Changeset 2419

Timestamp:

May 13, 2014, 8:37:08 AM (9 years ago)

Author:

olle

Message:

Refs #592. Lab environment extension updated to check permission to re-set alarm blocker settings on the server side only, eliminating the need to send the alarm user list to the client JSP script:

1. JSP file labenvironmentalarms.jsp in resources/reports/ updated:
   a. Function createLabEnvAlarmWebPage() updated to obtain alarm permission directly from Ajax response from servlet.
   b. Function fetchAlarmPermission(loggedInUserLoginId, userId) removed.
2. Java servlet class/file LabEnvironmentServlet.java in src/net/sf/basedb/labenv/servlet/ updated:
   a. Protected method void doGet(HttpServletRequest req, HttpServletResponse resp) updated to add SessionControl object as argument when calling private method JSONObject createLabSensorConfigList(JSONObject json, SessionControl sc), and by removing support for Ajax command "GetLoggedInUserLogInId".
   b. Private method JSONObject createLabSensorConfigList(...) updated with second argument SessionControl sc, used to call new private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) to obtain alarm permission.
   c. New private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) added. It returns true if the alarm user list contains the logged-in user log-in id, else false.
   d. Private method void setLabEnvAlarmConfig(HttpServletRequest req, SessionControl sc) updated to call new private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) to obtain alarm permission.

Location:

extensions/net.sf.basedb.labenv/trunk

Files:

• resources/reports/labenvironmentalarms.jsp (modified) (4 diffs)
• src/net/sf/basedb/labenv/servlet/LabEnvironmentServlet.java (modified) (7 diffs)

extensions/net.sf.basedb.labenv/trunk/resources/reports/labenvironmentalarms.jsp

@@ -44 +44 @@
     // Get lab sensor configurations dynamically from server data
     var frm = document.forms['labenv'];
-    var loggedInUserLogInId = getLoggedInUserLogInId();
     var anyAlarmPermission = false;
     var labSensorConfigList = getLabSensorConfigList();
@@ -131 +130 @@
             var alarmBlocked = alarm['alarmBlocked'];
             var alarmText = alarm['alarmText'];
-            var userList = alarm['userList'];
-            var alarmPermission = fetchAlarmPermission(loggedInUserLogInId, userList);
-            //alert("loggedInUserLogInId = " + loggedInUserLogInId + " userList = " + userList + " alarmPermission = " + alarmPermission);
+            var alarmPermission = alarm['alarmPermission'];
             if (alarmPermission != null && alarmPermission)
             {
@@ -211 +208 @@
   }
 
-  function getLoggedInUserLogInId()
-  {
-    // Get logged-in user log-in id JSON object with AJAX
-    var frm = document.forms['labenv'];
-    var request = Ajax.getXmlHttpRequest();
-    var url = '../../labenv.jar/LabEnvironment.servlet?ID=<%=ID%>&cmd=GetLoggedInUserLogInId';
-    request.open("GET", url, false); 
-    request.send(null);
-  
-    //if (debug) Main.debug(request.responseText);
-    //Main.debug(request.responseText);
-
-    var response = JSON.parse(request.responseText);
-    if (response.status != 'ok')
-    {
-      setFatalError(response.message);
-      return false;
-    }
-  
-    // Get logged-in user log-in id from the AJAX response
-    var loggedInUserLogInId = response.loggedInUserLogInId;
-
-    return loggedInUserLogInId;
-  }
-
   function goSetAlarmBlocker()
   {
@@ -290 +262 @@
       return false;
     }
-  }
-
-  function fetchAlarmPermission(loggedInUserLogInId, userList)
-  {
-    permission = false;
-    if (loggedInUserLogInId != null && userList != null)
-    {
-      for (var i=0; i < userList.length; i++)
-      {
-        // Get log-in if for alarm user number 'i'
-        var alarmUser = userList[i];
-        if (alarmUser != null && alarmUser == loggedInUserLogInId)
-        {
-          permission = true;
-        }
-      }
-    }
-    return permission;
   }
 

extensions/net.sf.basedb.labenv/trunk/src/net/sf/basedb/labenv/servlet/LabEnvironmentServlet.java

@@ -113 +113 @@
       else if ("GetLabSensorConfigList".equals(cmd))
       {
-        json = createLabSensorConfigList(json);
+        json = createLabSensorConfigList(json, sc);
         log.debug("json = " + json);
       }
@@ -119 +119 @@
       {
         setLabEnvAlarmConfig(req, sc);
-        json = createLabSensorConfigList(json);
+        json = createLabSensorConfigList(json, sc);
         log.debug("json = " + json);        
       }
@@ -329 +329 @@
         }
       }
-      else if ("GetLoggedInUserLogInId".equals(cmd))
-      {
-        // Get log-in id for the logged-in user
-        String loggedInUserLogInId = fetchLoggedInUserLogInId(sc);
-        json.put("loggedInUserLogInId", loggedInUserLogInId);
-        log.debug("json = " + json);
-      }
     }
     catch (Throwable t)
@@ -372 +365 @@
 
   @SuppressWarnings("unchecked")
-  private JSONObject createLabSensorConfigList(JSONObject json)
+  private JSONObject createLabSensorConfigList(JSONObject json, SessionControl sc)
     throws ServletException, IOException 
   { 
@@ -404 +397 @@
             jsonAlarmArrObj.put("alarmBlocked", alarm.isAlarmBlocked());
             jsonAlarmArrObj.put("alarmText", alarm.getAlarmText());
-            // Get alarm user list
-            List<String> alarmUserList = alarm.getUserList();
-            JSONArray jsonAlarmUserArray = new JSONArray();
-            if (alarmUserList != null)
-            {
-              for (String alarmUser: alarmUserList)
-              {
-                jsonAlarmUserArray.add(alarmUser);
-              }
-            }
-            jsonAlarmArrObj.put("userList", jsonAlarmUserArray);
+            // Check if logged-in user has permission to edit current alarm
+            boolean alarmPermission = fetchAlarmPermission(alarm, sc);
+            jsonAlarmArrObj.put("alarmPermission", alarmPermission);
             jsonSensorAlarmConfigArray.add(jsonAlarmArrObj);
           }
@@ -426 +411 @@
     json.put("labSensorConfigList", jsonSensorConfigArray);
     return json;
+  }
+
+
+  /**
+   * Returns `true` if the alarm user list contains
+   * the logged-in user log-in id, else `false`.
+   * 
+   * @param alarm LabSensorAlarmConfig The lab sensor alarm configuration to check permission for.
+   * @param sc SessionControl The SessionControl object to for the current session.
+   * @return boolean Returns `true` if the alarm user list contains the logged-in user log-in id, else `false`.
+   */
+  private boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc)
+  {
+    boolean alarmPermission = false;
+    // Get logged-in user log-in id
+    String loggedInUserLogInId = fetchLoggedInUserLogInId(sc);
+    if (loggedInUserLogInId != null && !loggedInUserLogInId.equals(""))
+    {
+      // Get alarm user list
+      List<String> alarmUserList = alarm.getUserList();
+      if (alarmUserList != null)
+      {
+        if (alarmUserList.contains(loggedInUserLogInId))
+        {
+          alarmPermission = true;
+        }
+      }
+    }
+    return alarmPermission;
   }
 
@@ -483 +497 @@
             alarmNo++;
             // Check if logged-in user has permission to edit current alarm
-            boolean alarmPermission = false;
-            if (loggedInUserLogInId != null)
-            {
-              // Get alarm user list
-              List<String> alarmUserList = alarm.getUserList();
-              if (alarmUserList != null)
-              {
-                if (alarmUserList.contains(loggedInUserLogInId))
-                {
-                  alarmPermission = true;
-                }
-              }
-            }
+            boolean alarmPermission = fetchAlarmPermission(alarm, sc);
             if (alarmPermission)
             {