EN · DE · RU · FR · ES
← Index · ← File index · ← Prev · Next → · 📄 source

#459: GanttChartRight.java

projectforge-business/src/main/java/org/projectforge/business/gantt/GanttChartRight.java Type: Java · Role: Gantt Chart · Source: projectforge-business/src/main/java/org/projectforge/business/gantt/GanttChartRight.java 143 lines · 77 code · 55 comments · 11 blank
Access rights checker for GanttChart operations. Implements PF user right ID checks and determines CRUD permissions per module.

Code Structure

Package: org.projectforge.business.gantt

Classes: GanttChartRight

Extends: UserRightAccessCheck

Methods (5): hasSelectAccess, hasSelectAccess, hasAccess, hasInsertAccess, hasAccess

Fields (1): serialVersionUID

Imports: 8 packages

Source Code (abridged)

package org.projectforge.business.gantt;

import org.projectforge.business.fibu.ProjektDO;
import org.projectforge.business.task.TaskTree;
import org.projectforge.business.user.*;
import org.projectforge.framework.access.AccessChecker;
import org.projectforge.framework.access.AccessType;
import org.projectforge.framework.access.OperationType;
import org.projectforge.framework.persistence.user.entities.PFUserDO;
import org.projectforge.web.WicketSupport;

/**
 *
 * @author Kai Reinhard (k.reinhard@me.de)
 *
 */
public class GanttChartRight extends UserRightAccessCheck<GanttChartDO>
{
  private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(GanttChartRight.class);

  private static final long serialVersionUID = -1711148447929915434L;

  public GanttChartRight()
  {
    super(UserRightId.PM_GANTT, UserRightCategory.PM);
  }

  /**
   * @return true.
   * @see org.projectforge.business.user.UserRightAccessCheck#hasSelectAccess(org.projectforge.framework.access.AccessChecker,
   *      org.projectforge.framework.persistence.user.entities.PFUserDO)
   */
  @Override
  public boolean hasSelectAccess(final PFUserDO user)
  {
    return true;
  }

  /**
   * If the user is owner of the GanttChartDO he has access, otherwise he needs at least select access to the root task.
   * For project managers the user must be additional of the group of the project manager group (assigned to this task)
   * or if no project manager group is available for this task the user should be a member of
   * {@link ProjectForgeGroup#PROJECT_MANAGER}.
   *
   * @see org.projectforge.business.user.UserRightAccessCheck#hasSelectAccess(java.lang.Object)
   */
  @Override
  public boolean hasSelectAccess(final PFUserDO user, final GanttChartDO obj)
  {
    if (obj == null) {
      return false;
    }
    return hasAccess(user, obj, obj.getReadAccess());
  }

  /**
   * If the user is owner of the GanttChartDO he has access, otherwise he needs at least select access to the root task.
   * For project managers the user must be additional of the group of the project manager group (assigned to this task)
   * or if no project manager group is available for this task the user should be a member of
   * {@link ProjectForgeGroup#PROJECT_MANAGER}.
   *
   * @see org.projectforge.business.user.UserRightAccessCheck#hasSelectAccess(java.lang.Object)
   */
  @Override
  public boolean hasAccess(final PFUserDO user, final GanttChartDO obj, final GanttChartDO oldObj,
      final OperationType operationType)
  {
    if (obj == null) {
      return false;
    }
    final GanttChartDO gc = oldObj != null ? oldObj : obj;
    return hasAccess(user, gc, gc.getWriteAccess());
  }

  @Override
  public boolean hasInsertAccess(final PFUserDO user)
  {
    return true;
  }

  private boolean hasAccess(final PFUserDO user, final GanttChartDO obj, final GanttAccess access)
  {
    var accessChecker = WicketSupport.getAccessChecker();
    if (accessChecker.userEqualsToContextUser(obj.getOwner())) {
      // Owner has always access:
      return true;
    }
    if (access == null || access == GanttAccess.OWNER) {
      // No access defined, so only owner has access:
      return false;
    }
    if (access.isIn(GanttAccess.ALL, GanttAccess.PROJECT_MANAGER)) {
      if (obj.getTask() == null) {
        // Task needed for these GanttAccess types, so no access:
        return false;
      }
      if (!accessChecker.hasPermission(user, obj.getTaskId(), AccessType.TASKS, OperationType.SELECT,
          false)) {
        // User has no task access:
        return false;
      }
      if (access == GanttAccess.ALL) {
        // User has task access:
        return true;
      }
      final TaskTree taskTree = TaskTree.getInstance();
      final ProjektDO project = taskTree.getProjekt(obj.getTaskId());
      if (project == null) {
        // Project manager group not found:
        return accessChecker.isUserMemberOfGroup(user, ProjectForgeGroup.PROJECT_MANAGER);
      }
      // Users of the project manager group have access:
      return UserGroupCache.getInstance().isUserMemberOfGroup(user, project.getProjektManagerGroupId());
    } else {
      log.error("Unsupported GanttAccess type: " + access);
    }
    return false;

  }
// ... (truncated, total 121 lines)

Git History

868d6abb7 2025 -> 2026
63081666f Source file headers: 2024-> 2025.
4efcbd0fb Migration stuff in progress...
b6092df09 Copyright 2023 -> 2024
ab45d51fa Copyright 2001-2022 -> 2001-2023.