I have to add an additional validation rule to a form field in a Java web application. I have a rule in place that validates that the form field value entered is that of a valid employee ID.
But now I would like to verify that this value is either the Employee ID of the form/web user or of an employee of the form/web user. In other words an employee can enter an event against their own employee ID and a supervisor can enter an event against their own employee ID as well as an ID of an employee they supervise badge. Here is what I have.
public Object in开发者_如何学Csert(HttpServletRequest request) {
OopEvent event = new OopEvent();
STKUser authenticatedUser = (STKUser) request.getSession().getAttribute("STKUserSession");
try {
// populate bean with setters
processEventBadge (request, event);
processEventEventTypeID(request, event);
processEventStartDate (request, event);
processEventEndDate (request, event);
processEventHours (request, event);
if (isSucces()) {
EventDAO.insert(event, authenticatedUser);
}
else {
setError(FORM_RESULTS, "Error - There are error(s) in your input. See below.");
LOGGERI.log(Level.INFO, "Form input errors inserting OopEvent", authenticatedUser);
}
} catch (DAOException e) {
setError(FORM_RESULTS, e.getMessage());
}
return event;
}
// Field processors
// ---------------------------------------------------------------------------
public void processEventBadge(HttpServletRequest request, OopEvent event) throws DAOException {
String _badge = FormUtil.getFieldValue(request, FIELD_BADGE);
if (!"".equals(_badge) && _badge != null) {
try {
event.setBadge(_badge);
event.setEventUser(STKUserDAO.getValidEmployeeByBadge(_badge)); //Returns user bean
//should make a call to validate event employee ID HERE?????????? If so I need the send eventUser and authenticatedUser but authenticatedUser is not available here only the eventUser (only if the badge number is of a valid employee)
}
catch (ValidatorException e) {
setError(FIELD_BADGE, e.getMessage());
}
catch (DAOException e) {
setError(FIELD_BADGE, e.getMessage());
throw new DAOException(e.getMessage());
}
}
else {
setError(FIELD_BADGE, "OopEvent Owner badge is required");
}
}
Should I implement this logic in the insert method, the processEventBadge or in a validateEventBadge method?? Or somewhere else?? I think I should put a call in the processEventBadge to a validateEventBadge method but that would require me to pass the authenticatedUser object to both methods. A User Object contains an employee ID and the supervisors employee ID. So I could make sure the logged in user supervisors the event by comparing the two objects.
The last thing you mentioned sounds good.
I would also put a call in the processEventBadge to a validateEventBadge method.
The passing of the user object is an easy thing.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论