vmario/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2024-11-22 14:07:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

Closes #82: Add role to groups

Browse Source
This commit is contained in:
jendib 2016-03-20 22:18:58 +01:00
parent 6598b585a2
commit 5a41e9555e
9 changed files with 65 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs-core/src/main/java/com/sismics/docs/core/dao/jpa/GroupDao.java
View File

@ -173,7 +173,7 @@ public class GroupDao {
Map<String, Object> parameterMap = new HashMap<String, Object>(); Map<String, Object> parameterMap = new HashMap<String, Object>();
List<String> criteriaList = new ArrayList<String>(); List<String> criteriaList = new ArrayList<String>();
StringBuilder sb = new StringBuilder("select g.GRP_ID_C as c0, g.GRP_NAME_C as c1, g.GRP_IDPARENT_C as c2, gp.GRP_NAME_C as c3 "); StringBuilder sb = new StringBuilder("select g.GRP_ID_C as c0, g.GRP_NAME_C as c1, g.GRP_IDPARENT_C as c2, gp.GRP_NAME_C as c3, g.GRP_IDROLE_C ");
if (criteria.getUserId() != null) { if (criteria.getUserId() != null) {
sb.append(" , ug.UGP_ID_C "); sb.append(" , ug.UGP_ID_C ");
} }
@ -213,7 +213,8 @@ public class GroupDao {
.setId((String) o[i++]) .setId((String) o[i++])
.setName((String) o[i++]) .setName((String) o[i++])
.setParentId((String) o[i++]) .setParentId((String) o[i++])
.setParentName((String) o[i++]); .setParentName((String) o[i++])
.setRoleId((String) o[i++]);
groupDtoList.add(groupDto); groupDtoList.add(groupDto);
if (criteria.getUserId() != null && o[i++] != null) { if (criteria.getUserId() != null && o[i++] != null) {
userGroupDtoList.add(groupDto); userGroupDtoList.add(groupDto);

8
docs-core/src/main/java/com/sismics/docs/core/dao/jpa/RoleBaseFunctionDao.java
View File

@ -16,17 +16,17 @@ public class RoleBaseFunctionDao {
/** /**
* Find the set of base functions of a role. * Find the set of base functions of a role.
* *
* @param roleId Role ID * @param roleIdSet Set of role ID
* @return Set of base functions * @return Set of base functions
*/ */
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public Set<String> findByRoleId(String roleId) { public Set<String> findByRoleId(Set<String> roleIdSet) {
EntityManager em = ThreadLocalContext.get().getEntityManager(); EntityManager em = ThreadLocalContext.get().getEntityManager();
StringBuilder sb = new StringBuilder("select rbf.RBF_IDBASEFUNCTION_C from T_ROLE_BASE_FUNCTION rbf, T_ROLE r"); StringBuilder sb = new StringBuilder("select rbf.RBF_IDBASEFUNCTION_C from T_ROLE_BASE_FUNCTION rbf, T_ROLE r");
sb.append(" where rbf.RBF_IDROLE_C = :roleId and rbf.RBF_DELETEDATE_D is null"); sb.append(" where rbf.RBF_IDROLE_C in (:roleIdSet) and rbf.RBF_DELETEDATE_D is null");
sb.append(" and r.ROL_ID_C = rbf.RBF_IDROLE_C and r.ROL_DELETEDATE_D is null"); sb.append(" and r.ROL_ID_C = rbf.RBF_IDROLE_C and r.ROL_DELETEDATE_D is null");
Query q = em.createNativeQuery(sb.toString()); Query q = em.createNativeQuery(sb.toString());
q.setParameter("roleId", roleId); q.setParameter("roleIdSet", roleIdSet);
return Sets.newHashSet(q.getResultList()); return Sets.newHashSet(q.getResultList());
} }
} }

14
docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/GroupDto.java
View File

@ -26,6 +26,11 @@ public class GroupDto {
*/ */
private String parentName; private String parentName;
/**
* Role ID.
*/
private String roleId;
public String getId() { public String getId() {
return id; return id;
} }
@ -62,6 +67,15 @@ public class GroupDto {
return this; return this;
} }
public String getRoleId() {
return roleId;
}
public GroupDto setRoleId(String roleId) {
this.roleId = roleId;
return this;
}
@Override @Override
public boolean equals(Object obj) { public boolean equals(Object obj) {
return id.equals(((GroupDto) obj).getId()); return id.equals(((GroupDto) obj).getId());

16
docs-core/src/main/java/com/sismics/docs/core/model/jpa/Group.java
View File

@ -36,6 +36,12 @@ public class Group implements Loggable {
@Column(name = "GRP_NAME_C", nullable = false, length = 50) @Column(name = "GRP_NAME_C", nullable = false, length = 50)
private String name; private String name;
/**
* Role ID.
*/
@Column(name = "GRP_IDROLE_C", length = 36)
private String roleId;
/** /**
* Deletion date. * Deletion date.
*/ */
@ -79,10 +85,20 @@ public class Group implements Loggable {
return this; return this;
} }
public String getRoleId() {
return roleId;
}
public Group setRoleId(String roleId) {
this.roleId = roleId;
return this;
}
@Override @Override
public String toString() { public String toString() {
return MoreObjects.toStringHelper(this) return MoreObjects.toStringHelper(this)
.add("id", id) .add("id", id)
.add("roleId", roleId)
.add("parentId", parentId) .add("parentId", parentId)
.add("name", name) .add("name", name)
.toString(); .toString();

4
docs-core/src/main/resources/db/update/dbupdate-008-0.sql
View File

@ -1,7 +1,7 @@
create memory table T_GROUP ( GRP_ID_C varchar(36) not null, GRP_IDPARENT_C varchar(36), GRP_NAME_C varchar(50) not null, GRP_DELETEDATE_D datetime, primary key (GRP_ID_C) ); create memory table T_GROUP ( GRP_ID_C varchar(36) not null, GRP_IDPARENT_C varchar(36), GRP_NAME_C varchar(50) not null, GRP_IDROLE_C varchar(36), GRP_DELETEDATE_D datetime, primary key (GRP_ID_C) );
create memory table T_USER_GROUP ( UGP_ID_C varchar(36) not null, UGP_IDUSER_C varchar(36) not null, UGP_IDGROUP_C varchar(36) not null, UGP_DELETEDATE_D datetime, primary key (UGP_ID_C) ); create memory table T_USER_GROUP ( UGP_ID_C varchar(36) not null, UGP_IDUSER_C varchar(36) not null, UGP_IDGROUP_C varchar(36) not null, UGP_DELETEDATE_D datetime, primary key (UGP_ID_C) );
insert into T_GROUP(GRP_ID_C, GRP_NAME_C) values('administrators', 'administrators'); insert into T_GROUP(GRP_ID_C, GRP_NAME_C, GRP_IDROLE_C) values('administrators', 'administrators', 'admin');
insert into T_USER_GROUP(UGP_ID_C, UGP_IDUSER_C, UGP_IDGROUP_C) values('admin-administrators', 'admin', 'administrators'); insert into T_USER_GROUP(UGP_ID_C, UGP_IDUSER_C, UGP_IDGROUP_C) values('admin-administrators', 'admin', 'administrators');
update T_CONFIG set CFG_VALUE_C = '8' where CFG_ID_C = 'DB_VERSION'; update T_CONFIG set CFG_VALUE_C = '8' where CFG_ID_C = 'DB_VERSION';

18
docs-web-common/src/main/java/com/sismics/util/filter/TokenBasedSecurityFilter.java
View File

@ -3,6 +3,7 @@ package com.sismics.util.filter;
import java.io.IOException; import java.io.IOException;
import java.text.MessageFormat; import java.text.MessageFormat;
import java.util.Date; import java.util.Date;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
@ -36,7 +37,7 @@ import jersey.repackaged.com.google.common.collect.Sets;
/** /**
* This filter is used to authenticate the user having an active session via an authentication token stored in database. * This filter is used to authenticate the user having an active session via an authentication token stored in database.
* The filter extracts the authentication token stored in a cookie. * The filter extracts the authentication token stored in a cookie.
* If the ocokie exists and the token is valid, the filter injects a UserPrincipal into a request attribute. * If the cookie exists and the token is valid, the filter injects a UserPrincipal into a request attribute.
* If not, the user is anonymous, and the filter injects a AnonymousPrincipal into the request attribute. * If not, the user is anonymous, and the filter injects a AnonymousPrincipal into the request attribute.
* *
* @author jtremeaux * @author jtremeaux
@ -154,22 +155,27 @@ public class TokenBasedSecurityFilter implements Filter {
private void injectAuthenticatedUser(HttpServletRequest request, User user) { private void injectAuthenticatedUser(HttpServletRequest request, User user) {
UserPrincipal userPrincipal = new UserPrincipal(user.getId(), user.getUsername()); UserPrincipal userPrincipal = new UserPrincipal(user.getId(), user.getUsername());
// Add base functions
RoleBaseFunctionDao userBaseFuction = new RoleBaseFunctionDao();
Set<String> baseFunctionSet = userBaseFuction.findByRoleId(user.getRoleId());
userPrincipal.setBaseFunctionSet(baseFunctionSet);
// Add groups // Add groups
GroupDao groupDao = new GroupDao(); GroupDao groupDao = new GroupDao();
Set<String> groupRoleIdSet = new HashSet<>();
List<GroupDto> groupDtoList = groupDao.findByCriteria(new GroupCriteria() List<GroupDto> groupDtoList = groupDao.findByCriteria(new GroupCriteria()
.setUserId(user.getId()) .setUserId(user.getId())
.setRecursive(true), null); .setRecursive(true), null);
Set<String> groupIdSet = Sets.newHashSet(); Set<String> groupIdSet = Sets.newHashSet();
for (GroupDto groupDto : groupDtoList) { for (GroupDto groupDto : groupDtoList) {
groupIdSet.add(groupDto.getId()); groupIdSet.add(groupDto.getId());
if (groupDto.getRoleId() != null) {
groupRoleIdSet.add(groupDto.getRoleId());
}
} }
userPrincipal.setGroupIdSet(groupIdSet); userPrincipal.setGroupIdSet(groupIdSet);
// Add base functions
groupRoleIdSet.add(user.getRoleId());
RoleBaseFunctionDao userBaseFuction = new RoleBaseFunctionDao();
Set<String> baseFunctionSet = userBaseFuction.findByRoleId(groupRoleIdSet);
userPrincipal.setBaseFunctionSet(baseFunctionSet);
// Add email // Add email
userPrincipal.setEmail(user.getEmail()); userPrincipal.setEmail(user.getEmail());

1
docs-web/src/main/java/com/sismics/docs/rest/resource/GroupResource.java
View File

@ -310,7 +310,6 @@ public class GroupResource extends BaseResource {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
checkBaseFunction(BaseFunction.ADMIN);
// Get the group // Get the group
GroupDao groupDao = new GroupDao(); GroupDao groupDao = new GroupDao();

3
docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java
View File

@ -25,6 +25,7 @@ import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import com.sismics.docs.core.constant.Constants; import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao; import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
import com.sismics.docs.core.dao.jpa.DocumentDao; import com.sismics.docs.core.dao.jpa.DocumentDao;
@ -398,7 +399,7 @@ public class UserResource extends BaseResource {
// Ensure that the admin user is not deleted // Ensure that the admin user is not deleted
RoleBaseFunctionDao userBaseFuction = new RoleBaseFunctionDao(); RoleBaseFunctionDao userBaseFuction = new RoleBaseFunctionDao();
Set<String> baseFunctionSet = userBaseFuction.findByRoleId(user.getRoleId()); Set<String> baseFunctionSet = userBaseFuction.findByRoleId(Sets.newHashSet(user.getRoleId()));
if (baseFunctionSet.contains(BaseFunction.ADMIN.name())) { if (baseFunctionSet.contains(BaseFunction.ADMIN.name())) {
throw new ClientException("ForbiddenError", "The admin user cannot be deleted"); throw new ClientException("ForbiddenError", "The admin user cannot be deleted");
} }

12
docs-web/src/test/java/com/sismics/docs/rest/TestGroupResource.java
View File

@ -41,6 +41,18 @@ public class TestGroupResource extends BaseJerseyTest {
clientUtil.createUser("group1", "g112", "g12"); clientUtil.createUser("group1", "g112", "g12");
String group1Token = clientUtil.login("group1"); String group1Token = clientUtil.login("group1");
// Login admin2
clientUtil.createUser("admin2", "administrators");
String admin2Token = clientUtil.login("admin2");
// Create trashme
clientUtil.createUser("trashme");
// Delete trashme with admin2
target().path("/user/trashme").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, admin2Token)
.delete(JsonObject.class);
// Get all groups // Get all groups
JsonObject json = target().path("/group") JsonObject json = target().path("/group")
.queryParam("sort_column", "1") .queryParam("sort_column", "1")