ucAllowAttachmentOperation

Purpose

Determines permissibility of a GUI attachment operation, such as: ADD button, EDIT button, DESCRIPTION modification, or DELETE button

Applies To

Attachment Methods

Signature

   public boolean ucAllowAttachmentOperation(
        String operation,       // ADD, EDIT, MODIFY_DESCRIPTION, DELETE
        String layoutType,      // ADD_PROBLEM, EDIT
        Attachment attachment,  // if available, an attachment id
        SesameSession session,  // current session
        Connection dbconn,      // DB connection
        Map selectedVals        // current issue state
    ) throws Exception;

Notes

There are three environments (layoutType) that this may be invoked from ADD_PROBLEM screen, EDIT_PROBLEM screen, EDIT_ATTACHMENT popup. The Attachment object is passed in when available. It is not available for the ADD button, otherwise, it is non-null, then the usual parameters are passed in. This method RETURNS true if operation permitted, false if not.

Example

public boolean ucAllowAttachmentOperation(
        String operation,       // ADD, EDIT, MODIFY_DESCRIPTION, DELETE
        String layoutType,      // ADD_PROBLEM, EDIT
        Attachment attachment,  // if available, an attachment id
        SesameSession session,  // current session
        Connection dbconn,      // DB connection
        Map selectedVals)       // current issue state
throws Exception
{
    String role = session.getUserRole();
    String userId = session.getUserId();
    
    // TESTER role should only have the ability to delete attachements
    // submitted by same user for issues that in queue.
    if ("DELETE".equals(operation) && "TESTER".equals(role) )
    {
    	String attachmentUserId = attachment.getUserId();
    	
        if (! userId.equals(attachmentUserId) )
        {
        	Z.log.writeToLog(Z.log.WARN, "Disallow delete of attachment submitted by " +
        			attachmentUserId + " for user " + userId);
            return false;
        }
    }
    
    return true;
}