All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.opencms.ui.dialogs.permissions.CmsPermissionView Maven / Gradle / Ivy

Go to download

OpenCms is an enterprise-ready, easy to use website content management system based on Java and XML technology. Offering a complete set of features, OpenCms helps content managers worldwide to create and maintain beautiful websites fast and efficiently.

There is a newer version: 18.0
Show newest version
/*
 * This library is part of OpenCms -
 * the Open Source Content Management System
 *
 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * For further information about Alkacon Software, please see the
 * company website: http://www.alkacon.com
 *
 * For further information about OpenCms, please see the
 * project website: http://www.opencms.org
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package org.opencms.ui.dialogs.permissions;

import org.opencms.file.CmsGroup;
import org.opencms.file.CmsObject;
import org.opencms.file.CmsUser;
import org.opencms.file.history.CmsHistoryPrincipal;
import org.opencms.main.CmsException;
import org.opencms.main.CmsLog;
import org.opencms.main.OpenCms;
import org.opencms.security.CmsAccessControlEntry;
import org.opencms.security.CmsOrganizationalUnit;
import org.opencms.security.CmsPermissionSet;
import org.opencms.security.CmsPrincipal;
import org.opencms.security.CmsRole;
import org.opencms.security.I_CmsPrincipal;
import org.opencms.ui.A_CmsUI;
import org.opencms.ui.CmsVaadinUtils;
import org.opencms.workplace.commons.Messages;

import java.util.Arrays;

import org.apache.commons.logging.Log;

import com.vaadin.data.Container;
import com.vaadin.data.Item;
import com.vaadin.data.util.IndexedContainer;
import com.vaadin.server.FontAwesome;
import com.vaadin.server.FontIcon;
import com.vaadin.shared.ui.label.ContentMode;
import com.vaadin.ui.Button;
import com.vaadin.ui.Button.ClickEvent;
import com.vaadin.ui.Button.ClickListener;
import com.vaadin.ui.CheckBox;
import com.vaadin.ui.Component;
import com.vaadin.ui.CssLayout;
import com.vaadin.ui.DefaultFieldFactory;
import com.vaadin.ui.Field;
import com.vaadin.ui.Label;
import com.vaadin.ui.Table;
import com.vaadin.ui.TableFieldFactory;
import com.vaadin.ui.UI;
import com.vaadin.ui.VerticalLayout;

/**
 * Displays the permission settings for a single principal.

*/ public class CmsPermissionView extends CssLayout { /** * Permission change handler.

*/ public interface PermissionChangeHandler { /** * Called to delete a permission set.

* * @param principalType the principal type * @param principalName the principal name */ void deletePermissionSet(String principalType, String principalName); /** * Called on view changes, allowing for resizing or centering.

*/ void onViewChange(); /** * Sets a changed permission set.

* * @param principalType the principal type * @param principalName the principal name * @param allowed the allowed flag * @param denied the denied flag * @param flags the other flags */ void setPermissions(String principalType, String principalName, int allowed, int denied, int flags); } /** The table field factory. */ private static final TableFieldFactory FIELD_FACTORY = new DefaultFieldFactory() { private static final long serialVersionUID = 1L; /** * @see com.vaadin.ui.DefaultFieldFactory#createField(com.vaadin.data.Container, java.lang.Object, java.lang.Object, com.vaadin.ui.Component) */ @Override public Field createField(Container container, Object itemId, Object propertyId, Component uiContext) { Field result = null; if (PROPERTY_ALLOWED.equals(propertyId) || PROPERTY_DENIED.equals(propertyId)) { result = super.createField(container, itemId, propertyId, uiContext); result.setCaption(""); } return result; } }; /** The logger instance for this class. */ private static final Log LOG = CmsLog.getLog(CmsPermissionView.class); /** The allowed table property id. */ private static final String PROPERTY_ALLOWED = "allowed"; /** The denied table property id. */ private static final String PROPERTY_DENIED = "denied"; /** The display allowed table property id. */ private static final String PROPERTY_DISPLAY_ALLOWED = "display_allowed"; /** The display denied table property id. */ private static final String PROPERTY_DISPLAY_DENIED = "display_denied"; /** The label table property id. */ private static final String PROPERTY_LABEL = "label"; /** The value table property id. */ private static final String PROPERTY_VALUE = "value"; /** The serial version id. */ private static final long serialVersionUID = 3440901877277200393L; /** Constant for unknown type. */ private static final String UNKNOWN_TYPE = "Unknown"; /** The button bar. */ private VerticalLayout m_buttonBar; /** The permission change handler. */ private PermissionChangeHandler m_changeHandler; /** The delete button. */ private Button m_deleteButton; /** The container for the details button. */ private CssLayout m_detailButtonContainer; /** The details button. */ private Button m_details; /** The editable flag. */ private boolean m_editable; /** The access control entry to display. */ private CmsAccessControlEntry m_entry; /** The inherit check box. */ private CheckBox m_inheritCheckbox; /** The inherited from label. */ private Label m_inheritedFrom; /** The label. */ private Label m_label; /** The overwrite check box. */ private CheckBox m_overwriteCheckbox; /** The permissions table. */ private Table m_permissions; /** The principal name. */ private String m_principalName; /** The principal type. */ private String m_principalType; /** The responsible check box. */ private CheckBox m_responsibleCheckbox; /** The set button. */ private Button m_setButton; /** * Constructor.

* * @param entry the access control entry * @param editable the editable flag * @param isFolder the is folder flag * @param inheritedFrom the inherited from path * @param changeHandler the change handler */ public CmsPermissionView( CmsAccessControlEntry entry, boolean editable, boolean isFolder, String inheritedFrom, PermissionChangeHandler changeHandler) { m_changeHandler = changeHandler; m_editable = editable; m_entry = entry; CmsVaadinUtils.readAndLocalizeDesign(this, CmsVaadinUtils.getWpMessagesForCurrentLocale(), null); CmsObject cms = A_CmsUI.getCmsObject(); // get name and type of the current entry I_CmsPrincipal principal; try { principal = CmsPrincipal.readPrincipalIncludingHistory(cms, entry.getPrincipal()); } catch (CmsException e) { principal = null; LOG.debug(e.getLocalizedMessage(), e); } m_principalName = (principal != null) ? principal.getName() : entry.getPrincipal().toString(); String ou = null; String displayName; int flags = 0; if ((principal != null) && (principal instanceof CmsHistoryPrincipal)) { // there is a history principal entry, handle it if (principal.isGroup()) { String niceName = OpenCms.getWorkplaceManager().translateGroupName(principal.getName(), false); displayName = CmsVaadinUtils.getMessageText( org.opencms.security.Messages.GUI_ORGUNIT_DISPLAY_NAME_2, ((CmsHistoryPrincipal)principal).getDescription(), niceName); ou = CmsOrganizationalUnit.getParentFqn(m_principalName); flags = CmsAccessControlEntry.ACCESS_FLAGS_GROUP; } else { displayName = ((CmsHistoryPrincipal)principal).getName(); ou = CmsOrganizationalUnit.getParentFqn(m_principalName); flags = CmsAccessControlEntry.ACCESS_FLAGS_USER; } } else if ((principal != null) && principal.isGroup()) { String niceName = OpenCms.getWorkplaceManager().translateGroupName(principal.getName(), false); displayName = CmsVaadinUtils.getMessageText( org.opencms.security.Messages.GUI_ORGUNIT_DISPLAY_NAME_2, ((CmsGroup)principal).getDescription(A_CmsUI.get().getLocale()), niceName); ou = CmsOrganizationalUnit.getParentFqn(m_principalName); flags = CmsAccessControlEntry.ACCESS_FLAGS_GROUP; } else if ((principal != null) && principal.isUser()) { displayName = ((CmsUser)principal).getFullName(); ou = CmsOrganizationalUnit.getParentFqn(m_principalName); flags = CmsAccessControlEntry.ACCESS_FLAGS_USER; } else if ((m_principalName != null) && m_principalName.equals(CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID.toString())) { m_principalName = CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_NAME; displayName = CmsVaadinUtils.getMessageText(Messages.GUI_LABEL_ALLOTHERS_0); m_responsibleCheckbox.setVisible(false); flags = CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS; } else if ((m_principalName != null) && m_principalName.equals(CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID.toString())) { m_principalName = CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_NAME; displayName = CmsVaadinUtils.getMessageText(Messages.GUI_LABEL_OVERWRITEALL_0); flags = CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL; } else { // check if it is the case of a role CmsRole role = CmsRole.valueOfId(entry.getPrincipal()); if (role != null) { displayName = role.getName(A_CmsUI.get().getLocale()); m_principalName = role.getRoleName(); flags = CmsAccessControlEntry.ACCESS_FLAGS_ROLE; } else { displayName = entry.getPrincipal().toString(); } } if ((flags > 0) && ((entry.getFlags() & flags) == 0)) { // the flag is set to the wrong principal type if (LOG.isErrorEnabled()) { LOG.error( Messages.get().getBundle(A_CmsUI.get().getLocale()).key( Messages.ERR_INVALID_ACE_1, entry.toString())); } entry = new CmsAccessControlEntry( entry.getResource(), entry.getPrincipal(), entry.getAllowedPermissions(), entry.getDeniedPermissions(), (entry.getFlags() | flags)); } else if (entry.getFlags() < CmsAccessControlEntry.ACCESS_FLAGS_USER) { // the flag is set to NO principal type if (LOG.isErrorEnabled()) { LOG.error( Messages.get().getBundle(A_CmsUI.get().getLocale()).key( Messages.ERR_INVALID_ACE_1, entry.toString())); } entry = new CmsAccessControlEntry( entry.getResource(), entry.getPrincipal(), entry.getAllowedPermissions(), entry.getDeniedPermissions(), (entry.getFlags() | CmsAccessControlEntry.ACCESS_FLAGS_GROUP)); } m_principalType = getEntryType(entry.getFlags(), false); if (m_principalName == null) { m_principalName = ""; } FontIcon icon = null; boolean isOverwriteAll = false; switch (flags) { case CmsAccessControlEntry.ACCESS_FLAGS_USER: icon = FontAwesome.USER; break; case CmsAccessControlEntry.ACCESS_FLAGS_GROUP: icon = FontAwesome.GROUP; break; case CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS: icon = FontAwesome.GLOBE; break; case CmsAccessControlEntry.ACCESS_FLAGS_ROLE: icon = FontAwesome.GRADUATION_CAP; break; case CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL: icon = FontAwesome.EXCLAMATION_CIRCLE; isOverwriteAll = true; break; default: icon = FontAwesome.QUESTION_CIRCLE; } m_label.setContentMode(ContentMode.HTML); String ouName = null; if (ou != null) { try { ouName = OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, ou).getDisplayName( UI.getCurrent().getLocale()); } catch (CmsException e) { LOG.debug("Error reading OU name.", e); } } m_label.setValue( icon.getHtml() + " " + displayName + " " + entry.getPermissions().getPermissionString() + (ouName != null ? ("
" + ouName) : "")); m_label.setWidthUndefined(); m_details.setIcon(FontAwesome.PLUS_SQUARE_O); m_details.addClickListener(new ClickListener() { private static final long serialVersionUID = 1L; public void buttonClick(ClickEvent event) { toggleDetails(); } }); m_setButton.addClickListener(new ClickListener() { private static final long serialVersionUID = 1L; public void buttonClick(ClickEvent event) { setPermissions(); } }); m_deleteButton.addClickListener(new ClickListener() { private static final long serialVersionUID = 1L; public void buttonClick(ClickEvent event) { deletePermissionSet(); } }); if (inheritedFrom != null) { m_inheritedFrom.setValue(inheritedFrom); } else { m_inheritedFrom.setVisible(false); } if (isOverwriteAll) { setDetailButtonVisible(false); if (m_editable) { addComponent(m_deleteButton, 2); m_deleteButton.addStyleName("o-permissions_delete"); } } else { // get all permissions of the current entry CmsPermissionSet permissions = entry.getPermissions(); IndexedContainer container = getPermissionContainer(permissions); m_permissions.setContainerDataSource(container); m_permissions.setColumnReorderingAllowed(false); m_permissions.setColumnHeader(PROPERTY_LABEL, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_0)); m_permissions.setColumnHeader( PROPERTY_ALLOWED, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_ALLOWED_0)); m_permissions.setColumnHeader( PROPERTY_DISPLAY_ALLOWED, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_ALLOWED_0)); m_permissions.setColumnHeader( PROPERTY_DENIED, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_DENIED_0)); m_permissions.setColumnHeader( PROPERTY_DISPLAY_DENIED, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_DENIED_0)); m_permissions.setPageLength(5); m_permissions.setSortEnabled(false); if (m_editable) { toggleDetails(); setDetailButtonVisible(false); m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_ALLOWED, PROPERTY_DENIED); m_permissions.setTableFieldFactory(FIELD_FACTORY); m_permissions.setEditable(m_editable); m_responsibleCheckbox.setValue(isResponsible(entry.getFlags())); m_overwriteCheckbox.setValue(isOverWritingInherited(entry.getFlags())); m_inheritCheckbox.setVisible(isFolder); m_inheritCheckbox.setValue(Boolean.valueOf(m_entry.isInheriting())); m_buttonBar.setVisible(true); } else { m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_DISPLAY_ALLOWED, PROPERTY_DISPLAY_DENIED); } } } /** * Hides the denied permissions column.

*/ public void hideDeniedColumn() { if (m_editable) { m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_ALLOWED); } else { m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_DISPLAY_ALLOWED); } } /** * Determines the type of the current access control entry.

* * @param flags the value of the current flags * @param all to include all types, or just user and groups * * @return String representation of the ace type */ protected String getEntryType(int flags, boolean all) { for (int i = 0; i < getTypes(all).length; i++) { if ((flags & getTypesInt()[i]) > 0) { return getTypes(all)[i]; } } return UNKNOWN_TYPE; } /** * Returns a String array with the possible entry types.

* * @param all to include all types, or just user, groups and roles * * @return the possible types */ protected String[] getTypes(boolean all) { if (!all) { String[] array = new String[3]; return Arrays.asList(CmsPermissionDialog.PRINCIPAL_TYPES).subList(0, 3).toArray(array); } return CmsPermissionDialog.PRINCIPAL_TYPES; } /** * Returns an int array with possible entry types.

* * @return the possible types as int array */ protected int[] getTypesInt() { return CmsPermissionDialog.PRINCIPAL_TYPES_INT; } /** * Checks if a certain permission of a permission set is allowed.

* * @param p the current CmsPermissionSet * @param value the int value of the permission to check * @return true if the permission is allowed, otherwise false */ protected Boolean isAllowed(CmsPermissionSet p, int value) { if ((p.getAllowedPermissions() & value) > 0) { return Boolean.TRUE; } return Boolean.FALSE; } /** * Checks if a certain permission of a permission set is denied.

* * @param p the current CmsPermissionSet * @param value the int value of the permission to check * @return true if the permission is denied, otherwise false */ protected Boolean isDenied(CmsPermissionSet p, int value) { if ((p.getDeniedPermissions() & value) > 0) { return Boolean.TRUE; } return Boolean.FALSE; } /** * Check if the current permissions are overwriting the inherited ones.

* * @param flags value of all flags of the current entry * @return true if permissions are overwriting the inherited ones, otherwise false */ protected Boolean isOverWritingInherited(int flags) { if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) > 0) { return Boolean.TRUE; } return Boolean.FALSE; } /** * Check if the user is a responsible for the resource.

* * @param flags value of all flags of the current entry * @return true if user is responsible for the resource, otherwise false */ protected Boolean isResponsible(int flags) { if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE) > 0) { return Boolean.TRUE; } return Boolean.FALSE; } /** * Deletes the current permission set.

*/ void deletePermissionSet() { m_changeHandler.deletePermissionSet(m_principalType, m_principalName); } /** * Generates the permissions data container.

* * @param permissions the permission set * * @return the container */ IndexedContainer getPermissionContainer(CmsPermissionSet permissions) { IndexedContainer result = new IndexedContainer(); result.addContainerProperty(PROPERTY_LABEL, String.class, ""); result.addContainerProperty(PROPERTY_VALUE, Integer.class, null); result.addContainerProperty(PROPERTY_ALLOWED, Boolean.class, Boolean.FALSE); result.addContainerProperty(PROPERTY_DISPLAY_ALLOWED, Label.class, null); result.addContainerProperty(PROPERTY_DENIED, Boolean.class, Boolean.FALSE); result.addContainerProperty(PROPERTY_DISPLAY_DENIED, Label.class, null); for (String key : CmsPermissionSet.getPermissionKeys()) { int flag = CmsPermissionSet.getPermissionValue(key); Item entry = result.addItem(key); entry.getItemProperty(PROPERTY_LABEL).setValue(CmsVaadinUtils.getMessageText(key)); entry.getItemProperty(PROPERTY_ALLOWED).setValue(isAllowed(permissions, flag)); entry.getItemProperty(PROPERTY_DISPLAY_ALLOWED).setValue(getCheckBoxLabel(isAllowed(permissions, flag))); entry.getItemProperty(PROPERTY_DENIED).setValue(isDenied(permissions, flag)); entry.getItemProperty(PROPERTY_DISPLAY_DENIED).setValue(getCheckBoxLabel(isDenied(permissions, flag))); entry.getItemProperty(PROPERTY_VALUE).setValue(Integer.valueOf(flag)); } return result; } /** * Sets the current permissions.

*/ void setPermissions() { IndexedContainer container = (IndexedContainer)m_permissions.getContainerDataSource(); int allowed = 0; int denied = 0; for (Object itemId : container.getItemIds()) { Item item = container.getItem(itemId); Integer value = (Integer)item.getItemProperty(PROPERTY_VALUE).getValue(); if (((Boolean)item.getItemProperty(PROPERTY_ALLOWED).getValue()).booleanValue()) { allowed |= value.intValue(); } if (((Boolean)item.getItemProperty(PROPERTY_DENIED).getValue()).booleanValue()) { denied |= value.intValue(); } } int flags = m_entry.getFlags(); // modify the ace flags to determine inheritance of the current ace if (m_inheritCheckbox.getValue().booleanValue()) { flags |= CmsAccessControlEntry.ACCESS_FLAGS_INHERIT; } else { flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_INHERIT; } // modify the ace flags to determine overwriting of inherited ace if (m_overwriteCheckbox.getValue().booleanValue()) { flags |= CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE; } else { flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE; } if (m_responsibleCheckbox.getValue().booleanValue()) { flags |= CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE; } else { flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE; } m_changeHandler.setPermissions(m_principalType, m_principalName, allowed, denied, flags); } /** * Toggles the details display.

*/ void toggleDetails() { if (m_permissions.isVisible()) { m_permissions.setVisible(false); m_details.setIcon(FontAwesome.PLUS_SQUARE_O); } else { m_permissions.setVisible(true); m_details.setIcon(FontAwesome.MINUS_SQUARE_O); } m_changeHandler.onViewChange(); } /** * Generates a check box label.

* * @param value the value to display * * @return the label */ private Label getCheckBoxLabel(Boolean value) { String content; if (value.booleanValue()) { content = ""; } else { content = ""; } return new Label(content, ContentMode.HTML); } /** * Shows / hides the details button.

* * @param visible true if the details button should be shown */ private void setDetailButtonVisible(boolean visible) { m_detailButtonContainer.setVisible(visible); if (visible) { removeStyleName("o-permission-no-details"); } else { addStyleName("o-permission-no-details"); } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy