incubator-hise-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r.@apache.org
Subject svn commit: r964085 [1/2] - in /incubator/hise/trunk: hise-services/src/main/java/org/apache/hise/engine/ hise-services/src/main/java/org/apache/hise/engine/jaxws/ hise-test-example-osgi/src/main/java/org/apache/hise/test/ hise-test-example-osgi/src/ma...
Date Wed, 14 Jul 2010 15:39:31 GMT
Author: rr
Date: Wed Jul 14 15:39:30 2010
New Revision: 964085

URL: http://svn.apache.org/viewvc?rev=964085&view=rev
Log:
HISE-12: Implement permissions for tasks viewing / modifying (Thanks to Michał Więcław)

Added:
    incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
Modified:
    incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
    incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
    incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml
    incubator/hise/trunk/itest/hise-soapui-project.xml

Added: incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java?rev=964085&view=auto
==============================================================================
--- incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
(added)
+++ incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/TaskChecker.java
Wed Jul 14 15:39:30 2010
@@ -0,0 +1,254 @@
+package org.apache.hise.engine;
+
+
+
+import java.util.Collection;
+import java.util.HashSet;
+
+
+import org.apache.bcel.generic.GETFIELD;
+import org.apache.hise.dao.GenericHumanRole;
+import org.apache.hise.dao.HISEDao;
+import org.apache.hise.dao.OrgEntity;
+import org.apache.hise.dao.TaskOrgEntity;
+import org.apache.hise.runtime.Task;
+/**
+ * Check user authorization to use operation method 
+ * 
+ * @author Michał Więcław
+ *
+ */
+public class TaskChecker {
+	
+	/**
+	 * Human operation name
+	 */
+	public static enum HumanOperationName {
+			//Participant Operations
+	      CLAIM,
+	      START,
+	      STOP,
+	      RELEASE,
+	      SUSPEND,
+	      SUSPEND_UNTIL,
+	      RESUME,
+	      COMPLETE,
+	      REMOVE,
+	      FAIL,
+	      SET_PRIORITY,
+	      ADD_ATTACHMENT,
+	      GET_ATTACHMENT_INFOS,
+	      GET_ATTACHMENTS,
+	      DELETE_ATTACHMENTS,
+	      ADD_COMMENT,
+	      GET_COMMENTS,
+	      SKIP,
+	      FORWARD,
+	      DELEGATE,
+	      GET_RENDERING,
+	      GET_RENDERING_TYPES,
+	      GET_TASK_INFO,
+	      GET_TASK_DESCRIPTION,
+	      SET_OUTPUT,
+	      DELETE_OUTPUT,
+	      SET_FAULT,
+	      DELELE_FAULT,
+	      GET_INPUT,
+	      GET_OUTPUT,
+	      GET_FAULT,
+	      ACTIVATE,
+	      NOMINATE,
+	      SET_GENERIC_HUMAN_ROLE
+	}
+	
+	/**
+	 * check user authorization and give permission to action
+	 * 
+	 * @return true if is permission
+	 */
+	static public boolean checkPermission(TaskChecker.HumanOperationName operaionName, String
userID, Task task, HISEEngineImpl engine)
+	{
+		Collection<GenericHumanRole> humanRoles = new HashSet<GenericHumanRole>();
+		humanRoles = getGenericHumanRolesForTask(userID, task, engine);
+		
+		switch(operaionName){
+			//every group of operations have the same conditions to get permission 
+		
+				//conditions: user is ActualOwner
+			case COMPLETE:
+			case FAIL:
+			case SET_OUTPUT:
+			case DELETE_OUTPUT:
+			case SET_FAULT:
+			case DELELE_FAULT:
+				if(isActualOwner(userID, task)) 
+					return true;
+				else return false;
+			
+				//conditions: user is PotentialOwner or BusinessOwner or TaskStakeholders
+			case CLAIM:
+				if(isPotentialOwners(humanRoles) || isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+					return true;
+				else return false;
+				
+				//conditions: user is ActualOwner or (is PotentalOwner and task's state is ready)
+			case START:
+				if(isActualOwner(userID, task) || isPotentialOwnersWithReadyState(humanRoles, task))
+					return true;
+				else return false;
+				
+				//conditions: user is ActualOwner or BusinessOwner or TaskStakeholders
+			case STOP:
+			case RELEASE:
+			case SET_PRIORITY:
+			case ADD_ATTACHMENT:
+			case DELETE_ATTACHMENTS:
+			case GET_OUTPUT:
+			case GET_FAULT:
+				if(isActualOwner(userID, task) || isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+					return true;
+				else return false;
+				
+				//conditions: user is (PotentalOwner and task's state is ready) or ActualOwner or BusinessOwner
or TaskStakeholders
+			case SUSPEND:
+			case SUSPEND_UNTIL:
+			case RESUME:
+			case DELEGATE:
+				if(isPotentialOwnersWithReadyState(humanRoles, task) || isActualOwner(userID, task) ||
+					isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+						return true;
+				else return false;
+			
+				//conditions: user is PotentalOwner or ActualOwner or BusinessOwner or TaskStakeholders

+			case GET_ATTACHMENT_INFOS:
+			case GET_ATTACHMENTS:
+			case ADD_COMMENT:
+			case GET_COMMENTS:
+			case FORWARD:
+			case GET_INPUT:
+				if(isPotentialOwners(humanRoles) || isActualOwner(userID, task) ||
+					isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+						return true;
+				else return false;
+				
+				//conditions: user is TaskInitiator or ActualOwner or BusinessOwner or TaskStakeholders

+			case SKIP:
+				if(isTaskInitiator(userID, task) || isActualOwner(userID, task) ||
+					isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+						return true;
+				else return false;
+				
+				//conditions: user is Recipients
+			case REMOVE:
+				if(isRecipients(humanRoles))
+					return true;
+				else return false;
+				
+				//conditions: user is BusinessOwner or TaskStakeholders 
+			case ACTIVATE:
+			case NOMINATE:
+			case SET_GENERIC_HUMAN_ROLE:
+				if(isBusinessAdministrator(humanRoles) || isTaskStakeholders(humanRoles))
+					return true;
+				else return false;
+				
+				//conditions: none conditions 
+			case GET_RENDERING:
+			case GET_RENDERING_TYPES:
+			case GET_TASK_INFO:
+			case GET_TASK_DESCRIPTION:
+				return true;
+		}
+		
+		return false;
+	}
+	
+	/**
+	 * Give list of user's GenericHumanRole for Task
+	 * 
+	 * @return list of user's GenericHumanRole
+	 */
+	static public Collection<GenericHumanRole> getGenericHumanRolesForTask(String userID,
Task task, HISEEngineImpl engine)
+	{
+		Collection<GenericHumanRole> humanRoles = new HashSet<GenericHumanRole>();
+		HISEDao dao = engine.getHiseDao();
+		org.apache.hise.dao.OrgEntity user = dao.find(org.apache.hise.dao.OrgEntity.class, userID);
+		
+		Collection<String> userGrupsName = new HashSet<String>();
+		
+		for(OrgEntity i : user.getUserGroups()){
+			userGrupsName.add(i.getName());
+		}
+		
+		for(TaskOrgEntity i : task.getTaskDto().getPeopleAssignments()){
+			if((i.getType() == TaskOrgEntity.OrgEntityType.USER)&&(i.getName().equals(userID))){
+				humanRoles.add(i.getGenericHumanRole());
+			}
+			else if((i.getType() == TaskOrgEntity.OrgEntityType.GROUP)&&(userGrupsName.contains(i.getName()))){
+				humanRoles.add(i.getGenericHumanRole());
+			}
+		}
+		
+		return humanRoles;
+	}
+	
+	static private boolean isActualOwner(String userID, Task task)
+	{
+		String actualOwner = task.getTaskDto().getActualOwner();
+		if((actualOwner != null)&&(actualOwner.equals(userID))) 
+			return true;
+		
+		return false;
+	}
+	
+	static private boolean isPotentialOwnersWithReadyState(Collection<GenericHumanRole>
humanRoles,Task task)
+	{	
+		if((humanRoles.contains(GenericHumanRole.POTENTIALOWNERS)&&
+			(task.getTaskDto().getStatus().equals(org.apache.hise.dao.Task.Status.READY)))) 
+				return true;
+		
+		return false;
+	}
+	
+	static private boolean isPotentialOwners(Collection<GenericHumanRole> humanRoles)
+	{		
+		if(humanRoles.contains(GenericHumanRole.POTENTIALOWNERS)) 
+			return true;
+		
+		return false;
+	}
+	
+	static private boolean isBusinessAdministrator(Collection<GenericHumanRole> humanRoles)
+	{
+		if(humanRoles.contains(GenericHumanRole.BUSINESSADMINISTRATORS))
+			return true;
+		
+		return false;
+	}
+    
+	static private boolean isTaskStakeholders(Collection<GenericHumanRole> humanRoles)
+	{
+		if(humanRoles.contains(GenericHumanRole.TASKSTAKEHOLDERS))
+			return true;
+		
+		return false;
+	}
+	
+	static private boolean isTaskInitiator(String userID, Task task)
+	{
+		String taskInitiator = task.getTaskDto().getCreatedBy();
+		if((taskInitiator != null)&&(taskInitiator.equals(userID)))
+			return true;
+		
+		
+		return false;
+	}
+
+	static private boolean isRecipients(Collection<GenericHumanRole> humanRoles)
+	{
+		if(humanRoles.contains(GenericHumanRole.RECIPIENTS))
+			return true;
+		
+		return false;
+	}
+}
\ No newline at end of file

Modified: incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
(original)
+++ incubator/hise/trunk/hise-services/src/main/java/org/apache/hise/engine/jaxws/TaskOperationsImpl.java
Wed Jul 14 15:39:30 2010
@@ -41,6 +41,7 @@ import org.apache.hise.dao.Task.Status;
 import org.apache.hise.dao.TaskOrgEntity;
 import org.apache.hise.dao.TaskQuery;
 import org.apache.hise.engine.HISEEngineImpl;
+import org.apache.hise.engine.TaskChecker;
 
 import org.apache.hise.engine.wsdl.IllegalAccessFault;
 import org.apache.hise.engine.wsdl.IllegalArgumentFault;
@@ -146,6 +147,8 @@ public class TaskOperationsImpl implemen
      */
     public Object getInput(String identifier, String part) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_INPUT, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         return t.getInput(part);
     }
@@ -155,6 +158,8 @@ public class TaskOperationsImpl implemen
      */
     public Object getOutput(String identifier, String part) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_OUTPUT, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         return t.getOutput(part);
     }
@@ -164,6 +169,8 @@ public class TaskOperationsImpl implemen
      */
     public void stop(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault
{
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.STOP, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -175,6 +182,8 @@ public class TaskOperationsImpl implemen
 
     public void suspend(String identifier) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SUSPEND, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -186,6 +195,8 @@ public class TaskOperationsImpl implemen
 
     public void suspendUntil(String identifier, TTime time) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SUSPEND_UNTIL, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         Date when = time.getPointOfTime();
         if (when == null) {
@@ -203,6 +214,8 @@ public class TaskOperationsImpl implemen
 
     public void remove(String identifier) throws IllegalAccessFault, IllegalArgumentFault
{
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.REMOVE, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         t.remove();
     }
@@ -210,6 +223,8 @@ public class TaskOperationsImpl implemen
     public void resume(String identifier) throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault
{
         // OrgEntity user = loadUser();
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.RESUME, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -225,6 +240,8 @@ public class TaskOperationsImpl implemen
 
     public void claim(String identifier) throws IllegalArgumentFault, IllegalStateFault,
IllegalAccessFault {
         Task task = Task.load(hiseEngine, Long.valueOf(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.CLAIM, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         task.setCurrentUser(getUserString());
         
         try {
@@ -239,6 +256,8 @@ public class TaskOperationsImpl implemen
     public void fail(String identifier, String faultName, Object faultData) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault,
             IllegalOperationFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.FAIL, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -251,6 +270,8 @@ public class TaskOperationsImpl implemen
     public void forward(String identifier, TOrganizationalEntity organizationalEntity) throws
IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
         
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.FORWARD, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -268,6 +289,8 @@ public class TaskOperationsImpl implemen
 
     public void release(String identifier) throws IllegalArgumentFault, IllegalStateFault,
IllegalAccessFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.RELEASE, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -279,6 +302,8 @@ public class TaskOperationsImpl implemen
 
     public void start(String identifier) throws IllegalArgumentFault, IllegalStateFault,
IllegalAccessFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.START, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         
         try {
@@ -290,6 +315,8 @@ public class TaskOperationsImpl implemen
 
     public void complete(String identifier, Object taskData) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.parseLong(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.COMPLETE, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         //TODO set output
         //t.setOutput(((Node) taskData).getFirstChild());
@@ -303,6 +330,8 @@ public class TaskOperationsImpl implemen
 
     public void setOutput(String identifier, String part, Object taskData) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
         Task t = Task.load(hiseEngine, Long.valueOf(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_OUTPUT, getUserString(),
t, hiseEngine))) 
+        	throw new IllegalAccessFault();
         t.setCurrentUser(getUserString());
         t.setOutput(((Node) taskData).getFirstChild());
     }
@@ -318,6 +347,8 @@ public class TaskOperationsImpl implemen
 	 */
 	public void addComment(String identifier, String text) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
 		Task task = Task.load(hiseEngine, new Long(identifier));
+		if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ADD_COMMENT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
 		org.apache.hise.dao.Task taskDto = task.getTaskDto();
 		org.apache.hise.dao.Comment newComment = new Comment(text, taskDto);
 		// PTODO add setAddedBy
@@ -336,6 +367,8 @@ public class TaskOperationsImpl implemen
 	 */
     public List<TComment> getComments(String identifier) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_COMMENTS, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         List<TComment> result = convertComments(taskDto);
         return result;
@@ -350,6 +383,9 @@ public class TaskOperationsImpl implemen
     }
 
     public void activate(String identifier) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ACTIVATE, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         // TODO Auto-generated method stub
 
     }
@@ -358,6 +394,8 @@ public class TaskOperationsImpl implemen
             IllegalArgumentFault {
 
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.ADD_ATTACHMENT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         org.apache.hise.dao.Attachment newAttachment= new Attachment();
         newAttachment.setAccessType(accessType);
@@ -380,14 +418,15 @@ public class TaskOperationsImpl implemen
             IllegalArgumentFault {
 
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELEGATE, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
-
-
-
     }
 
     public void deleteAttachments(String identifier, String attachmentName) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELETE_ATTACHMENTS,
getUserString(), task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         List<Attachment> attachments=taskDto.getAttachments();
         Iterator<Attachment> attachemntIterator=attachments.iterator();
@@ -409,11 +448,19 @@ public class TaskOperationsImpl implemen
     }
 
     public void deleteFault(String identifier) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELELE_FAULT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
+        
         // TODO Auto-generated method stub
 
     }
 
     public void deleteOutput(String identifier) throws IllegalAccessFault, IllegalStateFault,
IllegalArgumentFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.DELETE_OUTPUT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
+        
         // TODO Auto-generated method stub
 
     }
@@ -421,6 +468,8 @@ public class TaskOperationsImpl implemen
     public List<TAttachmentInfo> getAttachmentInfos(String identifier) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
 
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_ATTACHMENT_INFOS,
getUserString(), task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         List<Attachment> attachments=taskDto.getAttachments();
         List<TAttachmentInfo> result= new ArrayList<TAttachmentInfo>();
@@ -438,6 +487,8 @@ public class TaskOperationsImpl implemen
     public List<TAttachment> getAttachments(String identifier, String attachmentName)
throws IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
 
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_ATTACHMENTS,
getUserString(), task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         List<Attachment> attachments=taskDto.getAttachments();
         List<TAttachment> result= new ArrayList<TAttachment>();
@@ -468,6 +519,8 @@ public class TaskOperationsImpl implemen
 
     public void nominate(String identifier, TOrganizationalEntity organizationalEntity) throws
IllegalAccessFault, IllegalStateFault, IllegalArgumentFault {
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.NOMINATE, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         if(taskDto.getStatus()==Status.CREATED){
         	TUserlist tUsers=organizationalEntity.getUsers();
@@ -482,18 +535,28 @@ public class TaskOperationsImpl implemen
 
     public void setFault(String identifier, String faultName, Object faultData) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault,
             IllegalOperationFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_FAULT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
+    	
         // TODO Auto-generated method stub
 
     }
 
     public void setGenericHumanRole(String identifier, String genericHumanRole, TOrganizationalEntity
organizationalEntity) throws IllegalAccessFault,
             IllegalStateFault, IllegalArgumentFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_GENERIC_HUMAN_ROLE,
getUserString(), task, hiseEngine))) 
+        	throw new IllegalAccessFault();
+    	
         // TODO Auto-generated method stub
 
     }
 
     public void setPriority(String identifier, BigInteger priority) throws IllegalAccessFault,
IllegalStateFault, IllegalArgumentFault {
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SET_PRIORITY, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         taskDto.setPriority(priority.intValue());
         
@@ -504,6 +567,8 @@ public class TaskOperationsImpl implemen
     			IllegalAccessFault, IllegalStateFault, IllegalArgumentFault, 
     				IllegalOperationFault {
         Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.SKIP, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
         org.apache.hise.dao.Task taskDto = task.getTaskDto();
         if(taskDto.isSkippable()){
         try {
@@ -517,6 +582,10 @@ public class TaskOperationsImpl implemen
 
     public void getFault(String identifier, Holder<String> faultName, Holder<Object>
faultData) throws IllegalArgumentFault, IllegalStateFault,
             IllegalOperationFault, IllegalAccessFault {
+    	Task task = Task.load(hiseEngine, new Long(identifier));
+        if(!(TaskChecker.checkPermission(TaskChecker.HumanOperationName.GET_FAULT, getUserString(),
task, hiseEngine))) 
+        	throw new IllegalAccessFault();
+    	
         // TODO Auto-generated method stub
 
     }

Modified: incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
(original)
+++ incubator/hise/trunk/hise-test-example-osgi/src/main/java/org/apache/hise/test/SampleUsers.java
Wed Jul 14 15:39:30 2010
@@ -74,9 +74,13 @@ public class SampleUsers {
                     o.getUserGroups().add(someGroup);
                     hiseEngine.getHiseDao().persist(o);
                 }
+                
+                
                 addUser("user1", "user1pass");
                 addUser("user2", "user2pass");
+                addUser("user3", "user3pass");
                 addUser("user5", "user5pass");
+                addUser("user6", "user6pass");
                 
                 return null;
             }

Modified: incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml
URL: http://svn.apache.org/viewvc/incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml?rev=964085&r1=964084&r2=964085&view=diff
==============================================================================
--- incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml (original)
+++ incubator/hise/trunk/hise-test-example-osgi/src/main/resources/testHtd1.xml Wed Jul 14
15:39:30 2010
@@ -534,6 +534,7 @@ xs:double(htd:getInput("ClaimApprovalReq
       <htd:notification name="Notify2">
         <htd:interface portType="tns:ClaimApprovalReminderPT" operation="notify"></htd:interface>
         <htd:peopleAssignments>
+       
           <htd:potentialOwners>
             <htd:from>
               <htd:literal>
@@ -545,6 +546,20 @@ xs:double(htd:getInput("ClaimApprovalReq
               </htd:literal>
             </htd:from>
           </htd:potentialOwners>
+          
+          <htd:recipients>
+            <htd:from>
+              <htd:literal>
+                <htd:organizationalEntity>
+                  <htd:users>
+                    <htd:user>user6</htd:user>
+                  </htd:users>
+                </htd:organizationalEntity>
+              </htd:literal>
+            </htd:from>
+          </htd:recipients>
+          
+          
         </htd:peopleAssignments>
         <htd:presentationElements>
           <htd:name>Notify2Name</htd:name>



Mime
View raw message