From 96f19d35d7431ea69137428cf0ad6a08e7c53589 Mon Sep 17 00:00:00 2001
From: Bojnourdi <kavoos.bojnourdi@edf.fr>
Date: Tue, 18 Aug 2015 12:45:50 +0200
Subject: [PATCH] Added user's permissions

---
 .../edf/gde/services/AttributesService.java   |  4 ++--
 .../com/edf/gde/services/ProfilesService.java |  6 ++---
 .../com/edf/gde/services/StudyService.java    |  4 ++--
 projects/GDE_App/src/GDE_DB_Init.sql          | 24 ++++++++++++++++++-
 4 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
index cb8a16c..75b791f 100644
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/AttributesService.java
@@ -45,8 +45,8 @@ public class AttributesService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-        //userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-        //pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATEATTRIBUTE: {
diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
index 09d1d0e..9c69837 100644
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/ProfilesService.java
@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
  */
 public class ProfilesService extends BaseService {
 
-    public static final String ServiceName = "AttributesService";
+    public static final String ServiceName = "ProfilesService";
     public static final int CREATEPROFILE = 1;
     public static final int DELETEPROFILE = 2;
     public static final int READPROFILE = 3;
@@ -46,8 +46,8 @@ public class ProfilesService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-        //userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-        //pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATEPROFILE: {
diff --git a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
index 4f4a9bd..6065fda 100644
--- a/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
+++ b/projects/GDE_App/GDE-war/src/java/com/edf/gde/services/StudyService.java
@@ -39,8 +39,8 @@ public class StudyService extends BaseService {
         CommandTO commandTO = getCommand(request);
         CommandResultTO resultTO = new CommandResultTO();
         Credentials credentials = getCredentials(request);
-//        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
-//        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
+        userEjb.checkPassword(credentials.getLogin(), credentials.getPassword());
+        pm.checkPermission(credentials.getLogin(), ServiceName, commandTO.getMethod());
         try {
             switch (commandTO.getMethod()) {
                 case CREATESTUDY: {
diff --git a/projects/GDE_App/src/GDE_DB_Init.sql b/projects/GDE_App/src/GDE_DB_Init.sql
index ce6a47c..10e4cf0 100644
--- a/projects/GDE_App/src/GDE_DB_Init.sql
+++ b/projects/GDE_App/src/GDE_DB_Init.sql
@@ -120,6 +120,7 @@ CREATE TABLE study (
 INSERT INTO users (id,username,userpassword) VALUES (1,'admin','edf123');
 INSERT INTO group_ (id,groupname) VALUES (1,'admins');
 INSERT into usergroup(id,groupid,userid) VALUES (2,1,1);
+/* User management permissions */
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (3, 1, 'UserService',1); -- Create user 
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (4, 1, 'UserService',2); -- Delete user
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (5, 1, 'UserService',3); -- Add to group
@@ -128,5 +129,26 @@ INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (7, 1,
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (8, 1, 'UserService',6); -- Delete group
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (9, 1, 'UserService',7); -- Find user
 INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (10, 1, 'UserService',8); -- Find group
-
+/* Studies permissions */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (11, 1, 'StudyService',1); -- Create study
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (12, 1, 'StudyService',2); -- Set study state
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (13, 1, 'StudyService',3); -- Read study
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (14, 1, 'StudyService',4); -- Delete study
+/* Profiles services */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (15, 1, 'ProfilesService',1); -- Create profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (16, 1, 'ProfilesService',2); -- Delete profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (17, 1, 'ProfilesService',3); -- Read profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (18, 1, 'ProfilesService',4); -- Update profile
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (19, 1, 'ProfilesService',5); -- Create profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (20, 1, 'ProfilesService',6); -- Delete profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (21, 1, 'ProfilesService',7); -- Read profile attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (22, 1, 'ProfilesService',8); -- Update profile attribute
+/* Attributes services */
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (23, 1, 'AttributesService',1); -- Create attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (24, 1, 'AttributesService',2); -- Delete attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (25, 1, 'AttributesService',3); -- Read attribute
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (26, 1, 'AttributesService',4); -- Create attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (27, 1, 'AttributesService',5); -- Delete attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (28, 1, 'AttributesService',6); -- Update attribute group
+INSERT INTO GROUPPERMISSIONS (id,groupid,servicename,methodindex) VALUES (29, 1, 'AttributesService',7); -- Read attribute group
  
-- 
2.39.2