ACL with user roles

src/main/java/org/genesys2/server/servlet/controller/AclEditController.java

@@ -16,6 +16,7 @@
 
 package org.genesys2.server.servlet.controller;
 
+import org.genesys2.server.model.UserRole;
 import org.genesys2.server.model.acl.AclObjectIdentity;
 import org.genesys2.server.service.AclService;
 import org.genesys2.server.service.UserService;
@@ -53,6 +54,7 @@ public class AclEditController extends BaseController {
 		// Map<AclSid, Map<Permission, Boolean>>
 		model.addAttribute("aclEntries", aclService.getPermissions(id, className));
 		model.addAttribute("backUrl", backUrl);
+		model.addAttribute("roles", UserRole.values());
 
 		return "/acl/editor";
 	}

src/main/java/org/genesys2/server/servlet/controller/rest/PermissionController.java

@@ -51,24 +51,23 @@ public class PermissionController extends RestController {
 	private UserService userService;
 
 	@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	Object addPermission(@RequestBody PermissionJson permissionJson) {
+	public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
 		LOG.info("Adding permission " + permissionJson);
-		final User user = userService.getUserByEmail(permissionJson.getUuid());
 
-		if (user != null) {
-			final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
+		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
+		if (permissionJson.isPrincipal()) {
+			final User user = userService.getUserByEmail(permissionJson.getUuid());
 			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
 			return JSON_OK;
 		} else {
-			throw new RuntimeException("No such user.");
+			aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(),
+					permissionMap);
+			return JSON_OK;
 		}
 	}
-	
 
 	@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	Object updatePermissions(@RequestBody PermissionJson permissionJson) {
+	public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
 		final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
 
 		final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
@@ -77,10 +76,8 @@ public class PermissionController extends RestController {
 		return JSON_OK;
 	}
 
-
 	@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
-	public @ResponseBody
-	List<String> acUser(@RequestParam("term") String email) {
+	public @ResponseBody List<String> acUser(@RequestParam("term") String email) {
 		List<String> userEmails = new ArrayList<String>();
 		for (User user : userService.autocompleteUser(email)) {
 			userEmails.add(user.getEmail());

src/main/webapp/WEB-INF/jsp/acl/editor.jsp

@@ -28,7 +28,16 @@
 
     <c:forEach items="${aclSids}" var="aclSid" varStatus="status">
         <tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
-            <td><c:out value="${jspHelper.userByUuid(aclSid.sid).email}" /></td>
+            <td>
+                <c:choose>
+                    <c:when test="${aclSid.principal == true}">
+                        <c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
+                    </c:when>
+                    <c:when test="${aclSid.principal == false}">
+                        <c:out value="${aclSid.sid}"/>
+                    </c:when>
+                </c:choose>
+            </td>
 
             <input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>
 
@@ -57,6 +66,25 @@
         <td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td>
         <td></td>
     </tr>
+    <tr id="permissionAdderByRole" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
+        <td>
+            <select class="required form-control" name="uuid" id="" title="roles">
+                <option disabled="disabled" selected="selected">SELECT ROLE</option>
+                <c:forEach var="role" items="${roles}">
+                    <option value="${role}">${role}</option>
+                </c:forEach>
+            </select>
+        </td>
+
+        <c:forEach items="${aclPermissions}" var="aclPermission">
+            <td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1"
+                       name="acPermissionValue${aclPermission.mask}"
+                ${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
+        </c:forEach>
+
+        <td><input type="button" class="btn btn-primary" value="<spring:message code="add" />"/></td>
+        <td></td>
+    </tr>
     </tbody>
 </table>
 
@@ -65,6 +93,48 @@
 <content tag="javascript">
 <script type="text/javascript">
     jQuery(document).ready(function() {
+        if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
+            $("#permissionAdderByRole input[type=button]").prop('disabled', true);
+        }
+        $('#permissionAdderByRole select').on('change', function () {
+            if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
+                $("#permissionAdderByRole input[type=button]").prop('disabled', true);
+            } else {
+                $("#permissionAdderByRole input[type=button]").prop('disabled', false);
+            }
+        });
+        $("#permissionAdderByRole input[type=button]").on("click", function (a, b, c) {
+
+            var object = {
+                "oid": ${aclObjectIdentity.objectIdIdentity},
+                "clazz": "${aclObjectIdentity.aclClass.aclClass}",
+                "uuid": $('#permissionAdderByRole select')[0].value,
+                "principal": false,
+                "create": $("#rAutoCheck4").is(':checked'),
+                "read": $("#rAutoCheck1").is(':checked'),
+                "write": $("#rAutoCheck2").is(':checked'),
+                "delete": $("#rAutoCheck8").is(':checked'),
+                "manage": $("#rAutoCheck16").is(':checked')
+            };
+
+            $.ajax("<c:url value="/json/v0/permission/add" />", {
+                type: 'POST',
+                dataType: 'json',
+                contentType: 'application/json; charset=utf-8',
+                data: (object == null ? null : JSON.stringify(object)),
+                beforeSend: function (xhr) {
+
+                },
+                success: function (respObject) {
+                    window.location.reload();
+                    console.log(respObject);
+                },
+                error: function (jqXHR, textStatus, errorThrown) {
+                    console.log(textStatus);
+                    console.log(errorThrown);
+                }
+            });
+        });
         $("#permissionAdder input[type=button]").on("click", function(a,b,c) {
 
             var create=$("#autoCheck4").is(':checked');