Search in sources :

Example 1 with UserDAOIF

use of com.runwaysdk.business.rbac.UserDAOIF in project geoprism-registry by terraframe.

the class UserInfo method applyUserWithRoles.

@Transaction
public static JSONObject applyUserWithRoles(JsonObject account, String[] roleNameArray, boolean isUserInvite) {
    GeoprismUser geoprismUser = deserialize(account);
    if (roleNameArray != null && roleNameArray.length == 0) {
        // TODO : Better Error
        throw new AttributeValueException("You're attempting to apply a user with zero roles?", "");
    }
    /*
     * Make sure they have permissions to all these new roles they want to
     * assign
     */
    if (!isUserInvite && Session.getCurrentSession() != null && Session.getCurrentSession().getUser() != null) {
        Set<RoleDAOIF> myRoles = Session.getCurrentSession().getUser().authorizedRoles();
        boolean hasSRA = false;
        for (RoleDAOIF myRole : myRoles) {
            if (RegistryRole.Type.isSRA_Role(myRole.getRoleName())) {
                hasSRA = true;
            }
        }
        if (!hasSRA && roleNameArray != null) {
            for (String roleName : roleNameArray) {
                boolean hasPermission = false;
                if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
                    String orgCodeArg = RegistryRole.Type.parseOrgCode(roleName);
                    for (RoleDAOIF myRole : myRoles) {
                        if (RegistryRole.Type.isRA_Role(myRole.getRoleName())) {
                            String myOrgCode = RegistryRole.Type.parseOrgCode(myRole.getRoleName());
                            if (myOrgCode.equals(orgCodeArg)) {
                                hasPermission = true;
                                break;
                            }
                        }
                    }
                } else if (RegistryRole.Type.isSRA_Role(roleName)) {
                    SRAException ex = new SRAException();
                    throw ex;
                } else {
                    hasPermission = true;
                }
                if (!hasPermission) {
                    OrganizationRAException ex = new OrganizationRAException();
                    throw ex;
                }
            }
        }
    }
    // They're not allowed to change the admin username
    if (!geoprismUser.isNew()) {
        GeoprismUser adminUser = getAdminUser();
        if (adminUser != null && adminUser.getOid().equals(geoprismUser.getOid()) && !geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME)) {
            // TODO : Better Error
            throw new AttributeValueException("You can't change the admin username", RegistryConstants.ADMIN_USER_NAME);
        }
    }
    geoprismUser.apply();
    if (roleNameArray != null) {
        List<Roles> newRoles = new LinkedList<Roles>();
        Set<String> roleIdSet = new HashSet<String>();
        for (String roleName : roleNameArray) {
            Roles role = Roles.findRoleByName(roleName);
            roleIdSet.add(role.getOid());
            newRoles.add(role);
        }
        List<ConfigurationIF> configurations = ConfigurationService.getConfigurations();
        for (ConfigurationIF configuration : configurations) {
            configuration.configureUserRoles(roleIdSet);
        }
        UserDAOIF user = UserDAO.get(geoprismUser.getOid());
        // Remove existing roles.
        Set<RoleDAOIF> userRoles = user.assignedRoles();
        for (RoleDAOIF roleDAOIF : userRoles) {
            RoleDAO roleDAO = RoleDAO.get(roleDAOIF.getOid()).getBusinessDAO();
            if (!(geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME) && (roleDAO.getRoleName().equals(RegistryConstants.REGISTRY_SUPER_ADMIN_ROLE) || roleDAO.getRoleName().equals(DefaultConfiguration.ADMIN)))) {
                roleDAO.deassignMember(user);
            }
        }
        // Delete existing relationships with Organizations.
        QueryFactory qf = new QueryFactory();
        OrganizationUserQuery q = new OrganizationUserQuery(qf);
        q.WHERE(q.childOid().EQ(geoprismUser.getOid()));
        OIterator<? extends OrganizationUser> i = q.getIterator();
        i.forEach(r -> r.delete());
        /*
       * Assign roles and associate with the user
       */
        Set<String> organizationSet = new HashSet<String>();
        for (Roles role : newRoles) {
            RoleDAO roleDAO = (RoleDAO) BusinessFacade.getEntityDAO(role);
            roleDAO.assignMember(user);
            RegistryRole registryRole = new RegistryRoleConverter().build(role);
            if (registryRole != null) {
                String organizationCode = registryRole.getOrganizationCode();
                if (organizationCode != null && !organizationCode.equals("") && !organizationSet.contains(organizationCode)) {
                    Organization organization = Organization.getByCode(organizationCode);
                    organization.addUsers(geoprismUser).apply();
                    organizationSet.add(organizationCode);
                }
            }
        }
    }
    UserInfo info = getByUser(geoprismUser);
    if (info == null) {
        info = new UserInfo();
        info.setGeoprismUser(geoprismUser);
    } else {
        info.lock();
    }
    if (account.has(UserInfo.ALTFIRSTNAME)) {
        info.setAltFirstName(account.get(UserInfo.ALTFIRSTNAME).getAsString());
    } else {
        info.setAltFirstName("");
    }
    if (account.has(UserInfo.ALTLASTNAME)) {
        info.setAltLastName(account.get(UserInfo.ALTLASTNAME).getAsString());
    } else {
        info.setAltLastName("");
    }
    if (account.has(UserInfo.ALTPHONENUMBER)) {
        info.setAltPhoneNumber(account.get(UserInfo.ALTPHONENUMBER).getAsString());
    } else {
        info.setAltPhoneNumber("");
    }
    if (account.has(UserInfo.POSITION)) {
        info.setPosition(account.get(UserInfo.POSITION).getAsString());
    } else {
        info.setPosition("");
    }
    if (account.has(UserInfo.DEPARTMENT)) {
        info.setDepartment(account.get(UserInfo.DEPARTMENT).getAsString());
    } else {
        info.setDepartment("");
    }
    if (account.has(UserInfo.EXTERNALSYSTEMOID)) {
        info.setExternalSystemOid(account.get(UserInfo.EXTERNALSYSTEMOID).getAsString());
    } else {
        info.setExternalSystemOid("");
    }
    info.apply();
    return serialize(geoprismUser, info);
}
Also used : RegistryRole(org.commongeoregistry.adapter.metadata.RegistryRole) QueryFactory(com.runwaysdk.query.QueryFactory) Roles(com.runwaysdk.system.Roles) AttributeValueException(com.runwaysdk.dataaccess.attributes.AttributeValueException) LinkedList(java.util.LinkedList) ConfigurationIF(net.geoprism.ConfigurationIF) RegistryRoleConverter(net.geoprism.registry.conversion.RegistryRoleConverter) RoleDAO(com.runwaysdk.business.rbac.RoleDAO) GeoprismUser(net.geoprism.GeoprismUser) RoleDAOIF(com.runwaysdk.business.rbac.RoleDAOIF) UserDAOIF(com.runwaysdk.business.rbac.UserDAOIF) HashSet(java.util.HashSet) Transaction(com.runwaysdk.dataaccess.transaction.Transaction)

Aggregations

RoleDAO (com.runwaysdk.business.rbac.RoleDAO)1 RoleDAOIF (com.runwaysdk.business.rbac.RoleDAOIF)1 UserDAOIF (com.runwaysdk.business.rbac.UserDAOIF)1 AttributeValueException (com.runwaysdk.dataaccess.attributes.AttributeValueException)1 Transaction (com.runwaysdk.dataaccess.transaction.Transaction)1 QueryFactory (com.runwaysdk.query.QueryFactory)1 Roles (com.runwaysdk.system.Roles)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 ConfigurationIF (net.geoprism.ConfigurationIF)1 GeoprismUser (net.geoprism.GeoprismUser)1 RegistryRoleConverter (net.geoprism.registry.conversion.RegistryRoleConverter)1 RegistryRole (org.commongeoregistry.adapter.metadata.RegistryRole)1