From: <jav...@us...> - 2011-11-30 21:50:23
|
Revision: 16382 http://dcm4che.svn.sourceforge.net/dcm4che/?rev=16382&view=rev Author: javawilli Date: 2011-11-30 21:50:16 +0000 (Wed, 30 Nov 2011) Log Message: ----------- [#WEB-601] Patient deletion does not check studypermissions Modified Paths: -------------- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-ejb/src/main/java/org/dcm4chee/web/dao/folder/StudyListBean.java dcm4chee/dcm4chee-web/trunk/dcm4chee-web-war/src/main/java/org/dcm4chee/web/war/folder/model/PatientModel.java Modified: dcm4chee/dcm4chee-web/trunk/dcm4chee-web-ejb/src/main/java/org/dcm4chee/web/dao/folder/StudyListBean.java =================================================================== --- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-ejb/src/main/java/org/dcm4chee/web/dao/folder/StudyListBean.java 2011-11-30 21:44:48 UTC (rev 16381) +++ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-ejb/src/main/java/org/dcm4chee/web/dao/folder/StudyListBean.java 2011-11-30 21:50:16 UTC (rev 16382) @@ -247,14 +247,8 @@ public boolean isActionForAllStudiesOfPatientAllowed(long patPk, String action, List<String> roles) { if (roles == null) return true; - StringBuilder ql = new StringBuilder(64); - ql.append("SELECT COUNT(s) FROM Study s WHERE s.patient.pk = ?1") - .append(" AND (s.studyInstanceUID NOT IN (SELECT sp.studyInstanceUID FROM StudyPermission sp WHERE sp.action = ?2 AND sp.role IN (:roles)))"); - Query query = em.createQuery(ql.toString()); - query.setParameter(1, patPk); - query.setParameter(2, action); - query.setParameter("roles", roles); - return (((Number) query.getSingleResult()).intValue() == 0); + return countStudiesOfPatient(patPk, roles) == + ((Number)getStudiesOfPatientQuery(true, patPk, false, null).getSingleResult()).intValue(); } @SuppressWarnings("unchecked") Modified: dcm4chee/dcm4chee-web/trunk/dcm4chee-web-war/src/main/java/org/dcm4chee/web/war/folder/model/PatientModel.java =================================================================== --- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-war/src/main/java/org/dcm4chee/web/war/folder/model/PatientModel.java 2011-11-30 21:44:48 UTC (rev 16381) +++ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-war/src/main/java/org/dcm4chee/web/war/folder/model/PatientModel.java 2011-11-30 21:50:16 UTC (rev 16382) @@ -187,7 +187,7 @@ public boolean isActionForAllStudiesAllowed(String action) { return dao.isActionForAllStudiesOfPatientAllowed(getPk(), action, - StudyPermissionHelper.get().applyStudyPermissions() ? StudyPermissionHelper.get().getDicomRoles() : null); + StudyPermissionHelper.get().isUseStudyPermissions() ? StudyPermissionHelper.get().getDicomRoles() : null); } @Override This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |