CCM NG: Improvments for Permissions Management

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@5321 8810af33-2d31-482b-a856-94f89814c4df

ccm-cms/src/main/java/com/arsdigita/cms/ui/authoring/AuthoringKitWizard.java

@@ -70,14 +70,12 @@ import org.libreccm.l10n.GlobalizationHelper;
 import org.libreccm.workflow.Task;
 import org.libreccm.workflow.TaskRepository;
 import org.librecms.CmsConstants;
-import org.librecms.contentsection.ContentItem;
 import org.librecms.contenttypes.AuthoringKit;
 import org.librecms.contenttypes.AuthoringKitInfo;
 import org.librecms.contenttypes.AuthoringStepInfo;
 import org.librecms.contenttypes.ContentTypeInfo;
 import org.librecms.ui.authoring.ContentItemAuthoringStepInfo;
 import org.librecms.ui.authoring.ContentItemAuthoringStepManager;
-import org.librecms.workflow.CmsTaskType;
 
 /**
  * This class represents a single authoring kit. The wizard accepts a

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsTableController.java

@@ -85,6 +85,7 @@ class CMSPermissionsTableController {
             .collect(Collectors.toList());
 
         final CMSPermissionsTableRow row = new CMSPermissionsTableRow();
+        row.setObject(object);
         row.setRoleName(role.getName());
         row.setColumns(columns);
 

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsTableModel.java

@@ -37,6 +37,7 @@ class CMSPermissionsTableModel implements TableModel {
     private CMSPermissionsTableRow currentRow;
 
     public CMSPermissionsTableModel(final CcmObject object) {
+
         final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
         final CMSPermissionsTableController controller = cdiUtil.findBean(
             CMSPermissionsTableController.class);
@@ -77,11 +78,23 @@ class CMSPermissionsTableModel implements TableModel {
 
     @Override
     public Object getKeyAt(final int columnIndex) {
-//        if (columnIndex == 0 || columnIndex == getColumnCount() - 1) {
+
-            return currentRow.getRoleName();
+        if (columnIndex == 0) {
-//        } else {
+            return String.format("%s-%s-role",
-//            return currentRow.getColumns().get(columnIndex - 1).getPrivilege();
+                                 currentRow.getObject().getUuid(),
-//        }
+                                 currentRow.getRoleName());
+        } else if (columnIndex >= currentRow.getColumns().size() - 1) {
+            return String.format("%s-%s-remove-all",
+                                 currentRow.getObject().getUuid(),
+                                 currentRow.getRoleName());
+        } else {
+            return String.format(
+                "%s-%s-%s",
+                currentRow.getObject().getUuid(),
+                currentRow.getRoleName(),
+                currentRow.getColumns().get(columnIndex - 1).getPrivilege()
+            );
+        }
     }
 
 }

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsTableRow.java

@@ -18,6 +18,8 @@
  */
 package com.arsdigita.cms.ui.permissions;
 
+import org.libreccm.core.CcmObject;
+
 import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
@@ -28,10 +30,19 @@ import java.util.Objects;
  */
 class CMSPermissionsTableRow {
 
+    private CcmObject object;
     private String roleName;
 
     private List<CMSPermissionsTableColumn> columns;
 
+    public CcmObject getObject() {
+        return object;
+    }
+    
+    public void setObject(final CcmObject object) {
+        this.object = object;
+    }
+    
     public String getRoleName() {
         return roleName;
     }

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/ItemPermissionsStep.java

@@ -0,0 +1,248 @@
+/*
+ * Copyright (C) 2018 LibreCCM Foundation.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301  USA
+ */
+package com.arsdigita.cms.ui.permissions;
+
+import com.arsdigita.bebop.BoxPanel;
+import com.arsdigita.bebop.Component;
+import com.arsdigita.bebop.ControlLink;
+import com.arsdigita.bebop.FormProcessException;
+import com.arsdigita.bebop.Label;
+import com.arsdigita.bebop.PageState;
+import com.arsdigita.bebop.Resettable;
+import com.arsdigita.bebop.SimpleContainer;
+import com.arsdigita.bebop.Table;
+import com.arsdigita.bebop.event.TableActionEvent;
+import com.arsdigita.bebop.event.TableActionListener;
+import com.arsdigita.bebop.parameters.StringParameter;
+import com.arsdigita.bebop.table.TableCellRenderer;
+import com.arsdigita.bebop.table.TableModel;
+import com.arsdigita.bebop.table.TableModelBuilder;
+import com.arsdigita.cms.CMS;
+import com.arsdigita.cms.ItemSelectionModel;
+import com.arsdigita.cms.ui.authoring.AuthoringKitWizard;
+import com.arsdigita.cms.ui.authoring.ResettableContainer;
+import com.arsdigita.globalization.GlobalizedMessage;
+import com.arsdigita.util.LockableImpl;
+
+import org.libreccm.cdi.utils.CdiUtil;
+import org.libreccm.core.CcmObject;
+import org.libreccm.core.UnexpectedErrorException;
+import org.libreccm.security.PermissionChecker;
+import org.libreccm.security.PermissionManager;
+import org.libreccm.security.Role;
+import org.libreccm.security.RoleRepository;
+import org.librecms.CmsConstants;
+import org.librecms.contentsection.privileges.ItemPrivileges;
+import org.librecms.ui.authoring.ContentItemAuthoringStep;
+
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+/**
+ *
+ * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
+ */
+@ContentItemAuthoringStep(
+    labelBundle = CmsConstants.CMS_BUNDLE,
+    labelKey = "item_permissions_step.label",
+    descriptionBundle = CmsConstants.CMS_BUNDLE,
+    descriptionKey = "item_permissions_step.description"
+)
+public class ItemPermissionsStep extends ResettableContainer {
+
+    private final ItemSelectionModel itemSelectionModel;
+
+    public ItemPermissionsStep(final ItemSelectionModel itemSelectionModel,
+                               final AuthoringKitWizard authoringKitWizard,
+                               final StringParameter selectedLanguage) {
+
+        super("cms:permissionsStep", CMS.CMS_XML_NS);
+
+        this.itemSelectionModel = itemSelectionModel;
+
+        final BoxPanel panel = new BoxPanel(BoxPanel.VERTICAL);
+        final Label header = new Label(new GlobalizedMessage(
+            "cms.ui.permissions.table.header",
+            CmsConstants.CMS_BUNDLE));
+        panel.add(header);
+        super.add(panel);
+
+        final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
+        final PermissionManager permissionManager = cdiUtil.findBean(
+            PermissionManager.class);
+        final List<String> privileges = permissionManager
+            .listDefiniedPrivileges(ItemPrivileges.class);
+        final List<Label> headerLabels = privileges.stream()
+            .map(privilege -> generatePrivilegeColumnHeader(privilege))
+            .collect(Collectors.toList());
+        headerLabels.add(0,
+                         new Label(new GlobalizedMessage(
+                             "cms.ui.permissions.table.role_header",
+                             CmsConstants.CMS_BUNDLE)));
+        headerLabels.add(new Label(new GlobalizedMessage(
+            "cms.ui.permissions.table.remove_all.header",
+            CmsConstants.CMS_BUNDLE)));
+        final Table table = new Table(
+            new PermissionsTableModelBuilder(),
+            headerLabels.toArray());
+        table.setClassAttr("dataTable");
+        for (int j = 1; j < table.getColumnModel().size() - 1; j++) {
+            table.getColumn(j).setKey(privileges.get(j - 1));
+            table.getColumn(j).setCellRenderer(new TableCellRenderer() {
+
+                @Override
+                public Component getComponent(final Table table,
+                                              final PageState state,
+                                              final Object value,
+                                              final boolean isSelected,
+                                              final Object key,
+                                              final int row,
+                                              final int column) {
+
+                    final ControlLink link = new ControlLink("");
+
+                    final CMSPermissionsTableColumn col
+                                                        = (CMSPermissionsTableColumn) value;
+                    if (col.isPermitted()) {
+                        link.setClassAttr("checkBoxChecked");
+                    } else {
+                        link.setClassAttr("checkBoxUnchecked");
+                    }
+
+                    return link;
+                }
+
+            });
+        }
+        table.getColumn(table.getColumnModel().size() - 1).setCellRenderer(
+            new TableCellRenderer() {
+
+            @Override
+            public Component getComponent(final Table table,
+                                          final PageState state,
+                                          final Object value,
+                                          final boolean isSelected,
+                                          final Object key,
+                                          final int row,
+                                          final int column) {
+                final ControlLink link = new ControlLink(new Label(
+                    new GlobalizedMessage(
+                        "cms.ui.permissions.table.actions.remove_all",
+                        CmsConstants.CMS_BUNDLE)));
+                link.setConfirmation(new GlobalizedMessage(
+                    "cms.ui.permissions.table.actions.remove_all.confirm",
+                    CmsConstants.CMS_BUNDLE));
+
+                return link;
+            }
+
+        });
+        table.addTableActionListener(new TableActionListener() {
+
+            @Override
+            public void cellSelected(final TableActionEvent event)
+                throws FormProcessException {
+
+                final PageState state = event.getPageState();
+                final int columnIndex = event.getColumn();
+                if (event.getRowKey() == null) {
+                    return;
+                }
+                final String roleName = (String) event.getRowKey();
+
+                final Table table = (Table) event.getSource();
+                final int columnCount = table.getColumnModel().size();
+                final int lastColumnIndex = columnCount - 1;
+
+                final CcmObject object = itemSelectionModel
+                    .getSelectedItem(state);
+                final RoleRepository roleRepo = cdiUtil.findBean(
+                    RoleRepository.class);
+                final Optional<Role> role = roleRepo.findByName(roleName);
+                if (!role.isPresent()) {
+                    throw new UnexpectedErrorException(String.format(
+                        "Role \"%s\" was not found inthe database, but was in "
+                            + "the permissions table.",
+                        roleName));
+                }
+                final PermissionChecker permissionChecker = cdiUtil.findBean(
+                    PermissionChecker.class);
+                if (columnIndex > 0 && columnIndex < lastColumnIndex) {
+                    final String privilege = table.getColumn(columnIndex)
+                        .getKey();
+
+                    if (permissionChecker.isPermitted(privilege,
+                                                      object,
+                                                      role.get())) {
+                        permissionManager.revokePrivilege(privilege,
+                                                          role.get(),
+                                                          object);
+                    } else {
+                        permissionManager.grantPrivilege(privilege,
+                                                         role.get(),
+                                                         object);
+                    }
+                } else if (columnIndex == lastColumnIndex) {
+                    final List<String> privileges = permissionManager
+                        .listDefiniedPrivileges(ItemPrivileges.class);
+                    privileges.forEach(privilege -> permissionManager
+                        .revokePrivilege(privilege, role.get(), object));
+                }
+            }
+
+            @Override
+            public void headSelected(final TableActionEvent event) {
+                //Nothing
+            }
+
+        });
+
+        panel.add(table);
+    }
+
+    private Label generatePrivilegeColumnHeader(final String privilege) {
+        return new Label(new GlobalizedMessage(
+            String.format("cms.ui.permissions.table.privilege.headers.%s",
+                          privilege),
+            CmsConstants.CMS_BUNDLE));
+    }
+
+    private class PermissionsTableModelBuilder extends LockableImpl
+        implements TableModelBuilder {
+
+        @Override
+        public TableModel makeModel(final Table table, final PageState state) {
+            final CcmObject object = itemSelectionModel.getSelectedItem(state);
+            return new CMSPermissionsTableModel(object);
+        }
+
+    }
+
+//    private class PermissionsTableModel implements TableModel {
+//        
+//        private final Iterator<PermissionsTableRow> iterator;
+//        private PermissionsTableRow currentRow;
+//        
+//        public PermissionsTableModel(final CcmObject object) {
+//            
+//        }
+//        
+//    }
+}

ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionConfig.java

@@ -19,6 +19,7 @@
 package org.librecms.contentsection;
 
 import com.arsdigita.cms.ui.authoring.ItemCategoryStep;
+import com.arsdigita.cms.ui.permissions.ItemPermissionsStep;
 import com.arsdigita.cms.ui.authoring.assets.relatedinfo.RelatedInfoStep;
 import com.arsdigita.cms.ui.authoring.assets.images.ImageStep;
 
@@ -123,10 +124,13 @@ public class ContentSectionConfig {
      */
     @Setting
     private List<String> defaultAuthoringSteps = Arrays
-        .asList(new String[]{
+        .asList(
+            new String[]{
                 ItemCategoryStep.class.getName(),
                 ImageStep.class.getName(),
-        RelatedInfoStep.class.getName()});
+                RelatedInfoStep.class.getName(),
+//                ItemPermissionsStep.class.getName()
+            });
 
     public static ContentSectionConfig getConfig() {
         final ConfigurationManager confManager = CdiUtil.createCdiUtil()

ccm-cms/src/main/java/org/librecms/contenttypes/AuthoringKitInfo.java

@@ -19,8 +19,6 @@
 package org.librecms.contenttypes;
 
 import com.arsdigita.bebop.FormSection;
-import com.arsdigita.cms.ui.authoring.PageCreateForm;
-import com.arsdigita.cms.ui.item.ItemCreateForm;
 
 import java.util.ArrayList;
 import java.util.Collections;

ccm-cms/src/main/resources/org/librecms/CmsResources.properties

@@ -520,3 +520,5 @@ cms.ui.item.lifecycle.unpublish=Unpublish
 cms.ui.item.lifecycle.do=Do
 cms.ui.item.lifecycle.republish_and_reset=Republish and reset lifecycle
 cms.ui.search.help=Enter some search terms
+item_permissions_step.label=Permissions
+item_permissions_step.description=Edit permissions for this content item

ccm-cms/src/main/resources/org/librecms/CmsResources_de.properties

@@ -517,3 +517,5 @@ cms.ui.item.lifecycle.unpublish=Depublizieren
 cms.ui.item.lifecycle.do=Ausf\u00fchren
 cms.ui.item.lifecycle.republish_and_reset=Erneut publizieren und Lebenszyklus zur\u00fccksetzen
 cms.ui.search.help=Enter some search terms
+item_permissions_step.label=Berechtigungen
+item_permissions_step.description=Berechtigungen f\u00fcr dieses Dokument bearbeiten

ccm-cms/src/main/resources/org/librecms/CmsResources_fr.properties

@@ -479,3 +479,5 @@ cms.ui.item.lifecycle.unpublish=Unpublish
 cms.ui.item.lifecycle.do=Do
 cms.ui.item.lifecycle.republish_and_reset=Republish and reset lifecycle
 cms.ui.search.help=Enter some search terms
+item_permissions_step.label=Permissions
+item_permissions_step.description=Edit permissions for this content item