.apache.hise.dao.Task.Status.READY))))
+ return true;
+
+ return false;
+ }
+
+ static private boolean isPotentialOwners(Collection<GenericHumanRole> humanRoles)
+ {
+ if(humanRoles.contains(GenericHumanRole.POTENTIALOWNERS))
+ return true;
+
+ return false;
+ }
+
+ static private boolean isBusinessAdministrator(Collection<GenericHumanRole> humanRoles)
+ {
+ if(humanRoles.contains(GenericHumanRole.BUSINESSADMINISTRATORS))
+ return true;
+
+ return false;
+ }
+
+ static private boolean isTaskStakeholders(Collection<GenericHumanRole> humanRoles)
+ {
+ if(humanRoles.contains(GenericHumanRole.TASKSTAKEHOLDERS))
+ return true;
+
+ return false;
+ }
+
+ static private boolean isTaskInitiator(String userID, Task task)
+ {
+ String taskInitiator = task.getTaskDto().getCreatedBy();
+ if((taskInitiator != null)&&(taskInitiator.equals(userID)))
+ return true;
+
+
+ return false;
+ }
+
+ static private boolean isRecipients(Collection<GenericHumanRole> humanRoles)
+ {
+ if(humanRoles.contains(GenericHumanRole.RECIPIENTS))
+ return true;
+
+ return false;
+ }
+}
\ No newline at end of file
Modified: incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java (original)
+++ incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java Wed Jul 14 15:39:30 2010
@@ -41,6 +41,7 @@ import org.apache.hise.dao.Task.Status;
import org.apache.hise.dao.TaskOrgEntity;
import org.apache.hise.dao.TaskQuery;
import org.apache.hise.engine.HISEEngineImpl;
+import org.apache.hise.engine.TaskChecker;
import org.apache.hise.engine.wsdl.IllegalAccessFault;
import org.apache.hise.engine.wsdl.IllegalArgumentFault;
@@ -146,6 +147,8 @@ public class TaskOperationsImpl implemen
*/
public Object getInput(String identifier, String part) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_INPUT, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
return t.getInput(part);
}
@@ -155,6 +158,8 @@ public class TaskOperationsImpl implemen
*/
public Object getOutput(String identifier, String part) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_OUTPUT, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
return t.getOutput(part);
}
@@ -164,6 +169,8 @@ public class TaskOperationsImpl implemen
*/
public void stop(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.STOP, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -175,6 +182,8 @@ public class TaskOperationsImpl implemen
public void suspend(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SUSPEND, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -186,6 +195,8 @@ public class TaskOperationsImpl implemen
public void suspendUntil(String identifier, TTime time) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SUSPEND_UNTIL, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
Date when = time.getPointOfTime();
if (when == null) {
@@ -203,6 +214,8 @@ public class TaskOperationsImpl implemen
public void remove(String identifier) throws IllegalAccessFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.REMOVE, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
t.remove();
}
@@ -210,6 +223,8 @@ public class TaskOperationsImpl implemen
public void resume(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
// OrgEntity user = loadUser();
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.RESUME, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -225,6 +240,8 @@ public class TaskOperationsImpl implemen
public void claim(String identifier) throws IllegalArgumentFault, IllegalStateFault, IllegalAccessFault {
Task task = Task.load(hiseEngine, Long.valueOf(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.CLAIM, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
task.setCurrentUser(getUserString());
try {
@@ -239,6 +256,8 @@ public class TaskOperationsImpl implemen
public void fail(String identifier, String faultName, Object faultData) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault,
IllegalOperationFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.FAIL, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -251,6 +270,8 @@ public class TaskOperationsImpl implemen
public void forward(String identifier, TOrganizationalEntity organizationalEntity) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.FORWARD, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -268,6 +289,8 @@ public class TaskOperationsImpl implemen
public void release(String identifier) throws IllegalArgumentFault, IllegalStateFault, IllegalAccessFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.RELEASE, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -279,6 +302,8 @@ public class TaskOperationsImpl implemen
public void start(String identifier) throws IllegalArgumentFault, IllegalStateFault, IllegalAccessFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.START, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
try {
@@ -290,6 +315,8 @@ public class TaskOperationsImpl implemen
public void complete(String identifier, Object taskData) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.COMPLETE, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
//TODO set output
//t.setOutput(((Node) taskData).getFirstChild());
@@ -303,6 +330,8 @@ public class TaskOperationsImpl implemen
public void setOutput(String identifier, String part, Object taskData) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task t = Task.load(hiseEngine, Long.valueOf(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_OUTPUT, getUserString(), t, hiseEngine)))
+ throw new IllegalAccessFault();
t.setCurrentUser(getUserString());
t.setOutput(((Node) taskData).getFirstChild());
}
@@ -318,6 +347,8 @@ public class TaskOperationsImpl implemen
*/
public void addComment(String identifier, String text) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ADD_COMMENT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
org.apache.hise.dao.Comment newComment = new Comment(text, taskDto);
// PTODO add setAddedBy
@@ -336,6 +367,8 @@ public class TaskOperationsImpl implemen
*/
public List<TComment> getComments(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_COMMENTS, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
List<TComment> result = convertComments(taskDto);
return result;
@@ -350,6 +383,9 @@ public class TaskOperationsImpl implemen
}
public void activate(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ACTIVATE, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
// TODO Auto-generated method stub
}
@@ -358,6 +394,8 @@ public class TaskOperationsImpl implemen
IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ADD_ATTACHMENT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
org.apache.hise.dao.Attachment newAttachment= new Attachment();
newAttachment.setAccessType(accessType);
@@ -380,14 +418,15 @@ public class TaskOperationsImpl implemen
IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELEGATE, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
-
-
-
}
public void deleteAttachments(String identifier, String attachmentName) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELETE_ATTACHMENTS, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
List<Attachment> attachments=taskDto.getAttachments();
Iterator<Attachment> attachemntIterator=attachments.iterator();
@@ -409,11 +448,19 @@ public class TaskOperationsImpl implemen
}
public void deleteFault(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELELE_FAULT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
+
// TODO Auto-generated method stub
}
public void deleteOutput(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELETE_OUTPUT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
+
// TODO Auto-generated method stub
}
@@ -421,6 +468,8 @@ public class TaskOperationsImpl implemen
public List<TAttachmentInfo> getAttachmentInfos(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_ATTACHMENT_INFOS, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
List<Attachment> attachments=taskDto.getAttachments();
List<TAttachmentInfo> result= new ArrayList<TAttachmentInfo>();
@@ -438,6 +487,8 @@ public class TaskOperationsImpl implemen
public List<TAttachment> getAttachments(String identifier, String attachmentName) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_ATTACHMENTS, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
List<Attachment> attachments=taskDto.getAttachments();
List<TAttachment> result= new ArrayList<TAttachment>();
@@ -468,6 +519,8 @@ public class TaskOperationsImpl implemen
public void nominate(String identifier, TOrganizationalEntity organizationalEntity) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.NOMINATE, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
if(taskDto.getStatus()==Status.CREATED){
TUserlist tUsers=organizationalEntity.getUsers();
@@ -482,18 +535,28 @@ public class TaskOperationsImpl implemen
public void setFault(String identifier, String faultName, Object faultData) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault,
IllegalOperationFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_FAULT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
+
// TODO Auto-generated method stub
}
public void setGenericHumanRole(String identifier, String genericHumanRole, TOrganizationalEntity organizationalEntity) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_GENERIC_HUMAN_ROLE, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
+
// TODO Auto-generated method stub
}
public void setPriority(String identifier, BigInteger priority) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_PRIORITY, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
taskDto.setPriority(priority.intValue());
@@ -504,6 +567,8 @@ public class TaskOperationsImpl implemen
IllegalAccessFault, IllegalStateFault, IllegalArgumentFault,
IllegalOperationFault {
Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SKIP, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
org.apache.hise.dao.Task taskDto = task.getTaskDto();
if(taskDto.isSkippable()){
try {
@@ -517,6 +582,10 @@ public class TaskOperationsImpl implemen
public void getFault(String identifier, Holder<String> faultName, Holder<Object> faultData) throws IllegalArgumentFault, IllegalStateFault,
IllegalOperationFault, IllegalAccessFault {
+ Task task = Task.load(hiseEngine, new Long(identifier));
+ if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_FAULT, getUserString(), task, hiseEngine)))
+ throw new IllegalAccessFault();
+
// TODO Auto-generated method stub
}
Modified: incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java (original)
+++ incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java Wed Jul 14 15:39:30 2010
@@ -74,9 +74,13 @@ public class SampleUsers {
o.getUserGroups().add(someGroup);
hiseEngine.getHiseDao().persist(o);
}
+
+
addUser("user1", "user1pass");
addUser("user2", "user2pass");
+ addUser("user3", "user3pass");
addUser("user5", "user5pass");
+ addUser("user6", "user6pass");
return null;
}
Modified: incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml (original)
+++ incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml Wed Jul 14 15:39:30 2010
@@ -534,6 +534,7 @@ xs:double(htd:getInput("ClaimApprovalReq
<htd:notification name="Notify2">
<htd:interface portType="tns:ClaimApprovalReminderPT" operation="notify"></htd:interface>
<htd:peopleAssignments>
+
<htd:potentialOwners>
<htd:from>
<htd:literal>
@@ -545,6 +546,20 @@ xs:double(htd:getInput("ClaimApprovalReq
</htd:literal>
</htd:from>
</htd:potentialOwners>
+
+ <htd:recipients>
+ <htd:from>
+ <htd:literal>
+ <htd:organizationalEntity>
+ <htd:users>
+ <htd:user>user6</htd:user>
+ </htd:users>
+ </htd:organizationalEntity>
+ </htd:literal>
+ </htd:from>
+ </htd:recipients>
+
+
</htd:peopleAssignments>
<htd:presentationElements>
<htd:name>Notify2Name</htd:name>