package de.hsadmin.mods.db; import java.util.List; import javax.persistence.EntityManager; import javax.persistence.Query; import de.hsadmin.core.model.AbstractEntity; import de.hsadmin.core.model.AbstractModuleImpl; import de.hsadmin.core.model.AuthorisationException; import de.hsadmin.core.model.HSAdminException; import de.hsadmin.mods.pac.Pac; import de.hsadmin.mods.user.UnixUser; public class PgSqlUserModuleImpl extends AbstractModuleImpl { @Override public AbstractEntity add(AbstractEntity newEntity) throws HSAdminException { UnixUser loginUser = getTransaction().getLoginUser(); PgSqlUser user = (PgSqlUser) newEntity; String name = user.getName(); if (name.length() < 7 || name.charAt(5) != '_') { throw new AuthorisationException(loginUser, "add", newEntity); } EntityManager em = getTransaction().getEntityManager(); Query qPac = em.createQuery("SELECT obj FROM Pacs obj WHERE obj.name = :pacName"); qPac.setParameter("pacName", name.substring(0, 5)); Object singleResult = qPac.getSingleResult(); Pac pac = (Pac) singleResult; if (pac == null || !pac.isReadAllowedFor(loginUser)) { throw new AuthorisationException(loginUser, "add", newEntity); } return super.add(newEntity); } @Override public List search(Class entityClass, String condition, String orderBy) throws HSAdminException { if (orderBy == null || orderBy.length() == 0) { orderBy = "ORDER BY obj.name ASC"; } return super.search(entityClass, condition, orderBy); } }