Commit 0d07f328 authored by Bruno Nocera Zanette's avatar Bruno Nocera Zanette

Restricted menu options based on user auth

Restricted menu options based on user authority.
Now it is only shown the options that user may access.
Signed-off-by: Bruno Nocera Zanette's avatarBruno Nocera Zanette <brunonzanette@gmail.com>
parent d7af318c
......@@ -23,6 +23,7 @@ import br.ufpr.c3sl.sapos.models.scholar.Committee;
import br.ufpr.c3sl.sapos.models.scholar.Registration;
import br.ufpr.c3sl.sapos.models.scholar.SectionPos;
import br.ufpr.c3sl.sapos.models.scholar.enums.RegistrationKind;
import br.ufpr.c3sl.sapos.models.util.KerberosAuthProvider;
import br.ufpr.c3sl.sapos.models.util.ReportUtil;
import com.itextpdf.text.Chunk;
......@@ -69,6 +70,14 @@ public class Professor extends Person {
return entityManager().createQuery("select o from Professor o order by name", Professor.class).getResultList();
}
public static List<Professor> findLoggedInProfessor() {
String professorId = KerberosAuthProvider.getIdFromLoggedInUser();
return entityManager().createQuery(
"SELECT o FROM Professor o"+
" WHERE o.id = "+"'"+professorId+"'"+
" ORDER BY name", Professor.class).getResultList();
}
public static Object findProfessorCommittees(String id) {
return entityManager().createNativeQuery("select * from committee c, committee_participants cp "+
"where cp.participants ="+ id +
......
......@@ -100,6 +100,28 @@ public class StudentGrant {
"where sg.end_date IS NULL and sg.registration = r.id and r.student = p.id order by p.name", StudentGrant.class).getResultList();
}
public static List<StudentGrant> findActiveStudentGrantFromLoggedInStudent() {
String studentId = KerberosAuthProvider.getIdFromLoggedInUser();
return entityManager().createNativeQuery(
"SELECT * FROM student_grant sg, registration r, person p" +
" WHERE sg.end_date IS NULL"+
" and sg.registration = r.id"+
" and r.student = p.id"+
" and r.student = "+"'" + studentId + "'"+
" ORDER BY p.name", StudentGrant.class).getResultList();
}
public static List<StudentGrant> findActiveStudentGrantPerLoggedInProfessor() {
String professorId = KerberosAuthProvider.getIdFromLoggedInUser();
return entityManager().createNativeQuery(
"SELECT * FROM student_grant sg, registration r, person p " +
" WHERE sg.end_date IS NULL"+
" and sg.registration = r.id"+
" and r.student = p.id"+
" and r.advisor = "+"'"+professorId+"'"+
" ORDER BY p.name", StudentGrant.class).getResultList();
}
public static Object findGrantsPerType(String type) {
String sql = null;
if (type.isEmpty())
......
package br.ufpr.c3sl.sapos.web;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
......@@ -29,11 +30,22 @@ import br.ufpr.c3sl.sapos.models.scholar.Registration;
import br.ufpr.c3sl.sapos.models.scholar.SectionPos;
import br.ufpr.c3sl.sapos.models.scholar.enums.RegistrationKind;
import br.ufpr.c3sl.sapos.models.scholar.enums.RegistrationStatus;
import br.ufpr.c3sl.sapos.models.util.KerberosAuthProvider;
@RooWebScaffold(path = "professors", formBackingObject = Professor.class)
@RequestMapping("/professors")
@Controller
public class ProfessorController {
@ModelAttribute("activeprofessors")
public java.util.Collection<Professor> populateActiveProfessors() {
if (KerberosAuthProvider.getPersonAuth().equals(KerberosAuthProvider.authProfessor))
return (Collection<Professor>) Professor.findLoggedInProfessor();
return Professor.findAllProfessors();
}
@RequestMapping(method = RequestMethod.POST)
public String create(@Valid Professor professor, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) {
if (professor.getUserName() != null && professor.getUserName().length() > 0 ) {
......
......@@ -12,6 +12,7 @@ import org.springframework.web.bind.annotation.RequestParam;
import br.ufpr.c3sl.sapos.models.people.Professor;
import br.ufpr.c3sl.sapos.models.scholar.SectionPos;
import br.ufpr.c3sl.sapos.models.util.KerberosAuthProvider;
@RooWebScaffold(path = "sectionposes", formBackingObject = SectionPos.class)
@RequestMapping("/sectionposes")
......@@ -19,6 +20,10 @@ import br.ufpr.c3sl.sapos.models.scholar.SectionPos;
public class SectionPosController {
@ModelAttribute("professors")
public Collection<Professor> populateProfessors() {
if (KerberosAuthProvider.getPersonAuth().equals(KerberosAuthProvider.authProfessor))
return (Collection<Professor>) Professor.findLoggedInProfessor();
return Professor.findAllProfessors();
}
......
package br.ufpr.c3sl.sapos.web;
import java.util.Arrays;
import java.util.Collection;
import javax.servlet.http.HttpServletResponse;
......@@ -22,6 +23,12 @@ import br.ufpr.c3sl.sapos.models.util.KerberosAuthProvider;
public class StudentGrantController {
@ModelAttribute("activegrants")
public java.util.Collection<StudentGrant> populateActiveGrants() {
if (KerberosAuthProvider.getPersonAuth().equals(KerberosAuthProvider.authAluno))
return (Collection<StudentGrant>) StudentGrant.findActiveStudentGrantFromLoggedInStudent();
if (KerberosAuthProvider.getPersonAuth().equals(KerberosAuthProvider.authProfessor))
return (Collection<StudentGrant>) StudentGrant.findActiveStudentGrantPerLoggedInProfessor();
return StudentGrant.findActiveStudentGrants();
}
......
......@@ -15,7 +15,7 @@
<form name="adviseesstatement" action="statementadviseeslist" method="get">
<field:select disableFormBinding="true" field="professor" id="c_br_ufpr_c3sl_sapos_models_people_Professor"
itemValue="id" items="${professors}" path="/professors" z="user-managed" />
itemValue="id" items="${activeprofessors}" path="/professors" z="user-managed" />
<field:select disableFormBinding="true" field="regKind" id="c_br_ufpr_c3sl_sapos_models_scholar_Registration_regKind" items="${registrationkinds}"
path="registrationkinds" z="QHL6MLE5411WNUa/F8UyTxE9H6w="/>
......
......@@ -15,7 +15,7 @@
<form name="adviseesstatementconcluded" action="statementadviseesconcludedlist" method="get">
<field:select disableFormBinding="true" field="professor" id="c_br_ufpr_c3sl_sapos_models_people_Professor"
itemValue="id" items="${professors}" path="/professors" z="user-managed" />
itemValue="id" items="${activeprofessors}" path="/professors" z="user-managed" />
<field:select disableFormBinding="true" field="regKind" id="c_br_ufpr_c3sl_sapos_models_scholar_Registration_regKind" items="${registrationkinds}"
path="registrationkinds" z="QHL6MLE5411WNUa/F8UyTxE9H6w="/>
......
......@@ -15,7 +15,7 @@
<form name="committeesstatement" action="statementcommitteeslist" method="get">
<field:select disableFormBinding="true" field="professor" id="c_br_ufpr_c3sl_sapos_models_people_Professor"
itemValue="id" items="${professors}" path="/professors" z="user-managed" />
itemValue="id" items="${activeprofessors}" path="/professors" z="user-managed" />
<input type="submit" value="Próximo"/>
......
......@@ -15,7 +15,7 @@
<form name="coursesstatement" action="statementcourseslist" method="get">
<field:select disableFormBinding="true" field="professor" id="c_br_ufpr_c3sl_sapos_models_people_Professor"
itemValue="id" items="${professors}" path="/professors" z="user-managed" />
itemValue="id" items="${activeprofessors}" path="/professors" z="user-managed" />
<field:input field="sectionYear" id="c_br_ufpr_c3sl_sapos_models_schoolar_SectionPos_sectionYear" disableFormBinding="true"
z="user_managed" required="true"/>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment