ACL Read/Render Form Controls

Language

Java

Tags

Author

Köll S Cherizard

Submitted on

September 3, 2012 at 3:33 PM

Rating

Downloads

Notes

Use prior Login JavaBean and Xpages samples as guide, build a connection to a Lotus Notes Domino Database located on C Drive using previous information (LoginBean.SQL.java, xpnavlinks.xsp). Supply the Xpage the logged-in system/user ACL and other security access information. Hide/show control(s) on the Xpages form at will...

Xpages sample code in a bit...

ACLAccessOkay(); | SecurityAccessOkay();

declarations, getters and setters...
	//declare boolean variables for searching
	private boolean ACLAccessOkay;
	private boolean SecurityAccessOkay;
	//declare acl level variable, User attributes
	private String UserAttr; 

/**
	 * @return the aCLAccessOkay
	 */
	public boolean isACLAccessOkay() {
		return ACLAccessOkay;
	}
	/**
	 * @param accessOkay the aCLAccessOkay to set
	 */
	public void setACLAccessOkay(boolean accessOkay) {
		ACLAccessOkay = accessOkay;
	}

	/**
	 * @return the securityAccessOkay
	 */
	public boolean isSecurityAccessOkay() {
		return SecurityAccessOkay;
	}
	/**
	 * @param securityAccessOkay the securityAccessOkay to set
	 */
	public void setSecurityAccessOkay(boolean securityAccessOkay) {
		SecurityAccessOkay = securityAccessOkay;
	}


	/**
	 * @return the userAttr
	 */
	public String getUserAttr() {
		return UserAttr;
	}
	/**
	 * @param userAttr the userAttr to set
	 */
	public void setUserAttr(String userAttr) {
		UserAttr = userAttr;
	}

/**
	  
	 * Method: ACLAccessOkay()
	 * Created from Copy: 2012.08.26.4.14.AM
	 * ACL Access Boolean for Xpages Controls (Hide/Show)
	 * 
	 */
	// links control, items on form vanish if Security access is 0 
	// for ACL LEvel access to in NSF back-end
	public boolean ACLAccessOkay() {
		//TO DO: Give Anonymous ACL Level Manager for this to work
		//you can set this up under Advanced Tab in Access Control
		//2012.08.26.1.55.AM
		try {	
		//get the current database being used
		Database database= (Database) FacesContext.getCurrentInstance()
		.getApplication().getVariableResolver()
		.resolveVariable(FacesContext.getCurrentInstance(), "database");
		//add debug messages
		System.out.println("Checking Database for ACL: "+ database);
		//...
		//initialize user ACL
		ACL UserAcl = database.getACL();
		//declare variables to hold ACL Level
	      String AclLevel = null;
	    //...
	      int intLevel = UserAcl.getInternetLevel();
	      //pick off user expected ACL
	      //load to variable and compare
	      if (intLevel < ACL.LEVEL_DESIGNER)
	    	  UserAcl.setInternetLevel(intLevel + 1);
	      UserAcl.save();
	      switch(UserAcl.getInternetLevel()) {
	        case ACL.LEVEL_NOACCESS:
	        	AclLevel = "no"; break;
	        case ACL.LEVEL_DEPOSITOR:
	        	AclLevel = "depositor"; break;
	        case ACL.LEVEL_READER:
	        	AclLevel = "reader"; break;
	        case ACL.LEVEL_AUTHOR:
	        	AclLevel = "author"; break;
	        case ACL.LEVEL_EDITOR:
	        	AclLevel = "editor"; break;
	        case ACL.LEVEL_DESIGNER:
	        	AclLevel = "designer"; break;
	        case ACL.LEVEL_MANAGER:
	        	AclLevel = "manager"; break; }
		//load results to variable
	    //use in if statement, return true
		UserAttr= AclLevel.toString();
		System.out.println("User is a "+ UserAttr + " in this db...");
		//...
		}catch (NotesException e) {
			//print this error to the server
			e.printStackTrace();
		}
		//find out if the ACL is of Level manager
		//in which case user should be able to see/edit control(s)
		if(this.UserAttr !="manager")			
		//DO NOT give user ability to update field if a NOT manager
		//Disable this field at once on the Xpage
			
		//TO DO: Play around with images at this point, load from URL
		//especially if using the link control, add an image 
		//user can click images/icons for add/edit/delete docs through Xpages
			return true;		
		//let user edit field at will, user is a manger, 
            //this field should not be disabled
		return false;
	}
	/**
	  
	 * Method: SecurityAccessOkay()
	 * Created: 2012.08.26.2.08.AM
	 * Security Access Boolean for Xpages Controls (Hide/Show)
	 * 
	 */
	// links control, items on form vanish if Security access is 0 
	// for viewaccess, updateaccess, addaccess, and deleteaccess in NSF back-end
	public boolean SecurityAccessOkay() {
		// let's add a try catch here, to grab errors near the end
		try {
			Document doc;
		//BEGIN DEBUG
			Database database = (Database) FacesContext.getCurrentInstance()
			.getApplication().getVariableResolver().resolveVariable(
					FacesContext.getCurrentInstance(), "database");
			System.out.println("Database Obtained..." + database);
		// Find the view in question
			View view = database.getView("SecurityAccessView");
			System.out.println("View Obtained..." + view);
		//initialize doc collection for searching 
		//TO DO: Add adding code to read updateaccess, addaccess, and deleteaccess in NSF back-end
			DocumentCollection dc =view.getAllDocumentsByKey("ViewAccess", true);//
			System.out.println("Collection Obtained..." + dc);
			  dc = database.FTSearch("Yes");
		//Get first Document from current view
				doc = (Document) dc.getFirstDocument();
				System.out.println("All systems are go, looping..." + dc);
				// Create a while loop to process the document in the View
				while (dc!=null) {
					//add more code here, do stuff
					System.out.println("Results are in..." + dc);
					//Let user see field/control Xpages
					return true;
					
				}

		} catch (Exception e) {
			e.printStackTrace();
		}
		//User should NOT see field/control Xpages
		return false;
	}

All code submitted to OpenNTF XSnippets, whether submitted as a "Snippet" or in the body of a Comment, is provided under the Apache License Version 2.0. See Terms of Use for full details.

No comments yetLogin first to comment...