Commit 27ca95c4 authored by Matija Obreza's avatar Matija Obreza
Browse files

Added role editor, removed unused roles and added CONTENTMANAGER

parent c83eadb1
......@@ -16,7 +16,6 @@
package org.genesys2.server.model;
import java.io.IOException;
import java.util.Date;
import javax.persistence.Column;
......
......@@ -17,8 +17,7 @@
package org.genesys2.server.model;
public enum UserRole {
USER("User"), ADMINISTRATOR("Administrator"), ORGANIZATION_ADMINISTRATOR("Organization Administrator"), NETWORK_ADMINISTRATOR("Network Administrator"), VALIDATEDUSER(
"Validated user"), VETTEDUSER("Vetted user");
USER("User"), ADMINISTRATOR("Administrator"), VALIDATEDUSER("Validated user"), VETTEDUSER("Vetted user"), CONTENTMANAGER("Content Manager");
String label;
......
......@@ -16,7 +16,10 @@
package org.genesys2.server.service;
import java.util.List;
import org.genesys2.server.exception.UserException;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.model.wrapper.UserWrapper;
import org.springframework.data.domain.Page;
......@@ -25,6 +28,8 @@ import org.springframework.security.access.prepost.PreAuthorize;
public interface UserService {
List<UserRole> listAvailableRoles();
@PreAuthorize("hasRole('ADMINISTRATOR')")
void addUser(User user) throws UserException;
......@@ -73,4 +78,6 @@ public interface UserService {
void userEmailValidated(String uuid);
void addVettedUserRole(String uuid);
void updateRoles(User user, List<String> selectedRoles);
}
......@@ -38,7 +38,7 @@ public class ContentSanitizer {
@Autowired
private HtmlSanitizer htmlSanitizer;
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
public void sanitizeAll() {
LOG.info("Sanitizing articles");
......
......@@ -86,6 +86,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public void save(Iterable<Article> articles) {
articleRepository.save(articles);
......@@ -124,7 +125,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public Article updateArticle(long id, String slug, String title, String body) {
Article article = articleRepository.findOne(id);
......@@ -146,7 +147,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public Article createGlobalArticle(String slug, Locale locale, String title, String body) {
Article article = getGlobalArticle(slug, locale, false);
......@@ -176,7 +177,7 @@ public class ContentServiceImpl implements ContentService {
*/
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#entity, 'ADMINISTRATION')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER') or hasPermission(#entity, 'ADMINISTRATION')")
@CacheEvict(value = "contentcache", allEntries = true)
public Article updateArticle(EntityId entity, String slug, String title, String body, Locale locale) {
// return
......@@ -187,7 +188,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public Article updateArticle(Class<?> clazz, Long id, String slug, String title, String body, Locale locale) {
Article article = getArticle(clazz, id, slug, locale, false);
......@@ -243,7 +244,7 @@ public class ContentServiceImpl implements ContentService {
*/
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public ActivityPost createActivityPost(String title, String body) {
ActivityPost newPost = new ActivityPost();
......@@ -253,7 +254,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public ActivityPost updateActivityPost(long id, String title, String body) {
ActivityPost post = postRepository.findOne(id);
......@@ -269,7 +270,7 @@ public class ContentServiceImpl implements ContentService {
@Override
@Transactional(readOnly = false)
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@CacheEvict(value = "contentcache", allEntries = true)
public void deleteActivityPost(long id) {
postRepository.delete(id);
......
......@@ -17,11 +17,13 @@
package org.genesys2.server.service.impl;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections4.ListUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.genesys2.server.exception.NoUserFoundException;
......@@ -66,6 +68,8 @@ public class UserServiceImpl implements UserService {
private long accountLockoutTime = 5 * 60 * 1000;
private List<UserRole> availableRoles = ListUtils.unmodifiableList(Arrays.asList(UserRole.values()));
/**
* Set number of milliseconds for user account lockout
*/
......@@ -77,6 +81,11 @@ public class UserServiceImpl implements UserService {
return accountLockoutTime;
}
@Override
public List<UserRole> listAvailableRoles() {
return availableRoles;
}
@Override
// FIXME Re-enable this
// @PreAuthorize("hasRole('ADMINISTRATOR')")
......@@ -396,4 +405,20 @@ public class UserServiceImpl implements UserService {
SecurityContextHolder.getContext().setAuthentication(authentication);
}
/**
* Replace user's roles with roles specified in the list
*/
@PreAuthorize("hasRole('ADMINISTRATOR')")
@Override
@Transactional(readOnly = false)
public void updateRoles(User user, List<String> selectedRoles) {
User dbuser = userPersistence.findOne(user.getId());
LOG.info("Removing all roles for user " + user);
dbuser.getRoles().clear();
for (String role : selectedRoles) {
dbuser.getRoles().add(UserRole.valueOf(role));
LOG.info("Adding role " + role + " to user " + user);
}
userPersistence.save(dbuser);
}
}
......@@ -52,7 +52,7 @@ public class ArticleController extends BaseController {
return "/content/article";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@RequestMapping("{url}/edit")
public String edit(ModelMap model, @PathVariable(value = "url") String slug) {
_logger.debug("Editing article " + slug);
......@@ -68,7 +68,7 @@ public class ArticleController extends BaseController {
return "/content/article-edit";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@RequestMapping(value = "/save-article", method = { RequestMethod.POST })
public String createNewGlobalArticle(ModelMap model, @RequestParam("slug") String slug, @RequestParam("title") String title,
@RequestParam("body") String body) {
......@@ -78,7 +78,7 @@ public class ArticleController extends BaseController {
return "redirect:/content/" + slug;
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')")
@RequestMapping(value = "/save-article", params = { "id" }, method = { RequestMethod.POST })
public String saveExistingGlobalArticle(ModelMap model, @RequestParam("id") long id, @RequestParam("slug") String slug,
@RequestParam("title") String title, @RequestParam("body") String body) {
......
......@@ -16,6 +16,8 @@
package org.genesys2.server.servlet.controller;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.genesys2.server.exception.UserException;
import org.genesys2.server.model.impl.User;
......@@ -105,7 +107,7 @@ public class UserProfileController extends BaseController {
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String edit(ModelMap model, @PathVariable("uuid") String uuid) {
someProfile(model, uuid);
model.addAttribute("availableRoles", userService.listAvailableRoles());
return "/user/edit";
}
......@@ -202,4 +204,17 @@ public class UserProfileController extends BaseController {
return "redirect:/profile/" + user.getUuid();
}
@RequestMapping(value = "/{uuid:.+}/update-roles", method = { RequestMethod.POST })
@PreAuthorize("hasRole('ADMINISTRATOR')")
public String updateRoles(ModelMap model, @PathVariable("uuid") String uuid, @RequestParam("role") List<String> selectedRoles) {
User user = userService.getUserByUuid(uuid);
if (user == null) {
throw new ResourceNotFoundException();
}
userService.updateRoles(user, selectedRoles);
return "redirect:/profile/" + user.getUuid();
}
}
......@@ -18,7 +18,7 @@
</c:if>
<div class="article" dir="${article.lang=='fa' || article.lang=='ar' ? 'rtl' : 'ltr'}">
<security:authorize access="hasRole('ADMINISTRATOR')">
<security:authorize access="hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')">
<a href="<c:url value="/content/${article.slug}/edit" />" class="close">
<spring:message code="edit" />
</a>
......
......@@ -18,7 +18,7 @@
</c:if>
<div class="post-actions">
<security:authorize access="hasRole('ADMINISTRATOR')">
<security:authorize access="hasRole('ADMINISTRATOR') or hasRole('CONTENTMANAGER')">
<a href="<c:url value="/content/activitypost/${activityPost.id}/edit" />"><spring:message code="edit" /></a>
&bull;
</security:authorize>
......
......@@ -41,12 +41,33 @@
<div class="form-group">
<div class="col-lg-offset-2 col-lg-10">
<input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" /> <a class="btn btn-default" href="<c:url value="/profile" />" class="btn"> <spring:message code="cancel" />
<input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" /> <a class="btn btn-default" href="<c:url value="/profile/${user.uuid}" />" class="btn"> <spring:message code="cancel" />
</a>
</div>
</div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
<security:authorize access="hasRole('ADMINISTRATOR')">
<h1>
<spring:message code="user.roles" />
</h1>
<form role="form" class="form-horizontal validate" action="<c:url value="/profile/${user.uuid}/update-roles" />" method="post">
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<c:forEach items="${availableRoles}" var="role">
<div class="form-group">
<div class="col-lg-12">
<label><input type="checkbox" name="role" value="${role}" ${user.hasRole(role) ? 'checked="true"' : ''} /> ${role}</label>
</div>
</div>
</c:forEach>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-10">
<input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" />
</div>
</div>
</form>
</security:authorize>
</body>
</html>
\ No newline at end of file
......@@ -40,9 +40,9 @@
<div class="form-group">
<label class="col-lg-2 control-label"><spring:message code="user.roles" /></label>
<div class="col-lg-5">
<div class="col-lg-10">
<c:forEach items="${user.roles}" var="role">
${role}
<div>${role}</div>
</c:forEach>
</div>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment