Commit 2e9e99bf authored by Matija Obreza's avatar Matija Obreza
Browse files

Merge branch 'master' into staging

* master:
  Fixed KML error on empty filters
  Don't check local reCaptcha
  ACL with user roles
parents b9fd012b f8ea3ade
......@@ -34,7 +34,6 @@ import org.genesys2.server.model.impl.Crop;
import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.domain.AccessionRepository;
import org.genesys2.server.persistence.domain.MethodRepository;
import org.genesys2.server.persistence.domain.TraitValueRepository;
import org.genesys2.server.service.CropService;
import org.genesys2.server.service.FilterConstants;
import org.genesys2.server.service.GenesysFilterService;
......@@ -42,7 +41,6 @@ import org.genesys2.server.service.GenesysService;
import org.genesys2.server.service.GeoService;
import org.genesys2.server.service.InstituteService;
import org.genesys2.server.service.TaxonomyService;
import org.genesys2.server.service.TraitService;
import org.genesys2.server.service.impl.DirectMysqlQuery.MethodResolver;
import org.genesys2.server.service.impl.FilterHandler.AppliedFilter;
import org.genesys2.server.service.impl.FilterHandler.AppliedFilters;
......@@ -70,18 +68,12 @@ public class GenesysFilterServiceImpl implements GenesysFilterService {
@Autowired
private GenesysService genesysService;
@Autowired
private TraitValueRepository traitValueRepository;
@Autowired
private MethodRepository methodRepository;
@Autowired
private AccessionRepository accessionRepository;
@Autowired
private TraitService traitService;
@Autowired
private GeoService geoService;
......@@ -251,8 +243,9 @@ public class GenesysFilterServiceImpl implements GenesysFilterService {
final DirectMysqlQuery directQuery = new DirectMysqlQuery("accessiongeo", "geo");
directQuery.filterTile(zoom, xtile, ytile);
directQuery.innerJoin("accession", "a", "a.id=geo.accessionId");
if (!filters.isEmpty()) {
directQuery.innerJoin("accession", "a", "a.id=geo.accessionId");
directQuery.join(filters);
directQuery.filter(filters, new MethodResolver() {
@Override
......
......@@ -16,6 +16,7 @@
package org.genesys2.server.servlet.controller;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.acl.AclObjectIdentity;
import org.genesys2.server.service.AclService;
import org.genesys2.server.service.UserService;
......@@ -53,6 +54,7 @@ public class AclEditController extends BaseController {
// Map<AclSid, Map<Permission, Boolean>>
model.addAttribute("aclEntries", aclService.getPermissions(id, className));
model.addAttribute("backUrl", backUrl);
model.addAttribute("roles", UserRole.values());
return "/acl/editor";
}
......
......@@ -51,24 +51,23 @@ public class PermissionController extends RestController {
private UserService userService;
@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
Object addPermission(@RequestBody PermissionJson permissionJson) {
public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
LOG.info("Adding permission " + permissionJson);
final User user = userService.getUserByEmail(permissionJson.getUuid());
if (user != null) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
if (permissionJson.isPrincipal()) {
final User user = userService.getUserByEmail(permissionJson.getUuid());
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
return JSON_OK;
} else {
throw new RuntimeException("No such user.");
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(),
permissionMap);
return JSON_OK;
}
}
@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
Object updatePermissions(@RequestBody PermissionJson permissionJson) {
public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
......@@ -77,10 +76,8 @@ public class PermissionController extends RestController {
return JSON_OK;
}
@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
List<String> acUser(@RequestParam("term") String email) {
public @ResponseBody List<String> acUser(@RequestParam("term") String email) {
List<String> userEmails = new ArrayList<String>();
for (User user : userService.autocompleteUser(email)) {
userEmails.add(user.getEmail());
......
......@@ -40,12 +40,25 @@ public class ReCaptchaUtil {
private static final String URL = "https://www.google.com/recaptcha/api/siteverify";
public static boolean isValid(String reCaptchaResponse, String remoteAddr, String captchaPrivateKey) throws IOException {
boolean isLocalRequest = false;
try {
final InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
isLocalRequest = remoteInetAddr.isLinkLocalAddress() || remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
LOG.warn("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
} catch (final UnknownHostException e1) {
LOG.warn(e1.getMessage());
}
if (isLocalRequest) {
LOG.info("Ignoring localhost re-captcha.");
return true;
}
if (reCaptchaResponse == null || "".equals(reCaptchaResponse)) {
return false;
}
boolean isLocalRequest = false;
URL url = new URL(URL);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
......@@ -61,20 +74,9 @@ public class ReCaptchaUtil {
dataOutputStream.flush();
dataOutputStream.close();
try {
final InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
isLocalRequest = remoteInetAddr.isLinkLocalAddress() || remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
LOG.warn("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
} catch (final UnknownHostException e1) {
LOG.warn(e1.getMessage());
}
int responseCode = connection.getResponseCode();
LOG.info("Send recaptcha post request to --> " + url + "\nPost parameters : " + postParams + "\n Response Code : " + responseCode);
if (isLocalRequest) {
LOG.info("Ignoring localhost re-captcha.");
// return true;
}
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String inputLine;
......
......@@ -28,7 +28,16 @@
<c:forEach items="${aclSids}" var="aclSid" varStatus="status">
<tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
<td><c:out value="${jspHelper.userByUuid(aclSid.sid).email}" /></td>
<td>
<c:choose>
<c:when test="${aclSid.principal == true}">
<c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
</c:when>
<c:when test="${aclSid.principal == false}">
<c:out value="${aclSid.sid}"/>
</c:when>
</c:choose>
</td>
<input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>
......@@ -57,6 +66,25 @@
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td>
<td></td>
</tr>
<tr id="permissionAdderByRole" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
<td>
<select class="required form-control" name="uuid" id="" title="roles">
<option disabled="disabled" selected="selected">SELECT ROLE</option>
<c:forEach var="role" items="${roles}">
<option value="${role}">${role}</option>
</c:forEach>
</select>
</td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1"
name="acPermissionValue${aclPermission.mask}"
${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
</c:forEach>
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />"/></td>
<td></td>
</tr>
</tbody>
</table>
......@@ -65,6 +93,48 @@
<content tag="javascript">
<script type="text/javascript">
jQuery(document).ready(function() {
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true);
}
$('#permissionAdderByRole select').on('change', function () {
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true);
} else {
$("#permissionAdderByRole input[type=button]").prop('disabled', false);
}
});
$("#permissionAdderByRole input[type=button]").on("click", function (a, b, c) {
var object = {
"oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": $('#permissionAdderByRole select')[0].value,
"principal": false,
"create": $("#rAutoCheck4").is(':checked'),
"read": $("#rAutoCheck1").is(':checked'),
"write": $("#rAutoCheck2").is(':checked'),
"delete": $("#rAutoCheck8").is(':checked'),
"manage": $("#rAutoCheck16").is(':checked')
};
$.ajax("<c:url value="/json/v0/permission/add" />", {
type: 'POST',
dataType: 'json',
contentType: 'application/json; charset=utf-8',
data: (object == null ? null : JSON.stringify(object)),
beforeSend: function (xhr) {
},
success: function (respObject) {
window.location.reload();
console.log(respObject);
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(textStatus);
console.log(errorThrown);
}
});
});
$("#permissionAdder input[type=button]").on("click", function(a,b,c) {
var create=$("#autoCheck4").is(':checked');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment