jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

restructured code

Browse Source 
enhanced permission system
This commit is contained in:
Joern Muehlencord
2019-01-10 18:08:36 +01:00
parent b552e0b8bc
commit ecedc1872b
25 changed files with 1158 additions and 1033 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
account-ui/src/main/java/de/muehlencord/shared/account/web/EnsurePermissionsBean.java
View File

@ -1,81 +1,80 @@
/*
* Copyright 2018 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web;
import de.muehlencord.shared.account.business.account.boundary.AccountPermissions;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.application.boundary.ApplicationPermissions;
import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl;
import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import java.util.Arrays;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.context.Initialized;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ApplicationScoped
public class EnsurePermissionsBean {
@Inject
ApplicationEntity application;
@Inject
ApplicationPermissionControl applicationPermissionControl;
@Inject
ApplicationRoleControl applicationRoleControl;
private static final Logger LOGGER = LoggerFactory.getLogger(EnsurePermissionsBean.class);
public void init(@Observes @Initialized(ApplicationScoped.class) Object init) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Ensure all permissions for {} are available", application.getApplicationName());
}
applicationPermissionControl.setupPermissions(Arrays.asList(ApplicationPermissions.values()));
applicationPermissionControl.setupPermissions(Arrays.asList(AccountPermissions.values()));
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("All permissions added to application", application.getApplicationName());
}
// all permissions available - ensure permission is assigned to Admin role
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Ensuring Admin role for {} has all permissions", application.getApplicationName());
}
try {
applicationRoleControl.setupRolePermission(Arrays.asList(ApplicationPermissions.values()), "Admin"); // NOI18N
applicationRoleControl.setupRolePermission(Arrays.asList(AccountPermissions.values()), "Admin"); // NOI18N
} catch (AccountException ex) {
LOGGER.error("Error adding permission to Admin role");
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.error(ex.toString());
}
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("All permissions added to Admin role of {}", application.getApplicationName());
}
}
}
/*
* Copyright 2018 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web;
import de.muehlencord.shared.account.business.account.boundary.AccountPermissions;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions;
import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl;
import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import java.util.Arrays;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.context.Initialized;
import javax.enterprise.event.Observes;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ApplicationScoped
public class EnsurePermissionsBean {
@Inject
ApplicationEntity application;
@Inject
ApplicationPermissionControl applicationPermissionControl;
@Inject
ApplicationRoleControl applicationRoleControl;
private static final Logger LOGGER = LoggerFactory.getLogger(EnsurePermissionsBean.class);
public void init(@Observes @Initialized(ApplicationScoped.class) Object init) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Ensure all permissions for {} are available", application.getApplicationName());
}
applicationPermissionControl.setupPermissions(Arrays.asList(ApplicationPermissions.values()));
applicationPermissionControl.setupPermissions(Arrays.asList(AccountPermissions.values()));
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("All permissions added to application", application.getApplicationName());
}
// all permissions available - ensure permission is assigned to Admin role
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Ensuring Admin role for {} has all permissions", application.getApplicationName());
}
try {
applicationRoleControl.setupRolePermission(Arrays.asList(ApplicationPermissions.values()), "Admin"); // NOI18N
applicationRoleControl.setupRolePermission(Arrays.asList(AccountPermissions.values()), "Admin"); // NOI18N
} catch (AccountException ex) {
LOGGER.error("Error adding permission to Admin role. Reason={}", ex.getMessage());
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("All permissions added to Admin role of {}", application.getApplicationName());
}
}
}

134
account-ui/src/main/java/de/muehlencord/shared/account/web/PermissionConstants.java
View File

@ -1,48 +1,86 @@
/*
* Copyright 2018 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web;
import de.muehlencord.shared.account.business.application.boundary.ApplicationPermissions;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
/**
* TODO replace with omnifaces:importConstants currently problems with Netbeans
* to import omnifaces taglib
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@Named(value = "permissionConstants")
@ApplicationScoped
public class PermissionConstants {
public String getApplicationListAll() {
return ApplicationPermissions.APP_LISTALL.getName();
}
public String getPermissionsCombined() {
return ApplicationPermissions.PERMISSION_ADD.getName() + ","
+ ApplicationPermissions.PERMISSION_EDIT.getName() + ","
+ ApplicationPermissions.PERMISSION_DELETE.getName();
}
public String getRolesCombined() {
return ApplicationPermissions.ROLE_ADD.getName() + ","
+ ApplicationPermissions.ROLE_EDIT.getName() + ","
+ ApplicationPermissions.ROLE_DELETE.getName();
}
}
/*
* Copyright 2018 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web;
import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
/**
* TODO replace with omnifaces:importConstants currently problems with Netbeans
* to import omnifaces taglib
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@Named(value = "permissionConstants")
@ApplicationScoped
public class PermissionConstants {
public String getApplicationListAll() {
return ApplicationPermissions.APP_LIST.getName();
}
public String getPermissionsCombined() {
return ApplicationPermissions.PERMISSION_ADD.getName() + ","
+ ApplicationPermissions.PERMISSION_EDIT.getName() + ","
+ ApplicationPermissions.PERMISSION_DELETE.getName();
}
public String getRolesCombined() {
return ApplicationPermissions.ROLE_ADD.getName() + ","
+ ApplicationPermissions.ROLE_EDIT.getName() + ","
+ ApplicationPermissions.ROLE_DELETE.getName();
}
public String getAccountsCombined() {
return ApplicationPermissions.ACCOUNT_ADD.getName() + ","
+ ApplicationPermissions.ACCOUNT_DELETE.getName() + ","
+ ApplicationPermissions.ACCOUNT_EDIT.getName() + ","
+ ApplicationPermissions.ACCOUNT_LIST.getName() + ","
+ ApplicationPermissions.ACCOUNT_LOGIN_ADD.getName() + ","
+ ApplicationPermissions.ACCOUNT_LOGIN_DELETE.getName() + ","
+ ApplicationPermissions.ACCOUNT_LOGIN_EDIT.getName();
}
public String getAccountAdd() {
return ApplicationPermissions.ACCOUNT_ADD.getName();
}
public String getAccountDelete() {
return ApplicationPermissions.ACCOUNT_DELETE.getName();
}
public String getAccountEdit() {
return ApplicationPermissions.ACCOUNT_EDIT.getName();
}
public String getAccountList() {
return ApplicationPermissions.ACCOUNT_LIST.getName();
}
public String getAccountLoginAdd() {
return ApplicationPermissions.ACCOUNT_LOGIN_ADD.getName();
}
public String getAccountLoginDelete() {
return ApplicationPermissions.ACCOUNT_LOGIN_DELETE.getName();
}
public String getAccountLoginEdit() {
return ApplicationPermissions.ACCOUNT_LOGIN_EDIT.getName();
}
}

19
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java
View File

@ -63,7 +63,7 @@ public class AccountView implements Serializable {
public List<AccountEntity> getAccounts() {
if (accountList == null) {
accountList = accountService.getAccounts(showDisabledAccounts);
accountList = accountService.getAllAccounts(showDisabledAccounts);
}
return accountList;
}
@ -136,11 +136,8 @@ public class AccountView implements Serializable {
currentAccountRoles = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.error(ex.toString());
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error deleting account", ex.getMessage());
}
}
@ -158,13 +155,13 @@ public class AccountView implements Serializable {
/* **** account login methods **** */
public boolean validatePasswords(FacesContext context, List<UIInput> components, List<Object> values) {
String password = components.get(0).getSubmittedValue().toString();
String passwordRepeat = components.get(1).getSubmittedValue().toString();
String currentPassword = components.get(0).getSubmittedValue().toString();
String currentPasswordRepeat = components.get(1).getSubmittedValue().toString();
if ((password == null) || (passwordRepeat == null)) {
if ((currentPassword == null) || (currentPasswordRepeat == null)) {
return false;
}
boolean returnValue = password.equals(passwordRepeat);
boolean returnValue = currentPassword.equals(currentPasswordRepeat);
return returnValue;
}
@ -202,13 +199,13 @@ public class AccountView implements Serializable {
if ((currentAccountLogin == null) || (currentAccount == null)) {
// TODO add error handling
} else {
// overwrite password if provided
if ((password != null) && (!password.trim().equals(""))) {
// password has been specified
if (password.equals(repeatPassword)) {
currentAccountLogin.setAccountPassword(accountService.getHashedPassword(password));
FacesUtil.addGlobalInfoMessage("Info", "Password updated");
FacesUtil.addGlobalInfoMessage("Info", "Password updated");
} else {
// TODO connect to IPRS
// frontend does validate passwords do match

294
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java
View File

@ -1,143 +1,151 @@
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.application.boundary.ApplicationService;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.util.AccountSecurityException;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import javax.inject.Named;
import javax.enterprise.context.SessionScoped;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@SessionScoped
@Named("applicationView")
public class ApplicationView implements Serializable {
private static final long serialVersionUID = -5515249316880163539L;
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationView.class);
@Inject
ApplicationService applicationService;
@Inject
Locale locale;
private ApplicationEntity currentApplication = null;
private ApplicationEntity editApplication = null;
private List<ApplicationEntity> applicationList = null;
@PostConstruct
public void selectDefaultCurrentApplication() {
// force applications to be loaded from database
getAllApplications();
if ((applicationList != null) && (!applicationList.isEmpty())) {
currentApplication = applicationList.get(0);
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("post construct executed");
}
}
@PreDestroy
public void predestroy() {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Predestroy executed");
}
}
public List<ApplicationEntity> getAllApplications() {
if (applicationList == null) {
try {
applicationList = applicationService.getAllApplications();
return applicationList;
} catch (AccountSecurityException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.error(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error " + ex.getErrorCode(), ex.getLocalizedMessage(locale));
return new ArrayList<>();
}
}
return applicationList;
}
public void selectApplication() {
if (currentApplication != null) {
LOGGER.info("selected application: {}", currentApplication.getApplicationName());
FacesUtil.addGlobalInfoMessage("Success", "Selected application " + currentApplication.getApplicationName());
}
}
public void newApplication() {
this.editApplication = new ApplicationEntity();
}
public void cancelEditApplication() {
this.editApplication = null;
}
public void saveEditApplication() {
if (editApplication == null) {
FacesUtil.addGlobalErrorMessage("Error", "Need to provide data");
} else if ((editApplication.getApplicationName() == null) || (editApplication.getApplicationName().trim().equals(""))) {
String hint;
if (editApplication.getId() == null) {
hint = "Cannot create application";
} else {
hint = "Cannot save application";
}
FacesUtil.addGlobalErrorMessage(hint, "Application name must not be empty");
} else {
currentApplication = applicationService.createOrUpdate(editApplication);
// force reload of to update view
applicationList = null;
FacesUtil.addGlobalInfoMessage("Info", "Application saved");
}
}
public void deleteApplication() {
if (currentApplication == null) {
FacesUtil.addGlobalErrorMessage("Error", "Need to provide data");
} else if (currentApplication.getId() == null) {
FacesUtil.addGlobalErrorMessage("Error", "Cannot delete non persistent data");
} else {
String applicationName = currentApplication.getApplicationName();
applicationService.delete(currentApplication);
applicationList = null; // force reload to update view
currentApplication = null;
selectDefaultCurrentApplication();
FacesUtil.addGlobalInfoMessage("Info", "Application " + applicationName + " deleted");
}
}
/* *** getter / setter *** */
public ApplicationEntity getCurrentApplication() {
return currentApplication;
}
public void setCurrentApplication(ApplicationEntity currentApplication) {
this.currentApplication = currentApplication;
}
public ApplicationEntity getEditApplication() {
return editApplication;
}
public void setEditApplication(ApplicationEntity editApplication) {
this.editApplication = editApplication;
}
}
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.application.control.ApplicationControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.util.AccountSecurityException;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import javax.enterprise.context.SessionScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@SessionScoped
@Named("applicationView")
public class ApplicationView implements Serializable {
private static final long serialVersionUID = -5515249316880163539L;
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationView.class);
@Inject
ApplicationControl applicationService;
@Inject
InstanceView instanceView;
@Inject
Locale locale;
private ApplicationEntity currentApplication = null;
private ApplicationEntity editApplication = null;
private List<ApplicationEntity> applicationList = null;
@PostConstruct
public void selectDefaultCurrentApplication() {
// force applications to be loaded from database
getAllApplications();
if ((applicationList != null) && (!applicationList.isEmpty())) {
currentApplication = applicationList.get(0);
}
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("post construct executed");
}
}
@PreDestroy
public void predestroy() {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Predestroy executed");
}
}
public List<ApplicationEntity> getAllApplications() {
if (applicationList == null) {
try {
applicationList = applicationService.getAllApplications();
// if no role is assigned to user, ensure that at least current application is added
if ((applicationList == null) || (applicationList.isEmpty())) {
applicationList = new ArrayList<>();
applicationList.add(instanceView.getInstanceApplication());
}
return applicationList;
} catch (AccountSecurityException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error " + ex.getErrorCode(), ex.getLocalizedMessage(locale));
return new ArrayList<>();
}
}
return applicationList;
}
public void selectApplication() {
if (currentApplication != null) {
LOGGER.info("selected application: {}", currentApplication.getApplicationName());
FacesUtil.addGlobalInfoMessage("Success", "Selected application " + currentApplication.getApplicationName());
}
}
public void newApplication() {
this.editApplication = new ApplicationEntity();
}
public void cancelEditApplication() {
this.editApplication = null;
}
public void saveEditApplication() {
if (editApplication == null) {
FacesUtil.addGlobalErrorMessage("Error", "Need to provide data");
} else if ((editApplication.getApplicationName() == null) || (editApplication.getApplicationName().trim().equals(""))) {
String hint;
if (editApplication.getId() == null) {
hint = "Cannot create application";
} else {
hint = "Cannot save application";
}
FacesUtil.addGlobalErrorMessage(hint, "Application name must not be empty");
} else {
currentApplication = applicationService.createOrUpdate(editApplication);
// force reload of to update view
applicationList = null;
FacesUtil.addGlobalInfoMessage("Info", "Application saved");
}
}
public void deleteApplication() {
if (currentApplication == null) {
FacesUtil.addGlobalErrorMessage("Error", "Need to provide data");
} else if (currentApplication.getId() == null) {
FacesUtil.addGlobalErrorMessage("Error", "Cannot delete non persistent data");
} else {
String applicationName = currentApplication.getApplicationName();
applicationService.delete(currentApplication);
applicationList = null; // force reload to update view
currentApplication = null;
selectDefaultCurrentApplication();
FacesUtil.addGlobalInfoMessage("Info", "Application " + applicationName + " deleted");
}
}
/* *** getter / setter *** */
public ApplicationEntity getCurrentApplication() {
return currentApplication;
}
public void setCurrentApplication(ApplicationEntity currentApplication) {
this.currentApplication = currentApplication;
}
public ApplicationEntity getEditApplication() {
return editApplication;
}
public void setEditApplication(ApplicationEntity editApplication) {
this.editApplication = editApplication;
}
}

20
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/InstanceView.java
View File

@ -1,26 +1,32 @@
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.instance.control.ApplicationController;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.config.boundary.ConfigService;
import de.muehlencord.shared.account.business.config.entity.ConfigException;
import javax.ejb.EJB;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* TODO - move to shared-account and remove from all applications and archetype
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@Named(value = "instanceView")
@ApplicationScoped
public class InstanceView {
private static final Logger LOGGER = LoggerFactory.getLogger(InstanceView.class);
private static final Logger LOGGER = LoggerFactory.getLogger(InstanceView.class);
@EJB
@Inject
ConfigService configService;
@Inject
ApplicationController applicationController;
public boolean isDevelopmentVersion() {
String instanceName = getInstanceName();
return !instanceName.equals("Production");
@ -32,9 +38,7 @@ public class InstanceView {
instanceName = configService.getConfigValue("base.instance");
} catch (ConfigException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.error(ex.toString());
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
instanceName = "unknown (" + ex.toString() + ")";
}
@ -44,4 +48,8 @@ public class InstanceView {
return instanceName;
}
}
public ApplicationEntity getInstanceApplication() {
return applicationController.getApplication();
}
}

288
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/PermissionView.java
View File

@ -1,145 +1,143 @@
/*
* Copyright 2017 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity;
import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.List;
import javax.ejb.EJB;
import javax.inject.Named;
import javax.faces.view.ViewScoped;
import javax.inject.Inject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ViewScoped
@Named("permissionView")
public class PermissionView implements Serializable {
private static final long serialVersionUID = -1469453490360990772L;
private static final Logger LOGGER = LoggerFactory.getLogger(PermissionView.class);
@Inject
private ApplicationView applicationView;
@EJB
ApplicationPermissionControl applicationPermissionService;
private ApplicationPermissionEntity currentPermission;
public List<ApplicationPermissionEntity> getAppPermissions() {
return applicationPermissionService.getApplicationPermissions(applicationView.getCurrentApplication());
}
public void saveEditPermission() throws AccountException {
if (currentPermission != null) {
String newPermissionName = currentPermission.getPermissionName();
String newPermissionDescription = currentPermission.getPermissionDescription();
if ((newPermissionName == null) || (newPermissionName.trim().length() == 0)) {
FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null");
} else if ((newPermissionDescription == null) || (newPermissionDescription.trim().length() == 0)) {
FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null");
} else {
if (currentPermission.getId() == null) {
applicationPermissionService.create(applicationView.getCurrentApplication(), newPermissionName, newPermissionDescription);
FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " created");
} else {
applicationPermissionService.update(currentPermission);
FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " updated");
}
}
}
}
public ApplicationEntity getCurrentApplication() {
if (applicationView.getCurrentApplication() == null) {
return null;
} else {
return applicationView.getCurrentApplication();
}
}
public void cancelEditPermission() {
this.currentPermission = null;
}
public void newPermission() {
this.currentPermission = new ApplicationPermissionEntity();
}
public void editPermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
}
}
public void deletePermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
} else {
try {
applicationPermissionService.delete(currentPermission);
currentPermission = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.debug(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString());
}
}
}
public boolean getCanEdit() {
return isPermissionSelected();
}
public boolean getCanDelete() {
return isPermissionSelected();
}
/* *** getter / setter *** */
/**
* required setter for managedProperty
*
*
* @param applicationView the injected applicationView
*/
public void setApplicationView(ApplicationView applicationView) {
this.applicationView = applicationView;
}
public ApplicationPermissionEntity getCurrentPermission() {
return currentPermission;
}
public void setCurrentPermission(ApplicationPermissionEntity newCurrentPermission) {
this.currentPermission = newCurrentPermission;
}
public boolean isPermissionSelected() {
return currentPermission != null;
}
}
/*
* Copyright 2017 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.List;
import javax.ejb.EJB;
import javax.faces.view.ViewScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ViewScoped
@Named("permissionView")
public class PermissionView implements Serializable {
private static final long serialVersionUID = -1469453490360990772L;
private static final Logger LOGGER = LoggerFactory.getLogger(PermissionView.class);
@Inject
private ApplicationView applicationView;
@EJB
ApplicationPermissionControl applicationPermissionService;
private ApplicationPermissionEntity currentPermission;
public List<ApplicationPermissionEntity> getAppPermissions() {
return applicationPermissionService.getApplicationPermissions(applicationView.getCurrentApplication());
}
public void saveEditPermission() throws AccountException {
if (currentPermission != null) {
String newPermissionName = currentPermission.getPermissionName();
String newPermissionDescription = currentPermission.getPermissionDescription();
if ((newPermissionName == null) || (newPermissionName.trim().length() == 0)) {
FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null");
} else if ((newPermissionDescription == null) || (newPermissionDescription.trim().length() == 0)) {
FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null");
} else {
if (currentPermission.getId() == null) {
applicationPermissionService.create(applicationView.getCurrentApplication(), newPermissionName, newPermissionDescription);
FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " created");
} else {
applicationPermissionService.update(currentPermission);
FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " updated");
}
}
}
}
public ApplicationEntity getCurrentApplication() {
if (applicationView.getCurrentApplication() == null) {
return null;
} else {
return applicationView.getCurrentApplication();
}
}
public void cancelEditPermission() {
this.currentPermission = null;
}
public void newPermission() {
this.currentPermission = new ApplicationPermissionEntity();
}
public void editPermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
}
}
public void deletePermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
} else {
try {
applicationPermissionService.delete(currentPermission);
currentPermission = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString());
}
}
}
public boolean getCanEdit() {
return isPermissionSelected();
}
public boolean getCanDelete() {
return isPermissionSelected();
}
/* *** getter / setter *** */
/**
* required setter for managedProperty
*
*
* @param applicationView the injected applicationView
*/
public void setApplicationView(ApplicationView applicationView) {
this.applicationView = applicationView;
}
public ApplicationPermissionEntity getCurrentPermission() {
return currentPermission;
}
public void setCurrentPermission(ApplicationPermissionEntity newCurrentPermission) {
this.currentPermission = newCurrentPermission;
}
public boolean isPermissionSelected() {
return currentPermission != null;
}
}

476
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java
View File

@ -1,240 +1,236 @@
/*
* Copyright 2017 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import javax.ejb.EJB;
import javax.faces.view.ViewScoped;
import javax.inject.Named;
import javax.inject.Inject;
import org.primefaces.event.SelectEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ViewScoped
@Named("roleView")
public class RoleView implements Serializable {
private static final long serialVersionUID = 1669321020398119007L;
private static final Logger LOGGER = LoggerFactory.getLogger(RoleView.class);
@Inject
private ApplicationView applicationView;
@EJB
ApplicationRoleControl applicationRoleControl;
private List<ApplicationRoleEntity> allRoles = null;
private List<ApplicationPermissionEntity> currentRolePermissions = null;
private List<ApplicationPermissionEntity> missingApplicationsPermissions = null;
private ApplicationRoleEntity currentRole;
private ApplicationPermissionEntity currentPermission;
private ApplicationPermissionEntity newPermission;
public ApplicationEntity getCurrentApplication() {
return applicationView.getCurrentApplication();
}
public List<ApplicationRoleEntity> getAllRoles() {
if (allRoles == null) {
allRoles = applicationRoleControl.getAllRoles(applicationView.getCurrentApplication());
}
return allRoles;
}
public void startNewRole() {
this.currentRole = new ApplicationRoleEntity(applicationView.getCurrentApplication());
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Created new current role: {}", currentRole.toString());
}
}
public void cancelEditRole() {
this.currentRole = null;
}
public void saveEditRole() {
if ((currentRole == null) || (currentRole.getRoleName() == null) || (currentRole.getRoleName().trim().length() == 0)) {
FacesUtil.addGlobalErrorMessage("Error", "Permission name must not be null");
} else if (currentRole.getId() == null) {
applicationRoleControl.create(currentRole);
allRoles = null; // force reload
FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " created");
} else {
applicationRoleControl.update(currentRole);
allRoles = null; // force reload
FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " updated");
}
}
public void deleteRole() {
if (currentRole == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
} else {
try {
applicationRoleControl.delete(currentRole);
allRoles = null; // force reload
currentRole = null;
currentRolePermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.debug(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString());
}
}
}
public boolean getRoleSelected() {
return currentRole != null;
}
public boolean getPermissionSelected() {
return currentPermission != null;
}
public boolean getMissingPermissionAvailable() {
return ((missingApplicationsPermissions != null) && (!missingApplicationsPermissions.isEmpty()));
}
public void onRoleSelect(SelectEvent event) {
currentRolePermissions = null;
currentRolePermissions = getRolePermissions();
missingApplicationsPermissions = null;
missingApplicationsPermissions = getMissingPermissions();
}
public List<ApplicationPermissionEntity> getRolePermissions() {
if (currentRole == null) {
currentRolePermissions = new ArrayList<>();
return currentRolePermissions;
} else {
if (currentRolePermissions == null) {
try {
currentRolePermissions = applicationRoleControl.getRolePermissions(currentRole);
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.debug(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error while fetching role permissions", "see log for details");
currentRolePermissions = new ArrayList<>();
}
}
return currentRolePermissions;
}
}
public List<ApplicationPermissionEntity> getMissingPermissions() {
if (currentRole == null) {
missingApplicationsPermissions = new ArrayList<>();
return missingApplicationsPermissions;
} else {
if (missingApplicationsPermissions == null) {
missingApplicationsPermissions = applicationRoleControl.getNotAssignedApplicationPermissions(currentRole);
}
return missingApplicationsPermissions;
}
}
public void addRolePermission() {
if (newPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a new permission first");
} else {
try {
applicationRoleControl.addPermission(currentRole, newPermission);
currentRolePermissions = null;
missingApplicationsPermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.debug(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage());
}
}
}
public void removeRolePermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission first");
} else {
try {
applicationRoleControl.removePermission(currentRole, currentPermission);
currentRolePermissions = null;
missingApplicationsPermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex);
} else {
LOGGER.debug(ex.toString());
}
FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage());
}
}
}
/* *** getter / setter *** */
public void setApplicationView(ApplicationView applicationView) {
this.applicationView = applicationView;
}
public ApplicationRoleEntity getCurrentRole() {
return currentRole;
}
public void setCurrentRole(ApplicationRoleEntity currentRole) {
this.currentRole = currentRole;
}
public ApplicationPermissionEntity getCurrentPermission() {
return currentPermission;
}
public void setCurrentPermission(ApplicationPermissionEntity currentPermission) {
this.currentPermission = currentPermission;
}
public ApplicationPermissionEntity getNewPermission() {
return newPermission;
}
public void setNewPermission(ApplicationPermissionEntity newPermission) {
this.newPermission = newPermission;
}
}
/*
* Copyright 2017 Joern Muehlencord <joern at muehlencord.de>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.account.entity.AccountException;
import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity;
import de.muehlencord.shared.jeeutil.FacesUtil;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import javax.ejb.EJB;
import javax.faces.view.ViewScoped;
import javax.inject.Inject;
import javax.inject.Named;
import org.primefaces.event.SelectEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@ViewScoped
@Named("roleView")
public class RoleView implements Serializable {
private static final long serialVersionUID = 1669321020398119007L;
private static final Logger LOGGER = LoggerFactory.getLogger(RoleView.class);
@Inject
private ApplicationView applicationView;
@EJB
ApplicationRoleControl applicationRoleControl;
private List<ApplicationRoleEntity> allRoles = null;
private List<ApplicationPermissionEntity> currentRolePermissions = null;
private List<ApplicationPermissionEntity> missingApplicationsPermissions = null;
private ApplicationRoleEntity currentRole;
private ApplicationPermissionEntity currentPermission;
private ApplicationPermissionEntity newPermission;
public ApplicationEntity getCurrentApplication() {
return applicationView.getCurrentApplication();
}
public List<ApplicationRoleEntity> getAllRoles() {
if (allRoles == null) {
allRoles = applicationRoleControl.getAllRoles(applicationView.getCurrentApplication());
}
return allRoles;
}
public void startNewRole() {
this.currentRole = new ApplicationRoleEntity(applicationView.getCurrentApplication());
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Created new current role: {}", currentRole.toString());
}
}
public void cancelEditRole() {
this.currentRole = null;
}
public void saveEditRole() {
if ((currentRole == null) || (currentRole.getRoleName() == null) || (currentRole.getRoleName().trim().length() == 0)) {
FacesUtil.addGlobalErrorMessage("Error", "Permission name must not be null");
} else if (currentRole.getId() == null) {
applicationRoleControl.create(currentRole);
allRoles = null; // force reload
FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " created");
} else {
applicationRoleControl.update(currentRole);
allRoles = null; // force reload
FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " updated");
}
}
public void deleteRole() {
if (currentRole == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit");
} else {
try {
applicationRoleControl.delete(currentRole);
allRoles = null; // force reload
currentRole = null;
currentRolePermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString());
}
}
}
public boolean getRoleSelected() {
return currentRole != null;
}
public boolean getPermissionSelected() {
return currentPermission != null;
}
public boolean getMissingPermissionAvailable() {
return ((missingApplicationsPermissions != null) && (!missingApplicationsPermissions.isEmpty()));
}
public void onRoleSelect(SelectEvent event) {
currentRolePermissions = null;
currentRolePermissions = getRolePermissions();
missingApplicationsPermissions = null;
missingApplicationsPermissions = getMissingPermissions();
}
public List<ApplicationPermissionEntity> getRolePermissions() {
if (currentRole == null) {
currentRolePermissions = new ArrayList<>();
return currentRolePermissions;
} else {
if (currentRolePermissions == null) {
try {
currentRolePermissions = applicationRoleControl.getRolePermissions(currentRole);
} catch (AccountException ex) {
LOGGER.error(ex.getMessage());
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error while fetching role permissions", "see log for details");
currentRolePermissions = new ArrayList<>();
}
}
return currentRolePermissions;
}
}
public List<ApplicationPermissionEntity> getMissingPermissions() {
if (currentRole == null) {
missingApplicationsPermissions = new ArrayList<>();
return missingApplicationsPermissions;
} else {
if (missingApplicationsPermissions == null) {
missingApplicationsPermissions = applicationRoleControl.getNotAssignedApplicationPermissions(currentRole);
}
return missingApplicationsPermissions;
}
}
public void addRolePermission() {
if (newPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a new permission first");
} else {
try {
applicationRoleControl.addPermission(currentRole, newPermission);
currentRolePermissions = null;
missingApplicationsPermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage());
}
}
}
public void removeRolePermission() {
if (currentPermission == null) {
FacesUtil.addGlobalErrorMessage("Error", "Please select a permission first");
} else {
try {
applicationRoleControl.removePermission(currentRole, currentPermission);
currentRolePermissions = null;
missingApplicationsPermissions = null;
} catch (AccountException ex) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Detailed stacktrace", new Object[]{ex});
}
FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage());
}
}
}
/* *** getter / setter *** */
public void setApplicationView(ApplicationView applicationView) {
this.applicationView = applicationView;
}
public ApplicationRoleEntity getCurrentRole() {
return currentRole;
}
public void setCurrentRole(ApplicationRoleEntity currentRole) {
this.currentRole = currentRole;
}
public ApplicationPermissionEntity getCurrentPermission() {
return currentPermission;
}
public void setCurrentPermission(ApplicationPermissionEntity currentPermission) {
this.currentPermission = currentPermission;
}
public ApplicationPermissionEntity getNewPermission() {
return newPermission;
}
public void setNewPermission(ApplicationPermissionEntity newPermission) {
this.newPermission = newPermission;
}
}

4
account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationValidator.java
View File

@ -1,6 +1,6 @@
package de.muehlencord.shared.account.web.presentation;
import de.muehlencord.shared.account.business.application.boundary.ApplicationService;
import de.muehlencord.shared.account.business.application.control.ApplicationControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import java.io.Serializable;
import java.util.UUID;
@ -26,7 +26,7 @@ public class UniqueApplicationValidator implements Validator, Serializable {
private static final Logger LOGGER = LoggerFactory.getLogger(UniqueApplicationValidator.class);
@Inject
ApplicationService applicationService;
ApplicationControl applicationService;
@Override
public void validate(FacesContext context, UIComponent component, Object value) throws ValidatorException {

1
account-ui/src/main/webapp/resources/template/leftmenu.xhtml
View File

@ -41,6 +41,7 @@
<i class="fa fa-circle"></i>
<span>Roles</span>
</p:link>
<a href="footer.xhtml"></a>
</li>
</shiro:hasAnyPermission>
<li>

655
account-ui/src/main/webapp/web/accounts.xhtml
View File

@ -1,316 +1,341 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui"
template="/resources/template/template.xhtml"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:co="http://java.sun.com/jsf/composite/composite"
xmlns:c="http://xmlns.jcp.org/jsp/jstl/core"
xmlns:o="http://omnifaces.org/ui"
xmlns:composite="http://xmlns.jcp.org/jsf/composite/composite">
<ui:define name="title">
Account Overview
</ui:define>
<ui:define name="description">
for #{applicationView.currentApplication.applicationName}
</ui:define>
<ui:define name="body">
<p:panel styleClass="box-solid" rendered="#{! empty applicationView.currentApplication}">
<h:form id="accountForm" prependId="false">
<p:dataTable id="accountTable" value="#{accountView.accounts}" var="account" rowKey="#{account.username}" selectionMode="single" selection="#{accountView.currentAccount}"
styleClass="box-primary">
<p:ajax event="rowSelect" update="buttonPanel" listener="#{accountView.selectAccount}" />
<p:ajax event="rowUnselect" update="buttonPanel" listener="#{accountView.unselectAccount}" />
<p:column headerText="Username">
<h:outputText value="#{account.username}" />
</p:column>
<p:column headerText="Lastname">
<h:outputText value="#{account.lastname}" />
</p:column>
<p:column headerText="Firstname">
<h:outputText value="#{account.firstname}" />
</p:column>
<p:column headerText="Email">
<h:outputText value="#{account.emailaddress}" />
</p:column>
<p:column headerText="Status">
<h:outputText value="#{account.status}" />
</p:column>
<p:column headerText="Can login" >
<p:selectBooleanCheckbox id="canLogin" disabled="true" value="#{!empty account.accountLogin}" />
</p:column>
<p:column headerText="CreatedOn">
<h:outputText value="#{account.createdOn}" >
<f:convertDateTime type="both" dateStyle="full" timeStyle="short" timeZone="Europe/Berlin"/>
</h:outputText>
</p:column>
<p:column headerText="CreatedBy">
<h:outputText value="#{account.createdBy}" />
</p:column>
<p:column headerText="LastUpdatedOn">
<h:outputText value="#{account.lastUpdatedOn}">
<f:convertDateTime type="both" dateStyle="full" timeStyle="short" timeZone="Europe/Berlin"/>
</h:outputText>
</p:column>
<p:column headerText="LastUpdatedBy">
<h:outputText value="#{account.lastUpdatedBy}" />
</p:column>
</p:dataTable>
<p:spacer height="10px" />
<p:panel id="buttonPanel" styleClass="box-primary" style="margin-bottom:20px">
<div class="ui-g ui-fluid">
<div class="col-sm-12 col-md-4" style="margin-top:10px">
<div class="ui-inputgroup" >
<h:outputLabel for="includeDisabledCheckbox" value="Include disabled accounts?" />
<p:inputSwitch id="includeDisabledCheckbox" value="#{accountView.showDisabledAccounts}" styleClass="btn-teal btn-block" >
<p:ajax listener="#{accountView.showDisabledAccountsChange}" update="accountTable" />
</p:inputSwitch>
</div>
</div>
<div class="col-sm-12 col-md-2">
<p:commandButton value="New" id="newButton" icon="fa fa-plus"
update="editDialog" oncomplete="PF('editDialogVar').show();"
actionListener="#{accountView.newAccount}" styleClass="btn-primary btn-block" />
</div>
<div class="col-sm-12 col-md-2">
<p:commandButton value="Edit" id="editButton" icon="fa fa-pencil"
update="editDialog" oncomplete="PF('editDialogVar').show();"
actionListener="#{accountView.editAccount}" disabled="#{!accountView.accountSelected}" styleClass="btn-teal btn-block" />
</div>
<div class="col-sm-12 col-md-2">
<p:commandButton value="Delete" id="deleteButton" icon="fa fa-trash-o"
update=":accountForm:accountTable" action="#{accountView.deleteAccount}" disabled="#{accountView.accountSelected eq false or accountView.currentLoggedInUser eq true}" styleClass="btn-danger btn-block">
<p:confirm header="Confirmation" message="Are you sure?" icon="fa fa-exclamation-triangle" />
</p:commandButton>
</div>
<div class="col-sm-12 col-md-2">
<c:if test="#{empty accountView.currentAccount.accountLogin}">
<p:commandButton value="Add login" id="addLoginButton" icon="fa fa-plus" disabled="#{!accountView.accountSelected}"
update="editLoginDialog" oncomplete="PF('editLoginDialogVar').show();"
action="#{accountView.addAccountLogin}" styleClass="btn-teal btn-block">
</p:commandButton>
</c:if>
<c:if test="#{!empty accountView.currentAccount.accountLogin}">
<p:splitButton value="Edit login" id="editLoginButton" icon="fa fa-pencil" disabled="#{!accountView.accountSelected}"
update="editLoginDialog" oncomplete="PF('editLoginDialogVar').show();"
action="#{accountView.editAccountLogin}" styleClass="btn-success btn-block">
<p:menuitem value="Delete login" icon="fa fa-trash-o" disabled="#{accountView.currentLoggedInUser}"
update="accountTable,buttonPanel" styleClass="btn-danger btn-block"
action="#{accountView.deleteAccountLogin}" >
<p:confirm header="Confirmation" message="Are you sure?" icon="fa fa-exclamation-triangle" />
</p:menuitem>
</p:splitButton>
</c:if>
</div>
</div>
</p:panel>
<composite:confirmationDialog />
</h:form>
</p:panel>
<p:dialog id="editDialog" widgetVar="editDialogVar" header="Edit account" width="600"
modal="true" appendTo="@(body)" showEffect="fade" hideEffect="fade" styleClass="box-solid box-primary" >
<h:form id="editDialogForm">
<p:messages id="editDialogMessages" showDetail="true" showIcon="true" showSummary="true">
<p:autoUpdate />
</p:messages>
<div class="ui-g ui-fluid">
<div class="col-sm-12 col-md-3">
<p:outputLabel for="username" value="Username" />
</div>
<div class="col-sm-12 col-md-6">
<c:if test="#{accountView.currentAccount.createdBy != null}">
<h:outputText id="username" value="#{accountView.currentAccount.username}" />
</c:if>
<c:if test="#{accountView.currentAccount.createdBy == null}">
<p:inputText id="username" value="#{accountView.currentAccount.username}" />
</c:if>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="username"><p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastname" value="Lastname" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="lastname" value="#{accountView.currentAccount.lastname}" size="40" maxlength="100"/>
</div>
<div class="col-sm-12 col-md-3 ">
<p:message for="lastname"> <p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="firstname" value="Firstname" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="firstname" value="#{accountView.currentAccount.firstname}" size="40" maxlength="100" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="firstname"> <p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="emailaddress" value="emailaddress" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="emailaddress" value="#{accountView.currentAccount.emailaddress}" size="40" maxlength="200">
<f:validator validatorId="de.muehlencord.shared.jeeutil.validator.EmailValidator" />
</p:inputText>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="emailaddress"> <p:autoUpdate /></p:message>
</div>
<c:if test="#{accountView.currentAccount.username != null}">
<div class="col-sm-12 col-md-3">
<p:outputLabel for="status" value="Status" />
</div>
<div class="col-sm-12 col-md-6">
<p:selectOneMenu id="status" value="#{accountView.currentAccount.status}" >
<f:selectItems value="#{accountView.statusList}" />
</p:selectOneMenu>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="status" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="createdon" value="Created on" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="createdon" value="#{accountView.currentAccount.createdOn}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="createdon" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="createdby" value="Created by" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="createdby" value="#{accountView.currentAccount.createdBy}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="createdby" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastupdatedon" value="Last updated on" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="lastupdatedon" value="#{accountView.currentAccount.lastUpdatedOn}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="lastupdatedon" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastupdatedby" value="Last updated by" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="lastupdatedby" value="#{accountView.currentAccount.lastUpdatedBy}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="lastupdatedby" />
</div>
</c:if>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="roles" value="Roles" />
</div>
<div class="col-sm-12 col-md-6">
<p:selectManyMenu id="roles" var="role" label="#{role.roleName}" value="#{accountView.currentAccountRoles}" converter="omnifaces.SelectItemsConverter" required="false" >
<f:selectItems value="#{accountView.allApplicationRoles}" var="roleItem" itemValue="#{roleItem}" />
<p:column>
<h:outputText value="#{role.application.applicationName}-#{role.roleName}"/>
</p:column>
</p:selectManyMenu>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="roles" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Save" action="#{accountView.saveEditAccount}" styleClass="btn-primary btn-block"
oncomplete="if (args &amp;&amp; !args.validationFailed) PF('editDialogVar').hide();" update=":accountForm:accountTable" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Cancel" action="#{accountView.cancelEditAccount}" immediate="true" styleClass="btn-teal btn-block"
oncomplete="PF('editDialogVar').hide();" />
</div>
</div>
</h:form>
</p:dialog>
<p:dialog id="editLoginDialog" widgetVar="editLoginDialogVar" header="Edit account login" width="600"
modal="true" appendTo="@(body)" showEffect="fade" hideEffect="fade" styleClass="box-solid box-primary" >
<h:form id="editLoginDialogForm">
<p:messages id="editLoginDialogMessages" showDetail="true" showIcon="true" showSummary="true">
<p:autoUpdate />
</p:messages>
<div class="ui-g ui-fluid">
<o:validateMultiple id="myId" components="password repeatPassword"
validator="#{accountView.validatePasswords}" message="#{msgs.passwords_different}" />
<div class="col-sm-12">
<p:outputLabel value="Enter a new password or keep values empty to keep existing / autogenrated value" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="password" value="Password" />
</div>
<div class="col-sm-12 col-md-6">
<p:password id="password" value="#{accountView.password}" maxlength="32" size="32" required="false"/>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="password" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="repeatPassword" value="repeat Password" />
</div>
<div class="col-sm-12 col-md-6">
<p:password id="repeatPassword" value="#{accountView.repeatPassword}" maxlength="32" size="32" required="false"/>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="repeatPassword" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Save" action="#{accountView.saveEditAccountLogin}" styleClass="btn-primary btn-block"
oncomplete="if (args &amp;&amp; !args.validationFailed) PF('editLoginDialogVar').hide();" update=":accountForm:accountTable,:accountForm:buttonPanel" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Cancel" action="#{accountView.cancelEditAccountLogin}" immediate="true" styleClass="btn-teal btn-block"
oncomplete="PF('editLoginDialogVar').hide();" />
</div>
</div>
</h:form>
</p:dialog>
</ui:define>
<?xml version="1.0" encoding="UTF-8"?>
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui"
template="/resources/template/template.xhtml"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:co="http://java.sun.com/jsf/composite/composite"
xmlns:c="http://xmlns.jcp.org/jsp/jstl/core"
xmlns:o="http://omnifaces.org/ui"
xmlns:composite="http://xmlns.jcp.org/jsf/composite/composite"
xmlns:shiro="http://shiro.apache.org/tags">
<ui:define name="title">
Account Overview
</ui:define>
<ui:define name="description">
for #{applicationView.currentApplication.applicationName}
</ui:define>
<ui:define name="body">
<p:panel styleClass="box-solid" rendered="#{! empty applicationView.currentApplication}">
<h:form id="accountForm" prependId="false">
<p:dataTable id="accountTable" value="#{accountView.accounts}" var="account" rowKey="#{account.username}" selectionMode="single" selection="#{accountView.currentAccount}"
styleClass="box-primary">
<p:ajax event="rowSelect" update="buttonPanel" listener="#{accountView.selectAccount}" />
<p:ajax event="rowUnselect" update="buttonPanel" listener="#{accountView.unselectAccount}" />
<p:column headerText="Username">
<h:outputText value="#{account.username}" />
</p:column>
<p:column headerText="Lastname">
<h:outputText value="#{account.lastname}" />
</p:column>
<p:column headerText="Firstname">
<h:outputText value="#{account.firstname}" />
</p:column>
<p:column headerText="Email">
<h:outputText value="#{account.emailaddress}" />
</p:column>
<p:column headerText="Status">
<h:outputText value="#{account.status}" />
</p:column>
<p:column headerText="Can login" >
<p:selectBooleanCheckbox id="canLogin" disabled="true" value="#{!empty account.accountLogin}" />
</p:column>
<p:column headerText="CreatedOn">
<h:outputText value="#{account.createdOn}" >
<f:convertDateTime type="both" dateStyle="full" timeStyle="short" timeZone="Europe/Berlin"/>
</h:outputText>
</p:column>
<p:column headerText="CreatedBy">
<h:outputText value="#{account.createdBy}" />
</p:column>
<p:column headerText="LastUpdatedOn">
<h:outputText value="#{account.lastUpdatedOn}">
<f:convertDateTime type="both" dateStyle="full" timeStyle="short" timeZone="Europe/Berlin"/>
</h:outputText>
</p:column>
<p:column headerText="LastUpdatedBy">
<h:outputText value="#{account.lastUpdatedBy}" />
</p:column>
</p:dataTable>
<p:spacer height="10px" />
<p:panel id="buttonPanel" styleClass="box-primary" style="margin-bottom:20px">
<div class="ui-g ui-fluid">
<shiro:hasPermission name="#{permissionConstants.accountDelete}">
<div class="col-sm-12 col-md-4" style="margin-top:10px">
<div class="ui-inputgroup" >
<h:outputLabel for="includeDisabledCheckbox" value="Include disabled accounts?" />
<p:inputSwitch id="includeDisabledCheckbox" value="#{accountView.showDisabledAccounts}" styleClass="btn-teal btn-block" >
<p:ajax listener="#{accountView.showDisabledAccountsChange}" update="accountTable" />
</p:inputSwitch>
</div>
</div>
</shiro:hasPermission>
<shiro:hasPermission name="#{permissionConstants.accountAdd}">
<div class="col-sm-12 col-md-2">
<p:commandButton value="New" id="newButton" icon="fa fa-plus"
update="editDialog" oncomplete="PF('editDialogVar').show();"
actionListener="#{accountView.newAccount}" styleClass="btn-primary btn-block" />
</div>
</shiro:hasPermission>
<shiro:hasPermission name="#{permissionConstants.accountEdit}">
<div class="col-sm-12 col-md-2">
<p:commandButton value="Edit" id="editButton" icon="fa fa-pencil"
update="editDialog" oncomplete="PF('editDialogVar').show();"
actionListener="#{accountView.editAccount}" disabled="#{!accountView.accountSelected}" styleClass="btn-teal btn-block" />
</div>
</shiro:hasPermission>
<shiro:hasPermission name="#{permissionConstants.accountDelete}">
<div class="col-sm-12 col-md-2">
<p:commandButton value="Delete" id="deleteButton" icon="fa fa-trash-o"
update=":accountForm:accountTable" action="#{accountView.deleteAccount}" disabled="#{accountView.accountSelected eq false or accountView.currentLoggedInUser eq true}" styleClass="btn-danger btn-block">
<p:confirm header="Confirmation" message="Are you sure?" icon="fa fa-exclamation-triangle" />
</p:commandButton>
</div>
</shiro:hasPermission>
<shiro:hasPermission name="#{permissionConstants.accountsCombined}">
<div class="col-sm-12 col-md-2">
<shiro:hasPermission name="#{permissionConstants.accountLoginAdd}">
<c:if test="#{empty accountView.currentAccount.accountLogin}">
<p:commandButton value="Add login" id="addLoginButton" icon="fa fa-plus" disabled="#{!accountView.accountSelected}"
update="editLoginDialog" oncomplete="PF('editLoginDialogVar').show();"
action="#{accountView.addAccountLogin}" styleClass="btn-teal btn-block">
</p:commandButton>
</c:if>
</shiro:hasPermission>
<c:if test="#{!empty accountView.currentAccount.accountLogin}">
<p:splitButton value="Edit login" id="editLoginButton" icon="fa fa-pencil" disabled="#{!accountView.accountSelected}" styleClass="btn-success btn-block">
<shiro:hasPermission name="#{permissionConstants.accountLoginEdit}">
<p:menuitem value="Edit login" icon="fa fa-pencil" disabled="#{!accountView.accountSelected}"
update="editLoginDialog" oncomplete="PF('editLoginDialogVar').show();"
action="#{accountView.editAccountLogin}" >
</p:menuitem>
</shiro:hasPermission>
<shiro:hasPermission name="#{permissionConstants.accountLoginDelete}">
<p:menuitem value="Delete login" icon="fa fa-trash-o" disabled="#{accountView.currentLoggedInUser}"
update="accountTable,buttonPanel" styleClass="btn-danger btn-block"
action="#{accountView.deleteAccountLogin}" >
<p:confirm header="Confirmation" message="Are you sure?" icon="fa fa-exclamation-triangle" />
</p:menuitem>
</shiro:hasPermission>
</p:splitButton>
</c:if>
</div>
</shiro:hasPermission>
</div>
</p:panel>
<composite:confirmationDialog />
</h:form>
</p:panel>
<p:dialog id="editDialog" widgetVar="editDialogVar" header="Edit account" width="600"
modal="true" appendTo="@(body)" showEffect="fade" hideEffect="fade" styleClass="box-solid box-primary" >
<h:form id="editDialogForm">
<p:messages id="editDialogMessages" showDetail="true" showIcon="true" showSummary="true">
<p:autoUpdate />
</p:messages>
<div class="ui-g ui-fluid">
<div class="col-sm-12 col-md-3">
<p:outputLabel for="username" value="Username" />
</div>
<div class="col-sm-12 col-md-6">
<c:if test="#{accountView.currentAccount.createdBy != null}">
<h:outputText id="username" value="#{accountView.currentAccount.username}" />
</c:if>
<c:if test="#{accountView.currentAccount.createdBy == null}">
<p:inputText id="username" value="#{accountView.currentAccount.username}" />
</c:if>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="username"><p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastname" value="Lastname" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="lastname" value="#{accountView.currentAccount.lastname}" size="40" maxlength="100"/>
</div>
<div class="col-sm-12 col-md-3 ">
<p:message for="lastname"> <p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="firstname" value="Firstname" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="firstname" value="#{accountView.currentAccount.firstname}" size="40" maxlength="100" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="firstname"> <p:autoUpdate /></p:message>
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="emailaddress" value="emailaddress" />
</div>
<div class="col-sm-12 col-md-6">
<p:inputText id="emailaddress" value="#{accountView.currentAccount.emailaddress}" size="40" maxlength="200">
<f:validator validatorId="de.muehlencord.shared.jeeutil.validator.EmailValidator" />
</p:inputText>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="emailaddress"> <p:autoUpdate /></p:message>
</div>
<c:if test="#{accountView.currentAccount.username != null}">
<div class="col-sm-12 col-md-3">
<p:outputLabel for="status" value="Status" />
</div>
<div class="col-sm-12 col-md-6">
<p:selectOneMenu id="status" value="#{accountView.currentAccount.status}" >
<f:selectItems value="#{accountView.statusList}" />
</p:selectOneMenu>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="status" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="createdon" value="Created on" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="createdon" value="#{accountView.currentAccount.createdOn}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="createdon" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="createdby" value="Created by" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="createdby" value="#{accountView.currentAccount.createdBy}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="createdby" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastupdatedon" value="Last updated on" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="lastupdatedon" value="#{accountView.currentAccount.lastUpdatedOn}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="lastupdatedon" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="lastupdatedby" value="Last updated by" />
</div>
<div class="col-sm-12 col-md-6">
<h:outputText id="lastupdatedby" value="#{accountView.currentAccount.lastUpdatedBy}" />
</div>
<div class="col-sm-12 col-md-3">
<p:message for="lastupdatedby" />
</div>
</c:if>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="roles" value="Roles" />
</div>
<div class="col-sm-12 col-md-6">
<p:selectManyMenu id="roles" var="role" label="#{role.roleName}" value="#{accountView.currentAccountRoles}" converter="omnifaces.SelectItemsConverter" required="false" >
<f:selectItems value="#{accountView.allApplicationRoles}" var="roleItem" itemValue="#{roleItem}" />
<p:column>
<h:outputText value="#{role.application.applicationName}-#{role.roleName}"/>
</p:column>
</p:selectManyMenu>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="roles" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Save" action="#{accountView.saveEditAccount}" styleClass="btn-primary btn-block"
oncomplete="if (args &amp;&amp; !args.validationFailed) PF('editDialogVar').hide();" update=":accountForm:accountTable" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Cancel" action="#{accountView.cancelEditAccount}" immediate="true" styleClass="btn-teal btn-block"
oncomplete="PF('editDialogVar').hide();" />
</div>
</div>
</h:form>
</p:dialog>
<p:dialog id="editLoginDialog" widgetVar="editLoginDialogVar" header="Edit account login" width="600"
modal="true" appendTo="@(body)" showEffect="fade" hideEffect="fade" styleClass="box-solid box-primary" >
<h:form id="editLoginDialogForm">
<p:messages id="editLoginDialogMessages" showDetail="true" showIcon="true" showSummary="true">
<p:autoUpdate />
</p:messages>
<div class="ui-g ui-fluid">
<o:validateMultiple id="myId" components="password repeatPassword"
validator="#{accountView.validatePasswords}" message="#{msgs.passwords_different}" />
<div class="col-sm-12">
<p:outputLabel value="Enter a new password or keep values empty to keep existing / autogenrated value" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="password" value="Password" />
</div>
<div class="col-sm-12 col-md-6">
<p:password id="password" value="#{accountView.password}" maxlength="32" size="32" required="false"/>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="password" />
</div>
<div class="col-sm-12 col-md-3">
<p:outputLabel for="repeatPassword" value="repeat Password" />
</div>
<div class="col-sm-12 col-md-6">
<p:password id="repeatPassword" value="#{accountView.repeatPassword}" maxlength="32" size="32" required="false"/>
</div>
<div class="col-sm-12 col-md-3">
<p:message for="repeatPassword" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Save" action="#{accountView.saveEditAccountLogin}" styleClass="btn-primary btn-block"
oncomplete="if (args &amp;&amp; !args.validationFailed) PF('editLoginDialogVar').hide();" update=":accountForm:accountTable,:accountForm:buttonPanel" />
</div>
<div class="col-sm-12 col-md-6">
<p:spacer height="10px" />
<p:commandButton value="Cancel" action="#{accountView.cancelEditAccountLogin}" immediate="true" styleClass="btn-teal btn-block"
oncomplete="PF('editLoginDialogVar').hide();" />
</div>
</div>
</h:form>
</p:dialog>
</ui:define>
</ui:composition>

32
account/src/main/java/de/muehlencord/shared/account/business/account/control/AccountControl.java
View File

@ -21,6 +21,7 @@ import de.muehlencord.shared.account.business.account.entity.AccountLoginEntity;
import de.muehlencord.shared.account.business.account.entity.AccountStatus;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity;
import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions;
import de.muehlencord.shared.account.business.mail.boundary.MailService;
import de.muehlencord.shared.account.business.mail.entity.MailException;
import de.muehlencord.shared.account.util.AccountPU;
@ -30,6 +31,7 @@ import java.io.Serializable;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import javax.inject.Inject;
@ -63,12 +65,31 @@ public class AccountControl implements Serializable {
@AccountPU
EntityManager em;
public List<AccountEntity> getAllAccounts(boolean includeDisabled) {
List<AccountEntity> resultList;
if (includeDisabled) {
resultList = getAllAccounts();
} else {
resultList = getActiveAccounts();
}
if (SecurityUtil.checkPermission(ApplicationPermissions.ACCOUNT_LIST)) {
return resultList;
} else {
String currentUserName = SecurityUtils.getSubject().getPrincipal().toString();
return resultList.stream()
.filter(account -> account.getAccountLogin() != null)
.filter (account -> account.getUsername().equals (currentUserName))
.collect(Collectors.toList());
}
}
/**
* returns a list of active accounts
*
* @return a list of active accounts
*/
public List<AccountEntity> getActiveAccounts() {
private List<AccountEntity> getActiveAccounts() {
Query query = em.createQuery("SELECT a FROM AccountEntity a WHERE a.status <> :status", AccountEntity.class);
query.setParameter("status", AccountStatus.DISABLED.name());
return query.getResultList();
@ -79,18 +100,11 @@ public class AccountControl implements Serializable {
*
* @return a list of active accounts
*/
public List<AccountEntity> getAllAccounts() {
private List<AccountEntity> getAllAccounts() {
Query query = em.createNamedQuery("AccountEntity.findAll");
return query.getResultList();
}
public List<AccountEntity> getAccounts(boolean includeDisabled) {
if (includeDisabled) {
return getAllAccounts();
} else {
return getActiveAccounts();
}
}
public AccountEntity getAccountEntity(String userName, boolean loadRoles) {
StringBuilder queryBuilder = new StringBuilder();

2
account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationKey.java → account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationKey.java
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.accountconfig.entity;
package de.muehlencord.shared.account.business.account.entity;
/**
*

2
account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationValue.java → account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationValue.java
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.accountconfig.entity;
package de.muehlencord.shared.account.business.account.entity;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;

6
account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.java → account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationError.java
View File

@ -21,14 +21,14 @@ import de.muehlencord.shared.account.util.SecurityError;
*
* @author Joern Muehlencord <joern at muehlencord.de>
*/
public enum ApplicationServiceError implements SecurityError {
public enum ApplicationError implements SecurityError {
LISTALL_DENIED("1000", "listall_denied");
LIST_DENIED("1000", "list_denied");
private final String errorCode;
private final String messageKey;
private ApplicationServiceError(String errorCode, String messageKey) {
private ApplicationError(String errorCode, String messageKey) {
this.errorCode = errorCode;
this.messageKey = messageKey;
}

39
account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationService.java → account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationControl.java
View File

@ -13,9 +13,10 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.application.boundary;
package de.muehlencord.shared.account.business.application.control;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions;
import de.muehlencord.shared.account.util.AccountPU;
import de.muehlencord.shared.account.util.AccountSecurityException;
import de.muehlencord.shared.account.util.SecurityUtil;
@ -28,6 +29,8 @@ import javax.inject.Inject;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import javax.transaction.Transactional;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -36,10 +39,10 @@ import org.slf4j.LoggerFactory;
* @author Joern Muehlencord <joern at muehlencord.de>
*/
@Stateless
public class ApplicationService implements Serializable {
public class ApplicationControl implements Serializable {
private static final long serialVersionUID = 4262608935325326191L;
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationService.class);
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationControl.class);
@Inject
@AccountPU
@ -50,14 +53,34 @@ public class ApplicationService implements Serializable {
}
public List<ApplicationEntity> getAllApplications() throws AccountSecurityException {
SecurityUtil.checkPermission(ApplicationPermissions.APP_LISTALL, ApplicationServiceError.LISTALL_DENIED);
List<ApplicationEntity> resultList = new ArrayList<>();
Query query = em.createNamedQuery("ApplicationEntity.findAll");
List<ApplicationEntity> resultList = query.getResultList();
if (resultList == null) {
return new ArrayList<>();
} else {
List<ApplicationEntity> queryList = query.getResultList();
if ((queryList == null) || (queryList.isEmpty())) {
return resultList;
}
Subject currentUser = SecurityUtils.getSubject();
if (currentUser == null)
return resultList;
String userName = currentUser.getPrincipal().toString();
queryList.stream().forEach(app -> {
String applicationName = app.getApplicationName(); // TODO add unique short cut to db model
applicationName = applicationName.toLowerCase();
applicationName = applicationName.replace (" ", "");
String permissionName = ApplicationPermissions.APP_LIST.getName()+":"+applicationName;
boolean userHasPermissionToListApplication = SecurityUtil.checkPermission (permissionName);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("validating if user {} has permission {} = {}", userName, permissionName, userHasPermissionToListApplication);
}
if (userHasPermissionToListApplication) {
resultList.add (app);
}
});
return resultList;
}
@Transactional

4
account/src/main/java/de/muehlencord/shared/account/business/config/boundary/ConfigurationProducer.java
View File

@ -15,8 +15,8 @@
*/
package de.muehlencord.shared.account.business.config.boundary;
import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationKey;
import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationValue;
import de.muehlencord.shared.account.business.account.entity.AccountConfigurationKey;
import de.muehlencord.shared.account.business.account.entity.AccountConfigurationValue;
import de.muehlencord.shared.account.business.config.entity.ConfigException;
import javax.ejb.EJB;
import javax.enterprise.context.Dependent;

13
account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationPermissions.java → account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/ApplicationPermissions.java
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.application.boundary;
package de.muehlencord.shared.account.business.instance.boundary;
import de.muehlencord.shared.account.util.Permission;
@ -23,7 +23,7 @@ import de.muehlencord.shared.account.util.Permission;
*/
public enum ApplicationPermissions implements Permission {
APP_LISTALL("application:listall", "Allows to list all avaiable applications"),
APP_LIST("application:list", "Allows to list all avaiable applications"),
APP_ADD("application:add", "Allow to add a new application"),
APP_EDIT("application:edit", "Allow to edit an application"),
APP_DELETE("application:delete", "Allow to delete an application"),
@ -34,7 +34,14 @@ public enum ApplicationPermissions implements Permission {
ROLE_EDIT("role:edit", "Allow to edit a role"),
ROLE_DELETE("role:delete", "Allow to delete a role"),
ROLE_PERMISSION_ASSIGN("role:permission:assign", "Allow to assign a permission to role"),
ROLE_PERMISSION_REVOKE("role:permission:revoke", "All ow to revoke a permission from a role");
ROLE_PERMISSION_REVOKE("role:permission:revoke", "All ow to revoke a permission from a role"),
ACCOUNT_LIST ("account:list", "Allow to list all accounts of an application"),
ACCOUNT_ADD ("account:add", "Allow to create a new account"),
ACCOUNT_EDIT ("account:edit", "Allow to edit an existing account"),
ACCOUNT_DELETE ("account:delete", "Allow to delete an existing account"),
ACCOUNT_LOGIN_ADD ("account:login:add", "Allow to add a login to an account"),
ACCOUNT_LOGIN_EDIT ("account:login:edit", "Allow to overwrite the password of an account"),
ACCOUNT_LOGIN_DELETE ("account:login:delete", "Allow to delete the login of an account");
private final String name;
private final String description;

2
account/src/main/java/de/muehlencord/shared/account/business/application/boundary/StartupBean.java → account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/StartupBean.java
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.application.boundary;
package de.muehlencord.shared.account.business.instance.boundary;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import de.muehlencord.shared.account.business.config.boundary.ConfigService;

6
account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationController.java → account/src/main/java/de/muehlencord/shared/account/business/instance/control/ApplicationController.java
View File

@ -13,9 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.muehlencord.shared.account.business.application.control;
package de.muehlencord.shared.account.business.instance.control;
import de.muehlencord.shared.account.business.application.boundary.ApplicationService;
import de.muehlencord.shared.account.business.application.control.ApplicationControl;
import de.muehlencord.shared.account.business.application.entity.ApplicationEntity;
import java.io.IOException;
import java.io.InputStream;
@ -40,7 +40,7 @@ public class ApplicationController {
private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationController.class);
@EJB
ApplicationService applicationService;
ApplicationControl applicationService;
private String version;
private String buildDate;

4
account/src/main/java/de/muehlencord/shared/account/business/mail/boundary/MailService.java
View File

@ -16,7 +16,7 @@
package de.muehlencord.shared.account.business.mail.boundary;
import de.muehlencord.shared.account.business.mail.entity.MailTemplateException;
import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationKey;
import de.muehlencord.shared.account.business.account.entity.AccountConfigurationKey;
import de.muehlencord.shared.account.business.account.entity.AccountEntity;
import de.muehlencord.shared.account.business.account.entity.AccountLoginEntity;
import de.muehlencord.shared.account.business.mail.entity.MailDatamodel;
@ -38,7 +38,7 @@ import javax.mail.internet.MimeMessage;
import javax.mail.internet.MimeMultipart;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationValue;
import de.muehlencord.shared.account.business.account.entity.AccountConfigurationValue;
import java.io.File;
import java.io.IOException;
import java.io.Serializable;

6
account/src/main/java/de/muehlencord/shared/account/presentation/LoginView.java
View File

@ -25,7 +25,6 @@ import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.faces.view.ViewScoped;
import javax.inject.Named;
import javax.naming.NamingException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
@ -119,7 +118,10 @@ public class LoginView implements Serializable {
currentUser.logout();
ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext();
// ensure faces session is invalidated so beans are destroyed
ec.invalidateSession();
// check if redirect shall be executed
// default setting is yes to /login.xhtml
// can be overwritten using parameters

17
account/src/main/java/de/muehlencord/shared/account/util/SecurityUtil.java
View File

@ -46,16 +46,25 @@ public class SecurityUtil {
LOGGER.trace(encryptedPassword);
return encryptedPassword;
}
public static boolean checkPermission(Permission permission) {
return checkPermission (permission.getName());
}
public static void checkPermission(Permission permission, SecurityError error) throws AccountSecurityException {
public static boolean checkPermission(String permissionName) {
Subject currentUser = SecurityUtils.getSubject();
if ((currentUser == null) || (!currentUser.isAuthenticated())) {
throw new AccountSecurityException(error); // TODO support special error for not logged in
return false;
}
String requiredPermissions = permission.getName();
if (!currentUser.isPermitted(requiredPermissions)) {
String requiredPermissions = permissionName;
return currentUser.isPermitted(requiredPermissions);
}
public static void checkPermission(Permission permission, SecurityError error) throws AccountSecurityException {
if (!checkPermission(permission)) {
throw new AccountSecurityException(error);
}
}
}

2
account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.properties
View File

@ -13,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
listall_denied=You are not allowed to list all applications
list_denied=You are not allowed to list any application

2
account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_de_DE.properties
View File

@ -13,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
listall_denied=Sie haben nicht die n\u00f6tige Rechte alle Applikationen aufzulisten
list_denied=Sie haben nicht die n\u00f6tige Rechte eine Applikationen aufzulisten.

2
account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_en_US.properties
View File

@ -13,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
listall_denied=User not allowed to list all applications
list_denied=User not allowed to list any application