Author: reto
Date: Thu Apr 4 09:45:38 2013
New Revision: 1464404
URL: http://svn.apache.org/r1464404
Log:
STANBOL-897: applied patch Danny
Added:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editRole.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolePermissionsCheckboxes.ftl
Modified:
stanbol/trunk/commons/security/usermanagement/README.md
stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/listRole.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
Modified: stanbol/trunk/commons/security/usermanagement/README.md
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/README.md?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/README.md (original)
+++ stanbol/trunk/commons/security/usermanagement/README.md Thu Apr 4 09:45:38
2013
@@ -44,7 +44,7 @@ http://localhost:8080/user-management/de
### HTML Helper Resources
-
+curl --user admin:admin
http://localhost:8080/user-management/users/anonymous/permissionsCheckboxes
## API Examples
The following HTTP services are
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
Thu Apr 4 09:45:38 2013
@@ -71,6 +71,7 @@ import org.apache.clerezza.rdf.ontologie
import org.apache.clerezza.rdf.ontologies.PERMISSION;
import org.apache.clerezza.rdf.ontologies.PLATFORM;
import org.apache.clerezza.rdf.ontologies.RDF;
+import org.apache.clerezza.rdf.ontologies.RDFS;
import org.apache.clerezza.rdf.ontologies.SIOC;
import org.apache.clerezza.rdf.utils.GraphNode;
import org.apache.clerezza.rdf.utils.MGraphUtils;
@@ -87,7 +88,7 @@ import org.slf4j.LoggerFactory;
/**
* Handles HTTP requests related to a user
- *
+ *
*/
@Component
@Service({Object.class, UserResource.class})
@@ -173,7 +174,9 @@ public class UserResource {
@GET
@Path("users/{username}/permissionsCheckboxes")
@Produces(MediaType.TEXT_HTML)
- public RdfViewable permissionsCheckboxes(@PathParam("username") String
userName) { //getUser(userName)
+ public RdfViewable permissionsCheckboxes(@PathParam("username") String
userName) {
+ addClassToPermissions(); // workaround
+ // showSystem();
addClassToPermissions(); // workaround
showSystem();
return new RdfViewable("permissionsCheckboxes", getPermissionType(),
this.getClass());
@@ -200,8 +203,7 @@ public class UserResource {
}
/**
- * Update user details
- * adds triples as appropriate to system graph
+ * Update user details adds triples as appropriate to system graph
*
* @param uriInfo
* @param currentLogin
@@ -225,29 +227,27 @@ public class UserResource {
@FormParam("roles") List<String> roles,
@FormParam("permissions") List<String> permissions) {
- GraphNode userNode;
+ GraphNode userNode = null;
if (currentLogin != null) { //
currentLogin = currentLogin.trim();
}
-
if (currentLogin != null && !currentLogin.equals("")) {
userNode = getUser(currentLogin);
- return store(userNode, uriInfo, currentLogin, newLogin, fullName,
email, password, roles, permissions);
+ if (userNode != null) {
+ return store(userNode, uriInfo, currentLogin, newLogin,
fullName, email, password, roles, permissions);
+ }
}
-
userNode = createUser(newLogin);
-
-
return store(userNode, uriInfo, newLogin, newLogin, fullName, email,
password, roles, permissions);
}
-/**
- * Modify user given a graph describing the change.
- *
- * @param inputGraph change graph
- * @return HTTP response
- */
+ /**
+ * Modify user given a graph describing the change.
+ *
+ * @param inputGraph change graph
+ * @return HTTP response
+ */
@POST
@Consumes(SupportedFormat.TURTLE)
@Path("change-user")
@@ -323,17 +323,16 @@ public class UserResource {
return Response.noContent().build();
}
-/**
- * Provides HTML corresponding to a user's roles
- *
- * all roles are listed with checkboxes,
- * the roles this user has are checked
- *
- * (isn't very pretty but is just a one-off)
- *
- * @param userName the user in question
- * @return HTML checkboxes as HTTP response
- */
+ /**
+ * Provides HTML corresponding to a user's roles
+ *
+ * all roles are listed with checkboxes, the roles this user has are
checked
+ *
+ * (isn't very pretty but is just a one-off)
+ *
+ * @param userName the user in question
+ * @return HTML checkboxes as HTTP response
+ */
@GET
@Path("users/{username}/rolesCheckboxes")
@Produces(MediaType.TEXT_HTML)
@@ -390,12 +389,12 @@ public class UserResource {
return Response.ok(html.toString()).build();
}
-/**
- * List the users.
- * renders the user type with the "listUser" rendering template
- *
- * @return rendering specification
- */
+ /**
+ * List the users. renders the user type with the "listUser" rendering
+ * template
+ *
+ * @return rendering specification
+ */
@GET
@Path("users")
@Produces(MediaType.TEXT_HTML)
@@ -425,8 +424,7 @@ public class UserResource {
}
/**
- * Create a user.
- * returns a dummy use with "editUser" as rendering
+ * Create a user. returns a dummy use with "editUser" as rendering
* specification (this will be a HTML form)
*
* @param uriInfo request details
@@ -489,10 +487,10 @@ public class UserResource {
// **********************************
/**
* Deletes a named user
- *
+ *
* (called from HTML form)
- *
- * @param userName
+ *
+ * @param userName
*/
@POST
@Path("delete")
@@ -503,8 +501,8 @@ public class UserResource {
/**
* Deletes a named user
- *
- * @param userName
+ *
+ * @param userName
*/
private void remove(String userName) {
Resource userResource = getNamedUser(userName).getNode();
@@ -535,7 +533,7 @@ public class UserResource {
/**
* RESTful user deletion
- *
+ *
* called direct from the URI, e.g.
* http://localhost:8080/user-management/users/fred
*
@@ -550,9 +548,8 @@ public class UserResource {
}
/**
- * Endpoint-style user deletion takes a little bunch of Turtle describing
the user to delete
- * e.g. [] a
- * foaf:Agent ; cz:userName "Hugo Ball" .
+ * Endpoint-style user deletion takes a little bunch of Turtle describing
+ * the user to delete e.g. [] a foaf:Agent ; cz:userName "Hugo Ball" .
*
* @param userData
* @return HTTP/1.1 204 No Content
@@ -602,7 +599,8 @@ public class UserResource {
// **********************************
/**
* Lists all roles using a rendering as specified in template listRole
- * @return
+ *
+ * @return
*/
@GET
@Path("roles")
@@ -613,7 +611,7 @@ public class UserResource {
/**
* Provides the node in the system graph corresponding to rdf:type Role
- *
+ *
* @return Role class node
*/
public GraphNode getRoleType() {
@@ -621,12 +619,224 @@ public class UserResource {
systemGraph);
}
+ /**
+ * Produces suitable permission-checkboxes
+ */
+ @GET
+ @Path("roles/{rolename}/permissionsCheckboxes")
+ @Produces(MediaType.TEXT_HTML)
+ public RdfViewable rolePermissionsCheckboxes(@PathParam("rolename") String
roleName) {
+ // addClassToPermissions(); // workaround
+ // showSystem();
+ return new RdfViewable("rolePermissionsCheckboxes", getRole(roleName),
this.getClass());
+ } // getPermissionType()
+
// **********************************
// ****** ADD ROLE ******************
// **********************************
+ /**
+ * Create a role. returns "editRole" as rendering specification (this will
+ * be a HTML form)
+ *
+ * @param uriInfo request details
+ * @return rendering specification
+ */
+ @GET
+ @Path("create-role")
+ @Produces(MediaType.TEXT_HTML)
+ public RdfViewable getCreateRoleForm(@Context UriInfo uriInfo) {
+ return new RdfViewable("editRole", dummyNode,
+ this.getClass());
+ }
+
+ // /user-management/roles/edit/'+roleName,
+ /**
+ * lookup a role by name presenting it with "editRole" as rendering
+ * instruction.
+ *
+ * @param userName
+ * @return
+ */
+ @GET
+ @Path("roles/edit/{rolename}")
+ @Produces(MediaType.TEXT_HTML)
+ public RdfViewable editRole(@PathParam("rolename") String roleName) {
+ return new RdfViewable("editRole", getRole(roleName),
+ this.getClass());
+ }
+
+ private GraphNode getRole(@QueryParam("roleName") String roleName) {
+ return getNamedRole(roleName);
+ }
+
+ /*
+ * returns an existing user node from the graph.
+ */
+ private GraphNode getNamedRole(String roleName) {
+ GraphNode roleNode = null;
+ Iterator<Triple> roleIterator = systemGraph.filter(null, RDF.type,
PERMISSION.Role);
+ //new PlainLiteralImpl(userName));
+ if (!roleIterator.hasNext()) {
+ return null;
+ }
+ ArrayList<Triple> tripleBuffer = new ArrayList<Triple>();
+ Lock readLock = systemGraph.getLock().readLock();
+ readLock.lock();
+
+ try {
+ while (roleIterator.hasNext()) {
+ NonLiteral role = roleIterator.next().getSubject();
+ Iterator<Triple> roleNameTriples = systemGraph.filter(role,
DC.title,
+ null);
+ while (roleNameTriples.hasNext()) {
+ Literal roleLiteral = (Literal)
roleNameTriples.next().getObject();
+ if (roleName.equals(roleLiteral.getLexicalForm())) {
+ roleNode = new GraphNode(role, systemGraph);
+ break;
+ }
+ }
+ if (roleNode != null) {
+ break;
+ }
+ }
+
+ } finally {
+ readLock.unlock();
+ }
+ return roleNode;
+ }
// **********************************
// ****** REMOVE ROLE ***************
// **********************************
+
+ /**
+ * Deletes a named role
+ *
+ * (called from HTML form)
+ *
+ * @param roleName
+ */
+ @POST
+ @Path("delete-role")
+ public void removeRole(@FormParam("role") String roleName) {
+ deleteRole(roleName);
+
+ }
+
+ /**
+ * Deletes a named user
+ *
+ * @param userName
+ */
+ private void deleteRole(String roleName) {
+ Resource roleResource = getNamedRole(roleName).getNode();
+ Iterator<Triple> roleTriples = systemGraph.filter((NonLiteral)
roleResource, null, null);
+
+ ArrayList<Triple> buffer = new ArrayList<Triple>();
+
+ Lock readLock = systemGraph.getLock().readLock();
+ readLock.lock();
+ try {
+ while (roleTriples.hasNext()) {
+ Triple triple = roleTriples.next();
+ buffer.add(triple);
+ }
+ } finally {
+ readLock.unlock();
+ }
+
+ // is lock needed?
+ Lock writeLock = systemGraph.getLock().writeLock();
+ writeLock.lock();
+ try {
+ systemGraph.removeAll(buffer);
+ } finally {
+ writeLock.unlock();
+ }
+ }
+
+ /**
+ * Update role details - adds triples as appropriate to system graph
+ *
+ */
+ @POST
+ @Path("store-role")
+ @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+ public Response storeRoleFormHandler(@Context UriInfo uriInfo,
+ @FormParam("roleName") String roleName,
+ @FormParam("comment") String comment,
+ @FormParam("permissions") List<String> permissions) {
+
+ GraphNode roleNode = null;
+
+ if (roleName != null) { //
+ roleName = roleName.trim();
+ }
+ if (roleName != null && !roleName.equals("")) {
+ roleNode = getRole(roleName);
+ if (roleNode != null) {
+ return storeRole(roleNode, uriInfo, roleName, comment,
permissions);
+ }
+ }
+ roleNode = createRole(roleName, comment);
+ return storeRole(roleNode, uriInfo, roleName, comment, permissions);
+ }
+
+ /**
+ * Creates a new role wit the the specified role name
+ *
+ * @param newUserName
+ * @return user node in system graph
+ */
+ private GraphNode createRole(String newRoleName, String comment) {
+ BNode subject = new BNode();
+ GraphNode roleNode = new GraphNode(subject, systemGraph);
+ roleNode.addProperty(RDF.type, PERMISSION.Role);
+ roleNode.addProperty(DC.title, new PlainLiteralImpl(newRoleName));
+ roleNode.addProperty(RDFS.comment, new PlainLiteralImpl(comment));
+ return roleNode;
+ }
+
+ private Response storeRole(GraphNode roleNode, UriInfo uriInfo,
+ String roleName,
+ String comment,
+ List<String> permissions) {
+
+ NonLiteral roleResource = (NonLiteral) roleNode.getNode();
+
+ if (permissions != null) {
+ clearPermissions(roleResource);
+ Lock writeLock = systemGraph.getLock().writeLock();
+ writeLock.lock();
+ try {
+ for (int i = 0; i < permissions.size(); i++) {
+ permissions.set(i, permissions.get(i).trim());
+ if (!permissions.get(i).equals("")) {
+ addPermission(roleNode, permissions.get(i));
+ }
+ }
+ } finally {
+ writeLock.unlock();
+ }
+ }
+
+ // showSystem();
+
+ URI pageUri = uriInfo.getBaseUriBuilder()
+ .path("system/console/usermanagement").build();
+
+ // header Cache-control: no-cache, just in case intermediaries are
+ // holding onto old stuff
+ CacheControl cc = new CacheControl();
+ cc.setNoCache(true);
+
+ //showSystem();
+
+ // see other my not be the best response, but does seem the best given
+ // the jax-rs things available
+ return Response.seeOther(pageUri).cacheControl(cc).build();
+ }
+
// **********************************
// ****** ASSIGN ROLE TO USER *******
// **********************************
@@ -648,9 +858,10 @@ public class UserResource {
return new RdfViewable("listPermission", getPermissionType(),
this.getClass());
}
- /**
- * Provides the node in the system graph corresponding to rdf:type
Permission
- *
+ /**
+ * Provides the node in the system graph corresponding to rdf:type
+ * Permission
+ *
* @return Permission class node
*/
public GraphNode getPermissionType() {
@@ -670,23 +881,21 @@ public class UserResource {
// **************************************
// ****** REMOVE PERMISSION FROM ROLE ***
// **************************************
-
////////////////////////////////////////////////////////////////
-
-/**
- * Pushes user data into system graph
- *
- * @param userNode
- * @param uriInfo
- * @param currentUserName
- * @param newUserName
- * @param fullName
- * @param email
- * @param password
- * @param roles
- * @param permissions
- * @return
- */
+ /**
+ * Pushes user data into system graph
+ *
+ * @param userNode
+ * @param uriInfo
+ * @param currentUserName
+ * @param newUserName
+ * @param fullName
+ * @param email
+ * @param password
+ * @param roles
+ * @param permissions
+ * @return
+ */
private Response store(GraphNode userNode, UriInfo uriInfo,
String currentUserName,
String newUserName,
@@ -755,7 +964,7 @@ public class UserResource {
cc.setNoCache(true);
//showSystem();
-
+
// see other my not be the best response, but does seem the best given
// the jax-rs things available
return Response.seeOther(pageUri).cacheControl(cc).build();
@@ -795,7 +1004,7 @@ public class UserResource {
/**
* Provides a graph containing Role triples associated with a given user
- *
+ *
* @param userName
* @return roles graph
*/
@@ -853,11 +1062,11 @@ public class UserResource {
/**
* convenience - used for buffering
- *
+ *
* @param subject
* @param predicate
* @param object
- * @return
+ * @return
*/
private ArrayList<Triple> filterToArray(NonLiteral subject, UriRef
predicate, Resource object) {
Iterator<Triple> triples = systemGraph.filter(subject, predicate,
object);
@@ -876,7 +1085,7 @@ public class UserResource {
/**
* Add a role to a given user in system graph
- *
+ *
* @param userNode node corresponding to user
* @param roleName name of the role
* @return user node
@@ -899,17 +1108,42 @@ public class UserResource {
}
return userNode;
}
-
- public final static String permissionsBase = "urn:x-localhost/role/";
- private GraphNode addPermission(GraphNode userNode, String
permissionString) {
+ // public final static String permissionsBase = "urn:x-localhost/role/";
+ private GraphNode addPermission(GraphNode subjectNode, String
permissionString) {
+ if (hasPermission(subjectNode, permissionString)) {
+ return subjectNode;
+ }
GraphNode permissionNode = new GraphNode(new BNode(), systemGraph);
permissionNode.addProperty(RDF.type, PERMISSION.Permission);
// permissionNode.addProperty(DC.title, new
PlainLiteralImpl(permissionName));
- userNode.addProperty(PERMISSION.hasPermission,
permissionNode.getNode());
+ subjectNode.addProperty(PERMISSION.hasPermission,
permissionNode.getNode());
permissionNode.addProperty(PERMISSION.javaPermissionEntry, new
PlainLiteralImpl(permissionString));
- return userNode;
+ return subjectNode;
+ }
+
+ private boolean hasPermission(GraphNode userNode, String permissionString)
{
+ boolean has = false;
+ Iterator<Triple> existingPermissions = systemGraph.filter((NonLiteral)
userNode.getNode(), PERMISSION.hasPermission, null);
+ Lock readLock = systemGraph.getLock().readLock();
+ readLock.lock();
+ try { // check to see if the user already has this permission
+ while (existingPermissions.hasNext()) {
+ NonLiteral permissionNode = (NonLiteral)
existingPermissions.next().getObject();
+ Iterator<Triple> permissionTriples =
systemGraph.filter(permissionNode, PERMISSION.javaPermissionEntry, null);
+ while (permissionTriples.hasNext()) {
+ Literal permission = (Literal)
permissionTriples.next().getObject();
+ if (permissionString.equals(permission.getLexicalForm())) {
+ has = true;
+ }
+ }
+
+ }
+ } finally {
+ readLock.unlock();
+ }
+ return has;
}
// [] a <http://xmlns.com/foaf/0.1/Agent> ;
@@ -918,8 +1152,26 @@ public class UserResource {
// <http://clerezza.org/2008/10/permission#javaPermissionEntry>
// "(java.security.AllPermission \"\" \"\")"
// ] ;
- private void clearPermissions(NonLiteral userResource) {
- systemGraph.removeAll(filterToArray(userResource,
PERMISSION.javaPermissionEntry, null));
+ private void clearPermissions(NonLiteral subject) {
+ ArrayList<Triple> buffer = new ArrayList<Triple>();
+
+ Lock readLock = systemGraph.getLock().readLock();
+ readLock.lock();
+ try {
+ Iterator<Triple> permissions = systemGraph.filter(subject,
PERMISSION.hasPermission, null);
+ while (permissions.hasNext()) {
+ Triple permissionTriple = permissions.next();
+ buffer.add(permissionTriple);
+ NonLiteral permissionNode = (NonLiteral)
permissionTriple.getObject();
+ Iterator<Triple> permissionTriples =
systemGraph.filter(permissionNode, null, null);
+ while (permissionTriples.hasNext()) {
+ buffer.add(permissionTriples.next());
+ }
+ }
+ } finally {
+ readLock.unlock();
+ }
+ systemGraph.removeAll(buffer);
}
/*
@@ -994,8 +1246,6 @@ public class UserResource {
ArrayList<Triple> oldBuffer = new ArrayList<Triple>();
- // System.out.println("\n\n");
-
Lock readLock = systemGraph.getLock().readLock();
readLock.lock();
try {
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
Thu Apr 4 09:45:38 2013
@@ -28,7 +28,8 @@ fieldset { padding:4px; margin-top:4px;
legend {
padding: 0.2em 0.5em;
font-size:90%;
- text-align:right;
+ text-align:left;
+ font-weight:bold
}
.ui-dialog .ui-state-error { padding: .3em; }
@@ -42,6 +43,11 @@ legend {
font-weight:bold;
}
+.permission input
+{
+ width: 30em;
+}
+
/*
.labelCheckbox {
display: block;
Added:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editRole.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editRole.ftl?rev=1464404&view=auto
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editRole.ftl
(added)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editRole.ftl
Thu Apr 4 09:45:38 2013
@@ -0,0 +1,64 @@
+<#--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<@namespace rdfs="http://www.w3.org/2000/01/rdf-schema#"; />
+<@namespace platform="http://clerezza.org/2009/08/platform#"; />
+<@namespace permission="http://clerezza.org/2008/10/permission#"; />
+<@namespace sioc="http://rdfs.org/sioc/ns#"; />
+
+<form>
+
+ <#assign roleName>
+ <@ldpath path="dc:title :: xsd:string"/>
+ </#assign>
+
+ <#assign comment>
+ <@ldpath path="rdfs:comment :: xsd:string"/>
+ </#assign>
+
+ <input id="create-or-edit" type="hidden" name="create-or-edit"
value="edit" />
+
+ <fieldset>
+ <label for="roleName">Role Name</label>
+ <input id="roleName" type="text" name="roleName" value="${roleName}"
class="text ui-widget-content ui-corner-all" />
+ <label for="comment">Comment</label>
+ <input id="comment" type="text" name="comment" value="${comment}"
class="text ui-widget-content ui-corner-all" />
+ </fieldset>
+
+ <fieldset class="labelCheckbox">
+ <legend>Permissions</legend>
+ <div id="role-permissions-checkboxes"></div>
+ </fieldset>
+
+ <fieldset>
+ <div class="labelTextbox" id="permission-inputs">
+ <label for="newPermission">Add Permission</label>
+ <br/>
+ <input type="text" class="inputPermission" />
+ <div class="dynhover ui-state-default ui-corner-all" title="Add
Permission Field" onClick="javascript:addPermissionField()"><span
class="ui-icon ui-icon-circle-plus"> </span></div>
+ </div>
+ </fieldset>
+ <p>e.g. (org.osgi.framework.ServicePermission "*" "get")</p>
+ <!-- <button name="addPermission">Add permission</button> -->
+</form>
+<!--
+ <@ldpath path="fn:sort(sioc:has_function)">
+ <li class="permission">
+ <@ldpath path="dc:title :: xsd:string"/>
+ </li>
+ </@ldpath>
+ </ol>
+-->
\ No newline at end of file
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
Thu Apr 4 09:45:38 2013
@@ -48,17 +48,22 @@ limitations under the License.
<input id="password" type="password" name="password" value=""
class="text ui-widget-content ui-corner-all" />
</fieldset>
- <fieldset id="roles-checkboxes">
+ <fieldset class="labelCheckbox">
+ <legend>Roles</legend>
+ <div id="roles-checkboxes"></div>
</fieldset>
- <fieldset id="permissions-checkboxes" class="labelCheckbox">
+ <fieldset class="labelCheckbox">
+ <legend>Permissions</legend>
+ <div id="permissions-checkboxes"></div>
</fieldset>
<fieldset>
- <div class="labelTextbox">
+ <div class="labelTextbox" id="permission-inputs">
<label for="newPermission">Add Permission</label>
<br/>
- <input type="text" id="newPermission" name="newPermission">
+ <input type="text" class="inputPermission">
+ <div class="dynhover ui-state-default ui-corner-all" title="Add
Permission Field" onClick="javascript:addPermissionField()"><span
class="ui-icon ui-icon-circle-plus"> </span></div>
</div>
</fieldset>
<p>e.g. (org.osgi.framework.ServicePermission "*" "get")</p>
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/listRole.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/listRole.ftl?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/listRole.ftl
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/listRole.ftl
Thu Apr 4 09:45:38 2013
@@ -7,11 +7,19 @@
<thead><tr><th>Name</th></tr></thead>
<tbody>
<@ldpath path="fn:sort(^rdf:type)">
- <#assign name>
- <@ldpath path="dc:title :: xsd:string"/>
+ <#assign roleName>
+ <@ldpath path="dc:title :: xsd:string"/>
</#assign>
<tr>
- <td>${name}</td>
+ <td>${roleName}</td>
+ <td>
+ <ul class="icons ui-widget">
+ <li class="dynhover ui-state-default ui-corner-all"
title="Edit" onClick="javascript:editRole('${roleName}')"><span class="ui-icon
ui-icon-edit"> </span></li>
+ <li class="dynhover ui-state-default ui-corner-all delete"
title="Delete" onClick="javascript:removeRole('${roleName}')"><span
class="ui-icon ui-icon-trash"> </span>
+ <div id="remove${roleName}" class="hidden
delete-dialog" title="Remove Role"><p>
+ <br/>Delete role : ${roleName}?</p></div></li>
+ </ul>
+ </td>
</tr>
</@ldpath>
</tbody>
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
Thu Apr 4 09:45:38 2013
@@ -4,14 +4,26 @@
<@namespace dc="http://purl.org/dc/elements/1.1/"; />
<!-- @ldpath path="fn:sort(^rdf:type)" -->
- <@ldpath path="fn:sort(sioc:has_function)">
+ <@ldpath path="fn:sort(permission:hasPermission)">
<#assign permission>
<@ldpath path="permission:javaPermissionEntry :: xsd:string"/>
</#assign>
- <input class="permission" type="checkbox" id="${permission}"
name="${permission}" value="${permission}" checked="checked" />
+ <input class="checkboxPermission" type="checkbox" id="${permission}"
name="${permission}" value="${permission}" checked="checked" />
<label for="${permission}">${permission}</label>
<br/>
</@ldpath>
+
+
+<!--
+[] a <http://xmlns.com/foaf/0.1/Agent> ;
+ <http://clerezza.org/2008/10/permission#hasPermission>
+ [ <http://clerezza.org/2008/10/permission#javaPermissionEntry>
+ "(java.security.AllPermission \"\" \"\")"
+ ] ;
+Get the names of all persons that link the current person as foaf:knows:
+
+friends = ^foaf:knows / foaf:name :: xsd:string;
+-->
\ No newline at end of file
Added:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolePermissionsCheckboxes.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolePermissionsCheckboxes.ftl?rev=1464404&view=auto
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolePermissionsCheckboxes.ftl
(added)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolePermissionsCheckboxes.ftl
Thu Apr 4 09:45:38 2013
@@ -0,0 +1,29 @@
+<@namespace platform="http://clerezza.org/2009/08/platform#"; />
+<@namespace permission="http://clerezza.org/2008/10/permission#"; />
+<@namespace sioc="http://rdfs.org/sioc/ns#"; />
+<@namespace dc="http://purl.org/dc/elements/1.1/"; />
+
+<!-- @ldpath path="fn:sort(^rdf:type)" -->
+ <@ldpath path="fn:sort(permission:hasPermission)">
+
+<#assign permission>
+<@ldpath path="permission:javaPermissionEntry :: xsd:string"/>
+</#assign>
+
+ <input class="checkboxPermission" type="checkbox" id="${permission}"
name="${permission}" value="${permission}" checked="checked" />
+ <label for="${permission}">${permission}</label>
+ <br/>
+
+</@ldpath>
+
+
+<!--
+[] a <http://xmlns.com/foaf/0.1/Agent> ;
+ <http://clerezza.org/2008/10/permission#hasPermission>
+ [ <http://clerezza.org/2008/10/permission#javaPermissionEntry>
+ "(java.security.AllPermission \"\" \"\")"
+ ] ;
+Get the names of all persons that link the current person as foaf:knows:
+
+friends = ^foaf:knows / foaf:name :: xsd:string;
+-->
\ No newline at end of file
Modified:
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
URL:
http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl?rev=1464404&r1=1464403&r2=1464404&view=diff
==============================================================================
---
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
(original)
+++
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
Thu Apr 4 09:45:38 2013
@@ -27,12 +27,17 @@ limitations under the License.
-->
<br />
-<p><button id="create-user" onClick="addUser()"> Create New User </button></p>
+<p>
+ <button id="create-user" onClick="addUser()"> Create New User </button>
+ <button id="create-role" onClick="addRole()"> Create New Role </button>
+</p>
<br />
<div title="Edit User" id="editUserForm">
</div>
+<div title="Edit Role" id="editRoleForm">
+</div>
<!-- #include "/html/editUserForm.ftl" -->
<div id="tabs">
@@ -90,7 +95,7 @@ limitations under the License.
var roleList = new Array();
var index = 0;
var roles = $(".role"); // .role,input:checkbox
- // console.log("roles = "+roles);
+ // console.log("roles = "+roles);
for (var attrname in roles) {
console.log("roles[attrname] = "+roles[attrname]);
@@ -100,24 +105,26 @@ limitations under the License.
};
roleList[index++] = "BasePermissionsRole";
formData["roles"] = roleList;
- console.log("ROLES = "+roleList);
+ // console.log("ROLES = "+roleList);
/////////////
var permissionList = new Array();
var index = 0;
- var permissions = $(".permission"); // .labelCheckbox
- console.log("permissions = "+permissions);
+ var permissions = $(".checkboxPermission");
+ // console.log("permissions = "+permissions);
for (var attrname in permissions) {
console.log("attrname = "+attrname);
if(permissions[attrname].checked) {
permissionList[index++] =
permissions[attrname].name;
};
};
- // var newPermission = $("#newPermission").val();
- permissionList[index++] = $("#newPermission").val();
-
+
+ $(".inputPermission").each(function(){
+ permissionList[index++] = $(this).val();
+ });
+
formData["permissions"] = permissionList;
- console.log("PERMISSIONS = "+permissionList);
+ // console.log("PERMISSIONS = "+permissionList);
$.ajax({
type: 'POST',
@@ -131,14 +138,66 @@ limitations under the License.
$(this).dialog("close");
}
-
},
Cancel: function() {
- // close();
$(this).dialog("close");
}
}
});
+
+ $("#editRoleForm").dialog({
+ autoOpen: false,
+ minHeight: 400,
+ autoResize:true,
+ width: 500,
+ modal: true,
+ buttons: {
+ "Submit": function() {
+
+
+ var formData = {
+ "roleName": $("#roleName").val(),
+ "comment": $("#comment").val()
+ };
+
+ // gather permission checkbox values into array, to provide
format
+ var permissionList = new Array();
+ var index = 0;
+ var permissions = $(".checkboxPermission"); // .labelCheckbox
+ // console.log("permissions = "+permissions);
+ for (var attrname in permissions) {
+ // console.log("attrname = "+attrname);
+ if(permissions[attrname].checked) {
+ permissionList[index++] = permissions[attrname].name;
+ };
+ };
+ $(".inputPermission").each(function(){
+ // alert($(this).val());
+ permissionList[index++] = $(this).val();
+ });
+
+ formData["permissions"] = permissionList;
+ // console.log("PERMISSIONS = "+permissionList);
+
+ $.ajax({
+ type: 'POST',
+ url: '/user-management/store-role',
+ data: formData,
+ success: function(data) {
+ close();
+ location.reload();
+ }
+ });
+
+ $(this).dialog("close");
+ }
+ },
+ "Cancel": function() {
+ // close();
+ $(this).dialog("close");
+ }
+ }
+);
function validate(login, email, password) {
// console.log("validate called");
@@ -207,17 +266,23 @@ limitations under the License.
success: function(data) {
$("#editUserForm").html(data);
$("#editUserForm").title = "Create User";
-
-// $.get("/user-management/rolesCheckboxes",
-// function(data){
-// $("#roles-checkboxes").html(data);
-// }, "text/html");
-
$("#editUserForm").dialog("open");
}
});
-
+ }
+
+ function addRole(){
+ $.ajax({
+ url: '/user-management/create-role',
+ dataType: 'html',
+ success: function(data) {
+ $("#editRoleForm").html(data);
+ $("#editRoleForm").title = "Create Role";
+ $("#editRoleForm").dialog("open");
+
+ }
+ });
}
@@ -309,5 +374,57 @@ limitations under the License.
});
}
+ function editRole(roleName){
+ $.ajax({
+ url: '/user-management/roles/edit/'+roleName,
+ dataType: "html",
+ success: function(data) {
+ $("#editRoleForm").html(data);
+
+
$.get("/user-management/roles/"+roleName+"/permissionsCheckboxes",
+ function(data){
+ console.log("permissionsCheckboxes = "+data);
+ $("#role-permissions-checkboxes").html(data);
+ }, "text/html");
+
+ $("#editRoleForm").dialog("open");
+ }
+ });
+
+
+ }
+ function removeUser(name){
+ // console.log("Remove user ="+name);
+
+ $("#remove"+name).dialog({
+ resizable: false,
+ height:140,
+ modal: true,
+ title: "Delete",
+ buttons: {
+ "Delete User": function() {
+ console.log("deleting user ="+name);
+
+ $.ajax({
+ type: 'POST',
+ url: '/user-management/delete',
+ data: {"user" : name},
+ success: function(data) {
+ close();
+ location.reload();
+ }
+ });
+ },
+ Cancel: function() {
+ $(this).dialog("close");
+ location.reload();
+ }
+ }
+ });
+ }
+
+ function addPermissionField(){
+ $("#permission-inputs").append("<input type='text'
class='inputPermission' /><br />");
+ }
</script>
\ No newline at end of file
