You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ha...@apache.org on 2008/01/18 11:27:24 UTC
svn commit: r613123 - in /ofbiz/trunk/specialpurpose/projectmgr: config/
data/ script/org/ofbiz/project/ webapp/projectmgr/WEB-INF/actions/ widget/
Author: hansbak
Date: Fri Jan 18 02:27:22 2008
New Revision: 613123
URL: http://svn.apache.org/viewvc?rev=613123&view=rev
Log:
implemented security levels in the projectmanager in menus/screens and at the service level als provided demo data to test it
Modified:
ofbiz/trunk/specialpurpose/projectmgr/config/ProjectMgrUiLabels.properties
ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoPasswordData.xml
ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectServices.xml
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh
ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectScreens.xml
ofbiz/trunk/specialpurpose/projectmgr/widget/TaskScreens.xml
Modified: ofbiz/trunk/specialpurpose/projectmgr/config/ProjectMgrUiLabels.properties
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/config/ProjectMgrUiLabels.properties?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/config/ProjectMgrUiLabels.properties (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/config/ProjectMgrUiLabels.properties Fri Jan 18 02:27:22 2008
@@ -159,4 +159,8 @@
ProjectMgrCustRequestWorkEffort=CustRequest WorkEffort
ProjectMgrViewPermissionError=You need at least PROJECTMGR_READ permission to view this screen.
ProjectMgrCreateByExistingTask=Link to an existing Task
-ProjectMgrRequestWorkEffortList=Cust Request WorkEffort List
\ No newline at end of file
+ProjectMgrRequestWorkEffortList=Cust Request WorkEffort List
+ProjectMgrNoAccessToProject=You have no access to the project#: ${projectId}
+ProjectMgrNoAccessToTask=You have no access to the task#: ${taskId}
+ProjectMgrNoAccessToTimesheet=You have no access to the timesheet#: ${timesheetId}
+ProjectMgrStatusCannotUpdate=Status does not allow an update
\ No newline at end of file
Modified: ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml Fri Jan 18 02:27:22 2008
@@ -2,7 +2,7 @@
<entity-engine-xml>
<!-- Resources -->
- <!-- Demo Employee1 -->
+ <!-- Demo Employee1 manager -->
<Party partyId="DemoEmployee1" partyTypeId="PERSON" statusId="PARTY_ENABLED" />
<Person partyId="DemoEmployee1" firstName="Peter" lastName="Manager" />
<UserLogin userLoginId="DemoEmployee1" partyId="DemoEmployee1"/>
@@ -12,9 +12,9 @@
<PartyContactMech partyId="DemoEmployee1" contactMechId="9023" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
<PartyRole partyId="DemoEmployee1" roleTypeId="PROJECT_TEAM"/>
- <!-- Demo Employee2 -->
+ <!-- Demo Employee2 analist of project 1-->
<Party partyId="DemoEmployee2" partyTypeId="PERSON" statusId="PARTY_ENABLED" />
- <Person partyId="DemoEmployee2" firstName="Jo" lastName="Analist" />
+ <Person partyId="DemoEmployee2" firstName="Jo" lastName="Analist1" />
<UserLogin userLoginId="DemoEmployee2" partyId="DemoEmployee2"/>
<PartyRole partyId="DemoEmployee2" roleTypeId="EMPLOYEE"/>
<PartyContactMech partyId="DemoEmployee2" contactMechId="9020" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
@@ -22,6 +22,16 @@
<PartyContactMech partyId="DemoEmployee2" contactMechId="9023" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
<PartyRole partyId="DemoEmployee2" roleTypeId="PROJECT_TEAM"/>
+ <!-- Demo Employee3 analist of project 2-->
+ <Party partyId="DemoEmployee3" partyTypeId="PERSON" statusId="PARTY_ENABLED" />
+ <Person partyId="DemoEmployee3" firstName="Tom" lastName="Analist2" />
+ <UserLogin userLoginId="DemoEmployee3" partyId="DemoEmployee3"/>
+ <PartyRole partyId="DemoEmployee3" roleTypeId="EMPLOYEE"/>
+ <PartyContactMech partyId="DemoEmployee3" contactMechId="9020" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
+ <PartyContactMech partyId="DemoEmployee3" contactMechId="9001" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
+ <PartyContactMech partyId="DemoEmployee3" contactMechId="9023" fromDate="2000-01-01 10:01:48.933" roleTypeId="EMPLOYEE" />
+ <PartyRole partyId="DemoEmployee3" roleTypeId="PROJECT_TEAM"/>
+
<!-- Demo Customer1 client for demo project 1-->
<Party partyId="DemoCustomer1" partyTypeId="PERSON" statusId="PARTY_ENABLED" />
<Person partyId="DemoCustomer1" firstName="Sam" lastName="Customer 1" />
@@ -54,8 +64,9 @@
<UserLoginAndSecurityGroup groupId="PROJECTUSER" userLoginId="DemoCustomer2" fromDate="2000-01-01 00:00:00.0"/>
<UserLoginAndSecurityGroup groupId="PROJECTADMIN" userLoginId="DemoEmployee1" fromDate="2000-01-01 00:00:00.0"/>
<UserLoginAndSecurityGroup groupId="PROJECTUSER" userLoginId="DemoEmployee2" fromDate="2000-01-01 00:00:00.0"/>
+ <UserLoginAndSecurityGroup groupId="PROJECTUSER" userLoginId="DemoEmployee3" fromDate="2000-01-01 00:00:00.0"/>
- <!-- First Demo project from customer 1, phases and tasks with estimated time-->
+ <!-- First Demo project from customer 1 and employee 1,2-->
<WorkEffort workEffortId="9000" workEffortTypeId="PROJECT" currentStatusId="_NA_" lastStatusUpdate="2007-12-14 15:07:52.901" scopeEnumId="WES_PUBLIC" workEffortName="Demo Project1 Cust1" revisionNumber="1"/>
<WorkEffortPartyAssignment workEffortId="9000" partyId="admin" statusId="PAS_ASSIGNED" roleTypeId="PROVIDER_MANAGER" fromDate="2007-12-14 16:45:21.831"/>
<WorkEffortPartyAssignment workEffortId="9000" partyId="DemoCustomer1" statusId="PAS_ASSIGNED" roleTypeId="CLIENT_MANAGER" fromDate="2007-12-14 16:45:21.831"/>
@@ -77,12 +88,12 @@
<WorkEffortAssoc workEffortIdFrom="9003" workEffortIdTo="9005" workEffortAssocTypeId="WORK_EFF_DEPENDENCY" sequenceNum="0" fromDate="2000-01-01 00:00:00.0"/>
<WorkEffortAssoc workEffortIdFrom="9005" workEffortIdTo="9006" workEffortAssocTypeId="WORK_EFF_DEPENDENCY" sequenceNum="0" fromDate="2000-01-01 00:00:00.0"/>
- <!-- Second Demo project for customer 2, phases and tasks with estimated time-->
+ <!-- Second Demo project for customer 2 and employee 1,3-->
<WorkEffort workEffortId="9100" workEffortTypeId="PROJECT" currentStatusId="_NA_" lastStatusUpdate="2007-12-14 15:07:52.911" scopeEnumId="WES_PUBLIC" workEffortName="Demo Project2 Cust 2" revisionNumber="1"/>
<WorkEffortPartyAssignment workEffortId="9100" partyId="admin" statusId="PAS_ASSIGNED" roleTypeId="PROVIDER_MANAGER" fromDate="2007-12-14 16:45:21.831"/>
<WorkEffortPartyAssignment workEffortId="9100" partyId="DemoCustomer2" statusId="PAS_ASSIGNED" roleTypeId="CLIENT_MANAGER" fromDate="2007-12-14 16:45:21.831"/>
<WorkEffortPartyAssignment workEffortId="9100" partyId="DemoEmployee1" statusId="PAS_ASSIGNED" roleTypeId="PROVIDER_MANAGER" fromDate="2007-12-14 16:45:21.831"/>
- <WorkEffortPartyAssignment workEffortId="9100" partyId="DemoEmployee2" statusId="PAS_ASSIGNED" roleTypeId="PROVIDER_ANALYST" fromDate="2007-12-14 16:45:21.831"/>
+ <WorkEffortPartyAssignment workEffortId="9100" partyId="DemoEmployee3" statusId="PAS_ASSIGNED" roleTypeId="PROVIDER_ANALYST" fromDate="2007-12-14 16:45:21.831"/>
<WorkEffort workEffortId="9101" workEffortTypeId="PHASE" currentStatusId="_NA_" lastStatusUpdate="2007-12-14 16:45:14.226" workEffortParentId="9100" workEffortName="phase1" revisionNumber="1" />
<WorkEffort workEffortId="9102" workEffortTypeId="TASK" currentStatusId="PTS_CREATED" lastStatusUpdate="2007-12-14 16:45:21.831" workEffortParentId="9101" scopeEnumId="WES_PUBLIC" workEffortName="task1" estimatedStartDate="2007-12-03 00:00:00.0" estimatedCompletionDate="2007-12-05 00:00:00.0" revisionNumber="1" />
<WorkEffortSkillStandard workEffortId="9102" skillTypeId="9000" estimatedDuration="16.0"/>
Modified: ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoPasswordData.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoPasswordData.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoPasswordData.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoPasswordData.xml Fri Jan 18 02:27:22 2008
@@ -1,7 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<entity-engine-xml>
- <UserLogin userLoginId="DemoEmployee1" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoEmployee1"/>
- <UserLogin userLoginId="DemoEmployee2" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoEmployee2"/>
<UserLogin userLoginId="DemoCustomer1" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoCustomer1"/>
<UserLogin userLoginId="DemoCustomer2" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoCustomer2"/>
+ <UserLogin userLoginId="DemoEmployee1" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoEmployee1"/>
+ <UserLogin userLoginId="DemoEmployee2" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoEmployee2"/>
+ <UserLogin userLoginId="DemoEmployee3" currentPassword="47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint="" partyId="DemoEmployee3"/>
</entity-engine-xml>
Modified: ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml Fri Jan 18 02:27:22 2008
@@ -30,10 +30,11 @@
<SecurityPermission description="Update operations in the Project Manager for a project/phase/task the user is member of." permissionId="PROJECTMGR_ROLE_UPDATE"/>
<!-- Role and Task dependent -->
<SecurityPermission description="Be able to create a task (should be member of project)" permissionId="PROJECTMGR_ROLE_TASK_CREATE"/>
- <SecurityPermission description="Be able to assign a task to a resource (should be member of project)" permissionId="PROJECTMGR_ROLE_TASK_ASSIGN"/>
<!-- Timesheet dependent -->
- <SecurityPermission description="Be able to create a weekly timesheet." permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
- <SecurityPermission description="Be able to update(report) on an existing timesheet(should be member of project of the task)" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
+ <SecurityPermission description="Be able to create any weekly timesheet." permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
+ <SecurityPermission description="Be able to update any weekly timesheet." permissionId="PROJECTMGR_TIMESHEET_UPDATE"/>
+ <SecurityPermission description="Be able to create a weekly timesheet for the loginid." permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
+ <SecurityPermission description="Be able to update(report) on an existing own timesheet(should be member of project of the task)" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
<!-- allow the security group FULLADMIN (userlogin 'admin') full access -->
<SecurityGroupPermission groupId="FULLADMIN" permissionId="PROJECTMGR_ADMIN"/>
@@ -41,13 +42,14 @@
<SecurityGroup description="Project Admin group, has update access to own projects." groupId="PROJECTADMIN"/>
<SecurityGroupPermission groupId="PROJECTADMIN" permissionId="PROJECTMGR_ROLE_ADMIN"/>
<SecurityGroupPermission groupId="PROJECTADMIN" permissionId="PROJECTMGR_VIEW"/>
+ <SecurityGroupPermission groupId="PROJECTADMIN" permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
+ <SecurityGroupPermission groupId="PROJECTADMIN" permissionId="PROJECTMGR_TIMESHEET_UPDATE"/>
<SecurityGroup description="Project User group, has read, task create/assign and timesheet create/update access to own projects." groupId="PROJECTUSER"/>
<SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_VIEW"/>
<SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TASK_CREATE"/>
- <SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TASK_ASSIGN"/>
- <SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
+ <SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
<SecurityGroupPermission groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
</entity-engine-xml>
Modified: ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml Fri Jan 18 02:27:22 2008
@@ -24,22 +24,25 @@
<simple-method method-name="projectMgrPermission" short-description="general service to check access to the project component">
<set field="primaryPermission" value="PROJECTMGR"/>
<set field="hasPermission" value="true" type="Boolean"/>
- <if-has-permission permission="PROJECTMGR" action="_ADMIN">
- <field-to-result field-name="hasPermission"/>
- <return/>
- </if-has-permission>
+ <set field="hasNoPermission" value="false" type="Boolean"/>
+
<!-- find object -->
<if-compare field-name="parameters.resourceDescription" value="Timesheet" operator="contains">
<set field="sec_object" value="TIMESHEET"/>
<else>
- <if-compare field-name="parameters.resourceDescription" value="Project" operator="contains">
- <set field="sec_object" value="PROJECT"/>
+ <if-compare field-name="parameters.resourceDescription" value="TimeEntry" operator="contains">
+ <set field="sec_object" value="TIMEENTRY"/>
<else>
- <if-compare field-name="parameters.resourceDescription" value="Phase" operator="contains">
- <set field="sec_object" value="PHASE"/>
+ <if-compare field-name="parameters.resourceDescription" value="Project" operator="contains">
+ <set field="sec_object" value="PROJECT"/>
<else>
- <if-compare field-name="parameters.resourceDescription" value="Task" operator="contains">
- <set field="sec_object" value="TASK"/>
+ <if-compare field-name="parameters.resourceDescription" value="Phase" operator="contains">
+ <set field="sec_object" value="PHASE"/>
+ <else>
+ <if-compare field-name="parameters.resourceDescription" value="Task" operator="contains">
+ <set field="sec_object" value="TASK"/>
+ </if-compare>
+ </else>
</if-compare>
</else>
</if-compare>
@@ -47,63 +50,244 @@
</if-compare>
</else>
</if-compare>
- <log level="always" message="==============security: object: ${sec_object} action: ${parameters.mainAction}"></log>
+
+ <log level="info" message="========security====== action: ${parameters.mainAction} object: ${sec_object} resourceDescription: ${parameters.resourceDescription}"/>
- <field-to-result field-name="hasPermission"/>
- <return/><!-- temporary disable -->
+
+ <!-- PROJECT -->
+ <if-compare field-name="sec_object" value="PROJECT" operator="equals">
+ <log level="info" message="=====Project: ${parameters.projectId}"></log>
+ <if-not-empty field-name="parameters.projectId">
+ <set field="projectId" from-field="parameters.projectId"/>
+ <set field="partyId" from-field="parameters.userLogin.partyId"/>
+ <call-simple-method method-name="checkProjectMembership"/>
+ <if>
+ <condition>
+ <or>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ADMIN"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/></not>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_VIEW"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_VIEW"/></not>
+ <if-compare field-name="parameters.mainAction" value="VIEW" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_VIEW"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ <if-compare field-name="parameters.mainAction" value="VIEW" operator="equals"/>
+ </and>
+ </or>
+ </condition>
+ <then>
+ <field-to-result field-name="hasPermission"/>
+ <return/>
+ </then>
+ <else>
+ <property-to-field resource="ProjectMgrUiLabels" property="ProjectMgrNoAccessToProject" field-name="failMessage"/>
+ <field-to-result field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
+ <return/>
+ </else>
+ </if>
+ <else>
+ <field-to-result field-name="hasPermission"/><!-- projectId empty -->
+ <return/>
+ </else>
+ </if-not-empty>
+ </if-compare>
- <if-compare field-name="sec_object" value="TIMESHEET" operator="equals">
- <if-compare field-name="mainAction" value="CREATE" operator="equals">
- <field-to-result field-name="hasPermission"/>
- <return/>
- </if-compare>
- </if-compare>
+ <!-- TASK -->
+ <if-compare field-name="sec_object" value="TASK" operator="equals">
+ <set field="taskId" from-field="parameters.taskId" default-value="parameters.workEffortId"/>
+ <log level="info" message="=====Task: ${parameters.taskId}"></log>
+ <if-not-empty field-name="parameters.taskId">
+ <set field="taskId" from-field="parameters.workEffortId"/>
+ <set field="partyId" from-field="parameters.userLogin.partyId"/>
+ <call-simple-method method-name="checkProjectMembership"/>
+ <if>
+ <condition>
+ <or>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ADMIN"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/></not>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_VIEW"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_VIEW"/></not>
+ <if-compare field-name="parameters.mainAction" value="VIEW" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_VIEW"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ <if-compare field-name="parameters.mainAction" value="VIEW" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_TASK_CREATE"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ <or>
+ <if-compare field-name="parameters.mainAction" value="CREATE" operator="equals"/>
+ <if-compare field-name="parameters.mainAction" value="UPDATE" operator="equals"/>
+ </or>
+ </and>
+ </or>
+ </condition>
+ <then>
+ <field-to-result field-name="hasPermission"/>
+ <return/>
+ </then>
+ <else>
+ <property-to-field resource="ProjectMgrUiLabels" property="ProjectMgrNoAccessToTask" field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
+ <field-to-result field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
+ <return/>
+ </else>
+ </if>
+ <else>
+ <field-to-result field-name="hasPermission"/><!-- projectId empty -->
+ <return/>
+ </else>
+ </if-not-empty>
+ </if-compare>
-
- <if-has-permission permission="PROJECTMGR" action="_VIEW">
- <if-has-permission permission="PROJECTMGR" action="_ROLE_">
- <!-- object dependent checks here -->
- <if-compare field-name="sec_object" value="PROJECT" operator="not-equals">
- <!-- if not project check if member of task, when not get the projectId -->
- <if-compare field-name="sec_object" value="TASK" operator="equals">
- <!-- check if login party member of the task -->
- <set field="findRel.workEffortId" from-field="sec_id"/>
- <set field="findRel.partyId" from-field="userLogin.partyId"/>
- <find-by-and entity-name="WorkEffortPartyAssignment" map-name="findRel" list-name="assigns"/>
- <filter-list-by-date list-name="assigns" to-list-name="assignsFilt"/>
- <if-not-empty field-name="assignsFilt">
- <field-to-result field-name="hasPermission"/>
- <return/>
- </if-not-empty>
- <set field="getProj.workEffortId" from-field="sec_id"/>
- <else>
- <set field="getProj.phaseId" from-field="sec_id"/>
- </else>
- </if-compare>
- <call-service service-name="getProjectIdAndName" in-map-name="getProj">
- <result-to-field result-name="projectId"/>
- </call-service>
- </if-compare>
- <!-- see if login party member of the project -->
- <set field="findRel.workEffortId" from-field="sec_id"/>
- <set field="findRel.partyId" from-field="userLogin.partyId"/>
- <find-by-and entity-name="WorkEffortPartyAssignment" map-name="findRel" list-name="assigns"/>
- <filter-list-by-date list-name="assigns" to-list-name="assignsFilt"/>
- <if-not-empty field-name="assignsFilt">
+
+ <!-- TIMESHEET -->
+ <if-compare field-name="sec_object" value="TIMESHEET" operator="equals">
+ <if>
+ <condition>
+ <or>
+ <if-has-permission permission="PROJECTMGR_ADMIN"/>
+ <and>
+ <if-has-permission permission="PROJECTMGR_VIEW"/>
+ <if-compare field-name="mainAction" value="VIEW" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_TIMESHEET_CREATE"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_CREATE"/></not>
+ <if-compare field-name="mainAction" value="CREATE" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_TIMESHEET_UPDATE"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/></not>
+ <if-compare field-name="mainAction" value="UPDATE" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
+ <if-compare field-name="mainAction" value="CREATE" operator="equals"/>
+ <if-compare-field field-name="parameters.partyId" to-field-name="parameters.userLogin.userLoginId" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
+ <if-compare field-name="mainAction" value="UPDATE" operator="equals"/>
+ <if-compare-field field-name="parameters.partyId" to-field-name="parameters.userLogin.userLoginId" operator="equals"/>
+ </and>
+ </or>
+ </condition>
+ <then>
<field-to-result field-name="hasPermission"/>
<return/>
- </if-not-empty>
+ </then>
+ <else>
+ <property-to-field resource="ProjectMgrUiLabels" property="ProjectMgrNoAccessToTimesheet" field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
+ <field-to-result field-name="failMessage"/>
+ <return/>
+ </else>
+ </if>
+ </if-compare>
+
+ <!-- TIMEENTRY -->
+ <if-compare field-name="sec_object" value="TIMEENTRY" operator="equals">
+ <if-not-empty field-name="parameters.timesheetId">
+ <entity-one entity-name="TimeSheet" value-name="timesheet"/>
+ <set field="timesheetId" from-field="timesheet.timesheetId"/>
+ <set field="taskId" from-field="parameters.workEffortId"/>
+ <set field="partyId" from-field="timesheet.partyId"/>
+ <call-simple-method method-name="checkProjectMembership"/>
+ <if>
+ <condition>
+ <or>
+ <if-has-permission permission="PROJECTMGR_ADMIN"/>
+ <and>
+ <if-has-permission permission="PROJECTMGR_VIEW"/>
+ <if-compare field-name="mainAction" value="VIEW" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_TIMESHEET_CREATE"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_CREATE"/></not>
+ <if-compare field-name="mainAction" value="CREATE" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_TIMESHEET_UPDATE"/>
+ <not><if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/></not>
+ <if-compare field-name="mainAction" value="UPDATE" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
+ <if-compare field-name="mainAction" value="CREATE" operator="equals"/>
+ <if-compare-field field-name="timesheet.partyId" to-field-name="parameters.userLogin.userLoginId" operator="equals"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ </and>
+ <and>
+ <if-has-permission permission="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
+ <if-compare field-name="mainAction" value="UPDATE" operator="equals"/>
+ <if-compare-field field-name="timesheet.partyId" to-field-name="parameters.userLogin.userLoginId" operator="equals"/>
+ <if-compare field-name="isMember" value="true" operator="equals"/>
+ </and>
+ </or>
+ </condition>
+ <then>
+ <field-to-result field-name="hasPermission"/>
+ <return/>
+ </then>
+ <else>
+ <property-to-field resource="ProjectMgrUiLabels" property="ProjectMgrNoAccessToTimesheet" field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
+ <field-to-result field-name="failMessage"/>
+ <return/>
+ </else>
+ </if>
<else>
- <if-compare field-name="sec_action" value="WRITE" operator="equals">
- <add-error>
- <fail-property resource="ProjectMgrUiLabels" property="noAccess:NeedWriteOrUserAccess"/>
- </add-error>
- </if-compare>
- </else>
- </if-has-permission>
- </if-has-permission>
- <check-errors/>
- <field-to-result field-name="hasPermission"/>
+ <field-to-result field-name="hasPermission"/><!-- no timesheetId nu update/read -->
+ <return/>
+ </else>
+ </if-not-empty>
+ </if-compare>
+
+ <property-to-field resource="CommonUiLabels" property="CommonPermissionThisOperation" field-name="resourceDescription"/>
+ <field-to-result field-name="failMessage"/>
+ <field-to-result field-name="hasNoPermission" result-name="hasPermission"/>
</simple-method>
+ <simple-method method-name="checkProjectMembership" short-description="check if a party is member of a project, input either 'taskId' or 'projectId', returns 'isMember' ">
+ <if-empty field-name="projectId">
+ <set field="getProject.taskId" from-field="taskId"/>
+ <call-service service-name="getProjectIdAndName" in-map-name="getProject">
+ <result-to-field result-name="projectId" field-name="projectId"/>
+ </call-service>
+ </if-empty>
+ <log level="always" message="=======try to find project: ${projectId} for party: ${partyId}"></log>
+ <entity-and entity-name="WorkEffortPartyAssignment" list-name="projectAssigns" filter-by-date="true">
+ <field-map field-name="workEffortId" env-name="projectId"/>
+ <field-map field-name="partyId" env-name="partyId"/>
+ </entity-and>
+ <filter-list-by-date list-name="projectAssigns" to-list-name="projectAssignsDated"/>
+ <if-empty field-name="projectAssignsDated">
+ <log level="always" message="====is not member!!!===="></log>
+ <set field="isMember" value="false" type="Boolean"/>
+ <else>
+ <set field="isMember" value="true" type="Boolean"/>
+ </else>
+ </if-empty>
+ </simple-method>
</simple-methods>
Modified: ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectServices.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectServices.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectServices.xml Fri Jan 18 02:27:22 2008
@@ -95,8 +95,6 @@
</simple-method>
<simple-method method-name="addTaskAssignment" short-description="assign a party to a task however make sure he is member of the related project">
- <set field="partyId" from-field="parameters.partyId"/>
- <call-simple-method method-name="checkProjectMembership"/>
<make-value value-name="newAssign" entity-name="WorkEffortPartyAssignment"/>
<set-pk-fields value-name="newAssign" map-name="parameters"/>
<now-timestamp-to-env env-name="newAssign.fromDate"/>
@@ -194,22 +192,28 @@
<if-compare field-name="parameters.workEffortId" operator="equals" value="Totals">
<return/>
</if-compare>
- <set field="partyId" from-field="timesheet.partyId"/>
- <call-simple-method method-name="checkProjectMembership"/>
-
- <!-- check if party assigned to task, when not add with roletype of project -->
+
+ <!-- check if party assigned to task, when not add with roletype of project, if assigned check status -->
<entity-and entity-name="WorkEffortPartyAssignment" list-name="assigns" filter-by-date="true">
- <field-map field-name="workEffortId" env-name="project.workEffortId"/>
+ <field-map field-name="workEffortId" env-name="parameters.workEffortId"/>
<field-map field-name="partyId" env-name="timesheet.partyId"/>
</entity-and>
- <!-- also needed for status update lateron -->
- <set field="parameters.partyId" from-field="timesheet.partyId"/>
<if-empty field-name="assigns">
+ <set field="getpr.taskId" from-field="parameters.workEffortId"/>
+ <call-service service-name="getProjectIdAndName" in-map-name="getpr">
+ <result-to-field result-name="projectId"/>
+ </call-service>
+ <entity-and entity-name="WorkEffortPartyAssignment" list-name="projectAssigns" filter-by-date="true">
+ <field-map field-name="workEffortId" env-name="projectId"/>
+ <field-map field-name="partyId" env-name="timesheet.partyId"/>
+ </entity-and>
<first-from-list entry-name="projectAssign" list-name="projectAssigns"/>
+ <set field="parameters.partyId" from-field="timesheet.partyId"/>
<set field="parameters.roleTypeId" from-field="projectAssign.roleTypeId"/>
<set field="parameters.statusId" value="PAS_ASSIGNED"/>
<call-simple-method method-name="assignPartyToWorkEffort" xml-resource="component://workeffort/script/org/ofbiz/workeffort/workeffort/WorkEffortSimpleServices.xml"/>
</if-empty>
+ <check-errors/>
<!-- check if the actual start date is set, when not set it to todays date -->
<if-empty field-name="project.actualStartDate">
@@ -264,10 +268,12 @@
</if-compare>
</if-not-empty>
</loop>
+
<!-- update the assignment status -->
<if-compare field-name="parameters.checkComplete" value="Y" operator="equals">
<entity-one entity-name="WorkEffortPartyAssignment" value-name="alreadyAssign"/>
<if-compare field-name="alreadyAssign.statusId" value="PAS_COMPLETED" operator="not-equals">
+ <set field="parameters.partyId" from-field="timesheet.partyId"/>
<set field="parameters.statusId" value="PAS_COMPLETED"/>
<call-simple-method method-name="updateTaskAssigment"/>
</if-compare>
@@ -891,19 +897,5 @@
</else>
</if-not-empty>
</simple-method>
- <simple-method method-name="checkProjectMembership" short-description="check if a party is member of a project">
- <set field="getProject.taskId" from-field="parameters.workEffortId"/>
- <call-service service-name="getProjectIdAndName" in-map-name="getProject">
- <result-to-field result-name="projectId" field-name="projectId"/>
- </call-service>
- <entity-and entity-name="WorkEffortPartyAssignment" list-name="projectAssigns" filter-by-date="true">
- <field-map field-name="workEffortId" env-name="projectId"/>
- <field-map field-name="partyId" env-name="partyId"/>
- </entity-and>
- <filter-list-by-date list-name="projectAssigns" to-list-name="projectAssignsDated"/>
- <if-empty field-name="projectAssignsDated">
- <add-error><fail-message message="Party: ${partyId} is not part of project: ${project.projectName} with task: ${project.workEffortName}"/></add-error>
- <check-errors/>
- </if-empty>
- </simple-method>
+
</simple-methods>
Modified: ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh Fri Jan 18 02:27:22 2008
@@ -43,7 +43,7 @@
// show the requested timesheet, otherwise the current , if not exist create
timesheet = null;
timesheetId = parameters.get("timesheetId");
-Debug.logInfo("====editweek: " + partyId + " timesheetId: " + timesheetId, "");
+// Debug.logInfo("====editweek: " + partyId + " timesheetId: " + timesheetId, "");
if (timesheetId != null) {
timesheet = delegator.findByPrimaryKey("Timesheet", UtilMisc.toMap("timesheetId", timesheetId));
partyId = timesheet.getString("partyId"); // use the party from this timesheet
Modified: ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectScreens.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectScreens.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectScreens.xml Fri Jan 18 02:27:22 2008
@@ -18,8 +18,8 @@
under the License.
-->
-<screens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/widget-screen.xsd">
+<screens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/widget-screen.xsd">
<screen name="ListSubProjects">
<section>
<actions>
Modified: ofbiz/trunk/specialpurpose/projectmgr/widget/TaskScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/widget/TaskScreens.xml?rev=613123&r1=613122&r2=613123&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/widget/TaskScreens.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/widget/TaskScreens.xml Fri Jan 18 02:27:22 2008
@@ -18,8 +18,8 @@
under the License.
-->
-<screens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/widget-screen.xsd">
+<screens xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/widget-screen.xsd">
<screen name="Dependencies">
<section>
<actions>
@@ -197,7 +197,10 @@
<include-form name="FindTask" location="component://projectmgr/widget/forms/TaskForms.xml"/>
<section>
<condition>
- <if-empty field-name="parameters.partyId"/>
+ <or>
+ <if-has-permission permission="PROJECTMGR_ADMIN"/>
+ <if-has-permission permission="PROJECTMGR_VIEW"/>
+ </or>
</condition>
<actions>
<set field="entityName" value="ProjectAndPhaseAndTask"/>
@@ -208,12 +211,14 @@
</section>
<section>
<condition>
- <not>
- <if-empty field-name="parameters.partyId"/>
- </not>
+ <or>
+ <if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/>
+ <if-has-permission permission="PROJECTMGR_ROLE_VIEW"/>
+ </or>
</condition>
<actions>
- <set field="entityName" value="ProjectAndPhaseAndTaskParty"/>
+ <set field="entityName" value="ProjectPartyAndPhaseAndTask"/>
+ <set field="parameters.partyId" from-field="context.userLogin.partyId"/>
</actions>
<widgets>
<include-form name="ListTasks" location="component://projectmgr/widget/forms/TaskForms.xml"/>