public SecurityLevelAndServiceCheckVo getSecurityLevelAndServiceForInvestigation(Integer idInvestigation) { if (idInvestigation == null) throw new CodingRuntimeException("idInvestigation is null in method getSecurityLevelForInvestigation"); SecurityLevelAndServiceCheckVo voToReturn = new SecurityLevelAndServiceCheckVo(); List lstSecLevels = getDomainFactory().find("select invIndex.securityLevel, ls.service from InvestigationIndex as invIndex left join invIndex.investigations as inv left join inv.providerService as ps left join ps.locationService as ls where invIndex.id = " + idInvestigation); //WDEV-11674 if(lstSecLevels != null && lstSecLevels.size() == 1) { Object[] arrVals = (Object[]) lstSecLevels.get(0); SecurityLevel doSecLevel = (SecurityLevel) arrVals[0]; Service doService = (Service) arrVals[1]; if(doSecLevel != null) voToReturn.setSecurityLevel(SecurityLevelConfigVoAssembler.create(doSecLevel)); if(doService != null) voToReturn.setService(new ServiceRefVo(doService.getId(), doService.getVersion())); } return voToReturn; }
/** * method will now get the template and filter any items that don't pass security checks WDEV-11071,WDEV-11109 */ public ims.ocrr.vo.OrderEntryTemplateVo getOrderEntryTemplate(ims.ocrr.vo.OrderEntryTemplateShortVo orderEntryTemplate, RoleDisciplineSecurityLevelLiteGCVo voSecurity) { OrderEntryTemplateVo voOrdTemplate = OrderEntryTemplateVoAssembler.create((OrderEntryTemplate)getDomainFactory().getDomainObject(OrderEntryTemplate.class, orderEntryTemplate.getID_OrderEntryTemplate())); //enforce Security here OrderEntryTemplateComponentShortVoCollection removableComponenets = new OrderEntryTemplateComponentShortVoCollection(); for(OrderEntryTemplateComponentShortVo comp : voOrdTemplate.getComponents()) { if(comp.getInvestigationIsNotNull()) { if(voSecurity != null) { SecurityLevelAndServiceCheckVo voSecLevelAndService = getSecurityLevelAndServiceForInvestigation(comp.getInvestigation().getInvestigationIndex().getID_InvestigationIndex()); if(voSecLevelAndService != null && voSecLevelAndService.getSecurityLevelIsNotNull() && voSecLevelAndService.getServiceIsNotNull()) { if(!voSecurity.doesInvPassSecurityCheck(voSecLevelAndService.getService(),voSecLevelAndService.getSecurityLevel(),true)) //WDEV-11622 { removableComponenets.add(comp); continue; } } } } } if(removableComponenets.size() > 0) { for(OrderEntryTemplateComponentShortVo compToRemove : removableComponenets) { voOrdTemplate.getComponents().remove(compToRemove); } } return voOrdTemplate; }
/** * method will filter any items that don't pass security checks WDEV-11071,WDEV-11109 */ public ComponentSelectOrderVoCollection getChildComponentsForOrderSet(Integer orderSetID, RoleDisciplineSecurityLevelLiteGCVo voSecurity) { ComponentSelectOrderVoCollection components = OrderSetSelectOrderVoAssembler.create((OrderSet)getDomainFactory().getDomainObject(OrderSet.class, orderSetID.intValue())).getComponents(); //enforce Security here ComponentSelectOrderVoCollection removableComponenets = new ComponentSelectOrderVoCollection(); for(ComponentSelectOrderVo comp : components) { if(comp.getInvestigationIsNotNull()) { if(voSecurity != null) { SecurityLevelAndServiceCheckVo voSecLevelAndService = getSecurityLevelAndServiceForInvestigation(comp.getInvestigation().getInvestigationIndex().getID_InvestigationIndex()); if(voSecLevelAndService != null && voSecLevelAndService.getSecurityLevelIsNotNull() && voSecLevelAndService.getServiceIsNotNull()) { if(!voSecurity.doesInvPassSecurityCheck(voSecLevelAndService.getService(),voSecLevelAndService.getSecurityLevel(),true)) //WDEV-11622 { removableComponenets.add(comp); continue; } } } } } if(removableComponenets.size() > 0) { for(ComponentSelectOrderVo compToRemove : removableComponenets) { components.remove(compToRemove); } } return components; }
/** * method will filter any items that don't pass security checks WDEV-11071,WDEV-11109 */ public InvestigationSelectOrderVo getChildComponentsForInvestigationOrProfile(Integer investigationID, RoleDisciplineSecurityLevelLiteGCVo voSecurity) { Investigation doInvest = (Investigation)getDomainFactory().getDomainObject(Investigation.class, investigationID.intValue()); boolean isProfile = doInvest.getInvestigationIndex().isIsProfile(); InvestigationSelectOrderVo invest = InvestigationSelectOrderVoAssembler.create((Investigation)getDomainFactory().getDomainObject(Investigation.class, investigationID.intValue())); //enforce Security here for profiles to filter out children that do not pass the security check if(isProfile) { InvestigationSelectOrderVoCollection removableComponenets = new InvestigationSelectOrderVoCollection(); for(InvestigationSelectOrderVo comp : invest.getAssocInvestigations()) { if(voSecurity != null) { SecurityLevelAndServiceCheckVo voSecLevelAndService = getSecurityLevelAndServiceForInvestigation(comp.getID_Investigation()); if(voSecLevelAndService != null && voSecLevelAndService.getSecurityLevelIsNotNull() && voSecLevelAndService.getServiceIsNotNull()) { if(!voSecurity.doesInvPassSecurityCheck(voSecLevelAndService.getService(),voSecLevelAndService.getSecurityLevel(),true)) //WDEV-11622 { removableComponenets.add(comp); continue; } } } } if(removableComponenets.size() > 0) { for(InvestigationSelectOrderVo compToRemove : removableComponenets) { invest.getAssocInvestigations().remove(compToRemove); } } //if the profile now has no secure children return null which will tell ui that none of the children passed the security check if(invest.getAssocInvestigations().size() == 0) return null; } return invest; }
