svn commit: r613532 - in /ofbiz/trunk/specialpurpose/projectmgr: data/ script/org/ofbiz/project/ servicedef/ webapp/projectmgr/WEB-INF/actions/

hansbak Sun, 20 Jan 2008 02:44:31 -0800

Author: hansbak
Date: Sun Jan 20 02:44:08 2008
New Revision: 613532

URL: http://svn.apache.org/viewvc?rev=613532&view=rev
Log:
fixed some more errors in projectmgr security...and make sure data is displayed 
in the demoadmin user.....


Modified:
    ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
    ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
    
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
    ofbiz/trunk/specialpurpose/projectmgr/servicedef/services.xml
    
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh

Modified: ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml?rev=613532&r1=613531&r2=613532&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml Sun Jan 
20 02:44:08 2008
@@ -65,8 +65,11 @@
     <!-- security demo data -->
     <!-- allow these these usergroups read only -->
     <SecurityGroupPermission groupId="FLEXADMIN" 
permissionId="PROJECTMGR_VIEW"/>
+    <SecurityGroupPermission groupId="FLEXADMIN" 
permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
     <SecurityGroupPermission groupId="VIEWADMIN" 
permissionId="PROJECTMGR_VIEW"/>
+    <SecurityGroupPermission groupId="VIEWADMIN" 
permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
     <SecurityGroupPermission groupId="BIZADMIN" 
permissionId="PROJECTMGR_VIEW"/>
+    <SecurityGroupPermission groupId="BIZADMIN" 
permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
     
     <!-- First Demo project from customer 1 and employee 1,2-->
     <WorkEffort workEffortId="9000" workEffortTypeId="PROJECT" 
currentStatusId="_NA_" lastStatusUpdate="2007-12-14 15:07:52.901" 
scopeEnumId="WES_PUBLIC" workEffortName="Demo Project1 Cust1" 
revisionNumber="1"/>

Modified: ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml?rev=613532&r1=613531&r2=613532&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml 
(original)
+++ ofbiz/trunk/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml Sun 
Jan 20 02:44:08 2008
@@ -34,7 +34,7 @@
     <SecurityPermission description="Be able to create any weekly timesheet." 
permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
     <SecurityPermission description="Be able to update any weekly timesheet." 
permissionId="PROJECTMGR_TIMESHEET_UPDATE"/>
     <SecurityPermission description="Be able to create a weekly timesheet for 
the loginid." permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
-    <SecurityPermission description="Be able to update(report) on an existing 
own timesheet(should be member of project of the task)" 
permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
+    <SecurityPermission description="Be able to update(report) on an existing 
own timesheet" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
     
     <!-- allow the security group FULLADMIN (userlogin 'admin') full access -->
     <SecurityGroupPermission groupId="FULLADMIN" 
permissionId="PROJECTMGR_ADMIN"/>

Modified: 
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml?rev=613532&r1=613531&r2=613532&view=diff
==============================================================================
--- 
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
 (original)
+++ 
ofbiz/trunk/specialpurpose/projectmgr/script/org/ofbiz/project/ProjectPermissionServices.xml
 Sun Jan 20 02:44:08 2008
@@ -25,6 +25,7 @@
         <set field="primaryPermission" value="PROJECTMGR"/>
         <set field="hasPermission" value="true" type="Boolean"/>
         <set field="hasNoPermission" value="false" type="Boolean"/>
+        <set field="mainAction" from-field="parameters.mainAction"/>
         
         <!-- find object -->
         <if-compare field-name="parameters.resourceDescription" 
value="Timesheet" operator="contains">
@@ -55,7 +56,7 @@
         <if-compare field-name="sec_object" value="PROJECT" operator="equals">
             <log level="info" message="======ProjectMGR Security=====  action: 
${parameters.mainAction} object: ${sec_object} Id: ${parameters.projectId} 
resourceDescription: ${parameters.resourceDescription}"/>
             <set field="projectId" from-field="parameters.projectId"/>
-            <set field="partyId" from-field="parameters.userLogin.partyId"/>
+            <set field="partyId" from-field="parameters.partyId"/>
             <call-simple-method method-name="checkProjectMembership"/>
             <if>
                 <condition>
@@ -161,7 +162,7 @@
         
         <!-- TIMESHEET -->
         <if-compare field-name="sec_object" value="TIMESHEET" 
operator="equals">
-            <log level="info" message="======ProjectMGR Security=====  action: 
${parameters.mainAction} object: ${sec_object} Id: ${parameters.timesheetId} 
resourceDescription: ${parameters.resourceDescription}"/>
+            <log level="info" message="======ProjectMGR Security=====  action: 
${mainAction} object: ${sec_object} Id: ${parameters.timesheetId} partyId: 
${parameters.partyId} resourceDescription: ${parameters.resourceDescription}"/>
             <if>
                 <condition>
                     <or>
@@ -183,7 +184,7 @@
                         <and>
                             <if-has-permission 
permission="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
                             <if-compare field-name="mainAction" value="CREATE" 
operator="equals"/>
-                            <if-compare-field field-name="parameters.partyId" 
to-field-name="parameters.userLogin.userLoginId" operator="equals"/>
+                            <if-compare-field field-name="parameters.partyId" 
to-field-name="parameters.userLogin.partyId" operator="equals"/>
                         </and>
                         <and>
                             <if-has-permission 
permission="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>

Modified: ofbiz/trunk/specialpurpose/projectmgr/servicedef/services.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/servicedef/services.xml?rev=613532&r1=613531&r2=613532&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/projectmgr/servicedef/services.xml (original)
+++ ofbiz/trunk/specialpurpose/projectmgr/servicedef/services.xml Sun Jan 20 
02:44:08 2008
@@ -40,6 +40,10 @@
         <attribute name="projectId" type="String" mode="IN" optional="true"/>  
      
         <attribute name="phaseId" type="String" mode="IN" optional="true"/>    
    
         <attribute name="workEffortId" type="String" mode="IN" 
optional="true"/>        
+        <attribute name="taskId" type="String" mode="IN" optional="true"/>     
   
+        <attribute name="partyId" type="String" mode="IN" optional="true"/>    
    
+        <attribute name="timesheetId" type="String" mode="IN" 
optional="true"/>        
+        <attribute name="timeEntryId" type="String" mode="IN" 
optional="true"/>        
     </service>
 
     <service name="updateTaskStatus" engine="simple"

Modified: 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh?rev=613532&r1=613531&r2=613532&view=diff
==============================================================================
--- 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh
 (original)
+++ 
ofbiz/trunk/specialpurpose/projectmgr/webapp/projectmgr/WEB-INF/actions/EditWeekTimesheet.bsh
 Sun Jan 20 02:44:08 2008
@@ -54,13 +54,9 @@
         if (!UtilValidate.isEmpty(timesheets)) {
             timesheet = timesheets.get(0);
         } else {
-            if (security.hasPermission("PROJECTMGR_VIEW", session) || 
security.hasPermission("PROJECTMGR_ADMIN", session)) {
-               result = dispatcher.runSync("createProjectTimesheet", 
-                       UtilMisc.toMap("userLogin", userLogin, "partyId", 
partyId));
-            } else {
-               request.setAttribute("errorMessageList", 
UtilMisc.toList("Unable to create timesheet, permission error"));
-                }
-            if (result != void && result.get("timesheetId") != null) {
+               result = dispatcher.runSync("createProjectTimesheet", 
+                       UtilMisc.toMap("userLogin", 
parameters.get("userLogin"), "partyId", partyId));
+            if (result != null && result.get("timesheetId") != null) {
                timesheet = delegator.findByPrimaryKey("Timesheet", 
UtilMisc.toMap("timesheetId", result.get("timesheetId")));
             }
         }

svn commit: r613532 - in /ofbiz/trunk/specialpurpose/projectmgr: data/ script/org/ofbiz/project/ servicedef/ webapp/projectmgr/WEB-INF/actions/

Reply via email to