From fe8f1c98ef3ae60b382dc1eb41b13644ea237496 Mon Sep 17 00:00:00 2001 From: jensp Date: Thu, 22 Jun 2017 13:04:32 +0000 Subject: [PATCH] CCM NG/ccm-core: Fixed several Exceptions when editing Users and Roles git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4798 8810af33-2d31-482b-a856-94f89814c4df Former-commit-id: b8173503055067ec2fdd2d24cea66d870ce95e8c --- .../roles/RoleAddMemberForm.java | 7 +- .../roles/RoleMembersTable.java | 31 +++-- .../roles/RolesController.java | 88 ++++++++++++++ .../users/GroupsRolesTableModel.java | 12 +- .../users/RoleMembershipsForm.java | 110 ++++++++++-------- ...esController.java => UsersController.java} | 105 ++++++++++++++++- .../libreccm/security/PermissionChecker.java | 2 +- 7 files changed, 281 insertions(+), 74 deletions(-) create mode 100644 ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RolesController.java rename ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/{UsersGroupsRolesController.java => UsersController.java} (53%) diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleAddMemberForm.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleAddMemberForm.java index 89efad041..21cdf8068 100644 --- a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleAddMemberForm.java +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleAddMemberForm.java @@ -162,6 +162,9 @@ class RoleAddMemberForm extends Form { switch (event.getColumn()) { case COL_MEMBER_ADD: final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); + + final RolesController controller = cdiUtil + .findBean(RolesController.class); final PartyRepository partyRepository = cdiUtil .findBean(PartyRepository.class); final RoleRepository roleRepository = cdiUtil @@ -170,10 +173,12 @@ class RoleAddMemberForm extends Form { RoleManager.class); final Party party = partyRepository.findById( Long.parseLong(key)).get(); + final Role role = roleRepository.findById( Long.parseLong( selectedRoleId.getSelectedKey(state))).get(); - roleManager.assignRoleToParty(role, party); + controller.assignRoleToParty(role, party); + roleAdmin.hideRoleMemberAddForm(state); break; default: diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleMembersTable.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleMembersTable.java index a9cc2263b..9da5ae7c1 100644 --- a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleMembersTable.java +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleMembersTable.java @@ -34,6 +34,7 @@ import com.arsdigita.bebop.table.TableModelBuilder; import com.arsdigita.globalization.GlobalizedMessage; import com.arsdigita.util.LockableImpl; +import org.libreccm.admin.ui.usersgroupsroles.UsersGroupsRoles; import org.libreccm.cdi.utils.CdiUtil; import org.libreccm.security.Group; import org.libreccm.security.Party; @@ -50,7 +51,7 @@ import static com.arsdigita.ui.admin.AdminUiConstants.*; /** * Table showing all members (users or groups) of a role. - * + * * @author Jens Pelzetter */ class RoleMembersTable extends Table { @@ -121,7 +122,8 @@ class RoleMembersTable extends Table { final Party party = partyRepository.findById(Long .parseLong(key)).get(); final Role role = roleRepository.findById( - Long.parseLong(selectedRoleId.getSelectedKey(state))).get(); + Long.parseLong(selectedRoleId.getSelectedKey(state))) + .get(); roleManager.removeRoleFromParty(role, party); break; default: @@ -170,20 +172,25 @@ class RoleMembersTable extends Table { final ParameterSingleSelectionModel selectedRoleId, final PageState state) { - final RoleRepository roleRepository = CdiUtil.createCdiUtil() + final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); + final RoleRepository roleRepository = cdiUtil .findBean(RoleRepository.class); final Role role = roleRepository.findById(Long.parseLong( selectedRoleId.getSelectedKey(state))).get(); +// +// members = new ArrayList<>(); +// +// role.getMemberships().forEach(m -> { +// members.add(m.getMember()); +// }); +// +// members.sort((m1, m2) -> { +// return m1.getName().compareTo(m2.getName()); +// }); - members = new ArrayList<>(); - - role.getMemberships().forEach(m -> { - members.add(m.getMember()); - }); - - members.sort((m1, m2) -> { - return m1.getName().compareTo(m2.getName()); - }); + final RolesController controller = cdiUtil + .findBean(RolesController.class); + members = controller.getMembersOfRole(role); } @Override diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RolesController.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RolesController.java new file mode 100644 index 000000000..b956bc746 --- /dev/null +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RolesController.java @@ -0,0 +1,88 @@ +package com.arsdigita.ui.admin.usersgroupsroles.roles; + +import org.libreccm.security.Party; +import org.libreccm.security.PartyRepository; +import org.libreccm.security.Role; +import org.libreccm.security.RoleManager; +import org.libreccm.security.RoleMembership; +import org.libreccm.security.RoleRepository; + +import java.util.List; +import java.util.stream.Collectors; + +import javax.enterprise.context.RequestScoped; +import javax.inject.Inject; +import javax.transaction.Transactional; + +/** + * + * @author Jens Pelzetter + */ +@RequestScoped +public class RolesController { + + @Inject + private PartyRepository partyRepo; + + @Inject + private RoleRepository roleRepo; + + @Inject + private RoleManager roleManager; + + @Transactional(Transactional.TxType.REQUIRED) + protected List getMembersOfRole(final Role role) { + + final Role theRole = roleRepo + .findById(role.getRoleId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Role with ID %d in the database.", + role.getRoleId()))); + + return theRole + .getMemberships() + .stream() + .map(RoleMembership::getMember) + .sorted((role1, role2) -> role1.getName().compareTo(role2.getName())) + .collect(Collectors.toList()); + } + + @Transactional(Transactional.TxType.REQUIRED) + protected List getNamesOfMembersOfRole(final Role role) { + + final Role theRole = roleRepo + .findById(role.getRoleId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Role with ID %d in the database.", + role.getRoleId()))); + + return theRole + .getMemberships() + .stream() + .map(RoleMembership::getMember) + .map(Party::getName) + .sorted((name1, name2) -> name1.compareTo(name2)) + .collect(Collectors.toList()); + + } + + @Transactional(Transactional.TxType.REQUIRED) + protected void assignRoleToParty(final Role role, final Party party) { + + final Party assignee = partyRepo + .findById(party.getPartyId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Party with ID %d in the database.", + party.getPartyId()))); + + final Role assignTo = roleRepo + .findById(role.getRoleId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Role with ID %d in the database.", + role.getRoleId()))); + + roleManager.assignRoleToParty(assignTo, assignee); + } + +} + \ No newline at end of file diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/GroupsRolesTableModel.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/GroupsRolesTableModel.java index 37c638323..389621cd7 100644 --- a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/GroupsRolesTableModel.java +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/GroupsRolesTableModel.java @@ -92,8 +92,8 @@ class GroupsRolesTableModel implements TableModel { ADMIN_BUNDLE)); case COL_VALUE: { final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); - final UsersGroupsRolesController controller = cdiUtil - .findBean(UsersGroupsRolesController.class); + final UsersController controller = cdiUtil + .findBean(UsersController.class); return controller.getNamesOfAssignedGroups(user); } @@ -112,8 +112,8 @@ class GroupsRolesTableModel implements TableModel { ADMIN_BUNDLE)); case COL_VALUE: { final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); - final UsersGroupsRolesController controller = cdiUtil - .findBean(UsersGroupsRolesController.class); + final UsersController controller = cdiUtil + .findBean(UsersController.class); return controller.getNamesOfAssignedGroups(user); } @@ -132,8 +132,8 @@ class GroupsRolesTableModel implements TableModel { "ui.admin.user.all_roles", ADMIN_BUNDLE)); case COL_VALUE: { final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); - final UsersGroupsRolesController controller = cdiUtil - .findBean(UsersGroupsRolesController.class); + final UsersController controller = cdiUtil + .findBean(UsersController.class); return controller.getNamesOfAllAssignedRoles(user); } diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/RoleMembershipsForm.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/RoleMembershipsForm.java index 80a11b10a..bb43ae233 100644 --- a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/RoleMembershipsForm.java +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/RoleMembershipsForm.java @@ -129,19 +129,20 @@ class RoleMembershipsForm extends Form { saveCancelSection = new SaveCancelSection(); add(saveCancelSection); - addInitListener(e -> { + addInitListener(event -> { final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); - final UserRepository userRepository = cdiUtil.findBean( - UserRepository.class); + final UserRepository userRepository = cdiUtil + .findBean(UserRepository.class); + final UsersController controller = cdiUtil + .findBean(UsersController.class); - final PageState state = e.getPageState(); + final PageState state = event.getPageState(); - final User user = userRepository.findById(Long.parseLong( - selectedUserId.getSelectedKey(state))).get(); - final List assignedRoles = new ArrayList<>(); - user.getRoleMemberships().forEach(m -> { - assignedRoles.add(m.getRole()); - }); + final User user = userRepository + .findById(Long.parseLong(selectedUserId.getSelectedKey(state))) + .get(); + final List assignedRoles = controller + .getAssignedRoles(user); final String[] selectedRoles = new String[assignedRoles.size()]; IntStream.range(0, assignedRoles.size()).forEach(i -> { @@ -152,56 +153,65 @@ class RoleMembershipsForm extends Form { roles.setValue(state, selectedRoles); }); - addProcessListener(e -> { - final PageState state = e.getPageState(); + addProcessListener(event -> { + final PageState state = event.getPageState(); if (saveCancelSection.getSaveButton().isSelected(state)) { - final FormData data = e.getFormData(); + final FormData data = event.getFormData(); final CdiUtil cdiUtil = CdiUtil.createCdiUtil(); - final UserRepository userRepository = cdiUtil.findBean( - UserRepository.class); - final RoleRepository roleRepository = cdiUtil.findBean( - RoleRepository.class); - final RoleManager roleManager = cdiUtil.findBean( - RoleManager.class); + final UserRepository userRepository = cdiUtil + .findBean(UserRepository.class); + final RoleRepository roleRepository = cdiUtil + .findBean(RoleRepository.class); + final RoleManager roleManager = cdiUtil + .findBean(RoleManager.class); + final UsersController controller = cdiUtil + .findBean(UsersController.class); - final String[] selectedRolesIds = (String[]) data.get( - ROLES_SELECTOR); + final String[] selectedRolesIds = (String[]) data + .get(ROLES_SELECTOR); - final User user = userRepository.findById(Long.parseLong( - selectedUserId.getSelectedKey(state))).get(); + final User user = userRepository + .findById(Long + .parseLong(selectedUserId.getSelectedKey(state))) + .get(); final List selectedRoles = new ArrayList<>(); if (selectedRolesIds != null) { - Arrays.stream(selectedRolesIds).forEach(id -> { - final Role role = roleRepository.findById( - Long.parseLong(id)).get(); - selectedRoles.add(role); - }); + Arrays + .stream(selectedRolesIds) + .forEach(id -> { + final Role role = roleRepository + .findById(Long.parseLong(id)) + .get(); + selectedRoles.add(role); + }); } - final List assignedRoles = new ArrayList<>(); - user.getRoleMemberships().forEach(m -> { - assignedRoles.add(m.getRole()); - }); - - //First check for newly added roles - selectedRoles.forEach(r -> { - if (!assignedRoles.contains(r)) { - roleManager.assignRoleToParty(r, user); - } - }); - - //Than check for removed roles - assignedRoles.forEach(r -> { - if (!selectedRoles.contains(r)) { - //Role is maybe detached or not fully loaded, - //therefore we load the role from the database. - final Role role = roleRepository.findById(r.getRoleId()) - .get(); - roleManager.removeRoleFromParty(role, user); - } - }); + + controller.updateAssignedRoles(user, selectedRoles); + +// final List assignedRoles = controller +// .getAssignedRoles(user); +// +// //First check for newly added roles +// selectedRoles.forEach(role -> { +// if (!assignedRoles.contains(role)) { +// roleManager.assignRoleToParty(role, user); +// } +// }); +// +// //Than check for removed roles +// assignedRoles.forEach(role -> { +// if (!selectedRoles.contains(role)) { +// //Role is maybe detached or not fully loaded, +// //therefore we load the role from the database. +// final Role roleToRemove = roleRepository +// .findById(role.getRoleId()) +// .get(); +// roleManager.removeRoleFromParty(roleToRemove, user); +// } +// }); } userAdmin.closeEditRoleMembershipsForm(state); diff --git a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersGroupsRolesController.java b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersController.java similarity index 53% rename from ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersGroupsRolesController.java rename to ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersController.java index 2f79d7b95..2d93d0764 100644 --- a/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersGroupsRolesController.java +++ b/ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersController.java @@ -20,12 +20,14 @@ package com.arsdigita.ui.admin.usersgroupsroles.users; import org.libreccm.security.Group; import org.libreccm.security.GroupMembership; +import org.libreccm.security.Party; import org.libreccm.security.Role; +import org.libreccm.security.RoleManager; import org.libreccm.security.RoleMembership; +import org.libreccm.security.RoleRepository; import org.libreccm.security.User; import org.libreccm.security.UserRepository; -import java.util.ArrayList; import java.util.HashSet; import java.util.List; import java.util.Set; @@ -41,11 +43,37 @@ import javax.transaction.Transactional; * @author Jens Pelzetter */ @RequestScoped -class UsersGroupsRolesController { +class UsersController { @Inject private UserRepository userRepo; + @Inject + private RoleRepository roleRepo; + + @Inject + private RoleManager roleManager; + + @Transactional(Transactional.TxType.REQUIRED) + protected List getAssignedGroups(final User user) { + + final User theUser = userRepo + .findById(user.getPartyId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No User with ID %d in the database.", + user.getPartyId()))); + + return theUser + .getGroupMemberships() + .stream() + .map(GroupMembership::getGroup) + .sorted((group1, group2) -> { + return group1.getName().compareTo(group2.getName()); + }) + .collect(Collectors.toList()); + + } + @Transactional(Transactional.TxType.REQUIRED) protected String getNamesOfAssignedGroups(final User user) { @@ -65,7 +93,27 @@ class UsersGroupsRolesController { } @Transactional(Transactional.TxType.REQUIRED) - public String getNamesOfAssignedRoles(final User user) { + protected List getAssignedRoles(final User user) { + + final User theUser = userRepo + .findById(user.getPartyId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No User with ID %d in the database.", + user.getPartyId()))); + + return theUser + .getRoleMemberships() + .stream() + .map(RoleMembership::getRole) + .sorted((role1, role2) -> { + return role1.getName().compareTo(role2.getName()); + }) + .collect(Collectors.toList()); + + } + + @Transactional(Transactional.TxType.REQUIRED) + protected String getNamesOfAssignedRoles(final User user) { final User theUser = userRepo .findById(user.getPartyId()) @@ -84,7 +132,7 @@ class UsersGroupsRolesController { } @Transactional(Transactional.TxType.REQUIRED) - public String getNamesOfAllAssignedRoles(final User user) { + protected String getNamesOfAllAssignedRoles(final User user) { final User theUser = userRepo .findById(user.getPartyId()) @@ -118,4 +166,53 @@ class UsersGroupsRolesController { .collect(Collectors.joining(", ")); } + + + @Transactional(Transactional.TxType.REQUIRED) + protected void updateAssignedRoles(final User user, + final List selectedRoles) { + + final User theUser = userRepo + .findById(user.getPartyId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No User with ID %d in the database.", + user.getPartyId()))); + + final List assignedRoles = getAssignedRoles(user); + + //First check for newly added role + selectedRoles + .stream() + .filter(role -> !assignedRoles.contains(role)) + .forEach(role -> assignRoleToParty(role, theUser)); + + //Than check for removed roles + assignedRoles + .stream() + .filter(role -> !selectedRoles.contains(role)) + .forEach(role -> removeRoleFromParty(role, theUser)); + } + + private void assignRoleToParty(final Role role, final Party party) { + + final Role roleToAdd = roleRepo + .findById(role.getRoleId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Role with ID %d in the database.", + role.getRoleId()))); + + roleManager.assignRoleToParty(roleToAdd, party); + } + + private void removeRoleFromParty(final Role role, final Party party) { + + final Role roleToRemove = roleRepo + .findById(role.getRoleId()) + .orElseThrow(() -> new IllegalArgumentException(String + .format("No Role with ID %d in the database.", + role.getRoleId()))); + + roleManager.removeRoleFromParty(roleToRemove, party); + } + } diff --git a/ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java b/ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java index fc297a9f9..195b75a10 100644 --- a/ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java +++ b/ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java @@ -79,7 +79,7 @@ public class PermissionChecker { if (shiro.isSystemUser()) { return true; } else { - return subject.isPermitted(generatePermissionString(privilege)); + return subject.isPermitted(generatePermissionString(privilege)); } } else { return shiro.getPublicUser().isPermitted(generatePermissionString(