|
|
|
@ -213,6 +213,12 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
|
|
SessionUtil.getCurrentContext(this.getThreadLocalRequest(), true);
|
|
|
|
|
String userName = null;
|
|
|
|
|
try {
|
|
|
|
|
userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername();
|
|
|
|
|
}catch (Exception e) {
|
|
|
|
|
LOG.info("User not found in session, the userName for cecking policy will be null");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (itemType.equalsIgnoreCase("concessione")) {
|
|
|
|
|
|
|
|
|
@ -227,15 +233,24 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
|
|
|
|
|
if (concessione.getPianteFineScavo() != null) {
|
|
|
|
|
|
|
|
|
|
for (LayerConcessione lc : concessione.getPianteFineScavo()) {
|
|
|
|
|
listLayers.add(ConvertToDataViewModel.toLayerConcessione(lc, baseConcessione));
|
|
|
|
|
if (CheckAccessPolicyUtil.isAccessible(lc.getPolicy().name(), userName)) {
|
|
|
|
|
listLayers.add(ConvertToDataViewModel.toLayerConcessione(lc, baseConcessione));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
LayerConcessione lcPosizionamento = concessione.getPosizionamentoScavo();
|
|
|
|
|
|
|
|
|
|
if (lcPosizionamento != null) {
|
|
|
|
|
|
|
|
|
|
if (CheckAccessPolicyUtil.isAccessible(lcPosizionamento.getPolicy().name(), userName)) {
|
|
|
|
|
|
|
|
|
|
LayerConcessioneDV thePosizScavo = ConvertToDataViewModel
|
|
|
|
|
.toLayerConcessione(lcPosizionamento, baseConcessione);
|
|
|
|
|
if (thePosizScavo != null)
|
|
|
|
|
listLayers.add(thePosizScavo);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (concessione.getPosizionamentoScavo() != null) {
|
|
|
|
|
LayerConcessioneDV thePosizScavo = ConvertToDataViewModel
|
|
|
|
|
.toLayerConcessione(concessione.getPosizionamentoScavo(), baseConcessione);
|
|
|
|
|
if (thePosizScavo != null)
|
|
|
|
|
listLayers.add(thePosizScavo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else
|
|
|
|
@ -270,11 +285,6 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
LOG.info("Trying to get record for id " + mongoId);
|
|
|
|
|
// SessionUtil.getCurrentContext(this.getThreadLocalRequest(), true);
|
|
|
|
|
// SessionUtil.getCurrentToken(this.getThreadLocalRequest(), true);
|
|
|
|
|
// // Obtain the client
|
|
|
|
|
// ConcessioniManagerI manager = statefulMongoConcessioni().build();
|
|
|
|
|
// Concessione concessione = manager.getById(mongoId);
|
|
|
|
|
|
|
|
|
|
ConcessioniMongoService cms = new ConcessioniMongoService();
|
|
|
|
|
Concessione concessione = cms.getItemById(this.getThreadLocalRequest(), mongoId);
|
|
|
|
@ -283,12 +293,17 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
|
|
|
|
|
if (concessione != null) {
|
|
|
|
|
concessionDV = ConvertToDataViewModel.toConcessione(concessione);
|
|
|
|
|
|
|
|
|
|
GCubeUser user = SessionUtil.getCurrentUser(this.getThreadLocalRequest());
|
|
|
|
|
String userName = user == null ? null : user.getUsername();
|
|
|
|
|
String userName = null;
|
|
|
|
|
try {
|
|
|
|
|
userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername();
|
|
|
|
|
|
|
|
|
|
}catch (Exception e) {
|
|
|
|
|
LOG.info("User not found in session, so going to apply the acess policies");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TODO THIS IS A WORKAROUND WAITING FOR USER ROLE.
|
|
|
|
|
// TODO THIS IS A WORKAROUND WAITING FOR ADOPTING OF USER ROLES. AT THE MOMENT, A USER AUTHENTICATED CAN ACCESS EVERYTHING
|
|
|
|
|
// I CAN CHECK THE ACCCESS POLICIES IF AND ONLY IF THE USER IS NOT LOGGED IN.
|
|
|
|
|
if (user == null) {
|
|
|
|
|
if (userName == null) {
|
|
|
|
|
|
|
|
|
|
// CHECKING ACCESS POLICY
|
|
|
|
|
LOG.info("Applying access policies for concessione " + mongoId + " returned by service");
|
|
|
|
@ -296,6 +311,8 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme
|
|
|
|
|
if (layerPosizionamento != null) {
|
|
|
|
|
if (!CheckAccessPolicyUtil.isAccessible(layerPosizionamento.getPolicy(), userName)) {
|
|
|
|
|
concessionDV.setPosizionamentoScavo(null);
|
|
|
|
|
}else {
|
|
|
|
|
LOG.info("Posizionamento di Scavo is not accessible by current user");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|