use of com.runwaysdk.business.rbac.UserDAOIF in project geoprism-registry by terraframe.
the class UserInfo method applyUserWithRoles.
@Transaction
public static JSONObject applyUserWithRoles(JsonObject account, String[] roleNameArray, boolean isUserInvite) {
GeoprismUser geoprismUser = deserialize(account);
if (roleNameArray != null && roleNameArray.length == 0) {
// TODO : Better Error
throw new AttributeValueException("You're attempting to apply a user with zero roles?", "");
}
/*
* Make sure they have permissions to all these new roles they want to
* assign
*/
if (!isUserInvite && Session.getCurrentSession() != null && Session.getCurrentSession().getUser() != null) {
Set<RoleDAOIF> myRoles = Session.getCurrentSession().getUser().authorizedRoles();
boolean hasSRA = false;
for (RoleDAOIF myRole : myRoles) {
if (RegistryRole.Type.isSRA_Role(myRole.getRoleName())) {
hasSRA = true;
}
}
if (!hasSRA && roleNameArray != null) {
for (String roleName : roleNameArray) {
boolean hasPermission = false;
if (RegistryRole.Type.isOrgRole(roleName) && !RegistryRole.Type.isRootOrgRole(roleName)) {
String orgCodeArg = RegistryRole.Type.parseOrgCode(roleName);
for (RoleDAOIF myRole : myRoles) {
if (RegistryRole.Type.isRA_Role(myRole.getRoleName())) {
String myOrgCode = RegistryRole.Type.parseOrgCode(myRole.getRoleName());
if (myOrgCode.equals(orgCodeArg)) {
hasPermission = true;
break;
}
}
}
} else if (RegistryRole.Type.isSRA_Role(roleName)) {
SRAException ex = new SRAException();
throw ex;
} else {
hasPermission = true;
}
if (!hasPermission) {
OrganizationRAException ex = new OrganizationRAException();
throw ex;
}
}
}
}
// They're not allowed to change the admin username
if (!geoprismUser.isNew()) {
GeoprismUser adminUser = getAdminUser();
if (adminUser != null && adminUser.getOid().equals(geoprismUser.getOid()) && !geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME)) {
// TODO : Better Error
throw new AttributeValueException("You can't change the admin username", RegistryConstants.ADMIN_USER_NAME);
}
}
geoprismUser.apply();
if (roleNameArray != null) {
List<Roles> newRoles = new LinkedList<Roles>();
Set<String> roleIdSet = new HashSet<String>();
for (String roleName : roleNameArray) {
Roles role = Roles.findRoleByName(roleName);
roleIdSet.add(role.getOid());
newRoles.add(role);
}
List<ConfigurationIF> configurations = ConfigurationService.getConfigurations();
for (ConfigurationIF configuration : configurations) {
configuration.configureUserRoles(roleIdSet);
}
UserDAOIF user = UserDAO.get(geoprismUser.getOid());
// Remove existing roles.
Set<RoleDAOIF> userRoles = user.assignedRoles();
for (RoleDAOIF roleDAOIF : userRoles) {
RoleDAO roleDAO = RoleDAO.get(roleDAOIF.getOid()).getBusinessDAO();
if (!(geoprismUser.getUsername().equals(RegistryConstants.ADMIN_USER_NAME) && (roleDAO.getRoleName().equals(RegistryConstants.REGISTRY_SUPER_ADMIN_ROLE) || roleDAO.getRoleName().equals(DefaultConfiguration.ADMIN)))) {
roleDAO.deassignMember(user);
}
}
// Delete existing relationships with Organizations.
QueryFactory qf = new QueryFactory();
OrganizationUserQuery q = new OrganizationUserQuery(qf);
q.WHERE(q.childOid().EQ(geoprismUser.getOid()));
OIterator<? extends OrganizationUser> i = q.getIterator();
i.forEach(r -> r.delete());
/*
* Assign roles and associate with the user
*/
Set<String> organizationSet = new HashSet<String>();
for (Roles role : newRoles) {
RoleDAO roleDAO = (RoleDAO) BusinessFacade.getEntityDAO(role);
roleDAO.assignMember(user);
RegistryRole registryRole = new RegistryRoleConverter().build(role);
if (registryRole != null) {
String organizationCode = registryRole.getOrganizationCode();
if (organizationCode != null && !organizationCode.equals("") && !organizationSet.contains(organizationCode)) {
Organization organization = Organization.getByCode(organizationCode);
organization.addUsers(geoprismUser).apply();
organizationSet.add(organizationCode);
}
}
}
}
UserInfo info = getByUser(geoprismUser);
if (info == null) {
info = new UserInfo();
info.setGeoprismUser(geoprismUser);
} else {
info.lock();
}
if (account.has(UserInfo.ALTFIRSTNAME)) {
info.setAltFirstName(account.get(UserInfo.ALTFIRSTNAME).getAsString());
} else {
info.setAltFirstName("");
}
if (account.has(UserInfo.ALTLASTNAME)) {
info.setAltLastName(account.get(UserInfo.ALTLASTNAME).getAsString());
} else {
info.setAltLastName("");
}
if (account.has(UserInfo.ALTPHONENUMBER)) {
info.setAltPhoneNumber(account.get(UserInfo.ALTPHONENUMBER).getAsString());
} else {
info.setAltPhoneNumber("");
}
if (account.has(UserInfo.POSITION)) {
info.setPosition(account.get(UserInfo.POSITION).getAsString());
} else {
info.setPosition("");
}
if (account.has(UserInfo.DEPARTMENT)) {
info.setDepartment(account.get(UserInfo.DEPARTMENT).getAsString());
} else {
info.setDepartment("");
}
if (account.has(UserInfo.EXTERNALSYSTEMOID)) {
info.setExternalSystemOid(account.get(UserInfo.EXTERNALSYSTEMOID).getAsString());
} else {
info.setExternalSystemOid("");
}
info.apply();
return serialize(geoprismUser, info);
}
Aggregations