1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.plugins.directory.service.record;
35
36 import javax.servlet.http.HttpServletRequest;
37
38 import fr.paris.lutece.plugins.directory.business.Directory;
39 import fr.paris.lutece.plugins.directory.business.DirectoryHome;
40 import fr.paris.lutece.plugins.directory.business.EntryHome;
41 import fr.paris.lutece.plugins.directory.business.EntryTypeImg;
42 import fr.paris.lutece.plugins.directory.business.IEntry;
43 import fr.paris.lutece.plugins.directory.business.Record;
44 import fr.paris.lutece.plugins.directory.business.RecordField;
45 import fr.paris.lutece.plugins.directory.business.RecordFieldFilter;
46 import fr.paris.lutece.plugins.directory.business.RecordFieldHome;
47 import fr.paris.lutece.plugins.directory.business.RecordHome;
48 import fr.paris.lutece.plugins.directory.service.DirectoryResourceIdService;
49 import fr.paris.lutece.plugins.directory.web.ManageDirectoryJspBean;
50 import fr.paris.lutece.portal.business.user.AdminUser;
51 import fr.paris.lutece.portal.service.admin.AdminUserService;
52 import fr.paris.lutece.portal.service.plugin.Plugin;
53 import fr.paris.lutece.portal.service.rbac.RBACService;
54 import fr.paris.lutece.portal.service.resource.ExtendableResourceRemovalListenerService;
55 import fr.paris.lutece.portal.service.security.SecurityService;
56 import fr.paris.lutece.portal.service.spring.SpringContextService;
57 import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService;
58
59 import org.springframework.transaction.annotation.Transactional;
60
61 import java.util.List;
62
63
64
65
66
67
68 public class RecordService implements IRecordService
69 {
70
71
72
73 public static final String BEAN_SERVICE = "directory.recordService";
74
75
76
77
78 @Override
79 @Transactional( "directory.transactionManager" )
80 public int copy( Record record, Plugin plugin )
81 {
82 return RecordHome.copy( record, plugin );
83 }
84
85
86
87
88 @Override
89 @Transactional( "directory.transactionManager" )
90 public int create( Record record, Plugin plugin )
91 {
92 return RecordHome.create( record, plugin );
93 }
94
95
96
97
98 @Override
99 @Transactional( "directory.transactionManager" )
100 public void remove( int nIdRecord, Plugin plugin )
101 {
102 ExtendableResourceRemovalListenerService.doRemoveResourceExtentions( Record.EXTENDABLE_RESOURCE_TYPE, Integer.toString( nIdRecord ) );
103 RecordHome.remove( nIdRecord, plugin );
104 }
105
106
107
108
109 @Override
110 @Transactional( "directory.transactionManager" )
111 public void update( Record record, Plugin plugin )
112 {
113 RecordHome.update( record, plugin );
114 }
115
116
117
118
119 @Override
120 @Transactional( "directory.transactionManager" )
121 public void updateWidthRecordField( Record record, Plugin plugin )
122 {
123 RecordHome.updateWidthRecordField( record, plugin );
124 }
125
126
127
128
129
130
131 @Override
132 public Boolean directoryRecordListHasWorkflow( int nIdDirectory, Plugin plugin )
133 {
134 return RecordHome.direcytoryRecordListHasWorkflow( nIdDirectory, plugin );
135 }
136
137
138
139
140 @Override
141 public Record findByPrimaryKey( int nKey, Plugin plugin )
142 {
143 return RecordHome.findByPrimaryKey( nKey, plugin );
144 }
145
146
147
148
149 @Override
150 public int getCountRecord( RecordFieldFilter filter, Plugin plugin )
151 {
152 return RecordHome.getCountRecord( filter, plugin );
153 }
154
155
156
157
158 @Override
159 public Integer getDirectoryIdByRecordId( Integer nRecordId, Plugin plugin )
160 {
161 return RecordHome.getDirectoryIdByRecordId( nRecordId, plugin );
162 }
163
164
165
166
167 @Override
168 public List<Record> getListRecord( RecordFieldFilter filter, Plugin plugin )
169 {
170 return RecordHome.getListRecord( filter, plugin );
171 }
172
173
174
175
176 @Override
177 public List<Integer> getListRecordId( RecordFieldFilter filter, Plugin plugin )
178 {
179 return RecordHome.getListRecordId( filter, plugin );
180 }
181
182
183
184
185 @Override
186 public List<Record> loadListByListId( List<Integer> lIdList, Plugin plugin )
187 {
188 return RecordHome.loadListByListId( lIdList, plugin );
189 }
190
191
192
193
194 @Override
195 public boolean isFileAuthorized( int nFileId, HttpServletRequest request, Plugin plugin )
196 {
197
198
199 RecordField recordField = RecordFieldHome.findByFile( nFileId, plugin );
200 IRecordService recordService = SpringContextService.getBean( RecordService.BEAN_SERVICE );
201 Record record = recordService.findByPrimaryKey( recordField.getRecord( ).getIdRecord( ), plugin );
202 IEntry entry = EntryHome.findByPrimaryKey( recordField.getEntry( ).getIdEntry( ), plugin );
203
204
205 boolean bEntryImg = entry instanceof EntryTypeImg;
206 boolean bShownList = entry.isShownInResultList( ) && ( !bEntryImg || recordField.getField( ).isShownInResultList( ) );
207 boolean bShownRecord = entry.isShownInResultRecord( ) && ( !bEntryImg || recordField.getField( ).isShownInResultList( ) );
208 if ( record != null && record.getDirectory( ) != null )
209 {
210 Directory directory = DirectoryHome.findByPrimaryKey( record.getDirectory( ).getIdDirectory( ), plugin );
211
212
213 if ( directory != null && directory.isEnabled( ) && record.isEnabled( ) )
214 {
215 boolean directoryRoleOk = !( ( directory.getRoleKey( ) != null ) && !directory.getRoleKey( ).equals( Directory.ROLE_NONE )
216 && SecurityService.isAuthenticationEnable( ) && !SecurityService.getInstance( ).isUserInRole( request, directory.getRoleKey( ) ) );
217 if ( directoryRoleOk )
218 {
219 boolean recordRoleOk = !( ( record.getRoleKey( ) != null ) && !record.getRoleKey( ).equals( Directory.ROLE_NONE )
220 && SecurityService.isAuthenticationEnable( ) && !SecurityService.getInstance( ).isUserInRole( request, record.getRoleKey( ) ) );
221 if ( recordRoleOk )
222 {
223 return bShownList || bShownRecord;
224 }
225 }
226 }
227
228
229 AdminUser adminUser = AdminUserService.getAdminUser( request );
230 if ( adminUser != null )
231 {
232 if ( adminUser.checkRight( ManageDirectoryJspBean.RIGHT_MANAGE_DIRECTORY ) )
233 {
234 if ( AdminWorkgroupService.isAuthorized( directory, adminUser ) && AdminWorkgroupService.isAuthorized( record, adminUser ) )
235 {
236 boolean bRbacModify = RBACService.isAuthorized( Directory.RESOURCE_TYPE, Integer.toString( directory.getIdDirectory( ) ),
237 DirectoryResourceIdService.PERMISSION_MODIFY_RECORD, adminUser );
238 if ( bRbacModify )
239 {
240 return true;
241 }
242
243 boolean bRbacManage = RBACService.isAuthorized( Directory.RESOURCE_TYPE, Integer.toString( directory.getIdDirectory( ) ),
244 DirectoryResourceIdService.PERMISSION_MANAGE_RECORD, adminUser );
245 if ( bRbacManage )
246 {
247 return bShownList;
248 }
249
250 boolean bRbacVisualize = RBACService.isAuthorized( Directory.RESOURCE_TYPE, Integer.toString( directory.getIdDirectory( ) ),
251 DirectoryResourceIdService.PERMISSION_VISUALISATION_RECORD, adminUser );
252 if ( bRbacVisualize )
253 {
254 return true;
255 }
256 }
257 }
258 }
259 }
260 return false;
261 }
262 }