LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-core: Fixed several Exceptions when editing Users and Roles 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4798 8810af33-2d31-482b-a856-94f89814c4df

Former-commit-id: b817350305
pull/2/head
jensp 2017-06-22 13:04:32 +00:00
parent e7d98ae19a
commit fe8f1c98ef
7 changed files with 281 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleAddMemberForm.java
View File

@ -162,6 +162,9 @@ class RoleAddMemberForm extends Form {
switch (event.getColumn()) {
case COL_MEMBER_ADD:
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final RolesController controller = cdiUtil
.findBean(RolesController.class);
final PartyRepository partyRepository = cdiUtil
.findBean(PartyRepository.class);
final RoleRepository roleRepository = cdiUtil
@ -170,10 +173,12 @@ class RoleAddMemberForm extends Form {
RoleManager.class);
final Party party = partyRepository.findById(
Long.parseLong(key)).get();
final Role role = roleRepository.findById(
Long.parseLong(
selectedRoleId.getSelectedKey(state))).get();
roleManager.assignRoleToParty(role, party);
controller.assignRoleToParty(role, party);
roleAdmin.hideRoleMemberAddForm(state);
break;
default:

31
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RoleMembersTable.java
View File

@ -34,6 +34,7 @@ import com.arsdigita.bebop.table.TableModelBuilder;
import com.arsdigita.globalization.GlobalizedMessage;
import com.arsdigita.util.LockableImpl;
import org.libreccm.admin.ui.usersgroupsroles.UsersGroupsRoles;
import org.libreccm.cdi.utils.CdiUtil;
import org.libreccm.security.Group;
import org.libreccm.security.Party;
@ -50,7 +51,7 @@ import static com.arsdigita.ui.admin.AdminUiConstants.*;
/**
* Table showing all members (users or groups) of a role.
*
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
class RoleMembersTable extends Table {
@ -121,7 +122,8 @@ class RoleMembersTable extends Table {
final Party party = partyRepository.findById(Long
.parseLong(key)).get();
final Role role = roleRepository.findById(
Long.parseLong(selectedRoleId.getSelectedKey(state))).get();
Long.parseLong(selectedRoleId.getSelectedKey(state)))
.get();
roleManager.removeRoleFromParty(role, party);
break;
default:
@ -170,20 +172,25 @@ class RoleMembersTable extends Table {
final ParameterSingleSelectionModel<String> selectedRoleId,
final PageState state) {
final RoleRepository roleRepository = CdiUtil.createCdiUtil()
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final RoleRepository roleRepository = cdiUtil
.findBean(RoleRepository.class);
final Role role = roleRepository.findById(Long.parseLong(
selectedRoleId.getSelectedKey(state))).get();
//
// members = new ArrayList<>();
//
// role.getMemberships().forEach(m -> {
// members.add(m.getMember());
// });
//
// members.sort((m1, m2) -> {
// return m1.getName().compareTo(m2.getName());
// });
members = new ArrayList<>();
role.getMemberships().forEach(m -> {
members.add(m.getMember());
});
members.sort((m1, m2) -> {
return m1.getName().compareTo(m2.getName());
});
final RolesController controller = cdiUtil
.findBean(RolesController.class);
members = controller.getMembersOfRole(role);
}
@Override

88
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/roles/RolesController.java 100644
View File

@ -0,0 +1,88 @@
package com.arsdigita.ui.admin.usersgroupsroles.roles;
import org.libreccm.security.Party;
import org.libreccm.security.PartyRepository;
import org.libreccm.security.Role;
import org.libreccm.security.RoleManager;
import org.libreccm.security.RoleMembership;
import org.libreccm.security.RoleRepository;
import java.util.List;
import java.util.stream.Collectors;
import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.transaction.Transactional;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
@RequestScoped
public class RolesController {
@Inject
private PartyRepository partyRepo;
@Inject
private RoleRepository roleRepo;
@Inject
private RoleManager roleManager;
@Transactional(Transactional.TxType.REQUIRED)
protected List<Party> getMembersOfRole(final Role role) {
final Role theRole = roleRepo
.findById(role.getRoleId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Role with ID %d in the database.",
role.getRoleId())));
return theRole
.getMemberships()
.stream()
.map(RoleMembership::getMember)
.sorted((role1, role2) -> role1.getName().compareTo(role2.getName()))
.collect(Collectors.toList());
}
@Transactional(Transactional.TxType.REQUIRED)
protected List<String> getNamesOfMembersOfRole(final Role role) {
final Role theRole = roleRepo
.findById(role.getRoleId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Role with ID %d in the database.",
role.getRoleId())));
return theRole
.getMemberships()
.stream()
.map(RoleMembership::getMember)
.map(Party::getName)
.sorted((name1, name2) -> name1.compareTo(name2))
.collect(Collectors.toList());
}
@Transactional(Transactional.TxType.REQUIRED)
protected void assignRoleToParty(final Role role, final Party party) {
final Party assignee = partyRepo
.findById(party.getPartyId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Party with ID %d in the database.",
party.getPartyId())));
final Role assignTo = roleRepo
.findById(role.getRoleId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Role with ID %d in the database.",
role.getRoleId())));
roleManager.assignRoleToParty(assignTo, assignee);
}
}

12
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/GroupsRolesTableModel.java
View File

@ -92,8 +92,8 @@ class GroupsRolesTableModel implements TableModel {
ADMIN_BUNDLE));
case COL_VALUE: {
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final UsersGroupsRolesController controller = cdiUtil
.findBean(UsersGroupsRolesController.class);
final UsersController controller = cdiUtil
.findBean(UsersController.class);
return controller.getNamesOfAssignedGroups(user);
}
@ -112,8 +112,8 @@ class GroupsRolesTableModel implements TableModel {
ADMIN_BUNDLE));
case COL_VALUE: {
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final UsersGroupsRolesController controller = cdiUtil
.findBean(UsersGroupsRolesController.class);
final UsersController controller = cdiUtil
.findBean(UsersController.class);
return controller.getNamesOfAssignedGroups(user);
}
@ -132,8 +132,8 @@ class GroupsRolesTableModel implements TableModel {
"ui.admin.user.all_roles", ADMIN_BUNDLE));
case COL_VALUE: {
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final UsersGroupsRolesController controller = cdiUtil
.findBean(UsersGroupsRolesController.class);
final UsersController controller = cdiUtil
.findBean(UsersController.class);
return controller.getNamesOfAllAssignedRoles(user);
}

110
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/RoleMembershipsForm.java
View File

@ -129,19 +129,20 @@ class RoleMembershipsForm extends Form {
saveCancelSection = new SaveCancelSection();
add(saveCancelSection);
addInitListener(e -> {
addInitListener(event -> {
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final UserRepository userRepository = cdiUtil.findBean(
UserRepository.class);
final UserRepository userRepository = cdiUtil
.findBean(UserRepository.class);
final UsersController controller = cdiUtil
.findBean(UsersController.class);
final PageState state = e.getPageState();
final PageState state = event.getPageState();
final User user = userRepository.findById(Long.parseLong(
selectedUserId.getSelectedKey(state))).get();
final List<Role> assignedRoles = new ArrayList<>();
user.getRoleMemberships().forEach(m -> {
assignedRoles.add(m.getRole());
});
final User user = userRepository
.findById(Long.parseLong(selectedUserId.getSelectedKey(state)))
.get();
final List<Role> assignedRoles = controller
.getAssignedRoles(user);
final String[] selectedRoles = new String[assignedRoles.size()];
IntStream.range(0, assignedRoles.size()).forEach(i -> {
@ -152,56 +153,65 @@ class RoleMembershipsForm extends Form {
roles.setValue(state, selectedRoles);
});
addProcessListener(e -> {
final PageState state = e.getPageState();
addProcessListener(event -> {
final PageState state = event.getPageState();
if (saveCancelSection.getSaveButton().isSelected(state)) {
final FormData data = e.getFormData();
final FormData data = event.getFormData();
final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
final UserRepository userRepository = cdiUtil.findBean(
UserRepository.class);
final RoleRepository roleRepository = cdiUtil.findBean(
RoleRepository.class);
final RoleManager roleManager = cdiUtil.findBean(
RoleManager.class);
final UserRepository userRepository = cdiUtil
.findBean(UserRepository.class);
final RoleRepository roleRepository = cdiUtil
.findBean(RoleRepository.class);
final RoleManager roleManager = cdiUtil
.findBean(RoleManager.class);
final UsersController controller = cdiUtil
.findBean(UsersController.class);
final String[] selectedRolesIds = (String[]) data.get(
ROLES_SELECTOR);
final String[] selectedRolesIds = (String[]) data
.get(ROLES_SELECTOR);
final User user = userRepository.findById(Long.parseLong(
selectedUserId.getSelectedKey(state))).get();
final User user = userRepository
.findById(Long
.parseLong(selectedUserId.getSelectedKey(state)))
.get();
final List<Role> selectedRoles = new ArrayList<>();
if (selectedRolesIds != null) {
Arrays.stream(selectedRolesIds).forEach(id -> {
final Role role = roleRepository.findById(
Long.parseLong(id)).get();
selectedRoles.add(role);
});
Arrays
.stream(selectedRolesIds)
.forEach(id -> {
final Role role = roleRepository
.findById(Long.parseLong(id))
.get();
selectedRoles.add(role);
});
}
final List<Role> assignedRoles = new ArrayList<>();
user.getRoleMemberships().forEach(m -> {
assignedRoles.add(m.getRole());
});
//First check for newly added roles
selectedRoles.forEach(r -> {
if (!assignedRoles.contains(r)) {
roleManager.assignRoleToParty(r, user);
}
});
//Than check for removed roles
assignedRoles.forEach(r -> {
if (!selectedRoles.contains(r)) {
//Role is maybe detached or not fully loaded,
//therefore we load the role from the database.
final Role role = roleRepository.findById(r.getRoleId())
.get();
roleManager.removeRoleFromParty(role, user);
}
});
controller.updateAssignedRoles(user, selectedRoles);
// final List<Role> assignedRoles = controller
// .getAssignedRoles(user);
//
// //First check for newly added roles
// selectedRoles.forEach(role -> {
// if (!assignedRoles.contains(role)) {
// roleManager.assignRoleToParty(role, user);
// }
// });
//
// //Than check for removed roles
// assignedRoles.forEach(role -> {
// if (!selectedRoles.contains(role)) {
// //Role is maybe detached or not fully loaded,
// //therefore we load the role from the database.
// final Role roleToRemove = roleRepository
// .findById(role.getRoleId())
// .get();
// roleManager.removeRoleFromParty(roleToRemove, user);
// }
// });
}
userAdmin.closeEditRoleMembershipsForm(state);

105
ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersGroupsRolesController.java → ccm-core/src/main/java/com/arsdigita/ui/admin/usersgroupsroles/users/UsersController.java
View File

@ -20,12 +20,14 @@ package com.arsdigita.ui.admin.usersgroupsroles.users;
import org.libreccm.security.Group;
import org.libreccm.security.GroupMembership;
import org.libreccm.security.Party;
import org.libreccm.security.Role;
import org.libreccm.security.RoleManager;
import org.libreccm.security.RoleMembership;
import org.libreccm.security.RoleRepository;
import org.libreccm.security.User;
import org.libreccm.security.UserRepository;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@ -41,11 +43,37 @@ import javax.transaction.Transactional;
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
@RequestScoped
class UsersGroupsRolesController {
class UsersController {
@Inject
private UserRepository userRepo;
@Inject
private RoleRepository roleRepo;
@Inject
private RoleManager roleManager;
@Transactional(Transactional.TxType.REQUIRED)
protected List<Group> getAssignedGroups(final User user) {
final User theUser = userRepo
.findById(user.getPartyId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No User with ID %d in the database.",
user.getPartyId())));
return theUser
.getGroupMemberships()
.stream()
.map(GroupMembership::getGroup)
.sorted((group1, group2) -> {
return group1.getName().compareTo(group2.getName());
})
.collect(Collectors.toList());
}
@Transactional(Transactional.TxType.REQUIRED)
protected String getNamesOfAssignedGroups(final User user) {
@ -65,7 +93,27 @@ class UsersGroupsRolesController {
}
@Transactional(Transactional.TxType.REQUIRED)
public String getNamesOfAssignedRoles(final User user) {
protected List<Role> getAssignedRoles(final User user) {
final User theUser = userRepo
.findById(user.getPartyId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No User with ID %d in the database.",
user.getPartyId())));
return theUser
.getRoleMemberships()
.stream()
.map(RoleMembership::getRole)
.sorted((role1, role2) -> {
return role1.getName().compareTo(role2.getName());
})
.collect(Collectors.toList());
}
@Transactional(Transactional.TxType.REQUIRED)
protected String getNamesOfAssignedRoles(final User user) {
final User theUser = userRepo
.findById(user.getPartyId())
@ -84,7 +132,7 @@ class UsersGroupsRolesController {
}
@Transactional(Transactional.TxType.REQUIRED)
public String getNamesOfAllAssignedRoles(final User user) {
protected String getNamesOfAllAssignedRoles(final User user) {
final User theUser = userRepo
.findById(user.getPartyId())
@ -118,4 +166,53 @@ class UsersGroupsRolesController {
.collect(Collectors.joining(", "));
}
@Transactional(Transactional.TxType.REQUIRED)
protected void updateAssignedRoles(final User user,
final List<Role> selectedRoles) {
final User theUser = userRepo
.findById(user.getPartyId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No User with ID %d in the database.",
user.getPartyId())));
final List<Role> assignedRoles = getAssignedRoles(user);
//First check for newly added role
selectedRoles
.stream()
.filter(role -> !assignedRoles.contains(role))
.forEach(role -> assignRoleToParty(role, theUser));
//Than check for removed roles
assignedRoles
.stream()
.filter(role -> !selectedRoles.contains(role))
.forEach(role -> removeRoleFromParty(role, theUser));
}
private void assignRoleToParty(final Role role, final Party party) {
final Role roleToAdd = roleRepo
.findById(role.getRoleId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Role with ID %d in the database.",
role.getRoleId())));
roleManager.assignRoleToParty(roleToAdd, party);
}
private void removeRoleFromParty(final Role role, final Party party) {
final Role roleToRemove = roleRepo
.findById(role.getRoleId())
.orElseThrow(() -> new IllegalArgumentException(String
.format("No Role with ID %d in the database.",
role.getRoleId())));
roleManager.removeRoleFromParty(roleToRemove, party);
}
}

2
ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java
View File

@ -79,7 +79,7 @@ public class PermissionChecker {
if (shiro.isSystemUser()) {
return true;
} else {
return subject.isPermitted(generatePermissionString(privilege));
return subject.isPermitted(generatePermissionString(privilege));
}
} else {
return shiro.getPublicUser().isPermitted(generatePermissionString(