Commit 9bcbdcf0 authored by Matija Obreza's avatar Matija Obreza

Refactored for updated app-blocks ACL security

- User autocompleter returns IDs and emails
- Use jspHelper.aclSidById() instead of jspHelper.userFullName() for "last modified XX by YY"
parent d8c29ae5
...@@ -46,6 +46,7 @@ import org.apache.commons.collections4.CollectionUtils; ...@@ -46,6 +46,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Predicate; import org.apache.commons.collections4.Predicate;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.genesys.blocks.security.SecurityContextUtil; import org.genesys.blocks.security.SecurityContextUtil;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.service.CustomAclService; import org.genesys.blocks.security.service.CustomAclService;
import org.genesys2.server.model.elastic.AccessionDetails; import org.genesys2.server.model.elastic.AccessionDetails;
import org.genesys2.server.model.genesys.Accession; import org.genesys2.server.model.genesys.Accession;
...@@ -121,7 +122,6 @@ import org.springframework.data.repository.query.Param; ...@@ -121,7 +122,6 @@ import org.springframework.data.repository.query.Param;
import org.springframework.jdbc.core.RowCallbackHandler; import org.springframework.jdbc.core.RowCallbackHandler;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.acls.domain.BasePermission; import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Isolation; import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.annotation.Propagation; import org.springframework.transaction.annotation.Propagation;
...@@ -1043,9 +1043,9 @@ public class GenesysServiceImpl implements GenesysService, DatasetService { ...@@ -1043,9 +1043,9 @@ public class GenesysServiceImpl implements GenesysService, DatasetService {
@Override @Override
@PreAuthorize("isAuthenticated()") @PreAuthorize("isAuthenticated()")
public List<Metadata> listMyMetadata() { public List<Metadata> listMyMetadata() {
final UserDetails user = SecurityContextUtil.getCurrentUser(); final AclSid sid = SecurityContextUtil.getCurrentUser();
final List<Long> oids = aclService.listIdentitiesForSid(Metadata.class, user, BasePermission.WRITE); final List<Long> oids = aclService.listObjectIdentityIdsForSid(Metadata.class, sid, BasePermission.WRITE);
LOG.info("Got {} elements for {}", oids.size(), user.getUsername()); LOG.info("Got {} elements for {}", oids.size(), sid);
if (oids.size() == 0) { if (oids.size() == 0) {
return null; return null;
} }
......
...@@ -25,6 +25,7 @@ import java.util.Map; ...@@ -25,6 +25,7 @@ import java.util.Map;
import org.apache.commons.collections4.ListUtils; import org.apache.commons.collections4.ListUtils;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.genesys.blocks.security.SecurityContextUtil; import org.genesys.blocks.security.SecurityContextUtil;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.service.CustomAclService; import org.genesys.blocks.security.service.CustomAclService;
import org.genesys2.server.model.impl.Country; import org.genesys2.server.model.impl.Country;
import org.genesys2.server.model.impl.FaoInstitute; import org.genesys2.server.model.impl.FaoInstitute;
...@@ -49,7 +50,6 @@ import org.springframework.data.domain.Sort.Direction; ...@@ -49,7 +50,6 @@ import org.springframework.data.domain.Sort.Direction;
import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.acls.domain.BasePermission; import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
...@@ -240,9 +240,9 @@ public class InstituteServiceImpl implements InstituteService { ...@@ -240,9 +240,9 @@ public class InstituteServiceImpl implements InstituteService {
@Override @Override
@PreAuthorize("isAuthenticated()") @PreAuthorize("isAuthenticated()")
public List<FaoInstitute> listMyInstitutes(Sort sort) { public List<FaoInstitute> listMyInstitutes(Sort sort) {
final UserDetails user = SecurityContextUtil.getCurrentUser(); final AclSid sid = SecurityContextUtil.getCurrentUser();
final List<Long> oids = aclService.listIdentitiesForSid(FaoInstitute.class, user, BasePermission.WRITE); final List<Long> oids = aclService.listObjectIdentityIdsForSid(FaoInstitute.class, sid, BasePermission.WRITE);
LOG.info("Got {} elements for {}", oids.size(), user.getUsername()); LOG.info("Got {} elements for {}", oids.size(), sid);
if (oids.size() == 0) { if (oids.size() == 0) {
return null; return null;
} }
......
...@@ -23,6 +23,7 @@ import java.util.Map; ...@@ -23,6 +23,7 @@ import java.util.Map;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.genesys.blocks.security.SecurityContextUtil; import org.genesys.blocks.security.SecurityContextUtil;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.service.CustomAclService; import org.genesys.blocks.security.service.CustomAclService;
import org.genesys2.server.model.genesys.AccessionId; import org.genesys2.server.model.genesys.AccessionId;
import org.genesys2.server.model.genesys.Metadata; import org.genesys2.server.model.genesys.Metadata;
...@@ -50,7 +51,6 @@ import org.springframework.data.domain.Sort.Direction; ...@@ -50,7 +51,6 @@ import org.springframework.data.domain.Sort.Direction;
import org.springframework.data.domain.Sort.Order; import org.springframework.data.domain.Sort.Order;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.acls.domain.BasePermission; import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
...@@ -273,9 +273,9 @@ public class TraitServiceImpl implements TraitService { ...@@ -273,9 +273,9 @@ public class TraitServiceImpl implements TraitService {
@Override @Override
@PreAuthorize("isAuthenticated()") @PreAuthorize("isAuthenticated()")
public List<Method> listMyMethods() { public List<Method> listMyMethods() {
final UserDetails user = SecurityContextUtil.getCurrentUser(); final AclSid sid = SecurityContextUtil.getCurrentUser();
final List<Long> oids = aclService.listIdentitiesForSid(Method.class, user, BasePermission.WRITE); final List<Long> oids = aclService.listObjectIdentityIdsForSid(Method.class, sid, BasePermission.WRITE);
LOG.info("Got {} elements for {}", oids.size(), user.getUsername()); LOG.info("Got {} elements for {}", oids.size(), sid);
if (oids.size() == 0) { if (oids.size() == 0) {
return null; return null;
} }
......
/** /*
* Copyright 2015 Global Crop Diversity Trust * Copyright 2017 Global Crop Diversity Trust
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
**/ */
package org.genesys2.server.servlet.controller; package org.genesys2.server.servlet.controller;
...@@ -25,9 +25,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; ...@@ -25,9 +25,8 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.RandomUtils; import org.apache.commons.lang.math.RandomUtils;
import org.genesys.blocks.oauth.model.OAuthClient; import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService; import org.genesys.blocks.security.service.CustomAclService;
import org.genesys.blocks.security.UserException;
import org.genesys2.server.model.impl.Country; import org.genesys2.server.model.impl.Country;
import org.genesys2.server.model.impl.Crop; import org.genesys2.server.model.impl.Crop;
import org.genesys2.server.model.impl.User; import org.genesys2.server.model.impl.User;
...@@ -48,6 +47,9 @@ public class JspHelper { ...@@ -48,6 +47,9 @@ public class JspHelper {
@Autowired @Autowired
private UserService userService; private UserService userService;
@Autowired
private CustomAclService aclService;
@Autowired @Autowired
private GeoService geoService; private GeoService geoService;
...@@ -60,9 +62,6 @@ public class JspHelper { ...@@ -60,9 +62,6 @@ public class JspHelper {
@Autowired @Autowired
private HtmlConverter htmlConverter; private HtmlConverter htmlConverter;
@Autowired
private OAuthClientDetailsService clientDetailsService;
public String userFullName(Long userId) { public String userFullName(Long userId) {
if (userId == null) { if (userId == null) {
return null; return null;
...@@ -83,11 +82,11 @@ public class JspHelper { ...@@ -83,11 +82,11 @@ public class JspHelper {
return userService.getUserByUuid(uuid); return userService.getUserByUuid(uuid);
} }
public OAuthClient getByClientId(final String clientId) { public AclSid aclSidById(Long id) {
if (clientId == null) { if (id == null) {
return null; return null;
} }
return clientDetailsService.getClient(clientId); return aclService.getSid(id);
} }
public Country getCountry(String iso3) { public Country getCountry(String iso3) {
......
...@@ -16,14 +16,13 @@ ...@@ -16,14 +16,13 @@
package org.genesys2.server.servlet.controller.rest; package org.genesys2.server.servlet.controller.rest;
import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List;
import java.util.Map; import java.util.Map;
import org.genesys.blocks.oauth.model.OAuthClient; import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService; import org.genesys.blocks.oauth.service.OAuthClientDetailsService;
import org.genesys.blocks.security.model.AclObjectIdentity; import org.genesys.blocks.security.model.AclObjectIdentity;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.service.CustomAclService; import org.genesys.blocks.security.service.CustomAclService;
import org.genesys2.server.model.impl.User; import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService; import org.genesys2.server.service.UserService;
...@@ -50,43 +49,58 @@ public class PermissionController extends RestController { ...@@ -50,43 +49,58 @@ public class PermissionController extends RestController {
@Autowired @Autowired
private UserService userService; private UserService userService;
@Autowired @Autowired
private OAuthClientDetailsService clientDetailsService; private OAuthClientDetailsService clientDetailsService;
@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) { public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
LOG.info("Adding permission {}", permissionJson); LOG.info("Adding permission {}", permissionJson);
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson); final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(), permissionMap);
if (permissionJson.getAuthority() != null) {
final AclSid sid = aclService.getAuthoritySid(permissionJson.getAuthority());
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), sid, permissionMap);
} else if (permissionJson.getSid() != null) {
final AclSid sid = aclService.getSid(permissionJson.getSid());
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), sid, permissionMap);
}
return JSON_OK; return JSON_OK;
} }
@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) { public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson); final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid()); final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
aclService.updatePermission(objectIdentity, permissionJson.getUuid(), permissionMap);
if (permissionJson.getAuthority() != null) {
final AclSid sid = aclService.getAuthoritySid(permissionJson.getAuthority());
aclService.updatePermissions(objectIdentity, sid, permissionMap);
} else if (permissionJson.getSid() != null) {
final AclSid sid = aclService.getSid(permissionJson.getSid());
aclService.updatePermissions(objectIdentity, sid, permissionMap);
}
return JSON_OK; return JSON_OK;
} }
@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody List<String> acUser(@RequestParam("term") String email) { public @ResponseBody Map<Long, String> acUser(@RequestParam("term") String email) {
List<String> userEmails = new ArrayList<String>(); final Map<Long, String> userIds = new HashMap<>();
for (User user : userService.autocompleteUser(email)) { for (User user : userService.autocompleteUser(email)) {
userEmails.add(user.getEmail()); userIds.put(user.getId(), user.getEmail());
} }
return userEmails; return userIds;
} }
@RequestMapping(value = "/autocomplete-oauth-client", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/autocomplete-oauth-client", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody Map<String, String> acOauthClient(@RequestParam("term") String title) { public @ResponseBody Map<String, String> acOauthClient(@RequestParam("term") String title) {
final Map<String, String> oauthMap = new HashMap<>(); final Map<String, String> oauthMap = new HashMap<>();
for (final OAuthClient client : clientDetailsService.autocompleteClients(title)) { for (final OAuthClient client : clientDetailsService.autocompleteClients(title)) {
oauthMap.put(client.getTitle(), client.getClientId()); oauthMap.put(client.getTitle(), client.getClientId());
} }
return oauthMap; return oauthMap;
} }
} }
...@@ -17,10 +17,15 @@ ...@@ -17,10 +17,15 @@
package org.genesys2.server.servlet.model; package org.genesys2.server.servlet.model;
public class PermissionJson { public class PermissionJson {
// sid
private Long sid;
private String authority;
// object identity
private long oid; private long oid;
private String clazz; private String clazz;
private String uuid;
private boolean principal; // permissions
private boolean create; private boolean create;
private boolean read; private boolean read;
private boolean write; private boolean write;
...@@ -29,9 +34,25 @@ public class PermissionJson { ...@@ -29,9 +34,25 @@ public class PermissionJson {
@Override @Override
public String toString() { public String toString() {
return "PJ oid=" + oid + " class=" + clazz + " uuid=" + uuid + " principal=" + principal; return "PJ oid=" + oid + " class=" + clazz + " (sid=" + sid + " OR authority=" + authority + ")";
} }
public void setSid(Long sid) {
this.sid = sid;
}
public Long getSid() {
return sid;
}
public void setAuthority(String authority) {
this.authority = authority;
}
public String getAuthority() {
return authority;
}
public long getOid() { public long getOid() {
return oid; return oid;
} }
...@@ -48,22 +69,6 @@ public class PermissionJson { ...@@ -48,22 +69,6 @@ public class PermissionJson {
this.clazz = clazz; this.clazz = clazz;
} }
public String getUuid() {
return uuid;
}
public void setUuid(String uuid) {
this.uuid = uuid;
}
public boolean isPrincipal() {
return principal;
}
public void setPrincipal(boolean principal) {
this.principal = principal;
}
public boolean isCreate() { public boolean isCreate() {
return create; return create;
} }
......
...@@ -1064,7 +1064,7 @@ ...@@ -1064,7 +1064,7 @@
<div class="section-inner-content clearfix"> <div class="section-inner-content clearfix">
<p> <p>
<c:if test="${accession.lastModifiedBy ne null}"> <c:if test="${accession.lastModifiedBy ne null}">
<spring:message code="audit.lastModifiedBy" arguments="${jspHelper.userFullName(accession.lastModifiedBy)}"/> <spring:message code="audit.lastModifiedBy" arguments="${jspHelper.aclSidById(accession.lastModifiedBy).fullName}"/>
</c:if> </c:if>
<local:prettyTime date="${accession.lastModifiedDate}" locale="${pageContext.response.locale}"/> <local:prettyTime date="${accession.lastModifiedDate}" locale="${pageContext.response.locale}"/>
</p> </p>
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
<p> <p>
<spring:message code="acl.owner"/>: <spring:message code="acl.owner"/>:
<c:out value="${jspHelper.userByUuid(aclObjectIdentity.ownerSid.sid).email}"/> <c:out value="${jspHelper.aclSidById(aclObjectIdentity.ownerSid.id).fullName}"/>
</p> </p>
<table class="table table-striped"> <table class="table table-striped">
<thead> <thead>
...@@ -31,25 +31,10 @@ ...@@ -31,25 +31,10 @@
<c:forEach items="${aclSids}" var="aclSid" varStatus="status"> <c:forEach items="${aclSids}" var="aclSid" varStatus="status">
<tr class="${status.count % 2 == 0 ? 'even' : 'odd'}"> <tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
<td> <td>
<c:choose> <c:out value="${jspHelper.aclSidById(aclSid.id).fullName}"/>
<c:when test="${aclSid.sid.contains('@')}">
<c:out value="${jspHelper.getByClientId(aclSid.sid).title}"/>
</c:when>
<c:when test="${aclSid.principal == false}">
<c:forEach var="role" items="${roles}">
<c:if test="${role.name eq aclSid.sid}">
<c:out value="${aclSid.sid}"/>
</c:if>
</c:forEach>
</c:when>
<c:when test="${aclSid.principal == true}">
<c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
</c:when>
</c:choose>
</td> </td>
<input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/> <input type="hidden" name="sid" class="aclSid" value="${aclSid.id}"/>
<input type="hidden" name="aclPrincipal" class="aclPrincipal" value="${aclSid.principal}"/>
<c:forEach items="${aclPermissions}" var="aclPermission"> <c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" value="1" class="check" name="permissionValue${aclPermission.mask}" id="permissionValue${aclPermission.mask}" disabled="disabled" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td> <td><input type="checkbox" value="1" class="check" name="permissionValue${aclPermission.mask}" id="permissionValue${aclPermission.mask}" disabled="disabled" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
...@@ -112,7 +97,7 @@ ...@@ -112,7 +97,7 @@
<content tag="javascript"> <content tag="javascript">
<script type="text/javascript"> <script type="text/javascript">
jQuery(document).ready(function() { jQuery(document).ready(function() {
var oAuthClientMap; var oAuthClientMap, userMap;
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') { if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true); $("#permissionAdderByRole input[type=button]").prop('disabled', true);
...@@ -129,8 +114,7 @@ ...@@ -129,8 +114,7 @@
var object = { var object = {
"oid": ${aclObjectIdentity.objectIdIdentity}, "oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}", "clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": $('#permissionAdderByRole select')[0].value, "authority": $('#permissionAdderByRole select')[0].value,
"principal": false,
"create": $("#rAutoCheck4").is(':checked'), "create": $("#rAutoCheck4").is(':checked'),
"read": $("#rAutoCheck1").is(':checked'), "read": $("#rAutoCheck1").is(':checked'),
"write": $("#rAutoCheck2").is(':checked'), "write": $("#rAutoCheck2").is(':checked'),
...@@ -162,8 +146,7 @@ ...@@ -162,8 +146,7 @@
var object = { var object = {
"oid": ${aclObjectIdentity.objectIdIdentity}, "oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}", "clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": oAuthClientMap[$("#permissionAdderByOAuthClient input[type=text]")[0].value], "sid": oAuthClientMap[$("#permissionAdderByOAuthClient input[type=text]")[0].value],
"principal": true,
"create": $("#oauthAutoCheck4").is(':checked'), "create": $("#oauthAutoCheck4").is(':checked'),
"read": $("#oauthAutoCheck1").is(':checked'), "read": $("#oauthAutoCheck1").is(':checked'),
"write": $("#oauthAutoCheck2").is(':checked'), "write": $("#oauthAutoCheck2").is(':checked'),
...@@ -201,8 +184,7 @@ ...@@ -201,8 +184,7 @@
var object = { var object = {
"oid": ${aclObjectIdentity.objectIdIdentity}, "oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}", "clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": $("#permissionAdder input[type=text]")[0].value, "sid": userMap[$("#permissionAdder input[type=text]")[0].value],
"principal": true,
"create": create, "create": create,
"read": read, "read": read,
"write": write, "write": write,
...@@ -235,13 +217,12 @@ ...@@ -235,13 +217,12 @@
var write=$(this).parent().parent().find('#permissionValue2').is(':checked'); var write=$(this).parent().parent().find('#permissionValue2').is(':checked');
var remove=$(this).parent().parent().find('#permissionValue8').is(':checked'); var remove=$(this).parent().parent().find('#permissionValue8').is(':checked');
var manage=$(this).parent().parent().find('#permissionValue16').is(':checked'); var manage=$(this).parent().parent().find('#permissionValue16').is(':checked');
var uuid=$(this).parent().parent().find('.aclSid').val(); var sid=$(this).parent().parent().find('.aclSid').val();
var object = { var object = {
"oid": ${aclObjectIdentity.objectIdIdentity}, "oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}", "clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": uuid, "sid": sid,
"principal": true,
"create": create, "create": create,
"read": read, "read": read,
"write": write, "write": write,
...@@ -291,7 +272,27 @@ ...@@ -291,7 +272,27 @@
$("#autocomplete-email").autocomplete({ $("#autocomplete-email").autocomplete({
delay: 200, delay: 200,
minLength: 4, minLength: 4,
source: "<c:url value='/json/v0/permission/autocompleteuser' />", source: function(request, response) {
$.ajax("<c:url value='/json/v0/permission/autocompleteuser' />",{
type: "GET",
contentType: "application/json; charset=utf-8",
dataType: "json",
data: {
"term": $("#permissionAdder input[type=text]")[0].value
},
success: function (data) {
var titles = [];
$.each(data, function(key, element) {
titles.push(key);
});
userMap = data;
response(titles);
},
error: function(result) {
alert("Error");
}
})
},
messages: {