Closes #91: Display ACL inherited from tags in document permissions

This commit is contained in:
jendib 2016-05-08 13:45:46 +02:00
parent 642b9a63d3
commit bf4cb02de5
No known key found for this signature in database
GPG Key ID: 06EE7F699579166F
8 changed files with 87 additions and 15 deletions

View File

@ -3,7 +3,6 @@ package com.sismics.rest.util;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.dto.AclDto;
import com.sismics.security.IPrincipal;
import javax.json.Json;
import javax.json.JsonArrayBuilder;

View File

@ -83,13 +83,14 @@ public class DocumentResource extends BaseResource {
.add("shared", documentDto.getShared())
.add("file_count", documentDto.getFileCount());
List<TagDto> tagDtoList = null;
if (principal.isAnonymous()) {
// No tags in anonymous mode (sharing)
document.add("tags", Json.createArrayBuilder());
} else {
// Add tags added by the current user on this document
// Add tags visible by the current user on this document
TagDao tagDao = new TagDao();
List<TagDto> tagDtoList = tagDao.findByCriteria(
tagDtoList = tagDao.findByCriteria(
new TagCriteria()
.setTargetIdList(getTargetIdList(shareId))
.setDocumentId(documentId),
@ -118,6 +119,25 @@ public class DocumentResource extends BaseResource {
// Add ACL
AclUtil.addAcls(document, documentId, getTargetIdList(shareId));
// Add computed ACL
if (tagDtoList != null) {
JsonArrayBuilder aclList = Json.createArrayBuilder();
for (TagDto tagDto : tagDtoList) {
AclDao aclDao = new AclDao();
List<AclDto> aclDtoList = aclDao.getBySourceId(tagDto.getId());
for (AclDto aclDto : aclDtoList) {
aclList.add(Json.createObjectBuilder()
.add("perm", aclDto.getPerm().name())
.add("source_id", tagDto.getId())
.add("source_name", tagDto.getName())
.add("id", aclDto.getTargetId())
.add("name", JsonUtil.nullable(aclDto.getTargetName()))
.add("type", aclDto.getTargetType()));
}
}
document.add("inherited_acls", aclList);
}
// Add contributors
ContributorDao contributorDao = new ContributorDao();
List<ContributorDto> contributorDtoList = contributorDao.getByDocumentId(documentId);

View File

@ -3,5 +3,11 @@
/**
* Document view permissions controller.
*/
angular.module('docs').controller('DocumentViewPermissions', function() {
angular.module('docs').controller('DocumentViewPermissions', function($scope) {
// Watch for ACLs change and group them for easy displaying
$scope.$watch('document.inherited_acls', function(acls) {
$scope.inheritedAcls = _.groupBy(acls, function(acl) {
return acl.id;
});
});
});

View File

@ -8,12 +8,12 @@
<tr ng-repeat="(id, acl) in groupedAcls">
<td><acl data="acl[0]"></acl></td>
<td>
<span class="label label-default" style="margin-right: 6px;" ng-repeat="a in acl | orderBy: 'perm'">
{{ a.perm }}
<span ng-show="(creator != a.name && a.type == 'USER' || a.type != 'USER') && writable"
class="glyphicon glyphicon-remove pointer"
ng-click="deleteAcl(a)"></span>
</span>
<span class="label label-default" style="margin-right: 6px;" ng-repeat="a in acl | orderBy: 'perm'">
{{ a.perm }}
<span ng-show="(creator != a.name && a.type == 'USER' || a.type != 'USER') && writable"
class="glyphicon glyphicon-remove pointer"
ng-click="deleteAcl(a)"></span>
</span>
</td>
</tr>
</table>

View File

@ -1 +1,3 @@
<p class="well-sm">Every actions on this document are logged here.</p>
<audit-log logs="logs" />

View File

@ -1,4 +1,37 @@
<acl-edit source="document.id"
acls="document.acls"
writable="document.writable"
creator="document.creator"></acl-edit>
<p class="well-sm">Permissions can be applied directly to this document, or can come from <a href="#/tag">tags</a>.</p>
<div class="well" ng-show="document.inherited_acls.length > 0">
<h3>Permissions inherited by tags</h3>
<table class="table">
<tr>
<th style="width: 30%">From</th>
<th style="width: 30%">For</th>
<th style="width: 30%">Permission</th>
</tr>
<tr ng-repeat="(id, acl) in inheritedAcls">
<td>
<a href="#/tag/{{ acl[0].source_id }}">
<span class="glyphicon glyphicon-tags"></span>&nbsp;
{{ acl[0].source_name }}
</a>
</td>
<td><acl data="acl[0]"></acl></td>
<td>
<span class="label label-default" style="margin-right: 6px;" ng-repeat="a in acl | orderBy: 'perm'">
{{ a.perm }}
</span>
</td>
</tr>
</table>
</div>
<div class="well">
<h3>Permissions on this document</h3>
<acl-edit source="document.id"
acls="document.acls"
writable="document.writable"
creator="document.creator"></acl-edit>
</div>

View File

@ -1,3 +1,7 @@
<h1>{{ tag.name }}</h1>
<p>Permissions on this tag will also be applied to documents tagged <span class="label label-info">{{ tag.name }}</span></p>
<acl-edit source="tag.id"
acls="tag.acls"
writable="tag.writable"

View File

@ -365,6 +365,10 @@ public class TestAclResource extends BaseJerseyTest {
Assert.assertEquals(1, tags.size());
Assert.assertFalse(json.getBoolean("writable"));
Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id"));
JsonArray inheritedAcls = json.getJsonArray("inherited_acls");
Assert.assertEquals(3, inheritedAcls.size());
Assert.assertEquals("AclTag1", inheritedAcls.getJsonObject(0).getString("source_name"));
Assert.assertEquals(tag1Id, inheritedAcls.getJsonObject(0).getString("source_id"));
// acltag2 can see tag1
json = target().path("/tag/list").request()
@ -401,6 +405,10 @@ public class TestAclResource extends BaseJerseyTest {
Assert.assertEquals(1, tags.size());
Assert.assertTrue(json.getBoolean("writable"));
Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id"));
inheritedAcls = json.getJsonArray("inherited_acls");
Assert.assertEquals(4, inheritedAcls.size());
Assert.assertEquals("AclTag1", inheritedAcls.getJsonObject(0).getString("source_name"));
Assert.assertEquals(tag1Id, inheritedAcls.getJsonObject(0).getString("source_id"));
// acltag2 can see and edit tag1
json = target().path("/tag/" + tag1Id).request()