org.opencms.ui.dialogs.permissions.CmsPermissionView Maven / Gradle / Ivy
Show all versions of opencms-test Show documentation
/*
* This library is part of OpenCms -
* the Open Source Content Management System
*
* Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* For further information about Alkacon Software, please see the
* company website: http://www.alkacon.com
*
* For further information about OpenCms, please see the
* project website: http://www.opencms.org
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
package org.opencms.ui.dialogs.permissions;
import org.opencms.file.CmsGroup;
import org.opencms.file.CmsObject;
import org.opencms.file.CmsUser;
import org.opencms.file.history.CmsHistoryPrincipal;
import org.opencms.main.CmsException;
import org.opencms.main.CmsLog;
import org.opencms.main.OpenCms;
import org.opencms.security.CmsAccessControlEntry;
import org.opencms.security.CmsOrganizationalUnit;
import org.opencms.security.CmsPermissionSet;
import org.opencms.security.CmsPrincipal;
import org.opencms.security.CmsRole;
import org.opencms.security.I_CmsPrincipal;
import org.opencms.ui.A_CmsUI;
import org.opencms.ui.CmsVaadinUtils;
import org.opencms.workplace.commons.Messages;
import java.util.Arrays;
import org.apache.commons.logging.Log;
import com.vaadin.data.Container;
import com.vaadin.data.Item;
import com.vaadin.data.util.IndexedContainer;
import com.vaadin.server.FontAwesome;
import com.vaadin.server.FontIcon;
import com.vaadin.shared.ui.label.ContentMode;
import com.vaadin.ui.Button;
import com.vaadin.ui.Button.ClickEvent;
import com.vaadin.ui.Button.ClickListener;
import com.vaadin.ui.CheckBox;
import com.vaadin.ui.Component;
import com.vaadin.ui.CssLayout;
import com.vaadin.ui.DefaultFieldFactory;
import com.vaadin.ui.Field;
import com.vaadin.ui.Label;
import com.vaadin.ui.Table;
import com.vaadin.ui.TableFieldFactory;
import com.vaadin.ui.UI;
import com.vaadin.ui.VerticalLayout;
/**
* Displays the permission settings for a single principal.
*/
public class CmsPermissionView extends CssLayout {
/**
* Permission change handler.
*/
public interface PermissionChangeHandler {
/**
* Called to delete a permission set.
*
* @param principalType the principal type
* @param principalName the principal name
*/
void deletePermissionSet(String principalType, String principalName);
/**
* Called on view changes, allowing for resizing or centering.
*/
void onViewChange();
/**
* Sets a changed permission set.
*
* @param principalType the principal type
* @param principalName the principal name
* @param allowed the allowed flag
* @param denied the denied flag
* @param flags the other flags
*/
void setPermissions(String principalType, String principalName, int allowed, int denied, int flags);
}
/** The table field factory. */
private static final TableFieldFactory FIELD_FACTORY = new DefaultFieldFactory() {
private static final long serialVersionUID = 1L;
/**
* @see com.vaadin.ui.DefaultFieldFactory#createField(com.vaadin.data.Container, java.lang.Object, java.lang.Object, com.vaadin.ui.Component)
*/
@Override
public Field> createField(Container container, Object itemId, Object propertyId, Component uiContext) {
Field> result = null;
if (PROPERTY_ALLOWED.equals(propertyId) || PROPERTY_DENIED.equals(propertyId)) {
result = super.createField(container, itemId, propertyId, uiContext);
result.setCaption("");
}
return result;
}
};
/** The logger instance for this class. */
private static final Log LOG = CmsLog.getLog(CmsPermissionView.class);
/** The allowed table property id. */
private static final String PROPERTY_ALLOWED = "allowed";
/** The denied table property id. */
private static final String PROPERTY_DENIED = "denied";
/** The display allowed table property id. */
private static final String PROPERTY_DISPLAY_ALLOWED = "display_allowed";
/** The display denied table property id. */
private static final String PROPERTY_DISPLAY_DENIED = "display_denied";
/** The label table property id. */
private static final String PROPERTY_LABEL = "label";
/** The value table property id. */
private static final String PROPERTY_VALUE = "value";
/** The serial version id. */
private static final long serialVersionUID = 3440901877277200393L;
/** Constant for unknown type. */
private static final String UNKNOWN_TYPE = "Unknown";
/** The button bar. */
private VerticalLayout m_buttonBar;
/** The permission change handler. */
private PermissionChangeHandler m_changeHandler;
/** The delete button. */
private Button m_deleteButton;
/** The container for the details button. */
private CssLayout m_detailButtonContainer;
/** The details button. */
private Button m_details;
/** The editable flag. */
private boolean m_editable;
/** The access control entry to display. */
private CmsAccessControlEntry m_entry;
/** The inherit check box. */
private CheckBox m_inheritCheckbox;
/** The inherited from label. */
private Label m_inheritedFrom;
/** The label. */
private Label m_label;
/** The overwrite check box. */
private CheckBox m_overwriteCheckbox;
/** The permissions table. */
private Table m_permissions;
/** The principal name. */
private String m_principalName;
/** The principal type. */
private String m_principalType;
/** The responsible check box. */
private CheckBox m_responsibleCheckbox;
/** The set button. */
private Button m_setButton;
/**
* Constructor.
*
* @param entry the access control entry
* @param editable the editable flag
* @param isFolder the is folder flag
* @param inheritedFrom the inherited from path
* @param changeHandler the change handler
*/
public CmsPermissionView(
CmsAccessControlEntry entry,
boolean editable,
boolean isFolder,
String inheritedFrom,
PermissionChangeHandler changeHandler) {
m_changeHandler = changeHandler;
m_editable = editable;
m_entry = entry;
CmsVaadinUtils.readAndLocalizeDesign(this, CmsVaadinUtils.getWpMessagesForCurrentLocale(), null);
CmsObject cms = A_CmsUI.getCmsObject();
// get name and type of the current entry
I_CmsPrincipal principal;
try {
principal = CmsPrincipal.readPrincipalIncludingHistory(cms, entry.getPrincipal());
} catch (CmsException e) {
principal = null;
LOG.debug(e.getLocalizedMessage(), e);
}
m_principalName = (principal != null) ? principal.getName() : entry.getPrincipal().toString();
String ou = null;
String displayName;
int flags = 0;
if ((principal != null) && (principal instanceof CmsHistoryPrincipal)) {
// there is a history principal entry, handle it
if (principal.isGroup()) {
String niceName = OpenCms.getWorkplaceManager().translateGroupName(principal.getName(), false);
displayName = CmsVaadinUtils.getMessageText(
org.opencms.security.Messages.GUI_ORGUNIT_DISPLAY_NAME_2,
((CmsHistoryPrincipal)principal).getDescription(),
niceName);
ou = CmsOrganizationalUnit.getParentFqn(m_principalName);
flags = CmsAccessControlEntry.ACCESS_FLAGS_GROUP;
} else {
displayName = ((CmsHistoryPrincipal)principal).getName();
ou = CmsOrganizationalUnit.getParentFqn(m_principalName);
flags = CmsAccessControlEntry.ACCESS_FLAGS_USER;
}
} else if ((principal != null) && principal.isGroup()) {
String niceName = OpenCms.getWorkplaceManager().translateGroupName(principal.getName(), false);
displayName = CmsVaadinUtils.getMessageText(
org.opencms.security.Messages.GUI_ORGUNIT_DISPLAY_NAME_2,
((CmsGroup)principal).getDescription(A_CmsUI.get().getLocale()),
niceName);
ou = CmsOrganizationalUnit.getParentFqn(m_principalName);
flags = CmsAccessControlEntry.ACCESS_FLAGS_GROUP;
} else if ((principal != null) && principal.isUser()) {
displayName = ((CmsUser)principal).getFullName();
ou = CmsOrganizationalUnit.getParentFqn(m_principalName);
flags = CmsAccessControlEntry.ACCESS_FLAGS_USER;
} else if ((m_principalName != null)
&& m_principalName.equals(CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID.toString())) {
m_principalName = CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_NAME;
displayName = CmsVaadinUtils.getMessageText(Messages.GUI_LABEL_ALLOTHERS_0);
m_responsibleCheckbox.setVisible(false);
flags = CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS;
} else if ((m_principalName != null)
&& m_principalName.equals(CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID.toString())) {
m_principalName = CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_NAME;
displayName = CmsVaadinUtils.getMessageText(Messages.GUI_LABEL_OVERWRITEALL_0);
flags = CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL;
} else {
// check if it is the case of a role
CmsRole role = CmsRole.valueOfId(entry.getPrincipal());
if (role != null) {
displayName = role.getName(A_CmsUI.get().getLocale());
m_principalName = role.getRoleName();
flags = CmsAccessControlEntry.ACCESS_FLAGS_ROLE;
} else {
displayName = entry.getPrincipal().toString();
}
}
if ((flags > 0) && ((entry.getFlags() & flags) == 0)) {
// the flag is set to the wrong principal type
if (LOG.isErrorEnabled()) {
LOG.error(
Messages.get().getBundle(A_CmsUI.get().getLocale()).key(
Messages.ERR_INVALID_ACE_1,
entry.toString()));
}
entry = new CmsAccessControlEntry(
entry.getResource(),
entry.getPrincipal(),
entry.getAllowedPermissions(),
entry.getDeniedPermissions(),
(entry.getFlags() | flags));
} else if (entry.getFlags() < CmsAccessControlEntry.ACCESS_FLAGS_USER) {
// the flag is set to NO principal type
if (LOG.isErrorEnabled()) {
LOG.error(
Messages.get().getBundle(A_CmsUI.get().getLocale()).key(
Messages.ERR_INVALID_ACE_1,
entry.toString()));
}
entry = new CmsAccessControlEntry(
entry.getResource(),
entry.getPrincipal(),
entry.getAllowedPermissions(),
entry.getDeniedPermissions(),
(entry.getFlags() | CmsAccessControlEntry.ACCESS_FLAGS_GROUP));
}
m_principalType = getEntryType(entry.getFlags(), false);
if (m_principalName == null) {
m_principalName = "";
}
FontIcon icon = null;
boolean isOverwriteAll = false;
switch (flags) {
case CmsAccessControlEntry.ACCESS_FLAGS_USER:
icon = FontAwesome.USER;
break;
case CmsAccessControlEntry.ACCESS_FLAGS_GROUP:
icon = FontAwesome.GROUP;
break;
case CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS:
icon = FontAwesome.GLOBE;
break;
case CmsAccessControlEntry.ACCESS_FLAGS_ROLE:
icon = FontAwesome.GRADUATION_CAP;
break;
case CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL:
icon = FontAwesome.EXCLAMATION_CIRCLE;
isOverwriteAll = true;
break;
default:
icon = FontAwesome.QUESTION_CIRCLE;
}
m_label.setContentMode(ContentMode.HTML);
String ouName = null;
if (ou != null) {
try {
ouName = OpenCms.getOrgUnitManager().readOrganizationalUnit(cms, ou).getDisplayName(
UI.getCurrent().getLocale());
} catch (CmsException e) {
LOG.debug("Error reading OU name.", e);
}
}
m_label.setValue(
icon.getHtml()
+ " "
+ displayName
+ " "
+ entry.getPermissions().getPermissionString()
+ (ouName != null ? ("
" + ouName) : ""));
m_label.setWidthUndefined();
m_details.setIcon(FontAwesome.PLUS_SQUARE_O);
m_details.addClickListener(new ClickListener() {
private static final long serialVersionUID = 1L;
public void buttonClick(ClickEvent event) {
toggleDetails();
}
});
m_setButton.addClickListener(new ClickListener() {
private static final long serialVersionUID = 1L;
public void buttonClick(ClickEvent event) {
setPermissions();
}
});
m_deleteButton.addClickListener(new ClickListener() {
private static final long serialVersionUID = 1L;
public void buttonClick(ClickEvent event) {
deletePermissionSet();
}
});
if (inheritedFrom != null) {
m_inheritedFrom.setValue(inheritedFrom);
} else {
m_inheritedFrom.setVisible(false);
}
if (isOverwriteAll) {
setDetailButtonVisible(false);
if (m_editable) {
addComponent(m_deleteButton, 2);
m_deleteButton.addStyleName("o-permissions_delete");
}
} else {
// get all permissions of the current entry
CmsPermissionSet permissions = entry.getPermissions();
IndexedContainer container = getPermissionContainer(permissions);
m_permissions.setContainerDataSource(container);
m_permissions.setColumnReorderingAllowed(false);
m_permissions.setColumnHeader(PROPERTY_LABEL, CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_0));
m_permissions.setColumnHeader(
PROPERTY_ALLOWED,
CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_ALLOWED_0));
m_permissions.setColumnHeader(
PROPERTY_DISPLAY_ALLOWED,
CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_ALLOWED_0));
m_permissions.setColumnHeader(
PROPERTY_DENIED,
CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_DENIED_0));
m_permissions.setColumnHeader(
PROPERTY_DISPLAY_DENIED,
CmsVaadinUtils.getMessageText(Messages.GUI_PERMISSION_DENIED_0));
m_permissions.setPageLength(5);
m_permissions.setSortEnabled(false);
if (m_editable) {
toggleDetails();
setDetailButtonVisible(false);
m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_ALLOWED, PROPERTY_DENIED);
m_permissions.setTableFieldFactory(FIELD_FACTORY);
m_permissions.setEditable(m_editable);
m_responsibleCheckbox.setValue(isResponsible(entry.getFlags()));
m_overwriteCheckbox.setValue(isOverWritingInherited(entry.getFlags()));
m_inheritCheckbox.setVisible(isFolder);
m_inheritCheckbox.setValue(Boolean.valueOf(m_entry.isInheriting()));
m_buttonBar.setVisible(true);
} else {
m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_DISPLAY_ALLOWED, PROPERTY_DISPLAY_DENIED);
}
}
}
/**
* Hides the denied permissions column.
*/
public void hideDeniedColumn() {
if (m_editable) {
m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_ALLOWED);
} else {
m_permissions.setVisibleColumns(PROPERTY_LABEL, PROPERTY_DISPLAY_ALLOWED);
}
}
/**
* Determines the type of the current access control entry.
*
* @param flags the value of the current flags
* @param all to include all types, or just user and groups
*
* @return String representation of the ace type
*/
protected String getEntryType(int flags, boolean all) {
for (int i = 0; i < getTypes(all).length; i++) {
if ((flags & getTypesInt()[i]) > 0) {
return getTypes(all)[i];
}
}
return UNKNOWN_TYPE;
}
/**
* Returns a String array with the possible entry types.
*
* @param all to include all types, or just user, groups and roles
*
* @return the possible types
*/
protected String[] getTypes(boolean all) {
if (!all) {
String[] array = new String[3];
return Arrays.asList(CmsPermissionDialog.PRINCIPAL_TYPES).subList(0, 3).toArray(array);
}
return CmsPermissionDialog.PRINCIPAL_TYPES;
}
/**
* Returns an int array with possible entry types.
*
* @return the possible types as int array
*/
protected int[] getTypesInt() {
return CmsPermissionDialog.PRINCIPAL_TYPES_INT;
}
/**
* Checks if a certain permission of a permission set is allowed.
*
* @param p the current CmsPermissionSet
* @param value the int value of the permission to check
* @return true if the permission is allowed, otherwise false
*/
protected Boolean isAllowed(CmsPermissionSet p, int value) {
if ((p.getAllowedPermissions() & value) > 0) {
return Boolean.TRUE;
}
return Boolean.FALSE;
}
/**
* Checks if a certain permission of a permission set is denied.
*
* @param p the current CmsPermissionSet
* @param value the int value of the permission to check
* @return true if the permission is denied, otherwise false
*/
protected Boolean isDenied(CmsPermissionSet p, int value) {
if ((p.getDeniedPermissions() & value) > 0) {
return Boolean.TRUE;
}
return Boolean.FALSE;
}
/**
* Check if the current permissions are overwriting the inherited ones.
*
* @param flags value of all flags of the current entry
* @return true if permissions are overwriting the inherited ones, otherwise false
*/
protected Boolean isOverWritingInherited(int flags) {
if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) > 0) {
return Boolean.TRUE;
}
return Boolean.FALSE;
}
/**
* Check if the user is a responsible for the resource.
*
* @param flags value of all flags of the current entry
* @return true if user is responsible for the resource, otherwise false
*/
protected Boolean isResponsible(int flags) {
if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE) > 0) {
return Boolean.TRUE;
}
return Boolean.FALSE;
}
/**
* Deletes the current permission set.
*/
void deletePermissionSet() {
m_changeHandler.deletePermissionSet(m_principalType, m_principalName);
}
/**
* Generates the permissions data container.
*
* @param permissions the permission set
*
* @return the container
*/
IndexedContainer getPermissionContainer(CmsPermissionSet permissions) {
IndexedContainer result = new IndexedContainer();
result.addContainerProperty(PROPERTY_LABEL, String.class, "");
result.addContainerProperty(PROPERTY_VALUE, Integer.class, null);
result.addContainerProperty(PROPERTY_ALLOWED, Boolean.class, Boolean.FALSE);
result.addContainerProperty(PROPERTY_DISPLAY_ALLOWED, Label.class, null);
result.addContainerProperty(PROPERTY_DENIED, Boolean.class, Boolean.FALSE);
result.addContainerProperty(PROPERTY_DISPLAY_DENIED, Label.class, null);
for (String key : CmsPermissionSet.getPermissionKeys()) {
int flag = CmsPermissionSet.getPermissionValue(key);
Item entry = result.addItem(key);
entry.getItemProperty(PROPERTY_LABEL).setValue(CmsVaadinUtils.getMessageText(key));
entry.getItemProperty(PROPERTY_ALLOWED).setValue(isAllowed(permissions, flag));
entry.getItemProperty(PROPERTY_DISPLAY_ALLOWED).setValue(getCheckBoxLabel(isAllowed(permissions, flag)));
entry.getItemProperty(PROPERTY_DENIED).setValue(isDenied(permissions, flag));
entry.getItemProperty(PROPERTY_DISPLAY_DENIED).setValue(getCheckBoxLabel(isDenied(permissions, flag)));
entry.getItemProperty(PROPERTY_VALUE).setValue(Integer.valueOf(flag));
}
return result;
}
/**
* Sets the current permissions.
*/
void setPermissions() {
IndexedContainer container = (IndexedContainer)m_permissions.getContainerDataSource();
int allowed = 0;
int denied = 0;
for (Object itemId : container.getItemIds()) {
Item item = container.getItem(itemId);
Integer value = (Integer)item.getItemProperty(PROPERTY_VALUE).getValue();
if (((Boolean)item.getItemProperty(PROPERTY_ALLOWED).getValue()).booleanValue()) {
allowed |= value.intValue();
}
if (((Boolean)item.getItemProperty(PROPERTY_DENIED).getValue()).booleanValue()) {
denied |= value.intValue();
}
}
int flags = m_entry.getFlags();
// modify the ace flags to determine inheritance of the current ace
if (m_inheritCheckbox.getValue().booleanValue()) {
flags |= CmsAccessControlEntry.ACCESS_FLAGS_INHERIT;
} else {
flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_INHERIT;
}
// modify the ace flags to determine overwriting of inherited ace
if (m_overwriteCheckbox.getValue().booleanValue()) {
flags |= CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE;
} else {
flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE;
}
if (m_responsibleCheckbox.getValue().booleanValue()) {
flags |= CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE;
} else {
flags &= ~CmsAccessControlEntry.ACCESS_FLAGS_RESPONSIBLE;
}
m_changeHandler.setPermissions(m_principalType, m_principalName, allowed, denied, flags);
}
/**
* Toggles the details display.
*/
void toggleDetails() {
if (m_permissions.isVisible()) {
m_permissions.setVisible(false);
m_details.setIcon(FontAwesome.PLUS_SQUARE_O);
} else {
m_permissions.setVisible(true);
m_details.setIcon(FontAwesome.MINUS_SQUARE_O);
}
m_changeHandler.onViewChange();
}
/**
* Generates a check box label.
*
* @param value the value to display
*
* @return the label
*/
private Label getCheckBoxLabel(Boolean value) {
String content;
if (value.booleanValue()) {
content = "";
} else {
content = "";
}
return new Label(content, ContentMode.HTML);
}
/**
* Shows / hides the details button.
*
* @param visible true if the details button should be shown
*/
private void setDetailButtonVisible(boolean visible) {
m_detailButtonContainer.setVisible(visible);
if (visible) {
removeStyleName("o-permission-no-details");
} else {
addStyleName("o-permission-no-details");
}
}
}