Commit d3055d30 authored by Alexander Basov's avatar Alexander Basov Committed by Matija Obreza

ACL with user roles

parent 32174ba3
...@@ -16,6 +16,7 @@ ...@@ -16,6 +16,7 @@
package org.genesys2.server.servlet.controller; package org.genesys2.server.servlet.controller;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.acl.AclObjectIdentity; import org.genesys2.server.model.acl.AclObjectIdentity;
import org.genesys2.server.service.AclService; import org.genesys2.server.service.AclService;
import org.genesys2.server.service.UserService; import org.genesys2.server.service.UserService;
...@@ -53,6 +54,7 @@ public class AclEditController extends BaseController { ...@@ -53,6 +54,7 @@ public class AclEditController extends BaseController {
// Map<AclSid, Map<Permission, Boolean>> // Map<AclSid, Map<Permission, Boolean>>
model.addAttribute("aclEntries", aclService.getPermissions(id, className)); model.addAttribute("aclEntries", aclService.getPermissions(id, className));
model.addAttribute("backUrl", backUrl); model.addAttribute("backUrl", backUrl);
model.addAttribute("roles", UserRole.values());
return "/acl/editor"; return "/acl/editor";
} }
......
...@@ -51,24 +51,23 @@ public class PermissionController extends RestController { ...@@ -51,24 +51,23 @@ public class PermissionController extends RestController {
private UserService userService; private UserService userService;
@RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/add", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody public @ResponseBody Object addPermission(@RequestBody PermissionJson permissionJson) {
Object addPermission(@RequestBody PermissionJson permissionJson) {
LOG.info("Adding permission " + permissionJson); LOG.info("Adding permission " + permissionJson);
final User user = userService.getUserByEmail(permissionJson.getUuid());
if (user != null) { final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson); if (permissionJson.isPrincipal()) {
final User user = userService.getUserByEmail(permissionJson.getUuid());
aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap); aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), user.getUuid(), permissionJson.isPrincipal(), permissionMap);
return JSON_OK; return JSON_OK;
} else { } else {
throw new RuntimeException("No such user."); aclService.addPermissions(permissionJson.getOid(), permissionJson.getClazz(), permissionJson.getUuid(), permissionJson.isPrincipal(),
permissionMap);
return JSON_OK;
} }
} }
@RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody public @ResponseBody Object updatePermissions(@RequestBody PermissionJson permissionJson) {
Object updatePermissions(@RequestBody PermissionJson permissionJson) {
final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson); final Map<Integer, Boolean> permissionMap = PermissionJsonUtil.createPermissionsMap(permissionJson);
final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid()); final AclObjectIdentity objectIdentity = aclService.ensureObjectIdentity(permissionJson.getClazz(), permissionJson.getOid());
...@@ -77,10 +76,8 @@ public class PermissionController extends RestController { ...@@ -77,10 +76,8 @@ public class PermissionController extends RestController {
return JSON_OK; return JSON_OK;
} }
@RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/autocompleteuser", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody public @ResponseBody List<String> acUser(@RequestParam("term") String email) {
List<String> acUser(@RequestParam("term") String email) {
List<String> userEmails = new ArrayList<String>(); List<String> userEmails = new ArrayList<String>();
for (User user : userService.autocompleteUser(email)) { for (User user : userService.autocompleteUser(email)) {
userEmails.add(user.getEmail()); userEmails.add(user.getEmail());
......
...@@ -28,7 +28,16 @@ ...@@ -28,7 +28,16 @@
<c:forEach items="${aclSids}" var="aclSid" varStatus="status"> <c:forEach items="${aclSids}" var="aclSid" varStatus="status">
<tr class="${status.count % 2 == 0 ? 'even' : 'odd'}"> <tr class="${status.count % 2 == 0 ? 'even' : 'odd'}">
<td><c:out value="${jspHelper.userByUuid(aclSid.sid).email}" /></td> <td>
<c:choose>
<c:when test="${aclSid.principal == true}">
<c:out value="${jspHelper.userByUuid(aclSid.sid).email}"/>
</c:when>
<c:when test="${aclSid.principal == false}">
<c:out value="${aclSid.sid}"/>
</c:when>
</c:choose>
</td>
<input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/> <input type="hidden" name="aclSid" class="aclSid" value="${aclSid.sid}"/>
...@@ -57,6 +66,25 @@ ...@@ -57,6 +66,25 @@
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td> <td><input type="button" class="btn btn-primary" value="<spring:message code="add" />" /></td>
<td></td> <td></td>
</tr> </tr>
<tr id="permissionAdderByRole" class="${aclSids.size()-1 % 2 == 0 ? 'even' : 'odd'}">
<td>
<select class="required form-control" name="uuid" id="" title="roles">
<option disabled="disabled" selected="selected">SELECT ROLE</option>
<c:forEach var="role" items="${roles}">
<option value="${role}">${role}</option>
</c:forEach>
</select>
</td>
<c:forEach items="${aclPermissions}" var="aclPermission">
<td><input type="checkbox" id="rAutoCheck${aclPermission.mask}" value="1"
name="acPermissionValue${aclPermission.mask}"
${aclEntries[aclSid.sid][aclPermission.mask] ? 'checked' : '' }/></td>
</c:forEach>
<td><input type="button" class="btn btn-primary" value="<spring:message code="add" />"/></td>
<td></td>
</tr>
</tbody> </tbody>
</table> </table>
...@@ -65,6 +93,48 @@ ...@@ -65,6 +93,48 @@
<content tag="javascript"> <content tag="javascript">
<script type="text/javascript"> <script type="text/javascript">
jQuery(document).ready(function() { jQuery(document).ready(function() {
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true);
}
$('#permissionAdderByRole select').on('change', function () {
if ($('#permissionAdderByRole select')[0].value == 'SELECT ROLE') {
$("#permissionAdderByRole input[type=button]").prop('disabled', true);
} else {
$("#permissionAdderByRole input[type=button]").prop('disabled', false);
}
});
$("#permissionAdderByRole input[type=button]").on("click", function (a, b, c) {
var object = {
"oid": ${aclObjectIdentity.objectIdIdentity},
"clazz": "${aclObjectIdentity.aclClass.aclClass}",
"uuid": $('#permissionAdderByRole select')[0].value,
"principal": false,
"create": $("#rAutoCheck4").is(':checked'),
"read": $("#rAutoCheck1").is(':checked'),
"write": $("#rAutoCheck2").is(':checked'),
"delete": $("#rAutoCheck8").is(':checked'),
"manage": $("#rAutoCheck16").is(':checked')
};
$.ajax("<c:url value="/json/v0/permission/add" />", {
type: 'POST',
dataType: 'json',
contentType: 'application/json; charset=utf-8',
data: (object == null ? null : JSON.stringify(object)),
beforeSend: function (xhr) {
},
success: function (respObject) {
window.location.reload();
console.log(respObject);
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(textStatus);
console.log(errorThrown);
}
});
});
$("#permissionAdder input[type=button]").on("click", function(a,b,c) { $("#permissionAdder input[type=button]").on("click", function(a,b,c) {
var create=$("#autoCheck4").is(':checked'); var create=$("#autoCheck4").is(':checked');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment