From a784103b3543871b27897c5efd910a9358a1e8ae Mon Sep 17 00:00:00 2001 From: Heng Sin Low Date: Tue, 17 Sep 2013 21:40:29 +0800 Subject: [PATCH] IDEMPIERE-1064 Control dashboard access by role. Fixed maintenance of dashboard preference. --- .../model/MDashboardContentAccess.java | 36 ++++++++----------- .../webui/desktop/DashboardController.java | 22 +++++++++--- 2 files changed, 32 insertions(+), 26 deletions(-) diff --git a/org.adempiere.base/src/org/compiere/model/MDashboardContentAccess.java b/org.adempiere.base/src/org/compiere/model/MDashboardContentAccess.java index 49fbb3f3a3..12db4e1c60 100644 --- a/org.adempiere.base/src/org/compiere/model/MDashboardContentAccess.java +++ b/org.adempiere.base/src/org/compiere/model/MDashboardContentAccess.java @@ -43,20 +43,15 @@ public class MDashboardContentAccess extends X_PA_DashboardContent_Access { super(ctx, rs, trxName); } - public static MDashboardContent[] get (Properties ctx,int AD_Role, int AD_User, String trxname, boolean isShowinDashboard) + public static MDashboardContent[] get (Properties ctx,int AD_Role, int AD_User, String trxname) { int AD_Client_ID = Env.getAD_Client_ID(ctx); ArrayList content =new ArrayList() ; List parameters = new ArrayList(); - if(isShowinDashboard){ - parameters.add("Y"); - parameters.add("Y"); - }else{ - parameters.add("N"); - parameters.add("N"); - } + parameters.add(AD_Client_ID); + parameters.add(AD_Client_ID); StringBuffer sql= new StringBuffer(); sql.append("SELECT PA_DashboardContent_ID,ColumnNo ") @@ -64,32 +59,31 @@ public class MDashboardContentAccess extends X_PA_DashboardContent_Access { .append(" WHERE PA_DashboardContent_ID NOT IN (") .append(" SELECT PA_DashboardContent_ID ") .append(" FROM PA_DashboardContent_Access" ) - .append(" WHERE IsActive='Y' )") + .append(" WHERE IsActive='Y' AND AD_Client_ID IN (0, ?))") .append(" AND IsShowInLogin='Y'") - .append(" AND IsActive='Y'") - .append(" AND IsShowInDashboard=?") + .append(" AND IsActive='Y' AND AD_Client_ID IN (0, ?)") .append(" UNION ALL") .append(" SELECT ct.PA_DashboardContent_ID,ct.ColumnNo") .append(" FROM PA_DashboardContent ct") .append(" INNER JOIN PA_DashboardContent_Access cta on (ct.PA_DashboardContent_ID = cta.PA_DashboardContent_ID)") .append(" WHERE cta.IsActive='Y'") - .append(" AND ct.IsActive='Y'") - .append(" AND ct.IsShowInDashboard=?"); + .append(" AND ct.IsActive='Y'"); - if(AD_Role > 0){ - sql.append(" AND cta.AD_Role_ID = ?"); + if(AD_Role >= 0){ + sql.append(" AND coalesce(cta.AD_Role_ID, ?) = ?"); + parameters.add(AD_Role); parameters.add(AD_Role); } - if (AD_User > 0){ - sql.append(" OR cta.AD_User_ID = ?"); + if (AD_User >= 0){ + sql.append(" AND coalesce(cta.AD_User_ID, ?) = ?"); + parameters.add(AD_User); parameters.add(AD_User); } - if (AD_Client_ID > 0){ - sql.append(" AND cta.AD_Client_ID in (0,?)"); - parameters.add(AD_Client_ID); - } + sql.append(" AND cta.AD_Client_ID in (0,?)"); + parameters.add(AD_Client_ID); + sql.append(" ORDER BY ColumnNo"); PreparedStatement pstmt=null; diff --git a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/desktop/DashboardController.java b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/desktop/DashboardController.java index 522a28d609..735de0e6dc 100644 --- a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/desktop/DashboardController.java +++ b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/desktop/DashboardController.java @@ -128,11 +128,10 @@ public class DashboardController implements EventListener { int AD_Role_ID = Env.getAD_Role_ID(Env.getCtx()); MDashboardPreference[] dps = MDashboardPreference.getForSession(AD_User_ID, AD_Role_ID); - MDashboardContent [] dcs = MDashboardContentAccess.get(Env.getCtx(), AD_Role_ID, AD_User_ID, null,isShowInDashboard); + MDashboardContent [] dcs = MDashboardContentAccess.get(Env.getCtx(), AD_Role_ID, AD_User_ID, null); if(dps.length == 0){ - createDashboardPreference(AD_User_ID, AD_Role_ID,true); - createDashboardPreference(AD_User_ID, AD_Role_ID,false); + createDashboardPreference(AD_User_ID, AD_Role_ID); dps = MDashboardPreference.getForSession(AD_User_ID, AD_Role_ID); }else{ if(updatePreferences(dps, dcs,Env.getCtx())){ @@ -518,9 +517,9 @@ public class DashboardController implements EventListener { } } - private void createDashboardPreference(int AD_User_ID, int AD_Role_ID,boolean isshow) + private void createDashboardPreference(int AD_User_ID, int AD_Role_ID) { - MDashboardContent[] dcs = MDashboardContentAccess.get(Env.getCtx(),AD_Role_ID, AD_User_ID, null,isshow); + MDashboardContent[] dcs = MDashboardContentAccess.get(Env.getCtx(),AD_Role_ID, AD_User_ID, null); for (MDashboardContent dc : dcs) { MDashboardPreference preference = new MDashboardPreference(Env.getCtx(), 0, null); @@ -542,6 +541,7 @@ public class DashboardController implements EventListener { private boolean updatePreferences(MDashboardPreference[] dps,MDashboardContent[] dcs, Properties ctx) { boolean change = false; for (int i = 0; i < dcs.length; i++) { + boolean isNew = true; for (int j = 0; j < dps.length; j++) { if (dps[j].getPA_DashboardContent_ID() == dcs[i].getPA_DashboardContent_ID()) { @@ -563,6 +563,18 @@ public class DashboardController implements EventListener { if (!change) change = true; } } + for (int i = 0; i < dps.length; i++) { + boolean found = false; + for (int j = 0; j < dcs.length; j++) { + if (dcs[j].getPA_DashboardContent_ID() == dps[i].getPA_DashboardContent_ID()) { + found = true; + } + } + if (!found) { + dps[i].deleteEx(true); + if (!change) change = true; + } + } return change; }