0

我是编程世界的新手,我喜欢它。

我对不同角色的 Query.Filter Operator 有一些问题。

  • 管理员 - 管理员可以查看所有休假记录
  • 主管 - 主管可以查看自己和他/她下的所有员工
  • 员工 - 员工只能查看自己的休假历史

从我所做的测试来看。管理员和员工工作正常,我面临的问题是主管,主管可以查看他/她下的员工,但无法查看自己的休假历史

这是代码的一部分,感谢任何人都可以帮助我。谢谢

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
    log.debug(ViewHistory.class);
    DataTableModel dataTableModel = DataTablesUtility.getParam(request);
    String regionSelected = request.getParameter("cri_region");
    String sEcho = dataTableModel.sEcho;
    int iTotalRecords = 0; // total number of records (unfiltered)
    int iTotalDisplayRecords = 0; //value will be set when code filters companies by keyword
    JsonArray data = new JsonArray(); //data that will be shown in the table

    String emailAddress = (String)request.getSession().getAttribute("emailAdd");
    Boolean isAdmin = false;
    Boolean isSupervisor = false;

    AdministratorService as = new AdministratorService();
    for(Administrator admin : as.getAdministrators()){
        if(admin.getEmailAddress().equalsIgnoreCase(emailAddress)){
            isAdmin = true;
        }
    }

    SupervisorService ss = new SupervisorService();
    for(Supervisor s : ss.getSupervisors()){
        if(s.getEmailAddress().equalsIgnoreCase(emailAddress)){
            isSupervisor = true;
        }
    }

    DatastoreService datastore = DatastoreServiceFactory.getDatastoreService();
    Query q = new Query(History.class.getSimpleName());
            // only admin can view all leave history
            if(!isAdmin && !isSupervisor){
                Filter emailFilter = new FilterPredicate("emailAdd",
                        FilterOperator.EQUAL,
                        emailAddress);
                Filter regionFilter = new FilterPredicate("region",
                        FilterOperator.EQUAL,
                        StringUtils.defaultString(regionSelected, "Singapore"));
                Filter filter = CompositeFilterOperator.and(emailFilter, regionFilter);
                q.setFilter(filter);
            }
            else if(!isAdmin && isSupervisor){
                List<String> list = new ArrayList<String>();
                EmployeeService es = new EmployeeService();
                for(Employee emp : es.getEmployees()){
                    if(emailAddress.equalsIgnoreCase(emp.getSupervisor())){
                        list.add(emp.getEmailAddress());
                    }
                }

                // if some one under this supervisor
                if(list != null && !list.isEmpty()){
                    Filter filter = new FilterPredicate("emailAdd",
                            FilterOperator.IN,
                            list);
                    q.setFilter(filter);
                }
                else{
                    // if not one under this supervisor , put update it self to avoid illegal argument
                    Filter filter = new FilterPredicate("emailAdd",
                            FilterOperator.EQUAL,
                            emailAddress);
                    q.setFilter(filter);
                }

            }

    List<History> historyList = new LinkedList<History>();
    List<History> entityList = new LinkedList<History>();
4

1 回答 1

0

编辑:更新的建议。

如果当前对于主管,您能够正确获取以他为主管的所有员工的列表,那么只需将主管的电子邮件也添加到您将用作查询休假历史的过滤器的列表中。所以在找到员工电子邮件列表后,还要添加:

list.add(emailAddress);  //since emailAddress will be the email of the supervisor
于 2013-07-08T10:05:12.100 回答