branch develop updated (3c42708 -> 3679385)
This is an automated email from the git hooks/post-receive script. New change to branch develop in repository coselmar. See http://git.codelutin.com/coselmar.git from 3c42708 Merge branch 'feature/6140-update-document-metadata' into develop new 81fb833 #6142 #6143 only Admin, supervisor, expert (public) or admin, supervisor, owner can view and delete document new 5e32997 #6142 Filter documents list according to privacy and userRole new 3679385 Merge branch 'feature/6142-filter-documents-list' into develop The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Detailed log of new commits: commit 367938536e53cb2214d902a529a88dd53ea325ba Merge: 3c42708 5e32997 Author: Yannick Martel <martel@©odelutin.com> Date: Thu Nov 27 11:11:37 2014 +0100 Merge branch 'feature/6142-filter-documents-list' into develop commit 5e3299722403c4f027fde642d99e9204dceedc5e Author: Yannick Martel <martel@©odelutin.com> Date: Thu Nov 27 11:11:18 2014 +0100 #6142 Filter documents list according to privacy and userRole commit 81fb833326127ce16207d00d786e7f29e63a2934 Author: Yannick Martel <martel@©odelutin.com> Date: Wed Nov 26 18:18:51 2014 +0100 #6142 #6143 only Admin, supervisor, expert (public) or admin, supervisor, owner can view and delete document Summary of changes: .../fr/ifremer/coselmar/persistence/DaoUtils.java | 112 ++++++++++++++ .../persistence/entity/DocumentTopiaDao.java | 32 ++++ .../services/CoselmarWebServiceSupport.java | 13 ++ .../coselmar/services/v1/DocumentsWebService.java | 162 ++++++++++++++++++--- coselmar-ui/src/main/webapp/index.html | 8 +- .../src/main/webapp/js/coselmar-controllers.js | 2 +- .../src/main/webapp/views/documents/documents.html | 2 +- .../main/webapp/views/documents/newdocument.html | 17 ++- 8 files changed, 311 insertions(+), 37 deletions(-) create mode 100644 coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/DaoUtils.java -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.
This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository coselmar. See http://git.codelutin.com/coselmar.git commit 81fb833326127ce16207d00d786e7f29e63a2934 Author: Yannick Martel <martel@©odelutin.com> Date: Wed Nov 26 18:18:51 2014 +0100 #6142 #6143 only Admin, supervisor, expert (public) or admin, supervisor, owner can view and delete document --- .../services/CoselmarWebServiceSupport.java | 13 +++ .../coselmar/services/v1/DocumentsWebService.java | 128 ++++++++++++++++++--- coselmar-ui/src/main/webapp/index.html | 1 + .../src/main/webapp/js/coselmar-controllers.js | 2 +- .../main/webapp/views/documents/newdocument.html | 17 +-- 5 files changed, 133 insertions(+), 28 deletions(-) diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java index 5213d75..6fc9115 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java @@ -35,6 +35,7 @@ import java.util.Map; import com.auth0.jwt.JWTVerifier; import fr.ifremer.coselmar.beans.UserWebToken; import fr.ifremer.coselmar.persistence.CoselmarPersistenceContext; +import fr.ifremer.coselmar.persistence.entity.CoselmarUser; import fr.ifremer.coselmar.persistence.entity.CoselmarUserTopiaDao; import fr.ifremer.coselmar.persistence.entity.DocumentTopiaDao; import fr.ifremer.coselmar.services.config.CoselmarServicesConfig; @@ -147,4 +148,16 @@ public abstract class CoselmarWebServiceSupport extends WebMotionController impl } } + + /** + * Construct the full id of an user from the random part contained in + * {@link fr.ifremer.coselmar.beans.UserWebToken}. + * + * @param shortUserId : the short id, corresponding to the random part of the id + * + * @return the complete id, with class FQN. + */ + protected String getFullUserIdFromShort(String shortUserId) { + return CoselmarUser.class.getCanonicalName() + getPersistenceContext().getTopiaIdFactory().getSeparator() + shortUserId; + } } diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java index e3380b8..bde35f3 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java @@ -63,15 +63,40 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { private static final Log log = getLog(DocumentsWebService.class); - public static final List<String> DOCUMENT_ALLOWED_USER_ROLES = + public static final List<String> DOCUMENT_EDIT_ALLOWED_USER_ROLES = Lists.newArrayList(CoselmarUserRole.EXPERT.name()); - public DocumentBean getDocument(String documentId) { + public static final List<String> DOCUMENT_VIEW_ALLOWED_USER_ROLES = + Lists.newArrayList( + CoselmarUserRole.ADMIN.name(), + CoselmarUserRole.SUPERVISOR.name(), + CoselmarUserRole.EXPERT.name() + ); + + public DocumentBean getDocument(String documentId) throws InvalidCredentialException, UnauthorizedException { + + // Check authentication + String authorization = getContext().getHeader("Authorization"); + UserWebToken userWebToken = checkAuthentication(authorization); // reconstitute full id - String fullId = Document.class.getCanonicalName() + getPersistenceContext().getTopiaIdFactory().getSeparator() + documentId; + String fullId = getDocumentFullId(documentId); Document document = getDocumentDao().forTopiaIdEquals(fullId).findUnique(); + + // If document if public, only admin, supervisor and expert could view it + // If document if private, only admin, supervisor and owner could view it + if (!isAllowedToAccessDocument(userWebToken, document)) { + + String message = String.format("User %s %s ('%s') try to access to document '%s'", + userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId(), documentId); + if (log.isWarnEnabled()) { + log.warn(message); + } + throw new UnauthorizedException(message); + + } + DocumentBean documentBean = BeanEntityConverter.toBean(documentId, document); return documentBean; } @@ -104,7 +129,7 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { // Only Expert or Supervisor can add document String userRole = userWebToken.getRole(); - if (!DOCUMENT_ALLOWED_USER_ROLES.contains(userRole.toUpperCase())) { + if (!DOCUMENT_EDIT_ALLOWED_USER_ROLES.contains(userRole.toUpperCase())) { String message = String.format("User %s %s ('%s') is not allowed to add document", userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId()); if (log.isWarnEnabled()) { @@ -116,8 +141,7 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { Preconditions.checkNotNull(document); // retrieve user who will be assigned as document owner - String fullId = CoselmarUser.class.getCanonicalName() + - getPersistenceContext().getTopiaIdFactory().getSeparator() + userWebToken.getUserId(); + String fullId = getFullUserIdFromShort(userWebToken.getUserId()); CoselmarUser owner; try { @@ -183,21 +207,15 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { public Render getDocumentFile(String documentId) { // reconstitute full id - String fullId = Document.class.getCanonicalName() + "_" + documentId; + String fullId =getDocumentFullId(documentId); Document document = getDocumentDao().forTopiaIdEquals(fullId).findUnique(); //TODO ymartel 20141103 : manage file owner ? // Get file attached to document - String fileName = document.getName(); - Date depositeDate = document.getDepositDate(); - - String userDocumentPath = getUserDocumentPath(document.getOwner()); - - String formatedDay = DateUtil.formatDate(depositeDate, "yyyymmdd"); - String prefix = formatedDay + "-"; - File documentFile = new File(userDocumentPath + "/" + prefix + fileName); + File documentFile = getDocumentFile(document); + String fileName = document.getName(); String fileMimeType = document.getMimeType(); try { InputStream fileStream = new FileInputStream(documentFile); @@ -218,16 +236,35 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { throw new CoselmarTechnicalException("not yet implemented"); } - public void deleteDocument(String documentId) { + public void deleteDocument(String documentId) throws InvalidCredentialException, UnauthorizedException { + + // Check authentication + String authorization = getContext().getHeader("Authorization"); + UserWebToken userWebToken = checkAuthentication(authorization); // reconstitute full id - String fullId = Document.class.getCanonicalName() + "_" + documentId; + String fullId = getDocumentFullId(documentId); Document document = getDocumentDao().forTopiaIdEquals(fullId).findUnique(); - getDocumentDao().delete(document); - //TODO ymartel 20141126 : delete file + if (!isAllowedToAccessDocument(userWebToken, document)) { + + String message = String.format("User %s %s ('%s') try to delete document '%s'", + userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId(), documentId); + if (log.isWarnEnabled()) { + log.warn(message); + } + throw new UnauthorizedException(message); + + } + + // Delete physical file + if (document.isWithFile()) { + File documentFile = getDocumentFile(document); + FileUtils.deleteQuietly(documentFile); + } + getDocumentDao().delete(document); commit(); } @@ -284,4 +321,57 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { return userPath; } + /** + * Return the document File from its Metadata. + * + * @param document : document we want the {@link java.io.File} corresponding + * to the physical document. + * @return a File pointing out the physical file. + */ + protected File getDocumentFile(Document document) { + String fileName = document.getName(); + Date depositeDate = document.getDepositDate(); + + String userDocumentPath = getUserDocumentPath(document.getOwner()); + + String formatedDay = DateUtil.formatDate(depositeDate, "yyyymmdd"); + String prefix = formatedDay + "-"; + return new File(userDocumentPath + "/" + prefix + fileName); + } + + /** + * Check if an user can access to a document metadata, according to its + * privacy settings and the user grant. + * + * @param userWebToken : Session data for current user, + * containing {@link fr.ifremer.coselmar.persistence.entity.CoselmarUserRole} as String + * @param document : the document user trying to access. + * + * @return true is user can access, false else. + */ + protected boolean isAllowedToAccessDocument(UserWebToken userWebToken, Document document) { + boolean isAuthorized = false; + + String viewerRole = userWebToken.getRole().toUpperCase(); + + // For public : only admin/supervisor/expert can access + if (document.getPrivacy() == DocumentPrivacy.PUBLIC) { + isAuthorized = DOCUMENT_VIEW_ALLOWED_USER_ROLES.contains(viewerRole); + + // For Private : only admin/supervisor/owner can access + } else if (document.getPrivacy() == DocumentPrivacy.PRIVATE) { + CoselmarUser documentOwner = document.getOwner(); + boolean isOwner = StringUtils.equals(documentOwner.getTopiaId(), getFullUserIdFromShort(userWebToken.getUserId())); + isAuthorized = isOwner || Lists.newArrayList(CoselmarUserRole.ADMIN, CoselmarUserRole.SUPERVISOR).contains(viewerRole); + + } else { + // Restricted : Not yet implemented + } + + return isAuthorized; + } + + protected String getDocumentFullId(String documentId) { + return Document.class.getCanonicalName() + getPersistenceContext().getTopiaIdFactory().getSeparator() + documentId; + } } diff --git a/coselmar-ui/src/main/webapp/index.html b/coselmar-ui/src/main/webapp/index.html index 968466f..f8ac539 100644 --- a/coselmar-ui/src/main/webapp/index.html +++ b/coselmar-ui/src/main/webapp/index.html @@ -34,6 +34,7 @@ <script src="nuiton-js/angular-messages.js"></script> <script src="nuiton-js/angular-ui-bootstrap.js"></script> <script src="nuiton-js/bootstrap.js"></script> + <script src="nuiton-js/bootstrap-tpls.js"></script> <script src="js/angular-jwt.js"></script> <script src="js/coselmar.js"></script> <script src="js/coselmar-constants.js"></script> diff --git a/coselmar-ui/src/main/webapp/js/coselmar-controllers.js b/coselmar-ui/src/main/webapp/js/coselmar-controllers.js index 2be62f7..0a0a8cf 100644 --- a/coselmar-ui/src/main/webapp/js/coselmar-controllers.js +++ b/coselmar-ui/src/main/webapp/js/coselmar-controllers.js @@ -21,7 +21,7 @@ * <http://www.gnu.org/licenses/gpl-3.0.html>. * #L% */ -var coselmarControllers = angular.module('coselmarControllers', []); +var coselmarControllers = angular.module('coselmarControllers', ['ui.bootstrap']); // Controller when the main page/view loads coselmarControllers.controller("HomeCtrl", ['$scope', '$http', '$location', 'userService', 'jwtHelper', diff --git a/coselmar-ui/src/main/webapp/views/documents/newdocument.html b/coselmar-ui/src/main/webapp/views/documents/newdocument.html index d619818..f98ad7e 100644 --- a/coselmar-ui/src/main/webapp/views/documents/newdocument.html +++ b/coselmar-ui/src/main/webapp/views/documents/newdocument.html @@ -110,6 +110,15 @@ </div> + <div class="form-group"> + <label class="col-md-4 control-label">Publication date</label> + + <div class="col-md-5"> + <input type="text" class="form-control" name="publicationDate" ng-model="document.publicationDate" + datepicker-popup="dd/MM/yyyy" is-open="publicationDateOpened" ng-click="publicationDateOpened = true"/> + </div> + </div> + <div class="form-group"> <label class="col-md-4 control-label">Authors</label> @@ -143,14 +152,6 @@ </div> <div class="form-group"> - <label class="col-md-4 control-label">Publication date</label> - - <div class="col-md-5"> - <input type="date" class="form-control" name="publicationDate" ng-model="document.publicationDate" /> - </div> - </div> - - <div class="form-group"> <label class="col-md-4 control-label">Summary</label> <div class="col-md-5"> -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.
This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository coselmar. See http://git.codelutin.com/coselmar.git commit 5e3299722403c4f027fde642d99e9204dceedc5e Author: Yannick Martel <martel@©odelutin.com> Date: Thu Nov 27 11:11:18 2014 +0100 #6142 Filter documents list according to privacy and userRole --- .../fr/ifremer/coselmar/persistence/DaoUtils.java | 112 +++++++++++++++++++++ .../persistence/entity/DocumentTopiaDao.java | 32 ++++++ .../coselmar/services/v1/DocumentsWebService.java | 36 ++++++- coselmar-ui/src/main/webapp/index.html | 9 +- .../src/main/webapp/views/documents/documents.html | 2 +- 5 files changed, 180 insertions(+), 11 deletions(-) diff --git a/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/DaoUtils.java b/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/DaoUtils.java new file mode 100644 index 0000000..c8c1cc6 --- /dev/null +++ b/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/DaoUtils.java @@ -0,0 +1,112 @@ +package fr.ifremer.coselmar.persistence; + +import java.util.Map; + +import org.apache.commons.lang3.StringUtils; + +/** + * Class containing utilities methods for DAO request. + * + * @author Eric Chatellier + * @author Arnaud Thimel (Code Lutin) + * @author ymartel (codelutin) + */ +public class DaoUtils { + + protected static final String LIKE = + "TRANSLATE(LOWER( %s )," + + "'áàâãäåāăąèééêëēĕėęěìíîïìĩīĭḩóôõöōŏőùúûüũūŭůäàáâãåæçćĉčöòóôõøüùúûßéèêëýñîìíïş'," + + "'aaaaaaaaaeeeeeeeeeeiiiiiiiihooooooouuuuuuuuaaaaaaeccccoooooouuuuseeeeyniiiis')" + + "like LOWER( %s )"; + + /** + * Generate sql like operator case and accent insensitive. + * + * @param field1 entity field to search into + * @param field2 value field (must be accent escaped) + * @return sql string + */ + public static String getFieldLikeInsensitive(String field1, String field2) { + String query = String.format(LIKE, field1, field2); + return query; + } + + public static String addQueryAttribute(Map<String, Object> args, String entityAttributeName, Object value) { + String baseAttributeName = entityAttributeName.replaceAll("[.]", "_"); + + int index = 0; + String queryAttributeName; + do { + queryAttributeName = baseAttributeName + index; + index++; + } while (args.containsKey(queryAttributeName)); + + args.put(queryAttributeName, value); + + return queryAttributeName; + } + + protected static String getQueryForAttributeLike(String entityAlias, String entityAttributeName, Map<String, Object> args, String likeValue, String operator) { + // TODO AThimel 12/07/13 Refactor : peut-être qu'il n'est pas nécessaire d'utiliser la méthode "getFieldLikeInsensitive" + String alias = StringUtils.isBlank(entityAlias) ? "" : entityAlias + "."; + String queryAttributeName = addQueryAttribute(args, entityAttributeName, StringUtils.stripAccents(likeValue)); + String result = " " + operator + " " + DaoUtils.getFieldLikeInsensitive(alias + entityAttributeName, ":" + queryAttributeName); + + return result; + } + + public static String getQueryForAttributeEquals(String entityAlias, String entityAttributeName, Map<String, Object> args, Object value, String operator) { + String result = ""; + + if (value != null) { + String alias = StringUtils.isBlank(entityAlias) ? "" : entityAlias + "."; + String queryAttributeName = addQueryAttribute(args, entityAttributeName, value); + result += String.format(" %s %s = :%s", operator, alias + entityAttributeName, queryAttributeName); + } + + return result; + } + + public static String andAttributeEquals(String entityAlias, String entityAttributeName, Map<String, Object> args, Object value) { + String result = getQueryForAttributeEquals(entityAlias, entityAttributeName, args, value, "AND"); + return result; + } + + public static String orAttributeEquals(String entityAlias, String entityAttributeName, Map<String, Object> args, Object value) { + String result = getQueryForAttributeEquals(entityAlias, entityAttributeName, args, value, "OR"); + return result; + } + + public static String andAttributeLike(String entityAlias, String entityAttributeName, Map<String, Object> args, String value) { + String result = ""; + if (StringUtils.isNotBlank(value)) { + result = getQueryForAttributeLike(entityAlias, entityAttributeName, args, "%" + value + "%", "AND"); + } + return result; + } + + public static String orAttributeLike(String entityAlias, String entityAttributeName, Map<String, Object> args, String value) { + String result = ""; + if (StringUtils.isNotBlank(value)) { + result = getQueryForAttributeLike(entityAlias, entityAttributeName, args, "%" + value + "%", "OR"); + } + + return result; + } + + protected static String getQueryForAttributeContains(String entityAlias, String entityAttributeName, Map<String, Object> args, Object value, String operator) { + String result = ""; + + String alias = StringUtils.isBlank(entityAlias) ? "" : entityAlias + "."; + String queryAttributeName = addQueryAttribute(args, entityAttributeName, value); + result += String.format(" %s %s in element( :%s )", operator, queryAttributeName, alias + entityAttributeName); + + return result; + } + + public static String andAttributeContains(String entityAlias, String entityAttributeName, Map<String, Object> args, Object value) { + String result = getQueryForAttributeContains(entityAlias, entityAttributeName, args, value, "AND"); + return result; + } + +} diff --git a/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/entity/DocumentTopiaDao.java b/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/entity/DocumentTopiaDao.java index efee2f6..4648ff4 100644 --- a/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/entity/DocumentTopiaDao.java +++ b/coselmar-persistence/src/main/java/fr/ifremer/coselmar/persistence/entity/DocumentTopiaDao.java @@ -24,7 +24,11 @@ package fr.ifremer.coselmar.persistence.entity; * #L% */ +import java.util.HashMap; import java.util.List; +import java.util.Map; + +import fr.ifremer.coselmar.persistence.DaoUtils; public class DocumentTopiaDao extends AbstractDocumentTopiaDao<Document> { @@ -34,8 +38,36 @@ public class DocumentTopiaDao extends AbstractDocumentTopiaDao<Document> { for (String keyword : keywords) { queryBuilder.addContains(Document.PROPERTY_KEYWORDS, keyword); } + List<Document> documents = queryBuilder.findAll(); return documents; } + public List<Document> findAllFilterByUser(CoselmarUser currentUser, List<String> keywords) { + + StringBuilder hqlBuilder = new StringBuilder("FROM " + Document.class.getName() + " D"); + + Map<String, Object> args = new HashMap<>(); + + // can list all public document + String privacyPublicCondition = DaoUtils.getQueryForAttributeEquals("D", Document.PROPERTY_PRIVACY, args, DocumentPrivacy.PUBLIC, ""); + hqlBuilder.append(" WHERE " + privacyPublicCondition); + + // Can list his own private document + String privacyPrivateCondition = DaoUtils.getQueryForAttributeEquals("D", Document.PROPERTY_PRIVACY, args, DocumentPrivacy.PRIVATE, ""); + String ownerCondition = DaoUtils.andAttributeEquals("D", Document.PROPERTY_OWNER, args, currentUser); + + hqlBuilder.append(" OR ( " + privacyPrivateCondition + " " + ownerCondition + " )"); + + if (keywords != null) { + for (String keyword : keywords) { + DaoUtils.andAttributeContains("D", Document.PROPERTY_KEYWORDS, args, keyword); + } + } + + List<Document> documents = forHql(hqlBuilder.toString(), args).findAll(); + + return documents; + } + } //DocumentTopiaDao diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java index bde35f3..99717c1 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java @@ -101,14 +101,29 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { return documentBean; } - public List<DocumentBean> getDocuments(List<String> searchKeywords) { + public List<DocumentBean> getDocuments(List<String> searchKeywords) throws InvalidCredentialException { + + // Check authentication + String authorization = getContext().getHeader("Authorization"); + UserWebToken userWebToken = checkAuthentication(authorization); + + // Retrieve current user + String fullCurrentUserId = getFullUserIdFromShort(userWebToken.getUserId()); + CoselmarUser currentUser = getCoselmarUserDao().forTopiaIdEquals(fullCurrentUserId).findAnyOrNull(); + + String currentUserRole = userWebToken.getRole().toUpperCase(); List<Document> documentList; - if (searchKeywords != null && !searchKeywords.isEmpty()) { - documentList = getDocumentDao().findAllContainingAllKeywords(searchKeywords); + + // Admin and Supervisor can see all documents (public, private and restricted) + if (Lists.newArrayList(CoselmarUserRole.ADMIN.name(), CoselmarUserRole.ADMIN.name()).contains(currentUserRole)) { + documentList = findAllDocuments(searchKeywords); + } else { - documentList = getDocumentDao().findAll(); + //Other can only see public, his own private and restricted for which he is allowed + documentList = getDocumentDao().findAllFilterByUser(currentUser, searchKeywords);; } + List<DocumentBean> result = new ArrayList<>(documentList.size()); for (Document document : documentList) { @@ -362,7 +377,7 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { } else if (document.getPrivacy() == DocumentPrivacy.PRIVATE) { CoselmarUser documentOwner = document.getOwner(); boolean isOwner = StringUtils.equals(documentOwner.getTopiaId(), getFullUserIdFromShort(userWebToken.getUserId())); - isAuthorized = isOwner || Lists.newArrayList(CoselmarUserRole.ADMIN, CoselmarUserRole.SUPERVISOR).contains(viewerRole); + isAuthorized = isOwner || Lists.newArrayList(CoselmarUserRole.ADMIN.name(), CoselmarUserRole.SUPERVISOR.name()).contains(viewerRole); } else { // Restricted : Not yet implemented @@ -374,4 +389,15 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { protected String getDocumentFullId(String documentId) { return Document.class.getCanonicalName() + getPersistenceContext().getTopiaIdFactory().getSeparator() + documentId; } + + protected List<Document> findAllDocuments(List<String> searchKeywords) { + List<Document> documentList; + if (searchKeywords != null && !searchKeywords.isEmpty()) { + documentList = getDocumentDao().findAllContainingAllKeywords(searchKeywords); + } else { + documentList = getDocumentDao().findAll(); + } + return documentList; + } + } diff --git a/coselmar-ui/src/main/webapp/index.html b/coselmar-ui/src/main/webapp/index.html index f8ac539..d277fe7 100644 --- a/coselmar-ui/src/main/webapp/index.html +++ b/coselmar-ui/src/main/webapp/index.html @@ -34,7 +34,6 @@ <script src="nuiton-js/angular-messages.js"></script> <script src="nuiton-js/angular-ui-bootstrap.js"></script> <script src="nuiton-js/bootstrap.js"></script> - <script src="nuiton-js/bootstrap-tpls.js"></script> <script src="js/angular-jwt.js"></script> <script src="js/coselmar.js"></script> <script src="js/coselmar-constants.js"></script> @@ -64,17 +63,17 @@ <nav class="hidden-xs"> <ul class="nav navbar-nav"> <a href="#" role="button" class="navbar-brand">Coselmar Traceability</a> - <li class="dropdown" ng-if="currentUser.role == 'ADMIN'"> + <li ng-if="currentUser.role == 'ADMIN'"> <a href="#/users" class="dropdown-toggle">User</a> </li> - <li class="dropdown" ng-if="currentUser"> + <li ng-if="currentUser"> <a href="#/documents" role="button" class="dropdown-toggle">Documents</a> </li> <li class="dropdown"> <a role="button" class="dropdown-toggle">Questions<span class="caret"></span></a> <ul class="dropdown-menu" role="menu"> - <li><a href="#/questions">List</a></li> - <li><a href="#/questions">List</a></li> + <!--<li><a href="#/questions">List</a></li>--> + <!--<li><a href="#/questions">List</a></li>--> </ul> </li> </ul> diff --git a/coselmar-ui/src/main/webapp/views/documents/documents.html b/coselmar-ui/src/main/webapp/views/documents/documents.html index 4c089ef..e35b46c 100644 --- a/coselmar-ui/src/main/webapp/views/documents/documents.html +++ b/coselmar-ui/src/main/webapp/views/documents/documents.html @@ -31,7 +31,7 @@ <div> <div> - <div class="form-group"> + <div class="form-group" ng-if="currentUser.role == 'EXPERT'> <a href="#/documents/new" class="form-inline navbar-left btn btn-primary">Add a document</a> </div> <form class="form-inline pull-right" role="documentOptions" ng-submit="searchDocuments()"> -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.
This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository coselmar. See http://git.codelutin.com/coselmar.git commit 367938536e53cb2214d902a529a88dd53ea325ba Merge: 3c42708 5e32997 Author: Yannick Martel <martel@©odelutin.com> Date: Thu Nov 27 11:11:37 2014 +0100 Merge branch 'feature/6142-filter-documents-list' into develop .../fr/ifremer/coselmar/persistence/DaoUtils.java | 112 ++++++++++++++ .../persistence/entity/DocumentTopiaDao.java | 32 ++++ .../services/CoselmarWebServiceSupport.java | 13 ++ .../coselmar/services/v1/DocumentsWebService.java | 162 ++++++++++++++++++--- coselmar-ui/src/main/webapp/index.html | 8 +- .../src/main/webapp/js/coselmar-controllers.js | 2 +- .../src/main/webapp/views/documents/documents.html | 2 +- .../main/webapp/views/documents/newdocument.html | 17 ++- 8 files changed, 311 insertions(+), 37 deletions(-) -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.
participants (1)
-
codelutin.com scm