use of org.mifos.security.util.UserContext in project head by mifos.
the class AccountApplyGroupPaymentAction method applyPayment.
@TransactionDemarcate(validateAndResetToken = true)
@CloseSession
public ActionForward applyPayment(ActionMapping mapping, ActionForm form, HttpServletRequest request, @SuppressWarnings("unused") HttpServletResponse response) throws Exception {
UserContext userContext = (UserContext) SessionUtils.getAttribute(Constants.USER_CONTEXT_KEY, request.getSession());
AccountApplyPaymentActionForm actionForm = (AccountApplyPaymentActionForm) form;
String paymentType = request.getParameter(Constants.INPUT);
Integer accountId;
if (actionForm.getAccountId().isEmpty() || actionForm.getAccountId() == null) {
accountId = loanDao.findByGlobalAccountNum(actionForm.getGlobalAccountNum()).getAccountId();
} else {
accountId = Integer.valueOf(actionForm.getAccountId());
}
UserReferenceDto userReferenceDto = new UserReferenceDto(userContext.getId());
AccountPaymentDto accountPaymentDto = accountServiceFacade.getAccountPaymentInformation(accountId, paymentType, userContext.getLocaleId(), userReferenceDto, actionForm.getTrxnDate());
validateAccountPayment(accountPaymentDto, accountId, request);
validateAmount(accountPaymentDto, actionForm.getAmount());
PaymentTypeDto paymentTypeDto;
String amount = actionForm.getAmount();
if (accountPaymentDto.getAccountType().equals(AccountTypeDto.LOAN_ACCOUNT) || accountPaymentDto.getAccountType().equals(AccountTypeDto.GROUP_LOAN_ACCOUNT)) {
paymentTypeDto = getLoanPaymentTypeDtoForId(Short.valueOf(actionForm.getPaymentTypeId()));
} else {
paymentTypeDto = getFeePaymentTypeDtoForId(Short.valueOf(actionForm.getPaymentTypeId()));
}
AccountPaymentParametersDto accountPaymentParametersDto;
if (isGroupParentAccount(accountId)) {
accountPaymentParametersDto = new AccountPaymentParametersDto(userReferenceDto, new AccountReferenceDto(accountId), new BigDecimal(amount), actionForm.getTrxnDateAsLocalDate(), paymentTypeDto, AccountConstants.NO_COMMENT, actionForm.getReceiptDateAsLocalDate(), actionForm.getReceiptId(), accountPaymentDto.getCustomerDto(), actionForm.getIndividualValues());
} else if (isGroupMemberAccount(accountId)) {
accountPaymentParametersDto = preparePaymentParametersDto(accountId, userReferenceDto, amount, actionForm, paymentTypeDto, userContext, paymentType);
} else {
accountPaymentParametersDto = new AccountPaymentParametersDto(userReferenceDto, new AccountReferenceDto(accountId), new BigDecimal(amount), actionForm.getTrxnDateAsLocalDate(), paymentTypeDto, AccountConstants.NO_COMMENT, actionForm.getReceiptDateAsLocalDate(), actionForm.getReceiptId(), accountPaymentDto.getCustomerDto());
}
if (paymentTypeDto.getValue().equals(this.legacyAcceptedPaymentTypeDao.getSavingsTransferId())) {
this.accountServiceFacade.makePaymentFromSavingsAcc(accountPaymentParametersDto, actionForm.getAccountForTransfer());
} else {
this.accountServiceFacade.makePayment(accountPaymentParametersDto);
}
request.getSession().setAttribute("globalAccountNum", ((AccountApplyPaymentActionForm) form).getGlobalAccountNum());
ActionForward findForward;
if (actionForm.getPrintReceipt()) {
findForward = mapping.findForward(getForward("PRINT"));
} else {
findForward = mapping.findForward(getForward(((AccountApplyPaymentActionForm) form).getInput()));
}
return findForward;
}
use of org.mifos.security.util.UserContext in project head by mifos.
the class AccountApplyPaymentActionForm method validateModeOfPaymentSecurity.
private void validateModeOfPaymentSecurity(HttpServletRequest request, ActionErrors errors) {
UserContext userContext = (UserContext) SessionUtils.getAttribute(Constants.USER_CONTEXT_KEY, request.getSession());
AccountBO account = null;
Short personnelId = userContext.getId();
try {
if (accountId != null) {
account = new AccountBusinessService().getAccount(Integer.valueOf(accountId));
if (account.getPersonnel() != null) {
personnelId = account.getPersonnel().getPersonnelId();
}
}
} catch (NumberFormatException e) {
throw new MifosRuntimeException(e);
} catch (ServiceException e) {
throw new MifosRuntimeException(e);
}
if (getPaymentTypeId().equals("4") && !ActivityMapper.getInstance().isModeOfPaymentSecurity(userContext, personnelId)) {
errors.add(AccountConstants.LOAN_TRANSFER_PERMISSION, new ActionMessage(AccountConstants.LOAN_TRANSFER_PERMISSION, getLocalizedMessage("accounts.mode_of_payment_permission")));
}
}
use of org.mifos.security.util.UserContext in project head by mifos.
the class ApplyAdjustmentActionForm method getUserLocale.
protected Locale getUserLocale(HttpServletRequest request) {
Locale locale = null;
HttpSession session = request.getSession();
if (session != null) {
UserContext userContext = (UserContext) session.getAttribute(LoginConstants.USERCONTEXT);
if (null != userContext) {
locale = userContext.getCurrentLocale();
}
}
return locale;
}
use of org.mifos.security.util.UserContext in project head by mifos.
the class MifosRequestProcessor method checkProcessRoles.
protected boolean checkProcessRoles(HttpServletRequest request, HttpServletResponse response, ActionMapping mapping) {
boolean returnValue = true;
if (request.getSession() != null && request.getSession().getAttribute("UserContext") != null) {
HttpSession session = request.getSession();
ActivityMapper activityMapper = ActivityMapper.getInstance();
String path = mapping.getPath();
String method = request.getParameter("method");
String key = path + "-" + method;
Short activityId = null;
if (null != method && (method.equals("cancel") || method.equals("validate") || method.equals("searchPrev") || method.equals("searchNext"))) {
return true;
}
String activityKey = null;
if (isReportRequest(request)) {
String reportId = request.getParameter("reportId");
activityKey = key + "-" + reportId;
activityId = activityMapper.getActivityId(activityKey);
} else {
activityId = activityMapper.getActivityId(key);
request.setAttribute(Globals.ERROR_KEY, null);
}
if (null == activityId) {
activityKey = path + "-" + request.getParameter("viewPath");
activityId = activityMapper.getActivityId(activityKey);
}
// Check for fine-grained permissions
if (null == activityId) {
activityKey = key + "-" + session.getAttribute(SecurityConstants.SECURITY_PARAM);
activityId = activityMapper.getActivityId(activityKey);
}
if (null == activityId) {
return false;
} else if (activityId.shortValue() == 0) {
return true;
}
returnValue = ApplicationContextProvider.getBean(LegacyRolesPermissionsDao.class).isActivityAllowed((UserContext) session.getAttribute("UserContext"), setActivityContextFromRequest(request, activityId));
}
return returnValue;
}
use of org.mifos.security.util.UserContext in project head by mifos.
the class MifosRequestProcessor method setActivityContextFromRequest.
private ActivityContext setActivityContextFromRequest(HttpServletRequest request, Short activityId) {
HttpSession session = request.getSession();
ActivityContext activityContext = (ActivityContext) session.getAttribute("ActivityContext");
if (activityContext != null) {
// get the values from the request
String recordOfficeId = request.getParameter("recordOfficeId");
String recordLoanOfficerId = request.getParameter("recordLoanOfficerId");
short recordOffId = -1;
short recordLoOffId = -1;
try {
/*
* The null case is if one or both parameters was omitted.
* What's the difference between supplying these as parameters
* versus the UserContext, versus just using what is in the
* ActivityContext?
*/
if (recordOfficeId != null) {
recordOffId = Short.valueOf(recordOfficeId).shortValue();
}
if (recordLoanOfficerId != null) {
recordLoOffId = Short.valueOf(recordLoanOfficerId).shortValue();
}
} catch (NumberFormatException e) {
throw new RuntimeException(e);
}
if (recordOffId > 0 && recordLoOffId > 0) {
activityContext.setRecordOfficeId(recordOffId);
activityContext.setRecordLoanOfficer(recordLoOffId);
} else if (recordOffId == 0 && recordLoOffId == 0) {
if (session.getAttribute("UserContext") != null) {
UserContext uc = (UserContext) session.getAttribute("UserContext");
activityContext.setRecordOfficeId(uc.getBranchId());
activityContext.setRecordLoanOfficer(uc.getId());
}
}
activityContext.setActivityId(activityId);
return activityContext;
} else {
// TODO: Can this happen? Why? Is null right?
return null;
}
}
Aggregations