Commit 4bdb0abc authored by Matija Obreza's avatar Matija Obreza

Use autocompleter for ACL editor, load user info using jspHelper

parent aa929a77
......@@ -16,7 +16,10 @@
package org.genesys2.server.persistence.domain;
import java.util.List;
import org.genesys2.server.model.impl.User;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.transaction.annotation.Transactional;
......@@ -32,4 +35,7 @@ public interface UserPersistence extends JpaRepository<User, Long> {
User findByUuid(String uuid);
@Query("select u from User u where u.email like ?1 and u.systemAccount = false")
List<User> autocompleteByEmail(String email, Pageable pageable);
}
......@@ -86,4 +86,6 @@ public interface UserService {
UserDetails getUserDetails(User user);
List<User> autocompleteUser(String email);
}
......@@ -171,7 +171,8 @@ public class AclServiceImpl implements AclService {
private void addPermissions(AclSid ownerSid, AclObjectIdentity objectIdentity, Map<Integer, Boolean> permissions) {
// create Acl Entry
for (final Integer mask : permissions.keySet()) {
for (final Permission permission : basePermissions) {
int mask = permission.getMask();
final AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(objectIdentity);
aclEntry.setAclSid(ownerSid);
......@@ -185,6 +186,7 @@ public class AclServiceImpl implements AclService {
// save ACL
aclEntryPersistence.save(aclEntry);
}
cacheManager.getCache("aclcache").clear();
}
@Override
......@@ -196,7 +198,7 @@ public class AclServiceImpl implements AclService {
/**
* Generates next ace_order value (to avoid DuplicateIndex exception :
* acl_object_identity + ace_order is unique index)
*
*
* @param aclObjectEntityId
* - id of acl_object_identity table
* @return - ace_order value
......@@ -213,7 +215,7 @@ public class AclServiceImpl implements AclService {
}
@Override
@Transactional(readOnly = true)
@Transactional
public AclObjectIdentity ensureObjectIdentity(String className, long objectIdIdentity) {
AclObjectIdentity aoi = aclObjectIdentityPersistence.findByObjectIdIdentityAndClassName(objectIdIdentity, className);
if (aoi == null) {
......@@ -273,6 +275,7 @@ public class AclServiceImpl implements AclService {
return aclSidPersistence.findAll();
}
@Transactional(readOnly = true)
@Override
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#id, #className, 'ADMINISTRATION')")
public Map<String, Map<Integer, Boolean>> getPermissions(long id, String className) {
......@@ -290,6 +293,7 @@ public class AclServiceImpl implements AclService {
return perm;
}
@Transactional(readOnly = true)
@Override
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#entity, 'ADMINISTRATION')")
public Map<String, Map<Integer, Boolean>> getPermissions(AclAwareModel entity) {
......@@ -298,12 +302,19 @@ public class AclServiceImpl implements AclService {
@Override
public void updatePermission(AclObjectIdentity entity, String sid, Map<Integer, Boolean> permissionMap) {
boolean oneGranting = false;
final List<AclEntry> aclEntries = aclEntryPersistence.findBySidAndAclClass(sid, entity.getAclClass().getAclClass());
for (final AclEntry aclEntry : aclEntries) {
aclEntry.setGranting(permissionMap.get((int) aclEntry.getMask()));
oneGranting |= aclEntry.isGranting();
}
if (oneGranting) {
LOG.info("Saving " + aclEntries);
aclEntryPersistence.save(aclEntries);
} else {
LOG.info("Deleting " + aclEntries);
aclEntryPersistence.delete(aclEntries);
}
aclEntryPersistence.save(aclEntries);
cacheManager.getCache("aclcache").clear();
}
}
......@@ -19,12 +19,14 @@ package org.genesys2.server.service.impl;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections4.ListUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.genesys2.server.exception.NoUserFoundException;
......@@ -44,6 +46,7 @@ import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageImpl;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Sort;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
......@@ -474,4 +477,12 @@ public class UserServiceImpl implements UserService {
}
userPersistence.save(dbuser);
}
@PreAuthorize("isAuthenticated()")
@Override
public List<User> autocompleteUser(String email) {
if (StringUtils.isBlank(email) || email.length() < 4)
return Collections.emptyList();
return userPersistence.autocompleteByEmail(email + "%", new PageRequest(0, 10, new Sort("email")));
}
}
......@@ -16,31 +16,17 @@
package org.genesys2.server.servlet.controller;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.genesys2.server.model.acl.AclObjectIdentity;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.AclService;
import org.genesys2.server.service.UserService;
import org.genesys2.server.servlet.model.PermissionJson;
import org.genesys2.server.servlet.util.PermissionJsonUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Sort;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@Scope("request")
......@@ -68,34 +54,7 @@ public class AclEditController extends BaseController {
model.addAttribute("aclEntries", aclService.getPermissions(id, className));
model.addAttribute("backUrl", backUrl);
// Username
final Map<String, String> userNamesMap = new HashMap<>();
final List<String> userNames = new ArrayList<>();
// FIXME This has to be done through AJAX, not the model
for (final User user : userService.listUsers(new PageRequest(0, 50, new Sort("email")))) {
userNamesMap.put(user.getUuid(), user.getEmail());
if (user.isSystemAccount() || !user.isEnabled()) {
continue;
}
userNames.add(user.getEmail());
}
model.addAttribute("userNames", userNames);
model.addAttribute("userNameMap", userNamesMap);
return "/acl/editor";
}
@RequestMapping(value = "/{clazz}/{id}/permissions/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
Object updatePermissions(@PathVariable("clazz") String className, @PathVariable("id") long id, @RequestBody PermissionJson permissionJson) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(className, id);
aclService.updatePermission(objectIdentity, permissionJson.getUuid(), permissionMap);
// return "redirect:/acl/"+className+"/"+id+"/permissions";
return "Success";
}
}
......@@ -16,10 +16,13 @@
package org.genesys2.server.servlet.controller.rest;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.genesys2.server.model.acl.AclObjectIdentity;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.AclService;
import org.genesys2.server.service.UserService;
......@@ -32,6 +35,7 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
......@@ -54,11 +58,33 @@ public class PermissionController extends RestController {
if (user != null) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
return JSON_OK;
} else {
throw new RuntimeException("No such user.");
}
}
@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
Object updatePermissions(@RequestBody PermissionJson permissionJson) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
aclService.updatePermission(objectIdentity, permissionJson.getUuid(), permissionMap);
return JSON_OK;
}
@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody
List<String> acUser(@RequestParam("term") String email) {
List<String> userEmails = new ArrayList<String>();
for (User user : userService.autocompleteUser(email)) {
userEmails.add(user.getEmail());
}
return userEmails;
}
}
......@@ -28,7 +28,7 @@
<c:forEach items="${aclSids}" var="aclSid" varStatus="status">
<tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
<td><c:out value="${userNameMap[aclSid.sid]}"/></td>
<td><c:out value="${jspHelper.userByUuid(aclSid.sid).email}" /></td>
<input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>
......@@ -75,7 +75,7 @@
var object = { "oid": ${aclObjectIdentity.objectIdIdentity},"clazz":"${aclObjectIdentity.aclClass.aclClass}","uuid":$("#permissionAdder input[type=text]")[0].value,"principal":true,
"create":create,"read":read,"write":write,"delete":remove,"manage":manage};
debugger;
//debugger;
$.ajax("/json/v0/permission/add", {
type : 'POST',
dataType : 'json',
......@@ -107,7 +107,7 @@
var object = { "oid": ${aclObjectIdentity.objectIdIdentity},"clazz":"${aclObjectIdentity.aclClass.aclClass}","uuid":uuid,"principal":true,
"create":create,"read":read,"write":write,"delete":remove,"manage":manage};
$.ajax("/acl/${clazz}/${id}/permissions/update", {
$.ajax("<c:url value="/json/v0/permission/update" />", {
type : 'POST',
dataType : 'json',
contentType: 'application/json; charset=utf-8',
......@@ -147,9 +147,10 @@
<c:forEach items="${userNames}" var="userName">
tags.push("${userName}");
</c:forEach>
$("#autocomplete").autocomplete({
source: tags
});
$("#autocomplete").autocomplete(
{ delay: 200, minLength: 4, source: "<c:url value="/json/v0/permission/autocompleteuser" />",
messages: { noResults: '', results: function() {} } }
);
});
});
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment