Added user's permissions

diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
index cb8a16c0fced8c51c68a748c4e2a18bd3ae61277..75b791fe85401cf8d0e159d1269c8d607c0317bf 100644 (file)
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
@@ -45,8 +45,8 @@ public class AttributesService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-        //userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-        //pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATEATTRIBUTE: {

diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
index 09d1d0e241bdd7ccba76850f0287cf701abbdcc7..9c69837944b82080851f8c84cd3abf9254a5128a 100644 (file)
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
  */
 public class ProfilesService extends BaseService {
 
-    public static final String ServiceName = "AttributesService";
+    public static final String ServiceName = "ProfilesService";
     public static final int CREATEPROFILE = 1;
     public static final int DELETEPROFILE = 2;
     public static final int READPROFILE = 3;
@@ -46,8 +46,8 @@ public class ProfilesService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-        //userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-        //pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATEPROFILE: {

diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
index 4f4a9bd9a40cfa2076b7489dd619c4fcc4626a8b..6065fda91aff25b29cff89c654efb1a6ff15ac1b 100644 (file)
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
@@ -39,8 +39,8 @@ public class StudyService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-//        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-//        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATESTUDY: {

diff --git a/projects/GDE_App/src/GDE_DB_Init.sql b/projects/GDE_App/src/GDE_DB_Init.sql
index ce6a47cd90c8c15aee30d2d885510452bdf93648..10e4cf0789f010d0034c5923967f53e4c18c541e 100644 (file)
--- a/projects/GDE_App/src/GDE_DB_Init.sql
+++ b/projects/GDE_App/src/GDE_DB_Init.sql
@@ -120,6 +120,7 @@ CREATE TABLE study (
 INSERT INTO users (id,username,userpassword) VALUES (1,'admin','edf123');
 INSERT INTO group_ (id,groupname) VALUES (1,'admins');
 INSERT into usergroup(id,groupid,userid) VALUES (2,1,1);
+/* User management permissions */
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (3, 1, 'UserService',1); -- Create user 
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (4, 1, 'UserService',2); -- Delete user
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (5, 1, 'UserService',3); -- Add to group
@@ -128,5 +129,26 @@ INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (7, 1,
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (8, 1, 'UserService',6); -- Delete group
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (9, 1, 'UserService',7); -- Find user
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (10, 1, 'UserService',8); -- Find group
-
+/* Studies permissions */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (11, 1, 'StudyService',1); -- Create study
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (12, 1, 'StudyService',2); -- Set study state
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (13, 1, 'StudyService',3); -- Read study
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (14, 1, 'StudyService',4); -- Delete study
+/* Profiles services */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (15, 1, 'ProfilesService',1); -- Create profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (16, 1, 'ProfilesService',2); -- Delete profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (17, 1, 'ProfilesService',3); -- Read profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (18, 1, 'ProfilesService',4); -- Update profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (19, 1, 'ProfilesService',5); -- Create profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (20, 1, 'ProfilesService',6); -- Delete profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (21, 1, 'ProfilesService',7); -- Read profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (22, 1, 'ProfilesService',8); -- Update profile attribute
+/* Attributes services */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (23, 1, 'AttributesService',1); -- Create attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (24, 1, 'AttributesService',2); -- Delete attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (25, 1, 'AttributesService',3); -- Read attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (26, 1, 'AttributesService',4); -- Create attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (27, 1, 'AttributesService',5); -- Delete attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (28, 1, 'AttributesService',6); -- Update attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (29, 1, 'AttributesService',7); -- Read attribute group