Changeset 2419


Ignore:
Timestamp:
May 13, 2014, 8:37:08 AM (8 years ago)
Author:
olle
Message:

Refs #592. Lab environment extension updated to check permission to re-set alarm blocker settings on the server side only, eliminating the need to send the alarm user list to the client JSP script:

  1. JSP file labenvironmentalarms.jsp in resources/reports/ updated:
    a. Function createLabEnvAlarmWebPage() updated to obtain alarm permission directly from Ajax response from servlet.
    b. Function fetchAlarmPermission(loggedInUserLoginId, userId) removed.
  2. Java servlet class/file LabEnvironmentServlet.java in src/net/sf/basedb/labenv/servlet/ updated:
    a. Protected method void doGet(HttpServletRequest req, HttpServletResponse resp) updated to add SessionControl object as argument when calling private method JSONObject createLabSensorConfigList(JSONObject json, SessionControl sc), and by removing support for Ajax command "GetLoggedInUserLogInId".
    b. Private method JSONObject createLabSensorConfigList(...) updated with second argument SessionControl sc, used to call new private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) to obtain alarm permission.
    c. New private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) added. It returns true if the alarm user list contains the logged-in user log-in id, else false.
    d. Private method void setLabEnvAlarmConfig(HttpServletRequest req, SessionControl sc) updated to call new private method boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc) to obtain alarm permission.
Location:
extensions/net.sf.basedb.labenv/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/net.sf.basedb.labenv/trunk/resources/reports/labenvironmentalarms.jsp

    r2415 r2419  
    4444    // Get lab sensor configurations dynamically from server data
    4545    var frm = document.forms['labenv'];
    46     var loggedInUserLogInId = getLoggedInUserLogInId();
    4746    var anyAlarmPermission = false;
    4847    var labSensorConfigList = getLabSensorConfigList();
     
    131130            var alarmBlocked = alarm['alarmBlocked'];
    132131            var alarmText = alarm['alarmText'];
    133             var userList = alarm['userList'];
    134             var alarmPermission = fetchAlarmPermission(loggedInUserLogInId, userList);
    135             //alert("loggedInUserLogInId = " + loggedInUserLogInId + " userList = " + userList + " alarmPermission = " + alarmPermission);
     132            var alarmPermission = alarm['alarmPermission'];
    136133            if (alarmPermission != null && alarmPermission)
    137134            {
     
    211208  }
    212209
    213   function getLoggedInUserLogInId()
    214   {
    215     // Get logged-in user log-in id JSON object with AJAX
    216     var frm = document.forms['labenv'];
    217     var request = Ajax.getXmlHttpRequest();
    218     var url = '../../labenv.jar/LabEnvironment.servlet?ID=<%=ID%>&cmd=GetLoggedInUserLogInId';
    219     request.open("GET", url, false);
    220     request.send(null);
    221  
    222     //if (debug) Main.debug(request.responseText);
    223     //Main.debug(request.responseText);
    224 
    225     var response = JSON.parse(request.responseText);
    226     if (response.status != 'ok')
    227     {
    228       setFatalError(response.message);
    229       return false;
    230     }
    231  
    232     // Get logged-in user log-in id from the AJAX response
    233     var loggedInUserLogInId = response.loggedInUserLogInId;
    234 
    235     return loggedInUserLogInId;
    236   }
    237 
    238210  function goSetAlarmBlocker()
    239211  {
     
    290262      return false;
    291263    }
    292   }
    293 
    294   function fetchAlarmPermission(loggedInUserLogInId, userList)
    295   {
    296     permission = false;
    297     if (loggedInUserLogInId != null && userList != null)
    298     {
    299       for (var i=0; i < userList.length; i++)
    300       {
    301         // Get log-in if for alarm user number 'i'
    302         var alarmUser = userList[i];
    303         if (alarmUser != null && alarmUser == loggedInUserLogInId)
    304         {
    305           permission = true;
    306         }
    307       }
    308     }
    309     return permission;
    310264  }
    311265
  • extensions/net.sf.basedb.labenv/trunk/src/net/sf/basedb/labenv/servlet/LabEnvironmentServlet.java

    r2415 r2419  
    113113      else if ("GetLabSensorConfigList".equals(cmd))
    114114      {
    115         json = createLabSensorConfigList(json);
     115        json = createLabSensorConfigList(json, sc);
    116116        log.debug("json = " + json);
    117117      }
     
    119119      {
    120120        setLabEnvAlarmConfig(req, sc);
    121         json = createLabSensorConfigList(json);
     121        json = createLabSensorConfigList(json, sc);
    122122        log.debug("json = " + json);       
    123123      }
     
    329329        }
    330330      }
    331       else if ("GetLoggedInUserLogInId".equals(cmd))
    332       {
    333         // Get log-in id for the logged-in user
    334         String loggedInUserLogInId = fetchLoggedInUserLogInId(sc);
    335         json.put("loggedInUserLogInId", loggedInUserLogInId);
    336         log.debug("json = " + json);
    337       }
    338331    }
    339332    catch (Throwable t)
     
    372365
    373366  @SuppressWarnings("unchecked")
    374   private JSONObject createLabSensorConfigList(JSONObject json)
     367  private JSONObject createLabSensorConfigList(JSONObject json, SessionControl sc)
    375368    throws ServletException, IOException
    376369  {
     
    404397            jsonAlarmArrObj.put("alarmBlocked", alarm.isAlarmBlocked());
    405398            jsonAlarmArrObj.put("alarmText", alarm.getAlarmText());
    406             // Get alarm user list
    407             List<String> alarmUserList = alarm.getUserList();
    408             JSONArray jsonAlarmUserArray = new JSONArray();
    409             if (alarmUserList != null)
    410             {
    411               for (String alarmUser: alarmUserList)
    412               {
    413                 jsonAlarmUserArray.add(alarmUser);
    414               }
    415             }
    416             jsonAlarmArrObj.put("userList", jsonAlarmUserArray);
     399            // Check if logged-in user has permission to edit current alarm
     400            boolean alarmPermission = fetchAlarmPermission(alarm, sc);
     401            jsonAlarmArrObj.put("alarmPermission", alarmPermission);
    417402            jsonSensorAlarmConfigArray.add(jsonAlarmArrObj);
    418403          }
     
    426411    json.put("labSensorConfigList", jsonSensorConfigArray);
    427412    return json;
     413  }
     414
     415
     416  /**
     417   * Returns `true` if the alarm user list contains
     418   * the logged-in user log-in id, else `false`.
     419   *
     420   * @param alarm LabSensorAlarmConfig The lab sensor alarm configuration to check permission for.
     421   * @param sc SessionControl The SessionControl object to for the current session.
     422   * @return boolean Returns `true` if the alarm user list contains the logged-in user log-in id, else `false`.
     423   */
     424  private boolean fetchAlarmPermission(LabSensorAlarmConfig alarm, SessionControl sc)
     425  {
     426    boolean alarmPermission = false;
     427    // Get logged-in user log-in id
     428    String loggedInUserLogInId = fetchLoggedInUserLogInId(sc);
     429    if (loggedInUserLogInId != null && !loggedInUserLogInId.equals(""))
     430    {
     431      // Get alarm user list
     432      List<String> alarmUserList = alarm.getUserList();
     433      if (alarmUserList != null)
     434      {
     435        if (alarmUserList.contains(loggedInUserLogInId))
     436        {
     437          alarmPermission = true;
     438        }
     439      }
     440    }
     441    return alarmPermission;
    428442  }
    429443
     
    483497            alarmNo++;
    484498            // Check if logged-in user has permission to edit current alarm
    485             boolean alarmPermission = false;
    486             if (loggedInUserLogInId != null)
    487             {
    488               // Get alarm user list
    489               List<String> alarmUserList = alarm.getUserList();
    490               if (alarmUserList != null)
    491               {
    492                 if (alarmUserList.contains(loggedInUserLogInId))
    493                 {
    494                   alarmPermission = true;
    495                 }
    496               }
    497             }
     499            boolean alarmPermission = fetchAlarmPermission(alarm, sc);
    498500            if (alarmPermission)
    499501            {
Note: See TracChangeset for help on using the changeset viewer.