/**
* The contents of this file are subject to the Mozilla Public License
* Version 1.1 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS"
* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
* License for the specific language governing rights and limitations under
* the License.
*
* The Original Code is OpenELIS code.
*
* Copyright (C) The Minnesota Department of Health. All Rights Reserved.
*
* Contributor(s): CIRG, University of Washington, Seattle WA.
*/
package us.mn.state.health.lims.login.daoimpl;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import us.mn.state.health.lims.common.daoimpl.BaseDAOImpl;
import us.mn.state.health.lims.common.exception.LIMSRuntimeException;
import us.mn.state.health.lims.common.log.LogEvent;
import us.mn.state.health.lims.common.security.PageIdentityUtil;
import us.mn.state.health.lims.login.dao.LoginDAO;
import us.mn.state.health.lims.login.dao.UserModuleDAO;
import us.mn.state.health.lims.login.valueholder.Login;
import us.mn.state.health.lims.login.valueholder.UserSessionData;
import us.mn.state.health.lims.systemusermodule.dao.PermissionAgentModuleDAO;
import us.mn.state.health.lims.systemusermodule.daoimpl.PermissionAgentFactory;
import us.mn.state.health.lims.systemusermodule.daoimpl.SystemUserModuleDAOImpl;
import us.mn.state.health.lims.systemusermodule.valueholder.SystemUserModule;
/**
* @author Hung Nguyen (Hung.Nguyen@health.state.mn.us)
*/
/*
* N.B. This class has nothing to do with database access
*/
public class UserModuleDAOImpl extends BaseDAOImpl implements UserModuleDAO {
public boolean isSessionExpired(HttpServletRequest request) throws LIMSRuntimeException {
if (request.getSession().getAttribute(USER_SESSION_DATA) == null)
return true;
return false;
}
/**
* Check if the user has any module assign to him/her
* @param request is HttpServletRequest
* @return true if found, false otherwise
*/
public boolean isUserModuleFound(HttpServletRequest request) throws LIMSRuntimeException {
boolean isFound = false;
try {
UserSessionData usd = (UserSessionData) request.getSession().getAttribute(USER_SESSION_DATA);
PermissionAgentModuleDAO permissionAgentModuleDAO = PermissionAgentFactory.getPermissionAgentImpl();// new SystemUserModuleDAOImpl();
isFound = permissionAgentModuleDAO.doesUserHaveAnyModules(usd.getSystemUserId());
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isUserModuleFound()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isUserModuleFound()", lre);
}
return isFound;
}
/**
* TODO: Setup the user accessible buttons in the user object
* Preparing and setting the user module select/add/update/delete disable/enable buttons
* @param request is HttpServletRequest
* @return true if success, false otherwise
*/
public boolean isVerifyUserModule(HttpServletRequest request) throws LIMSRuntimeException {
boolean isFound = PageIdentityUtil.isMainPage(request);
if (!isFound) {
try {
UserSessionData usd = (UserSessionData) request.getSession().getAttribute(USER_SESSION_DATA);
PermissionAgentModuleDAO systemUserModuleDAO = new SystemUserModuleDAOImpl();
List list = systemUserModuleDAO.getAllPermissionModulesByAgentId(usd.getSystemUserId());
for (int i = 0; i < list.size(); i++) {
SystemUserModule systemUserModule = (SystemUserModule) list.get(i);
String userAssignedModule = systemUserModule.getSystemModule().getSystemModuleName();
String actionName = getActionName(request, userAssignedModule);
// we want to check only part of action class name
// because each module/action can have up to 5 or 6 names
if (actionName.equals(userAssignedModule) || actionName.startsWith(userAssignedModule + "Menu")) {
isFound = true;
setupUserButtons(request, systemUserModule, actionName);
// bugzilla 2154
LogEvent.logInfo("UserModuleDAOImpl", "isVerifyUserModule()",
"======> ALLOWED ACCESS TO THIS MODULE");
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> MODULE ID : "
+ systemUserModule.getSystemModule().getId());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> MODULE NAME : "
+ systemUserModule.getSystemModule().getSystemModuleName());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> ALLOW_VIEW : "
+ systemUserModule.getHasSelect());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> ALLOW_ADD : "
+ systemUserModule.getHasAdd());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> ALLOW_UPDATE: "
+ systemUserModule.getHasUpdate());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> ALLOW_DELETE: "
+ systemUserModule.getHasDelete());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()",
"======> SYSTEM MODULE DEFAULT VALUE");
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> HAS_VIEW : "
+ systemUserModule.getSystemModule().getHasSelectFlag());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> HAS_ADD : "
+ systemUserModule.getSystemModule().getHasAddFlag());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> HAS_UPDATE: "
+ systemUserModule.getSystemModule().getHasUpdateFlag());
LogEvent.logDebug("UserModuleDAOImpl", "isVerifyUserModule()", "======> HAS_DELETE: "
+ systemUserModule.getSystemModule().getHasDeleteFlag());
break;
}
}
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isVerifyUserModule()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isVerifyUserModule()", lre);
}
}
return isFound;
}
/**
* Get the user login information bases on the user login name
* @param request is HttpServletRequest
* @return user information
*/
private Login getUserLogin(HttpServletRequest request) throws LIMSRuntimeException {
Login login = null;
try {
UserSessionData usd = (UserSessionData) request.getSession().getAttribute(USER_SESSION_DATA);
LoginDAO loginDAO = new LoginDAOImpl();
login = loginDAO.getUserProfile(usd.getLoginName());
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "getUserLogin()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl getUserLogin()", lre);
}
return login;
}
/**
* Check if the user account in locked
* @param request is HttpServletRequest
* @return true if locked, false otherwise
*/
public boolean isAccountLocked(HttpServletRequest request) throws LIMSRuntimeException {
try {
Login login = getUserLogin(request);
if (login.getAccountLocked().equalsIgnoreCase(YES))
return true;
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isAccountLocked()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isAccountLocked()", lre);
}
return false;
}
/**
* Check if the user account in disabled
* @param request is HttpServletRequest
* @return true if disabled, false otherwise
*/
public boolean isAccountDisabled(HttpServletRequest request) throws LIMSRuntimeException {
try {
Login login = getUserLogin(request);
if (login.getAccountDisabled().equalsIgnoreCase(YES))
return true;
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isAccountDisabled()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isAccountDisabled()", lre);
}
return false;
}
/**
* Check if the user password is expired
* @param request is HttpServletRequest
* @return true if expired, false otherwise
*/
public boolean isPasswordExpired(HttpServletRequest request) throws LIMSRuntimeException {
try {
Login login = getUserLogin(request);
if (login.getPasswordExpiredDayNo() <= 0)
return true;
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isPasswordExpired()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isPasswordExpired()", lre);
}
return false;
}
/**
* Check if the user is admin role
* @param request is HttpServletRequest
* @return true if admin, false otherwise
*/
public boolean isUserAdmin(HttpServletRequest request) throws LIMSRuntimeException {
try {
Login login = getUserLogin(request);
if (login.getIsAdmin().equalsIgnoreCase(YES))
return true;
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "isUserAdmin()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl isUserAdmin()", lre);
}
return false;
}
/**
* Setup the user session time bases on the information in <table>LOGIN_USER</table>
* @param request is HttpServletRequest
*/
public void setupUserSessionTimeOut(HttpServletRequest request) throws LIMSRuntimeException {
try {
Login login = getUserLogin(request);
int timeOut = Integer.parseInt((String) login.getUserTimeOut());
request.getSession().setMaxInactiveInterval(timeOut * 60);
UserSessionData usd = (UserSessionData) request.getSession().getAttribute(USER_SESSION_DATA);
usd.setUserTimeOut(timeOut * 60);
request.getSession().setAttribute(USER_SESSION_DATA, usd);
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "setupUserSessionTimeOut()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl setupUserSessionTimeOut()", lre);
}
}
/**
* TOD): will move hardcoded action names to the property file
* @param request
* @param userAssignedModule
* @return actionName the name of the action form
*/
private String getActionName(HttpServletRequest request, String userAssignedModule)
throws LIMSRuntimeException {
String actionName = null;
try {
actionName = (String) request.getAttribute(ACTION_KEY);
// bugzilla 2154
LogEvent.logDebug("UserModuleDAOImpl","getActionName()","======> USER ASSIGNED MODULE: " + userAssignedModule);
LogEvent.logDebug("UserModuleDAOImpl", "getActionName()", "======> ACTION MODULE NAME : " + actionName);
//N.B. The effect of this first if is that the first module on the list for the user becomes the
//actionName. This does not seem correct.
if ((actionName == null) || (actionName.length() == 0)) {
actionName = userAssignedModule;
} else if (actionName.equals("QuickEntryAddTestPopup")) {
actionName = "QuickEntry";
} else if (actionName.equals("TestManagementAddTestPopup")) {
actionName = "TestManagement";
// bugzilla 1844: removing HumanSampleOneAddTestPopup
} else if ( actionName.equals("TestAnalyteTestResultAddDictionaryRGPopup") ||
actionName.equals("TestAnalyteTestResultAddNonDictionaryRGPopup") ||
actionName.equals("TestAnalyteTestResultAddRGPopup") ||
actionName.equals("TestAnalyteTestResultAssignRGPopup") ||
actionName.equals("TestAnalyteTestResultEditDictionaryRGPopup") ||
actionName.equals("TestAnalyteTestResultEditDictionaryRGPopup") ||
actionName.equals("TestAnalyteTestResultEditNonDictionaryRGPopup") ) {
actionName = "TestAnalyteTestResult";
} else if ( actionName.equals("QaEventsEntryAddQaEventsToTestsPopup") ||
actionName.equals("QaEventsEntryAddActionsToQaEventsPopup")) {
actionName = "QaEventsEntry";
}
// bugzilla 2204
else if (actionName.equals("NotesPopup")) {
if (userAssignedModule.equals("QaEventsEntry"))
actionName = "QaEventsEntry";
if (userAssignedModule.equals("ResultsEntry"))
actionName = "ResultsEntry";
}
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "getActionName()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl getActionName()", lre);
}
return actionName;
}
/**
* TODO: Setup the user accessible buttons in the user object
* Enabled the buttons for user type admin
* @param request
*
* N.B. It is not clear why business rules are in a DAO object.
*/
public void enabledAdminButtons(HttpServletRequest request) throws LIMSRuntimeException {
String active = "true";
if (request.getAttribute(us.mn.state.health.lims.common.action.IActionConstants.DEACTIVATE_DISABLED) != null)
active = (String)request.getAttribute(us.mn.state.health.lims.common.action.IActionConstants.DEACTIVATE_DISABLED);
try {
request.setAttribute(VIEW_DISABLED, FALSE); // enabled view
request.setAttribute(ADD_DISABLED, FALSE); // enabled add
String actionName = (String) request.getAttribute(ACTION_KEY);
if (actionName != null) {
if ( !actionName.equals("HumanSampleTwo") ) //something weird with this jsp
request.setAttribute(ALLOW_EDITS_KEY, FALSE); //enabled edit
request.setAttribute(SAVE_DISABLED, FALSE); // enabled save
// bugzilla 2214
if (active.equals("false"))
request.setAttribute(DEACTIVATE_DISABLED, FALSE); //enabled delete
else
request.setAttribute(DEACTIVATE_DISABLED, TRUE); //disabled delete
}
} catch (LIMSRuntimeException lre) {
// bugzilla 2154
LogEvent.logError("UserModuleDAOImpl", "enabledAdminButtons()", lre.toString());
throw new LIMSRuntimeException("Error in UserModuleDAOImpl enabledAdminButtons()", lre);
}
}
/**
* Setup the user buttons
* @param request
* @param systemUserModule
* @param actionName
* @throws LIMSRuntimeException
*/
private void setupUserButtons(HttpServletRequest request, SystemUserModule systemUserModule, String actionName)
throws LIMSRuntimeException {
// system module default setting (SELECT)
if (systemUserModule.getSystemModule().getHasSelectFlag().equalsIgnoreCase(YES)) {
// user module default setting
if (systemUserModule.getHasSelect().equalsIgnoreCase(YES)) {
request.setAttribute(VIEW_DISABLED, FALSE);
} else {
request.setAttribute(VIEW_DISABLED, TRUE);
}
} else {
request.setAttribute(VIEW_DISABLED, TRUE);
}
// system module default setting (ADD)
if (systemUserModule.getSystemModule().getHasAddFlag().equalsIgnoreCase(YES)) {
// user module default setting
if (systemUserModule.getHasAdd().equalsIgnoreCase(YES)) {
request.setAttribute(ADD_DISABLED, FALSE);
} else {
request.setAttribute(ADD_DISABLED, TRUE);
}
} else {
request.setAttribute(ADD_DISABLED, TRUE);
}
// system module default setting (UPDATE)
if (systemUserModule.getSystemModule().getHasUpdateFlag().equalsIgnoreCase(YES)) {
// user module default setting
if (systemUserModule.getHasUpdate().equalsIgnoreCase(YES)) {
if (!actionName.equals("HumanSampleTwo"))
request.setAttribute(ALLOW_EDITS_KEY, FALSE); //FALSE = allows??
request.setAttribute(SAVE_DISABLED, FALSE);
} else {
if (!actionName.equals("HumanSampleTwo"))
request.setAttribute(ALLOW_EDITS_KEY, TRUE);
request.setAttribute(SAVE_DISABLED, TRUE);
}
} else {
request.setAttribute(SAVE_DISABLED, TRUE);
}
// bugzilla 2214
String active = "true";
if (request.getAttribute(us.mn.state.health.lims.common.action.IActionConstants.DEACTIVATE_DISABLED) != null)
active = (String)request.getAttribute(us.mn.state.health.lims.common.action.IActionConstants.DEACTIVATE_DISABLED);
if (active.equals("false")) {
// system module default setting (DELETE)
if (systemUserModule.getSystemModule().getHasDeleteFlag().equalsIgnoreCase(YES)) {
// user module default setting
if (systemUserModule.getHasDelete().equalsIgnoreCase(YES)) {
request.setAttribute(DEACTIVATE_DISABLED, FALSE);
} else {
request.setAttribute(DEACTIVATE_DISABLED, TRUE);
}
} else {
request.setAttribute(DEACTIVATE_DISABLED, TRUE);
}
} else {
request.setAttribute(DEACTIVATE_DISABLED, TRUE);
}
}
}