From 76114f6cf2240b4556baa69eb089faef23ba24a9 Mon Sep 17 00:00:00 2001 From: jomu Date: Mon, 12 Nov 2018 10:01:55 +0100 Subject: [PATCH] completed role permission setup --- .../account/web/presentation/AccountView.java | 19 ++++- .../web/presentation/ApplicationView.java | 4 +- .../account/web/presentation/RoleView.java | 28 +++++--- .../UniqueApplicationRoleNameValidator.java | 60 ++++++++++++++++ account-ui/src/main/webapp/WEB-INF/shiro.ini | 3 +- .../src/main/webapp/web/permissions.xhtml | 1 - account-ui/src/main/webapp/web/roles.xhtml | 70 ++++++++++--------- .../boundary/ApplicationRoleControl.java | 5 +- .../account/entity/ApplicationRoleEntity.java | 4 +- 9 files changed, 141 insertions(+), 53 deletions(-) create mode 100644 account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationRoleNameValidator.java diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java index a3ab284..fba220b 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java @@ -13,7 +13,8 @@ import java.util.ArrayList; import java.util.List; import javax.ejb.EJB; import javax.enterprise.context.SessionScoped; -import javax.inject.Named; +import javax.faces.bean.ManagedBean; +import javax.faces.bean.ManagedProperty; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -21,13 +22,15 @@ import org.slf4j.LoggerFactory; * * @author jomu */ +@ManagedBean(name = "accountView") @SessionScoped -@Named public class AccountView implements Serializable { private static final long serialVersionUID = -8050582392249849438L; private static final Logger LOGGER = LoggerFactory.getLogger(AccountView.class); + @ManagedProperty(value = "#{applicationView}") + private ApplicationView applicationView; @EJB private AccountControl accountService; @EJB @@ -57,8 +60,9 @@ public class AccountView implements Serializable { return accountList; } - public List getAllApplicationRoles(ApplicationEntity application) { + public List getAllApplicationRoles() { if (applicationRoles == null) { + ApplicationEntity application = applicationView.getCurrentApplication(); applicationRoles = appliationRoleService.getAllRoles(application); } return applicationRoles; @@ -146,6 +150,15 @@ public class AccountView implements Serializable { } /* **** getter / setter **** */ + + /** + * setter for managed property applicationView + * @param applicationView the applicaton view to inject + */ + public void setApplicationView(ApplicationView applicationView) { + this.applicationView = applicationView; + } + public AccountEntity getCurrentAccount() { return currentAccount; } diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java index 5eb7ee2..4fcaf4a 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java @@ -27,9 +27,9 @@ public class ApplicationView implements Serializable { ApplicationService applicationService; private ApplicationEntity currentApplication = null; - private List applicationList = null; private ApplicationEntity editApplication = null; - + private List applicationList = null; + @PostConstruct public void selectDefaultCurrentApplication() { // force applications to be loaded from database diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java index 993c025..46ceaaa 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java @@ -25,9 +25,9 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.List; import javax.ejb.EJB; -import javax.enterprise.context.SessionScoped; import javax.faces.bean.ManagedBean; import javax.faces.bean.ManagedProperty; +import javax.faces.bean.SessionScoped; import org.primefaces.event.SelectEvent; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -57,6 +57,10 @@ public class RoleView implements Serializable { private ApplicationPermissionEntity currentPermission; private ApplicationPermissionEntity newPermission; + public ApplicationEntity getCurrentApplication() { + return applicationView.getCurrentApplication(); + } + public List getAllRoles() { if (allRoles == null) { allRoles = applicationRoleControl.getAllRoles(applicationView.getCurrentApplication()); @@ -66,6 +70,10 @@ public class RoleView implements Serializable { public void startNewRole() { this.currentRole = new ApplicationRoleEntity(applicationView.getCurrentApplication()); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Created new current role: {}", currentRole.toString()); + } + } public void cancelEditRole() { @@ -80,7 +88,7 @@ public class RoleView implements Serializable { allRoles = null; // force reload FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " created"); } else { - applicationRoleControl.create(currentRole); + applicationRoleControl.update(currentRole); allRoles = null; // force reload FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " updated"); } @@ -106,10 +114,18 @@ public class RoleView implements Serializable { } } + public boolean getRoleSelected() { + return currentRole != null; + } + public boolean getPermissionSelected() { return currentPermission != null; } + public boolean getMissingPermissionAvailable() { + return ((missingApplicationsPermissions != null) && (!missingApplicationsPermissions.isEmpty())); + } + public void onRoleSelect(SelectEvent event) { currentRolePermissions = null; currentRolePermissions = getRolePermissions(); @@ -192,14 +208,6 @@ public class RoleView implements Serializable { } -// public void selectPermission() { -// this.isPermissionSelected = true; -// } -// -// public void deselectPermission() { -// this.isPermissionSelected = false; -// } - /* *** getter / setter *** */ public void setApplicationView(ApplicationView applicationView) { this.applicationView = applicationView; diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationRoleNameValidator.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationRoleNameValidator.java new file mode 100644 index 0000000..44be027 --- /dev/null +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationRoleNameValidator.java @@ -0,0 +1,60 @@ +package de.muehlencord.shared.account.web.presentation; + +import de.muehlencord.shared.account.business.account.boundary.ApplicationPermissionControl; +import de.muehlencord.shared.account.business.account.boundary.ApplicationRoleControl; +import de.muehlencord.shared.account.business.account.entity.ApplicationPermissionEntity; +import de.muehlencord.shared.account.business.account.entity.ApplicationRoleEntity; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import java.io.Serializable; +import javax.ejb.EJB; +import javax.faces.application.FacesMessage; +import javax.faces.component.UIComponent; +import javax.faces.context.FacesContext; +import javax.faces.validator.FacesValidator; +import javax.faces.validator.Validator; +import javax.faces.validator.ValidatorException; +import javax.inject.Inject; +import javax.persistence.EntityManager; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author Joern Muehlencord + */ +@FacesValidator("uniqueApplicationRoleNameValidator") +public class UniqueApplicationRoleNameValidator implements Validator, Serializable { + + private static final long serialVersionUID = 8165013107453616719L; + + @Inject + EntityManager em; + + @EJB + ApplicationRoleControl applicationRoleControl; + + @Override + public void validate(FacesContext context, UIComponent component, Object value) throws ValidatorException { + Object applicationObj = component.getAttributes().get("application"); + if ((applicationObj != null) && (applicationObj instanceof ApplicationEntity)) { + ApplicationEntity application = (ApplicationEntity) applicationObj; + if (value == null) { + throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR, "Role name invalid", "Role name must not be empty")); + } + if (value instanceof String) { + String roleName = (String) value; + ApplicationRoleEntity existingRole = applicationRoleControl.findByName(application, roleName); + if (existingRole != null) { + throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR, "Role name invalid", "Role already exists")); + } + } else { + throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR, "Role name invalid", "Role name must be a string value")); + // TODO add IPRS logger - someone is trying to cheat + } + } else { + throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR, "Application not set", "Permission name cannot be set if application is unknown")); + } + + } + +} diff --git a/account-ui/src/main/webapp/WEB-INF/shiro.ini b/account-ui/src/main/webapp/WEB-INF/shiro.ini index bcd323b..981899f 100644 --- a/account-ui/src/main/webapp/WEB-INF/shiro.ini +++ b/account-ui/src/main/webapp/WEB-INF/shiro.ini @@ -52,4 +52,5 @@ roles.unauthorizedUrl = /error/accessDenied.xhtml /javax.faces.resource/**=anon /login.xhtml=authc /logout.xhtml=logout -/web/**=authc +/**=authc +# /web/**=authc diff --git a/account-ui/src/main/webapp/web/permissions.xhtml b/account-ui/src/main/webapp/web/permissions.xhtml index b20ef18..6819ac0 100644 --- a/account-ui/src/main/webapp/web/permissions.xhtml +++ b/account-ui/src/main/webapp/web/permissions.xhtml @@ -68,7 +68,6 @@ - diff --git a/account-ui/src/main/webapp/web/roles.xhtml b/account-ui/src/main/webapp/web/roles.xhtml index 4d70e32..73bd590 100644 --- a/account-ui/src/main/webapp/web/roles.xhtml +++ b/account-ui/src/main/webapp/web/roles.xhtml @@ -20,7 +20,9 @@ - + + + @@ -36,11 +38,12 @@ update="editDialog" oncomplete="PF('editDialogVar').show();" styleClass="btn-primary btn-block"/>
-
- +
@@ -62,12 +65,12 @@ - +
+ update="permissionTable" styleClass="btn-primary btn-block" disabled="#{!roleView.missingPermissionAvailable}" />
- -
-
- -
-
- -
-
- -
-
- -
+ + + + + +
+ +
+
+ +
+
+ +
+
+ +
-
- - +
+ + +
+
+ + +
-
- - -
- - - - + + + diff --git a/account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApplicationRoleControl.java b/account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApplicationRoleControl.java index 9e29993..b20ecfb 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApplicationRoleControl.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApplicationRoleControl.java @@ -52,7 +52,7 @@ public class ApplicationRoleControl implements Serializable { @Transactional public void createOrUpdate(ApplicationEntity application, String name, String description) { - ApplicationRoleEntity role = findByName(name); + ApplicationRoleEntity role = findByName(application, name); if (role == null) { role = new ApplicationRoleEntity(application, name, description); em.persist(role); @@ -85,8 +85,9 @@ public class ApplicationRoleControl implements Serializable { } } - private ApplicationRoleEntity findByName(String name) { + public ApplicationRoleEntity findByName(ApplicationEntity application, String name) { Query query = em.createNamedQuery("ApplicationRoleEntity.findByRoleName"); + query.setParameter("application", application); query.setParameter("roleName", name); List permissions = query.getResultList(); if ((permissions == null) || (permissions.isEmpty())) { diff --git a/account/src/main/java/de/muehlencord/shared/account/business/account/entity/ApplicationRoleEntity.java b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/ApplicationRoleEntity.java index f03477d..5457eec 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/account/entity/ApplicationRoleEntity.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/ApplicationRoleEntity.java @@ -74,8 +74,8 @@ public class ApplicationRoleEntity implements Serializable { public ApplicationRoleEntity(ApplicationEntity application) { this.id = null; this.application = application; - this.roleName = null; - this.roleDescription = null; + this.roleName = ""; + this.roleDescription = ""; } public ApplicationRoleEntity(ApplicationEntity application, String roleName, String roleDescription) {