LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-cms: FolderBrowser now shows up. Needs testing. 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4557 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2017-02-08 18:07:03 +00:00
parent e9bcd0c0ff
commit c9fabc8fff
11 changed files with 201 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
ccm-cms/src/main/java/com/arsdigita/cms/ui/BrowsePane.java
View File

@ -18,17 +18,21 @@
*/
package com.arsdigita.cms.ui;
import com.arsdigita.bebop.Component;
import com.arsdigita.bebop.Label;
import com.arsdigita.bebop.Page;
import com.arsdigita.bebop.PageState;
import com.arsdigita.bebop.Resettable;
import com.arsdigita.bebop.SegmentedPanel;
import com.arsdigita.bebop.SingleSelectionModel;
import com.arsdigita.bebop.Text;
import com.arsdigita.bebop.Tree;
import com.arsdigita.bebop.event.FormProcessListener;
import com.arsdigita.bebop.event.FormSectionEvent;
import com.arsdigita.bebop.event.FormSubmissionListener;
import com.arsdigita.bebop.event.ActionEvent;
import com.arsdigita.bebop.event.ActionListener;
import com.arsdigita.bebop.tree.TreeCellRenderer;
import com.arsdigita.cms.CMS;
import com.arsdigita.cms.ui.folder.FolderRequestLocal;
import com.arsdigita.cms.ui.folder.FolderSelectionModel;
@ -40,6 +44,7 @@ import com.arsdigita.util.Assert;
import org.libreccm.categorization.Category;
import org.libreccm.core.CcmObject;
import org.librecms.CmsConstants;
import org.librecms.contentsection.Folder;
/**
* A pane that contains a folder tree on the left and a folder manipulator on
@ -61,6 +66,29 @@ public class BrowsePane extends LayoutPanel implements Resettable {
/* The folder tree displayed on the left side / left column */
tree = new BaseTree(new FolderTreeModelBuilder());
tree.setCellRenderer(new TreeCellRenderer() {
@Override
public Component getComponent(final Tree tree,
final PageState state,
final Object value,
final boolean isSelected,
final boolean isExpanded,
final boolean isLeaf,
final Object key) {
if (value instanceof Folder) {
final Folder folder = (Folder) value;
if (folder.getParentCategory() == null) {
return new Text("/");
} else {
return new Text(folder.getName());
}
} else {
return new Text(value.toString());
}
}
});
selectionModel = tree.getSelectionModel();
folderModel = new FolderSelectionModel(selectionModel);
folderRequestLocal = new FolderRequestLocal(folderModel);
@ -70,7 +98,7 @@ public class BrowsePane extends LayoutPanel implements Resettable {
final Label heading = new Label(
new GlobalizedMessage("cms.ui.folder_browser",
CmsConstants.CMS_FOLDER_BUNDLE));
CmsConstants.CMS_BUNDLE));
left.addSegment(heading, tree);
flatItemList = new FlatItemList(folderRequestLocal, folderModel);

1
ccm-cms/src/main/java/com/arsdigita/cms/ui/folder/FolderTreeModelBuilder.java
View File

@ -32,7 +32,6 @@ import com.arsdigita.util.LockableImpl;
import java.util.Collections;
import java.util.Iterator;
import org.libreccm.categorization.Category;
import org.libreccm.cdi.utils.CdiUtil;
import org.librecms.contentsection.Folder;

19
ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsPane.java
View File

@ -264,6 +264,8 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
new Label(new GlobalizedMessage(
"cms.ui.permissions.table.role_header",
CmsConstants.CMS_BUNDLE)));
headerLabels.add(new Label(new GlobalizedMessage(
"cms.ui.permissions.table.remove_all.header")));
final Table table = new Table(new CMSPermissionsTableModelBuilder(this),
headerLabels.toArray());
table.setClassAttr("dataTable");
@ -281,7 +283,9 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
final ControlLink link = new ControlLink("");
if ((boolean) value) {
final CMSPermissionsTableColumn col
= (CMSPermissionsTableColumn) value;
if (col.isPermitted()) {
link.setClassAttr("checkBoxChecked");
} else {
link.setClassAttr("checkBoxUnchecked");
@ -303,9 +307,12 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
final Object key,
final int row,
final int column) {
final ControlLink link = new ControlLink((String) value);
final ControlLink link = new ControlLink(new Label(
new GlobalizedMessage(
"cms.ui.permissions.table.actions.remove_all",
CmsConstants.CMS_BUNDLE)));
link.setConfirmation(new GlobalizedMessage(
"permissions.table.actions.removeAll",
"cms.ui.permissions.table.actions.remove_all.confirm",
CmsConstants.CMS_BUNDLE));
return link;
@ -424,7 +431,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
// .getPermissions(CMSPermissionsConstants.INHERITED);
// return inheritedPermissions;
// }
public SimpleContainer getAdminListingPanel() {
if (adminListing == null) {
adminListing = new ObjectAdminListing(selectionModel);
@ -511,7 +517,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
// }
// return contextPanel;
// }
ParameterModel getSearchString() {
return searchString;
}
@ -537,7 +542,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
// getPermissionGrantPanel().setVisible(state, false);
// getNoSearchResultPanel().setVisible(state, true);
// }
// /**
// * Show the Grant privileges panel
// *
@ -551,7 +555,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
// getNoSearchResultPanel().setVisible(state, false);
// getPermissionGrantPanel().setVisible(state, true);
// }
// /**
// * Shows the administration page of permissions to one object.
// *
@ -595,7 +598,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
//
// getPermissionGrantPanel().setVisible(state, false);
// }
@Override
public void actionPerformed(final ActionEvent event) {
@ -637,7 +639,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
// getAdminListingPanel().setVisible(state, false);
// }
// }
public String getPrivilegeName(final String privilege) {
return privilegeNameMap.get(privilege);
}

4
ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsTableModel.java
View File

@ -71,7 +71,7 @@ class CMSPermissionsTableModel implements TableModel {
} else if (columnIndex == getColumnCount() - 1) {
return "Remove all";
} else {
return currentRow.getColumns().get(columnIndex - 2);
return currentRow.getColumns().get(columnIndex - 1);
}
}
@ -80,7 +80,7 @@ class CMSPermissionsTableModel implements TableModel {
if (columnIndex == 0 || columnIndex == getColumnCount() - 1) {
return currentRow.getRoleName();
} else {
return currentRow.getColumns().get(columnIndex).getPrivilege();
return currentRow.getColumns().get(columnIndex - 1).getPrivilege();
}
}

23
ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java
View File

@ -234,6 +234,29 @@ public class ContentSectionSetup extends AbstractCcmApplicationSetup {
getEntityManager().persist(publisher);
getEntityManager().persist(contentReader);
section.addRole(alertRecipient);
section.addRole(author);
section.addRole(editor);
section.addRole(manager);
section.addRole(publisher);
section.addRole(contentReader);
final String itemResolverClassName;
if (getIntegrationProps().containsKey(String.format("%s.item_resolver",
sectionName))) {
itemResolverClassName = getIntegrationProps().getProperty(
String.format("%s.item_resolver",
sectionName));
} else if(getIntegrationProps().containsKey("default_item_resolver")) {
itemResolverClassName = getIntegrationProps().getProperty("default_item_resolver_name");
} else {
itemResolverClassName = MultilingualItemResolver.class.getName();
}
section.setItemResolverClass(itemResolverClassName);
getEntityManager().merge(section);
}
}

25
ccm-cms/src/main/resources/org/librecms/CmsResources.properties
View File

@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
cms.ui.contentcenter.location=Location
cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
cms.ui.browse=Documents
cms.ui.search=Search
cms.ui.roles=Roles
cms.ui.workflows=Workflows
cms.ui.lifecycles=Lifecycles
cms.ui.content_types=Content types
cms.ui.cse=Soon expired
cms.ui.reports=Reports
cms.ui.permissions=Permissions
cms.ui.permissions.table.header=The following permissions have been granted on the current object:
cms.ui.permissions.table.role_header=Role
cms.ui.permissions.table.privilege.headers.administer_items=Administer items
cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Apply alternate workflow
cms.ui.permissions.table.privilege.headers.approve_items=Approve items
cms.ui.permissions.table.privilege.headers.categorize_items=Categorise items
cms.ui.permissions.table.privilege.headers.create_new_items=Create new items
cms.ui.permissions.table.privilege.headers.delete_items=Delete items
cms.ui.permissions.table.privilege.headers.edit_items=Edit items
cms.ui.permissions.table.privilege.headers.preview_items=Preview items
cms.ui.permissions.table.privilege.headers.publish_items=Publish items
cms.ui.permissions.table.privilege.headers.view_published_items=View published items
cms.ui.folder_browser=Folders
cms.ui.permissions.table.actions.remove_all=Remove all permissions
cms.ui.permissions.table.actions.remove_all.confirm=Are you sure to remove all permissions for this role from the current object?
cms.ui.permissions.table.remove_all.header=Remove all

25
ccm-cms/src/main/resources/org/librecms/CmsResources_de.properties
View File

@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
cms.ui.contentcenter.location=Ort
cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
cms.ui.browse=Dokumente
cms.ui.search=Suche
cms.ui.roles=Rollen
cms.ui.workflows=Arbeitsabl\u00e4ufe
cms.ui.lifecycles=Ver\u00f6ffentlichungszyklen
cms.ui.content_types=Dokumenttypen
cms.ui.cse=Bald abgelaufen
cms.ui.reports=Berichte
cms.ui.permissions=Berechtigungen
cms.ui.permissions.table.header=Die folgenden Berechtigungen wurden f\u00fcr das aktuelle Objekt erteilt:
cms.ui.permissions.table.role_header=Rolle
cms.ui.permissions.table.privilege.headers.administer_items=Dokumente verwalten
cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Alternative Arbeitsablauf zuweisen
cms.ui.permissions.table.privilege.headers.approve_items=Dokumente genehmigen
cms.ui.permissions.table.privilege.headers.categorize_items=Dokumente kategorisieren
cms.ui.permissions.table.privilege.headers.create_new_items=Neue Dokumente anlegen
cms.ui.permissions.table.privilege.headers.delete_items=Dokumente l\u00f6schen
cms.ui.permissions.table.privilege.headers.edit_items=Dokumente bearbeiten
cms.ui.permissions.table.privilege.headers.preview_items=Vorschau betrachten
cms.ui.permissions.table.privilege.headers.publish_items=Dokumente ver\u00f6ffentlichen
cms.ui.permissions.table.privilege.headers.view_published_items=Ver\u00f6ffentlichte Dokumente betrachten
cms.ui.folder_browser=Ordner
cms.ui.permissions.table.actions.remove_all=Alle Berechtigungen entfernen
cms.ui.permissions.table.actions.remove_all.confirm=Sind Sie sicher, dass Sie alle Berechtigungen f\u00fcr diese Rolle von dem aktuellen Objekt entfernen wollen?
cms.ui.permissions.table.remove_all.header=Alle entfernen

25
ccm-cms/src/main/resources/org/librecms/CmsResources_fr.properties
View File

@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
cms.ui.contentcenter.location=Location
cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
cms.ui.browse=Documents
cms.ui.search=Search
cms.ui.roles=Roles
cms.ui.workflows=Workflows
cms.ui.lifecycles=Lifecycles
cms.ui.content_types=Content types
cms.ui.cse=Soon expired
cms.ui.reports=Reports
cms.ui.permissions=Permissions
cms.ui.permissions.table.header=The following permissions have been granted on the current object:
cms.ui.permissions.table.role_header=Role
cms.ui.permissions.table.privilege.headers.administer_items=Administer items
cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Apply alternate workflow
cms.ui.permissions.table.privilege.headers.approve_items=Approve items
cms.ui.permissions.table.privilege.headers.categorize_items=Categorise items
cms.ui.permissions.table.privilege.headers.create_new_items=Create new items
cms.ui.permissions.table.privilege.headers.delete_items=Delete items
cms.ui.permissions.table.privilege.headers.edit_items=Edit items
cms.ui.permissions.table.privilege.headers.preview_items=Preview items
cms.ui.permissions.table.privilege.headers.publish_items=Publish items
cms.ui.permissions.table.privilege.headers.view_published_items=View published items
cms.ui.folder_browser=Folders
cms.ui.permissions.table.actions.remove_all=Remove all permissions
cms.ui.permissions.table.actions.remove_all.confirm=Are you sure to remove all permissions for this role from the current object?
cms.ui.permissions.table.remove_all.header=Remove all

6
ccm-core/src/main/java/org/libreccm/security/Permission.java
View File

@ -60,6 +60,12 @@ import javax.persistence.OneToOne;
@Table(name = "PERMISSIONS", schema = DB_SCHEMA)
@NamedQueries({
@NamedQuery(name = "Permission.existsForPrivilegeRoleObject",
query = "SELECT COUNT(p) FROM Permission p "
+ "WHERE p.grantedPrivilege = :privilege "
+ "AND p.grantee = :grantee "
+ "AND p.object = :object")
,
@NamedQuery(name = "Permission.existsDirectForPrivilegeRoleObject",
query = "SELECT COUNT(p) FROM Permission p "
+ "WHERE p.grantedPrivilege = :privilege "
+ "AND p.grantee = :grantee "

104
ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java
View File

@ -29,9 +29,15 @@ import java.util.Optional;
import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.transaction.Transactional;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import java.util.Objects;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
/**
* An utility class for checking permissions. Uses the current {@link Subject}
* as provided by the {@link Shiro} bean useless otherwise indicated.
@ -42,7 +48,7 @@ import org.apache.logging.log4j.Logger;
public class PermissionChecker {
private static final Logger LOGGER = LogManager.getLogger(
PermissionChecker.class);
PermissionChecker.class);
/**
* The current subject as provided by {@link Shiro#getSubject()}.
@ -50,6 +56,9 @@ public class PermissionChecker {
@Inject
private Subject subject;
@Inject
private EntityManager entityManager;
@Inject
private Shiro shiro;
@ -63,14 +72,14 @@ public class PermissionChecker {
* @param privilege The privilege granted by the permission.
*
* @return {@code true} if the current subject has a permission granting the
* provided {@code privilege}, {@code false} otherwise.
* provided {@code privilege}, {@code false} otherwise.
*/
public boolean isPermitted(final String privilege) {
if (subject.isAuthenticated()) {
return subject.isPermitted(generatePermissionString(privilege));
} else {
return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege));
privilege));
}
}
@ -79,22 +88,22 @@ public class PermissionChecker {
* provided {@code privilege}.
*
* @param privilege The privilege granted by the permission.
* @param role The role to check for a permission granting the
* {@code privilege}.
* @param role The role to check for a permission granting the
* {@code privilege}.
*
* @return {@code true} if the role has a permission granting the provided
* {@code privilege}, {@code false} otherwise.
* {@code privilege}, {@code false} otherwise.
*/
@Transactional(Transactional.TxType.REQUIRED)
public boolean isPermitted(final String privilege, final Role role) {
if (privilege == null || privilege.trim().isEmpty()) {
throw new IllegalArgumentException(
"Can't check permission null (or empty)");
"Can't check permission null (or empty)");
}
if (role == null) {
throw new IllegalArgumentException(
"Can't check permission for role null.");
"Can't check permission for role null.");
}
//Ensure that we have a none detached entity
@ -108,10 +117,10 @@ public class PermissionChecker {
}
final Optional<Permission> permission = theRole.get().getPermissions()
.stream()
.filter(granted -> privilege.equals(granted.
getGrantedPrivilege()))
.findFirst();
.stream()
.filter(granted -> privilege.equals(granted.
getGrantedPrivilege()))
.findFirst();
return permission.isPresent();
}
@ -121,18 +130,19 @@ public class PermissionChecker {
* {@code privilege} on the provided {@code object}.
*
* @param privilege The granted privilege.
* @param object The object on which the privilege is granted.
* @param object The object on which the privilege is granted.
*
* @return {@code true} if the there is a permission granting the provided
* {@code privilege} on the provided {@code object} to the current subject.
* {@code privilege} on the provided {@code object} to the current
* subject.
*/
public boolean isPermitted(final String privilege, final CcmObject object) {
if (subject.isAuthenticated()) {
return subject.isPermitted(generatePermissionString(
privilege, object));
privilege, object));
} else {
return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege, object));
privilege, object));
}
}
@ -141,48 +151,39 @@ public class PermissionChecker {
* provided {@code privilege} on the provided object.
*
* @param privilege The granted privilege.
* @param object The object on which the {@code privilege} is granted.
* @param role The role to check for a permission granting the
* {@code privilege}.
* @param object The object on which the {@code privilege} is granted.
* @param role The role to check for a permission granting the
* {@code privilege}.
*
* @return {@code true} if the there is a permission granting the provided
* {@code privilege} on the provided {@code object} to the provided
* {@code role}.
* {@code privilege} on the provided {@code object} to the provided
* {@code role}.
*/
public boolean isPermitted(final String privilege,
final CcmObject object,
final Role role) {
if (privilege == null || privilege.trim().isEmpty()) {
throw new IllegalArgumentException(
"Can't check permission null (or empty)");
"Can't check permission null (or empty)");
}
if (role == null) {
throw new IllegalArgumentException(
"Can't check permission for role null.");
"Can't check permission for role null.");
}
if (object == null) {
throw new IllegalArgumentException(
"Can verify permissions for object null.");
"Can verify permissions for object null.");
}
//Ensure that we have a none detached entity
final Optional<Role> theRole = roleRepo.findById(role.getRoleId());
if (!theRole.isPresent()) {
//If the role is not found in the database print a warning in the
//and return false
LOGGER.warn("To provided role {} was not found in the database.",
role.toString());
return false;
}
final TypedQuery<Long> query = entityManager.createNamedQuery(
"Permission.existsForPrivilegeRoleObject", Long.class);
query.setParameter("privilege", privilege);
query.setParameter("grantee" ,role);
query.setParameter("object" ,object);
final Optional<Permission> permission = theRole.get().getPermissions()
.stream()
.filter(granted -> granted.getObject() != null)
.filter(granted -> object.equals(granted.getObject()))
.findFirst();
return permission.isPresent();
return query.getSingleResult() > 0;
}
/**
@ -193,15 +194,15 @@ public class PermissionChecker {
* @param privilege The privilege to check for.
*
* @throws AuthorizationException If the current subject has not permission
* granting the provided privilege.
* granting the provided privilege.
*/
public void checkPermission(final String privilege)
throws AuthorizationException {
throws AuthorizationException {
if (subject.isAuthenticated()) {
subject.checkPermission(generatePermissionString(privilege));
} else {
shiro.getPublicUser().checkPermission(generatePermissionString(
privilege));
privilege));
}
}
@ -211,19 +212,20 @@ public class PermissionChecker {
*
*
* @param privilege The privilege to check for.
* @param object The object on which the privilege is granted.
* @param object The object on which the privilege is granted.
*
* @throws AuthorizationException If there is no permission granting the
* provided privilege to the current subject on the provided object..
* provided privilege to the current subject
* on the provided object..
*/
public void checkPermission(final String privilege,
final CcmObject object)
throws AuthorizationException {
throws AuthorizationException {
if (subject.isAuthenticated()) {
subject.checkPermission(generatePermissionString(privilege, object));
} else {
shiro.getPublicUser().checkPermission(generatePermissionString(
privilege, object));
privilege, object));
}
}
@ -234,13 +236,13 @@ public class PermissionChecker {
* placeholder object is returned with the {@link CcmObject#displayName}
* property set the {@code Access denied}.
*
* @param <T> The type of the object to check.
* @param <T> The type of the object to check.
* @param privilege The privilige to check for.
* @param object The object on which the privilege is granted.
* @param clazz The class of the object.
* @param object The object on which the privilege is granted.
* @param clazz The class of the object.
*
* @return The object if the current subject is permitted to access, a
* placeholder object if not.
* placeholder object if not.
*/
public <T extends CcmObject> T checkPermission(final String privilege,
final T object,
@ -256,7 +258,7 @@ public class PermissionChecker {
* @param object The object to check.
*
* @return {@code true} if the object is a <i>Access denied</i> object,
* {@code false} if not.
* {@code false} if not.
*/
public boolean isAccessDeniedObject(final CcmObject object) {
if (object == null) {

2
ccm-core/src/main/java/org/libreccm/security/PermissionManager.java
View File

@ -536,7 +536,7 @@ public class PermissionManager {
final Role grantee,
final CcmObject object) {
final TypedQuery<Long> query = entityManager.createNamedQuery(
"Permission.existsForPrivilegeRoleObject", Long.class);
"Permission.existsDirectForPrivilegeRoleObject", Long.class);
query.setParameter(QUERY_PARAM_PRIVILEGE, privilege);
query.setParameter(QUERY_PARAM_GRANTEE, grantee);
query.setParameter(QUERY_PARAM_OBJECT, object);