Commit bf7d1a68 authored by Maxym Borodenko's avatar Maxym Borodenko Committed by Matija Obreza
Browse files

OAuthClient as ACL SID

- updated permission editor
parent da73a733
......@@ -25,6 +25,9 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.RandomUtils;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService;
import org.genesys.blocks.security.UserException;
import org.genesys2.server.model.impl.Country;
import org.genesys2.server.model.impl.Crop;
import org.genesys2.server.model.impl.User;
......@@ -57,6 +60,9 @@ public class JspHelper {
@Autowired
private HtmlConverter htmlConverter;
@Autowired
private OAuthClientDetailsService clientDetailsService;
public String userFullName(Long userId) {
if (userId == null) {
return null;
......@@ -77,6 +83,13 @@ public class JspHelper {
return userService.getUserByUuid(uuid);
}
public OAuthClient getByClientId(final String clientId) {
if (clientId == null) {
return null;
}
return clientDetailsService.getClient(clientId);
}
public Country getCountry(String iso3) {
return geoService.getCountry(iso3);
}
......
......@@ -17,9 +17,12 @@
package org.genesys2.server.servlet.controller.rest;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService;
import org.genesys.blocks.security.model.AclObjectIdentity;
import org.genesys.blocks.security.service.CustomAclService;
import org.genesys2.server.model.impl.User;
......@@ -47,20 +50,16 @@ public class PermissionController extends RestController {
@Autowired
private UserService userService;
@Autowired
private OAuthClientDetailsService clientDetailsService;
@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
LOG.info("Adding permission {}", permissionJson);
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
if (permissionJson.isPrincipal()) {
final User user = userService.getUserByEmail(permissionJson.getUuid());
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(), permissionMap);
return JSON_OK;
} else {
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(),
permissionMap);
return JSON_OK;
}
}
@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
......@@ -81,4 +80,13 @@ public class PermissionController extends RestController {
}
return userEmails;
}
@RequestMapping(value = "/autocomplete-oauth-client", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody Map<String, String> acOauthClient(@RequestParam("term") String title) {
final Map<String, String> oauthMap = new HashMap<>();
for (final OAuthClient client : clientDetailsService.autocompleteClients(title)) {
oauthMap.put(client.getTitle(), client.getClientId());
}
return oauthMap;
}
}
......@@ -4,23 +4,25 @@
<%@ include file="/WEB-INF/jsp/init.jsp" %>
<html>
<head>
<head>
<title><spring:message code="acl.page.permission-manager"/></title>
</head>
<body>
<h1>
</head>
<body>
<h1>
<small><c:out value="${aclObjectIdentity.aclClass.aclClass}"/></small>
<c:out value="${aclObjectIdentity.objectIdIdentity}"/>
</h1>
</h1>
<p><spring:message code="acl.owner"/>: <c:out value="${jspHelper.userByUuid(aclObjectIdentity.ownerSid.sid).email}"/></p>
<table class="accessions">
<p>
<spring:message code="acl.owner"/>:
<c:out value="${jspHelper.userByUuid(aclObjectIdentity.ownerSid.sid).email}"/>
</p>
<table class="table table-striped">
<thead>
<tr>
<td><spring:message code="acl.sid" /></td>
<td><spring:message code="acl.sid"/></td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><spring:message code="acl.permission.${aclPermission.mask}" /></td>
<td><spring:message code="acl.permission.${aclPermission.mask}"/></td>
</c:forEach>
</tr>
</thead>
......@@ -30,69 +32,88 @@
<tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
<td>
<c:choose>
<c:when test="${aclSid.principal == true}">
<c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
<c:when test="${aclSid.sid.contains('@')}">
<c:out value="${jspHelper.getByClientId(aclSid.sid).title}"/>
</c:when>
<c:when test="${aclSid.principal == false}">
<c:forEach var="role" items="${roles}">
<c:if test="${role.name eq aclSid.sid}">
<c:out value="${aclSid.sid}"/>
</c:if>
</c:forEach>
</c:when>
<c:when test="${aclSid.principal == true}">
<c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
</c:when>
</c:choose>
</td>
<input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>
<input type="hidden" name="aclPrincipal" class="aclPrincipal" value="${aclSid.principal}"/>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" value="1" class="check"
name="permissionValue${aclPermission.mask}"
id="permissionValue${aclPermission.mask}" disabled="disabled"
${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
<td><input type="checkbox" value="1" class="check" name="permissionValue${aclPermission.mask}" id="permissionValue${aclPermission.mask}" disabled="disabled" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
</c:forEach>
<td><input type="button" class="btn btn-primary edit" value="<spring:message code="edit" />" /></td>
<td><input type="submit" class="btn btn-primary save" style="display: none" value="<spring:message code="save"/>">
<button class="btn btn-default cancel" style="display: none"><spring:message code="cancel"/></button></td>
<td>
<input type="submit" class="btn btn-primary save" style="display: none" value="<spring:message code='save' />">
<button class="btn btn-default cancel" style="display: none"><spring:message code="cancel"/></button>
<input type="button" class="btn btn-primary edit" value="<spring:message code='edit' />"/>
</td>
</tr>
</c:forEach>
<tr id="permissionAdder" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
<td><input type="text" class="required form-control" name="uuid" id="autocomplete" /></td>
<td><input type="text" class="required form-control" name="uuid" id="autocomplete-email" placeholder="User email"/></td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td>
<input type="checkbox" id="autoCheck${aclPermission.mask}" value="1" name="acPermissionValue${aclPermission.mask}" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/>
</td>
</c:forEach>
<td><input type="button" class="btn btn-primary" value="<spring:message code='add' />"/></td>
</tr>
<tr id="permissionAdderByOAuthClient" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
<td><input type="text" class="required form-control" name="uuid" id="autocomplete-oauth-client" placeholder="OAuth client"/></td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" id="autoCheck${aclPermission.mask}" value="1"
name="acPermissionValue${aclPermission.mask}"
${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
<td>
<input type="checkbox" id="oauthAutoCheck${aclPermission.mask}" value="1" name="acPermissionValue${aclPermission.mask}" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/>
</td>
</c:forEach>
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td>
<td></td>
<td>
<input type="button" class="btn btn-primary" value="<spring:message code='add' />"/></td>
</tr>
<tr id="permissionAdderByRole" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
<td>
<select class="required form-control" name="uuid" id="" title="roles">
<option disabled="disabled" selected="selected">SELECT ROLE</option>
<c:forEach var="role" items="${roles}">
<option value="${role}"><c:out value="${role}" /></option>
<option value="${role}"><c:out value="${role}"/></option>
</c:forEach>
</select>
</td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1"
name="acPermissionValue${aclPermission.mask}"
${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
<td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1" name="acPermissionValue${aclPermission.mask}" ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
</c:forEach>
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />"/></td>
<td></td>
<td><input type="button" class="btn btn-primary" value="<spring:message code='add' />"/></td>
</tr>
</tbody>
</table>
</table>
<a href="<c:url value="${backUrl}" />" class="btn btn-default"><spring:message code="cancel" /></a>
<a href="<c:url value='${backUrl}' />" class="btn btn-default"><spring:message code='cancel'/></a>
<content tag="javascript">
<script type="text/javascript">
<content tag="javascript">
<script type="text/javascript">
jQuery(document).ready(function() {
var oAuthClientMap;
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true);
}
......@@ -117,7 +138,7 @@
"manage": $("#rAutoCheck16").is(':checked')
};
$.ajax("<c:url value="/json/v0/permission/add" />", {
$.ajax("<c:url value='/json/v0/permission/add' />", {
type: 'POST',
dataType: 'json',
contentType: 'application/json; charset=utf-8',
......@@ -135,6 +156,40 @@
}
});
});
$("#permissionAdderByOAuthClient input[type=button]").on("click", function (a, b, c) {
var object = {
"oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": oAuthClientMap[$("#permissionAdderByOAuthClient input[type=text]")[0].value],
"principal": true,
"create": $("#oauthAutoCheck4").is(':checked'),
"read": $("#oauthAutoCheck1").is(':checked'),
"write": $("#oauthAutoCheck2").is(':checked'),
"delete": $("#oauthAutoCheck8").is(':checked'),
"manage": $("#oauthAutoCheck16").is(':checked')
};
$.ajax("<c:url value='/json/v0/permission/add' />", {
type: 'POST',
dataType: 'json',
contentType: 'application/json; charset=utf-8',
data: (object == null ? null : JSON.stringify(object)),
beforeSend: function (xhr) {
},
success: function (respObject) {
window.location.reload();
console.log(respObject);
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(textStatus);
console.log(errorThrown);
}
});
});
$("#permissionAdder input[type=button]").on("click", function(a,b,c) {
var create=$("#autoCheck4").is(':checked');
......@@ -143,10 +198,18 @@
var remove=$("#autoCheck8").is(':checked');
var manage=$("#autoCheck16").is(':checked');
var object = { "oid": ${aclObjectIdentity.objectIdIdentity},"clazz":"${aclObjectIdentity.aclClass.aclClass}","uuid":$("#permissionAdder input[type=text]")[0].value,"principal":true,
"create":create,"read":read,"write":write,"delete":remove,"manage":manage};
//debugger;
$.ajax("<c:url value="/json/v0/permission/add" />", {
var object = {
"oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": $("#permissionAdder input[type=text]")[0].value,
"principal": true,
"create": create,
"read": read,
"write": write,
"delete": remove,
"manage": manage
};
$.ajax("<c:url value='/json/v0/permission/add' />", {
type : 'POST',
dataType : 'json',
contentType: 'application/json; charset=utf-8',
......@@ -174,10 +237,19 @@
var manage=$(this).parent().parent().find('#permissionValue16').is(':checked');
var uuid=$(this).parent().parent().find('.aclSid').val();
var object = { "oid": ${aclObjectIdentity.objectIdIdentity},"clazz":"${aclObjectIdentity.aclClass.aclClass}","uuid":uuid,"principal":true,
"create":create,"read":read,"write":write,"delete":remove,"manage":manage};
var object = {
"oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": uuid,
"principal": true,
"create": create,
"read": read,
"write": write,
"delete": remove,
"manage": manage
};
$.ajax("<c:url value="/json/v0/permission/update" />", {
$.ajax("<c:url value='/json/v0/permission/update' />", {
type : 'POST',
dataType : 'json',
contentType: 'application/json; charset=utf-8',
......@@ -203,28 +275,61 @@
$(this).parent().parent().find('input:checkbox').prop("disabled",false);
$(this).parent().parent().find('input:submit').show();
$(this).parent().parent().find('.cancel').show();
})
});
$(".cancel").click(function(){
$(".check").prop("disabled",true);
$("input:submit").hide();
$(this).hide();
})
});
$(function () {
var tags = [];
<c:forEach items="${userNames}" var="userName">
tags.push("${userName}");
</c:forEach>
$("#autocomplete").autocomplete(
{ delay: 200, minLength: 4, source: "<c:url value="/json/v0/permission/autocompleteuser" />",
messages: { noResults: '', results: function() {} } }
);
$("#autocomplete-email").autocomplete({
delay: 200,
minLength: 4,
source: "<c:url value='/json/v0/permission/autocompleteuser' />",
messages: {
noResults: '',
results: function() {}
}
});
$("#autocomplete-oauth-client").autocomplete({
delay: 200,
minLength: 4,
source: function(request, response) {
$.ajax("<c:url value='/json/v0/permission/autocomplete-oauth-client' />",{
type: "GET",
contentType: "application/json; charset=utf-8",
dataType: "json",
data: {
"term": $("#permissionAdderByOAuthClient input[type=text]")[0].value
},
success: function (data) {
var titles = [];
$.each(data, function(key, element) {
titles.push(key);
});
oAuthClientMap = data;
response(titles);
},
error: function(result) {
alert("Error");
}
})
},
messages: {
noResults: '',
results: function() {}
}
});
});
});
</script>
</content>
</body>
</script>
</content>
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment