From 602c4c4501dcd89cbce1d6ba61ba6bc75761d643 Mon Sep 17 00:00:00 2001
From: Roberto Sánchez <roberto.sanchez@curisit.net>
Date: Sat, 18 Jan 2014 11:23:45 +0000
Subject: [PATCH] #396 feature - Getting all orgs from user including the children ones

---
 securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java |   21 +++++++++++++++++++++
 securis/src/main/java/net/curisit/securis/db/User.java                      |   26 ++++++++++++++++++++++----
 securis/src/main/java/net/curisit/securis/services/UserResource.java        |   11 ++++++-----
 3 files changed, 49 insertions(+), 9 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/db/User.java b/securis/src/main/java/net/curisit/securis/db/User.java
index 1de7b9f..7f57cf8 100644
--- a/securis/src/main/java/net/curisit/securis/db/User.java
+++ b/securis/src/main/java/net/curisit/securis/db/User.java
@@ -3,7 +3,9 @@
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Date;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
@@ -70,7 +72,7 @@
 	inverseJoinColumns =
 		{ @JoinColumn(name = "organization_id", referencedColumnName = "id") } //
 	)
-	private List<Organization> organizations;
+	private Set<Organization> organizations;
 
 	public String getUsername() {
 		return username;
@@ -160,17 +162,17 @@
 		this.lang = lang;
 	}
 
-	public List<Organization> getOrganizations() {
+	public Set<Organization> getOrganizations() {
 		return organizations;
 	}
 
-	public void setOrganizations(List<Organization> organizations) {
+	public void setOrganizations(Set<Organization> organizations) {
 		this.organizations = organizations;
 	}
 
 	@JsonProperty("organizations_ids")
 	public void setOrgsIds(List<Integer> orgsIds) {
-		organizations = new ArrayList<>();
+		organizations = new HashSet<>();
 		for (Integer orgid : orgsIds) {
 			Organization o = new Organization();
 			o.setId(orgid);
@@ -189,6 +191,22 @@
 		return ids;
 	}
 
+	@JsonIgnore
+	public Set<Integer> getAllOrgsIds() {
+		if (organizations == null)
+			return null;
+		Set<Integer> ids = new HashSet<>();
+		includeAllOrgs(this.organizations, ids);
+		return ids;
+	}
+
+	private void includeAllOrgs(Set<Organization> list, Set<Integer> orgIds) {
+		for (Organization org : list) {
+			orgIds.add(org.getId());
+			includeAllOrgs(org.getChildOrganizations(), orgIds);
+		}
+	}
+
 	static public class Rol {
 		static public final int ADVANCE = 0x01;
 		static public final int ADMIN = 0x02;
diff --git a/securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java b/securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java
index ca84402..08c4e2e 100644
--- a/securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java
+++ b/securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java
@@ -3,6 +3,7 @@
 import java.io.IOException;
 import java.lang.reflect.Method;
 import java.util.List;
+import java.util.Set;
 
 import javax.inject.Inject;
 import javax.persistence.EntityManager;
@@ -60,8 +61,27 @@
 					log.info("User {} has no necessary role to access url: {}", username, servletRequest.getPathInfo());
 					containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build());
 				}
+				Set<Integer> orgs = getUserOrganizations(username);
+				servletRequest.setAttribute("user_orgs", orgs);
 			}
 		}
+	}
+
+	private Set<Integer> getUserOrganizations(String username) {
+		@SuppressWarnings("unchecked")
+		Set<Integer> userOrgs = cache.get("orgs_" + username, Set.class);
+		if (userOrgs == null) {
+			// Theorically this shouldn't be never null, but just in case...
+			EntityManager em = emProvider.get();
+			User user = em.find(User.class, username);
+			if (user != null) {
+				userOrgs = user.getAllOrgsIds();
+				// We store user orgs in cache only for one hour
+				cache.set("orgs_" + username, userOrgs, 3600);
+			}
+		}
+
+		return userOrgs;
 	}
 
 	private int getUserRoles(String username) {
@@ -79,6 +99,7 @@
 				}
 				// We store user roles in cache only for one hour
 				cache.set("roles_" + username, userRoles, 3600);
+				cache.set("orgs_" + username, user.getOrgsIds(), 3600);
 			}
 		}
 		return userRoles == null ? 0 : userRoles.intValue();
diff --git a/securis/src/main/java/net/curisit/securis/services/UserResource.java b/securis/src/main/java/net/curisit/securis/services/UserResource.java
index 2bc90ee..014ce20 100644
--- a/securis/src/main/java/net/curisit/securis/services/UserResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/UserResource.java
@@ -1,8 +1,9 @@
 package net.curisit.securis.services;
 
-import java.util.ArrayList;
 import java.util.Date;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.inject.Inject;
 import javax.inject.Provider;
@@ -113,10 +114,10 @@
 			return modify(user, user.getUsername(), token);
 		}
 
-		List<Organization> orgs = null;
+		Set<Organization> orgs = null;
 		List<Integer> orgsIds = user.getOrgsIds();
 		if (orgsIds != null && orgsIds.size() > 0) {
-			orgs = new ArrayList<>();
+			orgs = new HashSet<>();
 			for (Integer orgId : orgsIds) {
 				Organization o = em.find(Organization.class, orgId);
 				if (o == null) {
@@ -152,10 +153,10 @@
 			return create(user, token);
 		}
 
-		List<Organization> orgs = null;
+		Set<Organization> orgs = null;
 		List<Integer> orgsIds = user.getOrgsIds();
 		if (orgsIds != null && orgsIds.size() > 0) {
-			orgs = new ArrayList<>();
+			orgs = new HashSet<>();
 			for (Integer orgId : orgsIds) {
 				Organization o = em.find(Organization.class, orgId);
 				if (o == null) {

--
Gitblit v1.3.2