This is an automated email from the git hooks/post-receive script. New commit to branch feature/permissionPollRestricted in repository pollen. See http://git.chorem.org/pollen.git commit 9f045ec0ec348c190f0b3e18fefab20aef202f21 Author: Adrien Garandel <a.garandel@dralagen.fr> Date: Tue Aug 5 11:58:25 2014 +0200 no bouble vote in poll restricted --- .../org/chorem/pollen/services/bean/PollBean.java | 9 ++++++ .../pollen/services/service/PollService.java | 2 ++ .../services/service/security/SecurityService.java | 34 +++++++++++++++------- .../src/main/webapp/js/controllers/pollCtrl.js | 5 ++++ .../src/main/webapp/partials/inline-poll.html | 28 +++++++++--------- 5 files changed, 54 insertions(+), 24 deletions(-) diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/bean/PollBean.java b/pollen-services/src/main/java/org/chorem/pollen/services/bean/PollBean.java index 66d0115..f0375eb 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/bean/PollBean.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/bean/PollBean.java @@ -101,6 +101,8 @@ public class PollBean extends PollenBean<Poll> { protected boolean voteIsVisible; + protected boolean canVote; + @Override public void fromEntity(Poll entity) { @@ -351,4 +353,11 @@ public class PollBean extends PollenBean<Poll> { this.voteIsVisible = voteIsVisible; } + public boolean isCanVote() { + return canVote; + } + + public void setCanVote(boolean canVote) { + this.canVote = canVote; + } } diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/PollService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/PollService.java index 409a4f2..f8bc99e 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/PollService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/PollService.java @@ -62,6 +62,8 @@ public class PollService extends PollenServiceSupport { input.setResultIsVisible(isPermitted(PermissionVerb.readPollResult, input.getEntityId())); + input.setCanVote(isPermitted(PermissionVerb.addVote, input.getEntityId())); + return input; } }; diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java index 0a1d197..9266e17 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java @@ -38,7 +38,6 @@ import org.chorem.pollen.services.bean.PaginationParameterBean; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.service.PollenServiceSupport; import org.nuiton.topia.persistence.TopiaEntity; -import org.nuiton.util.pagination.PaginationParameter; import java.util.*; @@ -362,7 +361,7 @@ public class SecurityService extends PollenServiceSupport { Set<Poll> polls = getPollDao().findAllFreePolls(); for (Poll poll : polls) { - generatePollAccessPermission(permissions, poll); + generatePollPublicPermission(permissions, poll); } if (user == null && pollenPrincipal == null) { @@ -377,15 +376,13 @@ public class SecurityService extends PollenServiceSupport { // Collect all principals Set<PollenPrincipal> principals = Sets.newHashSet(); + Set<Poll> invitedPoll = Sets.newHashSet(); if (pollenPrincipal != null) { principals.add(pollenPrincipal); - Set<Poll> invitedPoll = getPollDao().findByVoterListMemberPermission(pollenPrincipal.getPermission()); + invitedPoll.addAll(getPollDao().findByVoterListMemberPermission(pollenPrincipal.getPermission())); - for (Poll poll : invitedPoll) { - generatePollAccessPermission(permissions, poll); - } } if (user != null) { @@ -398,12 +395,24 @@ public class SecurityService extends PollenServiceSupport { PaginationParameterBean paginationParameter = new PaginationParameterBean(); paginationParameter.setPageNumber(0); paginationParameter.setPageSize(-1); - List<Poll> invitedPoll = getPollDao().findAllInvited(user, paginationParameter.toPaginationParameter()).getElements(); + invitedPoll.addAll(getPollDao().findAllInvited(user, paginationParameter.toPaginationParameter()).getElements()); + + } + + for (Poll poll : invitedPoll) { + generatePollPublicPermission(permissions, poll); - for (Poll poll : invitedPoll) { - generatePollAccessPermission(permissions, poll); + if (poll.getCommentVisibility() == CommentVisibility.VOTER) { + permissions.add(createSubjectPermission(PermissionVerb.readComment, poll)); } + if (poll.getVoteVisibility() == VoteVisibility.VOTER) { + permissions.add(createSubjectPermission(PermissionVerb.readVote, poll)); + } + + if (poll.getResultVisibility() == ResultVisibility.VOTER && (poll.isClosed() || poll.isContinuousResults())) { + permissions.add(createSubjectPermission(PermissionVerb.readPollResult, poll)); + } } PrincipalByType principalByType = resolvePrincipals(principals); @@ -426,6 +435,9 @@ public class SecurityService extends PollenServiceSupport { for(Vote vote: principalByType.votes) { permissions.add(createWildcardSubjectPermission(vote)); + if (vote.getPoll().getPollType() != PollType.FREE) { + permissions.remove(createSubjectPermission(PermissionVerb.addVote, vote.getPoll())); + } } for (Poll poll : principalByType.polls) { @@ -473,7 +485,7 @@ public class SecurityService extends PollenServiceSupport { } - protected void generatePollAccessPermission(Set<String> permissions, Poll poll) { + protected void generatePollPublicPermission(Set<String> permissions, Poll poll) { permissions.add(createSubjectPermission(PermissionVerb.readPoll, poll)); permissions.add(createSubjectPermission(PermissionVerb.addVote, poll)); permissions.add(createSubjectPermission(PermissionVerb.addComment, poll)); @@ -490,7 +502,7 @@ public class SecurityService extends PollenServiceSupport { permissions.add(createSubjectPermission(PermissionVerb.readPollResult, poll)); } - if (poll.isChoiceAddAllowed()) { + if (poll.isChoiceAddAllowed() && !poll.isClosed()) { permissions.add(createSubjectPermission(PermissionVerb.addChoice, poll)); } diff --git a/pollen-ui-angular/src/main/webapp/js/controllers/pollCtrl.js b/pollen-ui-angular/src/main/webapp/js/controllers/pollCtrl.js index b9ebaab..093bc6e 100644 --- a/pollen-ui-angular/src/main/webapp/js/controllers/pollCtrl.js +++ b/pollen-ui-angular/src/main/webapp/js/controllers/pollCtrl.js @@ -1158,6 +1158,11 @@ angular.module('pollControllers', ['ngRoute', 'pollenServices', 'pascalprecht.tr } PollVote.add({pollId:$routeParams.pollId, permission:$scope.globalVariables.pollToken}, sendVote, function (returnRequest) { + + if ($scope.data.poll.pollType != 'FREE') { + $scope.data.poll.canVote = false; + } + $scope.data.vote.id = returnRequest.id; $scope.data.vote.permission = returnRequest.permission; diff --git a/pollen-ui-angular/src/main/webapp/partials/inline-poll.html b/pollen-ui-angular/src/main/webapp/partials/inline-poll.html index b330c1b..4ecd5fa 100644 --- a/pollen-ui-angular/src/main/webapp/partials/inline-poll.html +++ b/pollen-ui-angular/src/main/webapp/partials/inline-poll.html @@ -65,7 +65,7 @@ <!-- end print choice --> <!-- begin input vote --> - <tr ng-show="!globalVariables.editMode" ng-if="! data.poll.isClosed"> + <tr ng-show="!globalVariables.editMode" ng-if="data.poll.canVote"> <td class="pollChoice"> <input-error error="data.vote.restError.voterName[0]" data="data.vote.voterName"> <input type="text" class="form-control" placeholder="{{ 'user.name' | translate }}" ng-model="data.vote.voterName" input-error="data.vote.restError.voterName[0]" focus-me="true" /> @@ -128,18 +128,20 @@ </div> </td> <td> - <button class="btn btn-primary" ng-if="vote.permission && !globalVariables.editMode && vote.onEdit" ng-click="saveVote(vote)"> - <span class="glyphicon glyphicon-ok"></span> - </button> - <button class="btn btn-default" ng-if="vote.permission && !globalVariables.editMode && vote.onEdit" ng-click="cancelVote(vote)"> - <span class="glyphicon glyphicon-remove"></span> - </button> - <button class="btn btn-info" ng-if="vote.permission && !globalVariables.editMode && !vote.onEdit" ng-click="editVote(vote)"> - <span class="glyphicon glyphicon-pencil"></span> - </button> - <button class="btn btn-danger" ng-if="vote.permission && !globalVariables.editMode && !vote.onEdit" ng-click="deleteVote(vote)"> - <span class="glyphicon glyphicon-trash"></span> - </button> + <div ng-if="!data.poll.isClosed"> + <button class="btn btn-primary" ng-if="vote.permission && !globalVariables.editMode && vote.onEdit" ng-click="saveVote(vote)"> + <span class="glyphicon glyphicon-ok"></span> + </button> + <button class="btn btn-default" ng-if="vote.permission && !globalVariables.editMode && vote.onEdit" ng-click="cancelVote(vote)"> + <span class="glyphicon glyphicon-remove"></span> + </button> + <button class="btn btn-info" ng-if="vote.permission && !globalVariables.editMode && !vote.onEdit" ng-click="editVote(vote)"> + <span class="glyphicon glyphicon-pencil"></span> + </button> + <button class="btn btn-danger" ng-if="vote.permission && !globalVariables.editMode && !vote.onEdit" ng-click="deleteVote(vote)"> + <span class="glyphicon glyphicon-trash"></span> + </button> + </div> </td> </tr> <!-- end print vote --> -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.