Author: chathura
Date: Tue Feb 5 22:44:26 2008
New Revision: 13296
Log:
Fixed permission issue in UI.
Blocked all modify permissions for /system collection.
Restricted all edit friendly name, password functions for admin and anonymous
users.
Modified:
trunk/registry/modules/core/src/main/java/org/wso2/registry/servlet/RegistryServlet.java
trunk/registry/modules/webapps/src/main/java/org/wso2/registry/web/actions/UserDetailsAction.java
trunk/registry/modules/webapps/src/main/webapp/admin/js/common.js
trunk/registry/modules/webapps/src/main/webapp/admin/permisions.jsp
Modified:
trunk/registry/modules/core/src/main/java/org/wso2/registry/servlet/RegistryServlet.java
==============================================================================
---
trunk/registry/modules/core/src/main/java/org/wso2/registry/servlet/RegistryServlet.java
(original)
+++
trunk/registry/modules/core/src/main/java/org/wso2/registry/servlet/RegistryServlet.java
Tue Feb 5 22:44:26 2008
@@ -137,8 +137,7 @@
try {
AccessControlAdmin ac = registryRealm.getAccessControlAdmin();
- ac.clearRoleAuthorization(
- RegistryConstants.EVERYONE_ROLE, "/system",
ActionConstants.GET);
+ ac.clearResourceAuthorizations("/system");
ac.authorizeUser(RegistryConstants.SYSTEM_USER, "/system",
ActionConstants.GET);
ac.authorizeUser(RegistryConstants.SYSTEM_USER, "/system",
ActionConstants.PUT);
@@ -147,16 +146,8 @@
RegistryConstants.SYSTEM_USER, "/system",
UserManagerConstants.AUTHORIZE);
ac.authorizeUser(RegistryConstants.ADMIN_USER, "/system",
ActionConstants.GET);
- ac.authorizeUser(RegistryConstants.ADMIN_USER, "/system",
ActionConstants.PUT);
- ac.authorizeUser(RegistryConstants.ADMIN_USER, "/system",
ActionConstants.DELETE);
- ac.authorizeUser(
- RegistryConstants.ADMIN_USER, "/system",
UserManagerConstants.AUTHORIZE);
ac.authorizeRole(RegistryConstants.ADMIN_ROLE, "/system",
ActionConstants.GET);
- ac.authorizeRole(RegistryConstants.ADMIN_ROLE, "/system",
ActionConstants.PUT);
- ac.authorizeRole(RegistryConstants.ADMIN_ROLE, "/system",
ActionConstants.DELETE);
- ac.authorizeRole(
- RegistryConstants.ADMIN_ROLE, "/system",
UserManagerConstants.AUTHORIZE);
} catch (UserManagerException e) {
String msg = "Failed to set permissions for the system
collection.";
Modified:
trunk/registry/modules/webapps/src/main/java/org/wso2/registry/web/actions/UserDetailsAction.java
==============================================================================
---
trunk/registry/modules/webapps/src/main/java/org/wso2/registry/web/actions/UserDetailsAction.java
(original)
+++
trunk/registry/modules/webapps/src/main/java/org/wso2/registry/web/actions/UserDetailsAction.java
Tue Feb 5 22:44:26 2008
@@ -18,6 +18,7 @@
import org.wso2.registry.LogEntry;
import org.wso2.registry.RegistryException;
+import org.wso2.registry.RegistryConstants;
import org.wso2.registry.secure.SecureRegistry;
import org.wso2.usermanager.Realm;
import org.wso2.usermanager.UserManagerException;
@@ -53,14 +54,20 @@
Authorizer auth = realm.getAuthorizer();
if (auth.isUserAuthorized(
- getUserName(), UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT)) {
+ getUserName(), UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT) &&
+ !RegistryConstants.SYSTEM_USER.equals(displayUserName) &&
+ !RegistryConstants.ANONYMOUS_USER.equals(displayUserName))
{
+
userEditable = true;
}
if (auth.isUserAuthorized(getUserName(),
UserManagerConstants.ROLE_RESOURCE,
UserManagerConstants.ADD) &&
auth.isUserAuthorized(getUserName(),
- UserManagerConstants.ROLE_RESOURCE,
UserManagerConstants.DELETE)) {
+ UserManagerConstants.ROLE_RESOURCE,
UserManagerConstants.DELETE) &&
+ !RegistryConstants.SYSTEM_USER.equals(displayUserName) &&
+ !RegistryConstants.ANONYMOUS_USER.equals(displayUserName))
{
+
userAdmin = true;
}
Modified: trunk/registry/modules/webapps/src/main/webapp/admin/js/common.js
==============================================================================
--- trunk/registry/modules/webapps/src/main/webapp/admin/js/common.js
(original)
+++ trunk/registry/modules/webapps/src/main/webapp/admin/js/common.js Tue Feb
5 22:44:26 2008
@@ -187,17 +187,17 @@
divx.style.display='block';
if(divx.nodeName == 'IMG')
try {
- divx.style.display='inline';
- } catch(e) {
- divx.style.display = 'block';
- }
-
+ divx.style.display='inline';
+ } catch(e) {
+ divx.style.display = 'block';
+ }
+
if(divx.nodeName == 'TR'){
- try {
- divx.style.display='table-row';
- } catch(e) {
- divx.style.display = 'block';
- }
+ try {
+ divx.style.display='table-row';
+ } catch(e) {
+ divx.style.display = 'block';
+ }
}
if(divx.nodeName == 'TD')
divx.style.display='table-cell';
@@ -222,12 +222,12 @@
}
function so_clearInnerHTML(obj) {
- // perform a shallow clone on obj
- nObj = obj.cloneNode(false);
- // insert the cloned object into the DOM before the original one
- obj.parentNode.insertBefore(nObj,obj);
- // remove the original object
- obj.parentNode.removeChild(obj);
+ // perform a shallow clone on obj
+ nObj = obj.cloneNode(false);
+ // insert the cloned object into the DOM before the original one
+ obj.parentNode.insertBefore(nObj,obj);
+ // remove the original object
+ obj.parentNode.removeChild(obj);
}
function processDescription() {
@@ -236,24 +236,24 @@
var edit_button = document.getElementById('editButton');
var save_button = document.getElementById('saveButton');
var save_button_on = false;
-
- if(save_button.style.display=='block')
- save_button_on=true;
+
+ if(save_button.style.display=='block')
+ save_button_on=true;
if (save_button_on) {
tinyMCE.triggerSave();
var desc = tinyMCE.getContent();
tinyMCE.execCommand('mceRemoveControl', false, 'descEdit');
new Ajax.Updater('descView', '/wso2registry/system/setDescription', {
method: 'post', parameters: {description: desc} });
-
-
-
+
+
+
}
if(normal_div.style.display=='block'){
-
+
var tmpNormalContent = normal_div.innerHTML;
-
+
normal_div.style.display='none';
//edit_div.style.display='block';
edit_div.style.width="100%";
@@ -263,8 +263,8 @@
tinyMCE.execCommand('mceAddControl', false, 'descEdit');
//alert("active Editor thing 2" + tmpNormalContent);
tinyMCE.setContent(tmpNormalContent);
-
-
+
+
}
else {
normal_div.style.display='block';
@@ -428,7 +428,7 @@
showHideCommon('passwordEdit3');
new Ajax.Updater('passwordDiv',
'/wso2registry/system/saveNewPassword', { method: 'post', parameters:
{userName: userName, newPassword: newPassword} });
- }
+ }
}
// media type map to store file_extension -> media type pairs.
@@ -596,10 +596,19 @@
{ var x = name+'Expanded';
var expanded=true;
if(document.getElementById(name+'Expanded').style.display=='none'){
- showHideCommon(name+'IconExpanded');
- showHideCommon(name+'IconMinimized');
- showHideCommon(name+'Expanded');
- showHideCommon(name+'Minimized');
+ showHideCommon(name+'IconExpanded');
+ showHideCommon(name+'IconMinimized');
+ showHideCommon(name+'Expanded');
+ showHideCommon(name+'Minimized');
}
+}
+
+function handlePeerCheckbox(myID, peerID) {
+
+ var me = document.getElementById(myID);
+ var peer = document.getElementById(peerID);
+ if (me.checked == true && peer.checked == true) {
+ peer.checked = false;
+ }
}
\ No newline at end of file
Modified: trunk/registry/modules/webapps/src/main/webapp/admin/permisions.jsp
==============================================================================
--- trunk/registry/modules/webapps/src/main/webapp/admin/permisions.jsp
(original)
+++ trunk/registry/modules/webapps/src/main/webapp/admin/permisions.jsp Tue Feb
5 22:44:26 2008
@@ -83,14 +83,14 @@
<tr>
<td><%=permission.getUserName()%></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="ra" <% if
(permission.isReadAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="rd" <% if (permission.isReadDeny())
{ %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="wa" <% if
(permission.isWriteAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="wd" <% if
(permission.isWriteDeny()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="da" <% if
(permission.isDeleteAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="dd" <% if
(permission.isDeleteDeny()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="aa" <% if
(permission.isAuthorizeAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="ad" <% if
(permission.isAuthorizeDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^ra"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^ra',
'<%=permission.getUserName()%>^rd')" name="<%=permission.getUserName()%>"
value="ra" <% if (permission.isReadAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rd',
'<%=permission.getUserName()%>^ra')" name="<%=permission.getUserName()%>"
value="rd" <% if (permission.isReadDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^wa"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^wa',
'<%=permission.getUserName()%>^wd')" name="<%=permission.getUserName()%>"
value="wa" <% if (permission.isWriteAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^wd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^wd',
'<%=permission.getUserName()%>^wa')" name="<%=permission.getUserName()%>"
value="wd" <% if (permission.isWriteDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^da"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^da',
'<%=permission.getUserName()%>^dd')" name="<%=permission.getUserName()%>"
value="da" <% if (permission.isDeleteAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^dd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^dd',
'<%=permission.getUserName()%>^da')" name="<%=permission.getUserName()%>"
value="dd" <% if (permission.isDeleteDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^aa"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^aa',
'<%=permission.getUserName()%>^ad')" name="<%=permission.getUserName()%>"
value="aa" <% if (permission.isAuthorizeAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^ad"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^ad',
'<%=permission.getUserName()%>^aa')" name="<%=permission.getUserName()%>"
value="ad" <% if (permission.isAuthorizeDeny()) { %> checked <% } %>/></td>
</tr>
<% } %>
<tr>
@@ -167,14 +167,14 @@
<tr>
<td><%=permission.getUserName()%></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="ra" <% if
(permission.isReadAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="rd" <% if (permission.isReadDeny())
{ %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="wa" <% if
(permission.isWriteAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="wd" <% if
(permission.isWriteDeny()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="da" <% if
(permission.isDeleteAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="dd" <% if
(permission.isDeleteDeny()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="aa" <% if
(permission.isAuthorizeAllow()) { %> checked <% } %>/></td>
- <td width="100"><input type="checkbox"
name="<%=permission.getUserName()%>" value="ad" <% if
(permission.isAuthorizeDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rra"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rra',
'<%=permission.getUserName()%>^rrd')" name="<%=permission.getUserName()%>"
value="ra" <% if (permission.isReadAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rrd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rrd',
'<%=permission.getUserName()%>^rra')" name="<%=permission.getUserName()%>"
value="rd" <% if (permission.isReadDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rwa"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rwa',
'<%=permission.getUserName()%>^rwd')" name="<%=permission.getUserName()%>"
value="wa" <% if (permission.isWriteAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rwd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rwd',
'<%=permission.getUserName()%>^rwa')" name="<%=permission.getUserName()%>"
value="wd" <% if (permission.isWriteDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rda"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rda',
'<%=permission.getUserName()%>^rdd')" name="<%=permission.getUserName()%>"
value="da" <% if (permission.isDeleteAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rdd"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rdd',
'<%=permission.getUserName()%>^rda')" name="<%=permission.getUserName()%>"
value="dd" <% if (permission.isDeleteDeny()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^raa"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^raa',
'<%=permission.getUserName()%>^rad')" name="<%=permission.getUserName()%>"
value="aa" <% if (permission.isAuthorizeAllow()) { %> checked <% } %>/></td>
+ <td width="100"><input type="checkbox"
id="<%=permission.getUserName()%>^rad"
onchange="handlePeerCheckbox('<%=permission.getUserName()%>^rad',
'<%=permission.getUserName()%>^raa')" name="<%=permission.getUserName()%>"
value="ad" <% if (permission.isAuthorizeDeny()) { %> checked <% } %>/></td>
</tr>
<% } %>
<tr>
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
