Merge branch 'master' into staging

* master: Fixed KML error on empty filters Don't check local reCaptcha ACL with user roles

Merge branch 'master' into staging
* master: Fixed KML error on empty filters Don't check local reCaptcha ACL with user roles
2e9e99bf · Matija Obreza · b9fd012b · f8ea3ade · 2e9e99bf · 2e9e99bf
Commit 2e9e99bf authored Oct 26, 2015 by Matija Obreza
5 changed files
--- a/src/main/java/org/genesys2/server/service/impl/GenesysFilterServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/GenesysFilterServiceImpl.java
@@ -34,7 +34,6 @@ import org.genesys2.server.model.impl.Crop;
 import org.genesys2.server.model.impl.FaoInstitute;
 import org.genesys2.server.persistence.domain.AccessionRepository;
 import org.genesys2.server.persistence.domain.MethodRepository;
-import org.genesys2.server.persistence.domain.TraitValueRepository;
 import org.genesys2.server.service.CropService;
 import org.genesys2.server.service.FilterConstants;
 import org.genesys2.server.service.GenesysFilterService;
@@ -42,7 +41,6 @@ import org.genesys2.server.service.GenesysService;
 import org.genesys2.server.service.GeoService;
 import org.genesys2.server.service.InstituteService;
 import org.genesys2.server.service.TaxonomyService;
-import org.genesys2.server.service.TraitService;
 import org.genesys2.server.service.impl.DirectMysqlQuery.MethodResolver;
 import org.genesys2.server.service.impl.FilterHandler.AppliedFilter;
 import org.genesys2.server.service.impl.FilterHandler.AppliedFilters;
@@ -70,18 +68,12 @@ public class GenesysFilterServiceImpl implements GenesysFilterService {
 	@Autowired
 	private GenesysService genesysService;
 	
-	@Autowired
-	private TraitValueRepository traitValueRepository;
-
 	@Autowired
 	private MethodRepository methodRepository;

 	@Autowired
 	private AccessionRepository accessionRepository;

-	@Autowired
-	private TraitService traitService;
-
 	@Autowired
 	private GeoService geoService;

@@ -251,8 +243,9 @@ public class GenesysFilterServiceImpl implements GenesysFilterService {

 		final DirectMysqlQuery directQuery = new DirectMysqlQuery("accessiongeo", "geo");
 		directQuery.filterTile(zoom, xtile, ytile);
+		directQuery.innerJoin("accession", "a", "a.id=geo.accessionId");
+
 		if (!filters.isEmpty()) {
-			directQuery.innerJoin("accession", "a", "a.id=geo.accessionId");
 			directQuery.join(filters);
 			directQuery.filter(filters, new MethodResolver() {
 				@Override

--- a/src/main/java/org/genesys2/server/servlet/controller/AclEditController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/AclEditController.java
@@ -16,6 +16,7 @@

 package org.genesys2.server.servlet.controller;

+import org.genesys2.server.model.UserRole;
 import org.genesys2.server.model.acl.AclObjectIdentity;
 import org.genesys2.server.service.AclService;
 import org.genesys2.server.service.UserService;
@@ -53,6 +54,7 @@ public class AclEditController extends BaseController {
 		// Map<AclSid, Map<Permission, Boolean>>
 		model.addAttribute("aclEntries", aclService.getPermissions(id, className));
 		model.addAttribute("backUrl", backUrl);
+		model.addAttribute("roles", UserRole.values());

 		return "/acl/editor";
 	}

--- a/src/main/java/org/genesys2/server/servlet/controller/rest/PermissionController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/rest/PermissionController.java
@@ -51,24 +51,23 @@ public class PermissionController extends RestController {
 	private UserService userService;

 	@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	Object addPermission(@RequestBody PermissionJson permissionJson) {
+	public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
 		LOG.info("Adding permission " + permissionJson);
-		final User user = userService.getUserByEmail(permissionJson.getUuid());

-		if (user != null) {
-			final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
+		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
+		if (permissionJson.isPrincipal()) {
+			final User user = userService.getUserByEmail(permissionJson.getUuid());
 			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
 			return JSON_OK;
 		} else {
-			throw new RuntimeException("No such user.");
+			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(),
+					permissionMap);
+			return JSON_OK;
 		}
 	}
-	

 	@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	Object updatePermissions(@RequestBody PermissionJson permissionJson) {
+	public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
 		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);

 		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
@@ -77,10 +76,8 @@ public class PermissionController extends RestController {
 		return JSON_OK;
 	}

-
 	@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	List<String> acUser(@RequestParam("term") String email) {
+	public @ResponseBody List<String> acUser(@RequestParam("term") String email) {
 		List<String> userEmails = new ArrayList<String>();
 		for (User user : userService.autocompleteUser(email)) {
 			userEmails.add(user.getEmail());

--- a/src/main/java/org/genesys2/util/ReCaptchaUtil.java
+++ b/src/main/java/org/genesys2/util/ReCaptchaUtil.java
@@ -40,12 +40,25 @@ public class ReCaptchaUtil {
 	private static final String URL = "https://www.google.com/recaptcha/api/siteverify";

 	public static boolean isValid(String reCaptchaResponse, String remoteAddr, String captchaPrivateKey) throws IOException {
+		boolean isLocalRequest = false;
+
+		try {
+			final InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
+			isLocalRequest = remoteInetAddr.isLinkLocalAddress() || remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
+			LOG.warn("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
+		} catch (final UnknownHostException e1) {
+			LOG.warn(e1.getMessage());
+		}
+
+		if (isLocalRequest) {
+			LOG.info("Ignoring localhost re-captcha.");
+			return true;
+		}
+
 		if (reCaptchaResponse == null || "".equals(reCaptchaResponse)) {
 			return false;
 		}

-		boolean isLocalRequest = false;
-
 		URL url = new URL(URL);
 		HttpURLConnection connection = (HttpURLConnection) url.openConnection();

@@ -61,20 +74,9 @@ public class ReCaptchaUtil {
 		dataOutputStream.flush();
 		dataOutputStream.close();

-		try {
-			final InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
-			isLocalRequest = remoteInetAddr.isLinkLocalAddress() || remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
-			LOG.warn("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
-		} catch (final UnknownHostException e1) {
-			LOG.warn(e1.getMessage());
-		}
 		int responseCode = connection.getResponseCode();
 		LOG.info("Send recaptcha post request to --> " + url + "\nPost parameters : " + postParams + "\n Response Code : " + responseCode);

-		if (isLocalRequest) {
-			LOG.info("Ignoring localhost re-captcha.");
-			// return true;
-		}

 		BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
 		String inputLine;

--- a/src/main/webapp/WEB-INF/jsp/acl/editor.jsp
+++ b/src/main/webapp/WEB-INF/jsp/acl/editor.jsp
@@ -28,7 +28,16 @@

    <c:forEach items="${aclSids}" var="aclSid" varStatus="status">
        <tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
-            <td><c:out value="${jspHelper.userByUuid(aclSid.sid).email}" /></td>
+            <td>
+                <c:choose>
+                    <c:when test="${aclSid.principal == true}">
+                        <c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
+                    </c:when>
+                    <c:when test="${aclSid.principal == false}">
+                        <c:out value="${aclSid.sid}"/>
+                    </c:when>
+                </c:choose>
+            </td>

            <input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>

@@ -57,6 +66,25 @@
        <td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td>
        <td></td>
    </tr>
+    <tr id="permissionAdderByRole" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
+        <td>
+            <select class="required form-control" name="uuid" id="" title="roles">
+                <option disabled="disabled" selected="selected">SELECT ROLE</option>
+                <c:forEach var="role" items="${roles}">
+                    <option value="${role}">${role}</option>
+                </c:forEach>
+            </select>
+        </td>
+
+        <c:forEach items="${aclPermissions}" var="aclPermission">
+            <td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1"
+                       name="acPermissionValue${aclPermission.mask}"
+                ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
+        </c:forEach>
+
+        <td><input type="button" class="btn btn-primary" value="<spring:message code="add" />"/></td>
+        <td></td>
+    </tr>
    </tbody>
 </table>

@@ -65,6 +93,48 @@
 <content tag="javascript">
 <script type="text/javascript">
    jQuery(document).ready(function() {
+        if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
+            $("#permissionAdderByRole input[type=button]").prop('disabled', true);
+        }
+        $('#permissionAdderByRole select').on('change', function () {
+            if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
+                $("#permissionAdderByRole input[type=button]").prop('disabled', true);
+            } else {
+                $("#permissionAdderByRole input[type=button]").prop('disabled', false);
+            }
+        });
+        $("#permissionAdderByRole input[type=button]").on("click", function (a, b, c) {
+
+            var object = {
+                "oid": ${aclObjectIdentity.objectIdIdentity},
+                "clazz": "${aclObjectIdentity.aclClass.aclClass}",
+                "uuid": $('#permissionAdderByRole select')[0].value,
+                "principal": false,
+                "create": $("#rAutoCheck4").is(':checked'),
+                "read": $("#rAutoCheck1").is(':checked'),
+                "write": $("#rAutoCheck2").is(':checked'),
+                "delete": $("#rAutoCheck8").is(':checked'),
+                "manage": $("#rAutoCheck16").is(':checked')
+            };
+
+            $.ajax("<c:url value="/json/v0/permission/add" />", {
+                type: 'POST',
+                dataType: 'json',
+                contentType: 'application/json; charset=utf-8',
+                data: (object == null ? null : JSON.stringify(object)),
+                beforeSend: function (xhr) {
+
+                },
+                success: function (respObject) {
+                    window.location.reload();
+                    console.log(respObject);
+                },
+                error: function (jqXHR, textStatus, errorThrown) {
+                    console.log(textStatus);
+                    console.log(errorThrown);
+                }
+            });
+        });
        $("#permissionAdder input[type=button]").on("click", function(a,b,c) {

            var create=$("#autoCheck4").is(':checked');