diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/EnsurePermissionsBean.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/EnsurePermissionsBean.java index cb180ad..841ae26 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/EnsurePermissionsBean.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/EnsurePermissionsBean.java @@ -1,81 +1,80 @@ -/* - * Copyright 2018 Joern Muehlencord . - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package de.muehlencord.shared.account.web; - -import de.muehlencord.shared.account.business.account.boundary.AccountPermissions; -import de.muehlencord.shared.account.business.account.entity.AccountException; -import de.muehlencord.shared.account.business.application.boundary.ApplicationPermissions; -import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl; -import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl; -import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; -import java.util.Arrays; -import javax.enterprise.context.ApplicationScoped; -import javax.enterprise.context.Initialized; -import javax.enterprise.event.Observes; -import javax.inject.Inject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * - * @author Joern Muehlencord - */ -@ApplicationScoped -public class EnsurePermissionsBean { - - @Inject - ApplicationEntity application; - - @Inject - ApplicationPermissionControl applicationPermissionControl; - - @Inject - ApplicationRoleControl applicationRoleControl; - - private static final Logger LOGGER = LoggerFactory.getLogger(EnsurePermissionsBean.class); - - public void init(@Observes @Initialized(ApplicationScoped.class) Object init) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Ensure all permissions for {} are available", application.getApplicationName()); - } - applicationPermissionControl.setupPermissions(Arrays.asList(ApplicationPermissions.values())); - applicationPermissionControl.setupPermissions(Arrays.asList(AccountPermissions.values())); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("All permissions added to application", application.getApplicationName()); - } - - // all permissions available - ensure permission is assigned to Admin role - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Ensuring Admin role for {} has all permissions", application.getApplicationName()); - } - try { - applicationRoleControl.setupRolePermission(Arrays.asList(ApplicationPermissions.values()), "Admin"); // NOI18N - applicationRoleControl.setupRolePermission(Arrays.asList(AccountPermissions.values()), "Admin"); // NOI18N - } catch (AccountException ex) { - LOGGER.error("Error adding permission to Admin role"); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.error(ex.toString()); - } - } - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("All permissions added to Admin role of {}", application.getApplicationName()); - } - - } - -} +/* + * Copyright 2018 Joern Muehlencord . + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package de.muehlencord.shared.account.web; + +import de.muehlencord.shared.account.business.account.boundary.AccountPermissions; +import de.muehlencord.shared.account.business.account.entity.AccountException; +import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions; +import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl; +import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import java.util.Arrays; +import javax.enterprise.context.ApplicationScoped; +import javax.enterprise.context.Initialized; +import javax.enterprise.event.Observes; +import javax.inject.Inject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author Joern Muehlencord + */ +@ApplicationScoped +public class EnsurePermissionsBean { + + @Inject + ApplicationEntity application; + + @Inject + ApplicationPermissionControl applicationPermissionControl; + + @Inject + ApplicationRoleControl applicationRoleControl; + + private static final Logger LOGGER = LoggerFactory.getLogger(EnsurePermissionsBean.class); + + public void init(@Observes @Initialized(ApplicationScoped.class) Object init) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Ensure all permissions for {} are available", application.getApplicationName()); + } + applicationPermissionControl.setupPermissions(Arrays.asList(ApplicationPermissions.values())); + applicationPermissionControl.setupPermissions(Arrays.asList(AccountPermissions.values())); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("All permissions added to application", application.getApplicationName()); + } + + // all permissions available - ensure permission is assigned to Admin role + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Ensuring Admin role for {} has all permissions", application.getApplicationName()); + } + try { + applicationRoleControl.setupRolePermission(Arrays.asList(ApplicationPermissions.values()), "Admin"); // NOI18N + applicationRoleControl.setupRolePermission(Arrays.asList(AccountPermissions.values()), "Admin"); // NOI18N + } catch (AccountException ex) { + LOGGER.error("Error adding permission to Admin role. Reason={}", ex.getMessage()); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + + } + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("All permissions added to Admin role of {}", application.getApplicationName()); + } + + } + +} diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/PermissionConstants.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/PermissionConstants.java index 3970ff4..ad22306 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/PermissionConstants.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/PermissionConstants.java @@ -1,48 +1,86 @@ -/* - * Copyright 2018 Joern Muehlencord . - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package de.muehlencord.shared.account.web; - -import de.muehlencord.shared.account.business.application.boundary.ApplicationPermissions; -import javax.enterprise.context.ApplicationScoped; -import javax.inject.Named; - -/** - * TODO replace with omnifaces:importConstants currently problems with Netbeans - * to import omnifaces taglib - * - * @author Joern Muehlencord - */ -@Named(value = "permissionConstants") -@ApplicationScoped -public class PermissionConstants { - - public String getApplicationListAll() { - return ApplicationPermissions.APP_LISTALL.getName(); - } - - public String getPermissionsCombined() { - return ApplicationPermissions.PERMISSION_ADD.getName() + "," - + ApplicationPermissions.PERMISSION_EDIT.getName() + "," - + ApplicationPermissions.PERMISSION_DELETE.getName(); - } - - public String getRolesCombined() { - return ApplicationPermissions.ROLE_ADD.getName() + "," - + ApplicationPermissions.ROLE_EDIT.getName() + "," - + ApplicationPermissions.ROLE_DELETE.getName(); - } - -} +/* + * Copyright 2018 Joern Muehlencord . + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package de.muehlencord.shared.account.web; + +import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions; +import javax.enterprise.context.ApplicationScoped; +import javax.inject.Named; + +/** + * TODO replace with omnifaces:importConstants currently problems with Netbeans + * to import omnifaces taglib + * + * @author Joern Muehlencord + */ +@Named(value = "permissionConstants") +@ApplicationScoped +public class PermissionConstants { + + public String getApplicationListAll() { + return ApplicationPermissions.APP_LIST.getName(); + } + + public String getPermissionsCombined() { + return ApplicationPermissions.PERMISSION_ADD.getName() + "," + + ApplicationPermissions.PERMISSION_EDIT.getName() + "," + + ApplicationPermissions.PERMISSION_DELETE.getName(); + } + + public String getRolesCombined() { + return ApplicationPermissions.ROLE_ADD.getName() + "," + + ApplicationPermissions.ROLE_EDIT.getName() + "," + + ApplicationPermissions.ROLE_DELETE.getName(); + } + + public String getAccountsCombined() { + return ApplicationPermissions.ACCOUNT_ADD.getName() + "," + + ApplicationPermissions.ACCOUNT_DELETE.getName() + "," + + ApplicationPermissions.ACCOUNT_EDIT.getName() + "," + + ApplicationPermissions.ACCOUNT_LIST.getName() + "," + + ApplicationPermissions.ACCOUNT_LOGIN_ADD.getName() + "," + + ApplicationPermissions.ACCOUNT_LOGIN_DELETE.getName() + "," + + ApplicationPermissions.ACCOUNT_LOGIN_EDIT.getName(); + } + + public String getAccountAdd() { + return ApplicationPermissions.ACCOUNT_ADD.getName(); + } + + public String getAccountDelete() { + return ApplicationPermissions.ACCOUNT_DELETE.getName(); + } + + public String getAccountEdit() { + return ApplicationPermissions.ACCOUNT_EDIT.getName(); + } + + public String getAccountList() { + return ApplicationPermissions.ACCOUNT_LIST.getName(); + } + + public String getAccountLoginAdd() { + return ApplicationPermissions.ACCOUNT_LOGIN_ADD.getName(); + } + + public String getAccountLoginDelete() { + return ApplicationPermissions.ACCOUNT_LOGIN_DELETE.getName(); + } + + public String getAccountLoginEdit() { + return ApplicationPermissions.ACCOUNT_LOGIN_EDIT.getName(); + } + +} diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java index 4a6907e..b6f03fa 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/AccountView.java @@ -63,7 +63,7 @@ public class AccountView implements Serializable { public List getAccounts() { if (accountList == null) { - accountList = accountService.getAccounts(showDisabledAccounts); + accountList = accountService.getAllAccounts(showDisabledAccounts); } return accountList; } @@ -136,11 +136,8 @@ public class AccountView implements Serializable { currentAccountRoles = null; } catch (AccountException ex) { if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.error(ex.toString()); + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); } - FacesUtil.addGlobalErrorMessage("Error deleting account", ex.getMessage()); } } @@ -158,13 +155,13 @@ public class AccountView implements Serializable { /* **** account login methods **** */ public boolean validatePasswords(FacesContext context, List components, List values) { - String password = components.get(0).getSubmittedValue().toString(); - String passwordRepeat = components.get(1).getSubmittedValue().toString(); + String currentPassword = components.get(0).getSubmittedValue().toString(); + String currentPasswordRepeat = components.get(1).getSubmittedValue().toString(); - if ((password == null) || (passwordRepeat == null)) { + if ((currentPassword == null) || (currentPasswordRepeat == null)) { return false; } - boolean returnValue = password.equals(passwordRepeat); + boolean returnValue = currentPassword.equals(currentPasswordRepeat); return returnValue; } @@ -202,13 +199,13 @@ public class AccountView implements Serializable { if ((currentAccountLogin == null) || (currentAccount == null)) { // TODO add error handling } else { - + // overwrite password if provided if ((password != null) && (!password.trim().equals(""))) { // password has been specified if (password.equals(repeatPassword)) { currentAccountLogin.setAccountPassword(accountService.getHashedPassword(password)); - FacesUtil.addGlobalInfoMessage("Info", "Password updated"); + FacesUtil.addGlobalInfoMessage("Info", "Password updated"); } else { // TODO connect to IPRS // frontend does validate passwords do match diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java index b27c96f..0fd7f9d 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/ApplicationView.java @@ -1,143 +1,151 @@ -package de.muehlencord.shared.account.web.presentation; - -import de.muehlencord.shared.account.business.application.boundary.ApplicationService; -import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; -import de.muehlencord.shared.account.util.AccountSecurityException; -import de.muehlencord.shared.jeeutil.FacesUtil; -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; -import java.util.Locale; -import javax.annotation.PostConstruct; -import javax.annotation.PreDestroy; -import javax.inject.Named; -import javax.enterprise.context.SessionScoped; -import javax.inject.Inject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * - * @author Joern Muehlencord - */ -@SessionScoped -@Named("applicationView") -public class ApplicationView implements Serializable { - - private static final long serialVersionUID = -5515249316880163539L; - private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationView.class); - - @Inject - ApplicationService applicationService; - - @Inject - Locale locale; - - private ApplicationEntity currentApplication = null; - private ApplicationEntity editApplication = null; - private List applicationList = null; - - @PostConstruct - public void selectDefaultCurrentApplication() { - // force applications to be loaded from database - getAllApplications(); - if ((applicationList != null) && (!applicationList.isEmpty())) { - currentApplication = applicationList.get(0); - } - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("post construct executed"); - } - } - - @PreDestroy - public void predestroy() { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Predestroy executed"); - } - - } - - public List getAllApplications() { - if (applicationList == null) { - try { - applicationList = applicationService.getAllApplications(); - return applicationList; - } catch (AccountSecurityException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.error(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error " + ex.getErrorCode(), ex.getLocalizedMessage(locale)); - return new ArrayList<>(); - } - } - return applicationList; - } - - public void selectApplication() { - if (currentApplication != null) { - LOGGER.info("selected application: {}", currentApplication.getApplicationName()); - FacesUtil.addGlobalInfoMessage("Success", "Selected application " + currentApplication.getApplicationName()); - } - } - - public void newApplication() { - this.editApplication = new ApplicationEntity(); - } - - public void cancelEditApplication() { - this.editApplication = null; - } - - public void saveEditApplication() { - if (editApplication == null) { - FacesUtil.addGlobalErrorMessage("Error", "Need to provide data"); - } else if ((editApplication.getApplicationName() == null) || (editApplication.getApplicationName().trim().equals(""))) { - String hint; - if (editApplication.getId() == null) { - hint = "Cannot create application"; - } else { - hint = "Cannot save application"; - } - FacesUtil.addGlobalErrorMessage(hint, "Application name must not be empty"); - } else { - currentApplication = applicationService.createOrUpdate(editApplication); - // force reload of to update view - applicationList = null; - FacesUtil.addGlobalInfoMessage("Info", "Application saved"); - } - } - - public void deleteApplication() { - if (currentApplication == null) { - FacesUtil.addGlobalErrorMessage("Error", "Need to provide data"); - } else if (currentApplication.getId() == null) { - FacesUtil.addGlobalErrorMessage("Error", "Cannot delete non persistent data"); - } else { - String applicationName = currentApplication.getApplicationName(); - applicationService.delete(currentApplication); - applicationList = null; // force reload to update view - currentApplication = null; - selectDefaultCurrentApplication(); - FacesUtil.addGlobalInfoMessage("Info", "Application " + applicationName + " deleted"); - } - } - - /* *** getter / setter *** */ - public ApplicationEntity getCurrentApplication() { - return currentApplication; - } - - public void setCurrentApplication(ApplicationEntity currentApplication) { - this.currentApplication = currentApplication; - } - - public ApplicationEntity getEditApplication() { - return editApplication; - } - - public void setEditApplication(ApplicationEntity editApplication) { - this.editApplication = editApplication; - } -} +package de.muehlencord.shared.account.web.presentation; + +import de.muehlencord.shared.account.business.application.control.ApplicationControl; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import de.muehlencord.shared.account.util.AccountSecurityException; +import de.muehlencord.shared.jeeutil.FacesUtil; +import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; +import java.util.Locale; +import javax.annotation.PostConstruct; +import javax.annotation.PreDestroy; +import javax.enterprise.context.SessionScoped; +import javax.inject.Inject; +import javax.inject.Named; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author Joern Muehlencord + */ +@SessionScoped +@Named("applicationView") +public class ApplicationView implements Serializable { + + private static final long serialVersionUID = -5515249316880163539L; + private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationView.class); + + @Inject + ApplicationControl applicationService; + + @Inject + InstanceView instanceView; + + @Inject + Locale locale; + + private ApplicationEntity currentApplication = null; + private ApplicationEntity editApplication = null; + private List applicationList = null; + + @PostConstruct + public void selectDefaultCurrentApplication() { + // force applications to be loaded from database + getAllApplications(); + if ((applicationList != null) && (!applicationList.isEmpty())) { + currentApplication = applicationList.get(0); + } + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("post construct executed"); + } + } + + @PreDestroy + public void predestroy() { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Predestroy executed"); + } + + } + + public List getAllApplications() { + if (applicationList == null) { + try { + applicationList = applicationService.getAllApplications(); + + // if no role is assigned to user, ensure that at least current application is added + if ((applicationList == null) || (applicationList.isEmpty())) { + applicationList = new ArrayList<>(); + applicationList.add(instanceView.getInstanceApplication()); + } + + return applicationList; + } catch (AccountSecurityException ex) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + FacesUtil.addGlobalErrorMessage("Error " + ex.getErrorCode(), ex.getLocalizedMessage(locale)); + return new ArrayList<>(); + } + } + return applicationList; + } + + public void selectApplication() { + if (currentApplication != null) { + LOGGER.info("selected application: {}", currentApplication.getApplicationName()); + FacesUtil.addGlobalInfoMessage("Success", "Selected application " + currentApplication.getApplicationName()); + } + } + + public void newApplication() { + this.editApplication = new ApplicationEntity(); + } + + public void cancelEditApplication() { + this.editApplication = null; + } + + public void saveEditApplication() { + if (editApplication == null) { + FacesUtil.addGlobalErrorMessage("Error", "Need to provide data"); + } else if ((editApplication.getApplicationName() == null) || (editApplication.getApplicationName().trim().equals(""))) { + String hint; + if (editApplication.getId() == null) { + hint = "Cannot create application"; + } else { + hint = "Cannot save application"; + } + FacesUtil.addGlobalErrorMessage(hint, "Application name must not be empty"); + } else { + currentApplication = applicationService.createOrUpdate(editApplication); + // force reload of to update view + applicationList = null; + FacesUtil.addGlobalInfoMessage("Info", "Application saved"); + } + } + + public void deleteApplication() { + if (currentApplication == null) { + FacesUtil.addGlobalErrorMessage("Error", "Need to provide data"); + } else if (currentApplication.getId() == null) { + FacesUtil.addGlobalErrorMessage("Error", "Cannot delete non persistent data"); + } else { + String applicationName = currentApplication.getApplicationName(); + applicationService.delete(currentApplication); + applicationList = null; // force reload to update view + currentApplication = null; + selectDefaultCurrentApplication(); + FacesUtil.addGlobalInfoMessage("Info", "Application " + applicationName + " deleted"); + } + } + + /* *** getter / setter *** */ + public ApplicationEntity getCurrentApplication() { + return currentApplication; + } + + public void setCurrentApplication(ApplicationEntity currentApplication) { + this.currentApplication = currentApplication; + } + + public ApplicationEntity getEditApplication() { + return editApplication; + } + + public void setEditApplication(ApplicationEntity editApplication) { + this.editApplication = editApplication; + } +} diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/InstanceView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/InstanceView.java index 193ba72..5137905 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/InstanceView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/InstanceView.java @@ -1,26 +1,32 @@ package de.muehlencord.shared.account.web.presentation; +import de.muehlencord.shared.account.business.instance.control.ApplicationController; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; import de.muehlencord.shared.account.business.config.boundary.ConfigService; import de.muehlencord.shared.account.business.config.entity.ConfigException; -import javax.ejb.EJB; import javax.enterprise.context.ApplicationScoped; +import javax.inject.Inject; import javax.inject.Named; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * TODO - move to shared-account and remove from all applications and archetype + * * @author Joern Muehlencord */ @Named(value = "instanceView") @ApplicationScoped public class InstanceView { - private static final Logger LOGGER = LoggerFactory.getLogger(InstanceView.class); + private static final Logger LOGGER = LoggerFactory.getLogger(InstanceView.class); - @EJB + @Inject ConfigService configService; + @Inject + ApplicationController applicationController; + public boolean isDevelopmentVersion() { String instanceName = getInstanceName(); return !instanceName.equals("Production"); @@ -32,9 +38,7 @@ public class InstanceView { instanceName = configService.getConfigValue("base.instance"); } catch (ConfigException ex) { if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.error(ex.toString()); + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); } instanceName = "unknown (" + ex.toString() + ")"; } @@ -44,4 +48,8 @@ public class InstanceView { return instanceName; } } + + public ApplicationEntity getInstanceApplication() { + return applicationController.getApplication(); + } } diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/PermissionView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/PermissionView.java index 5a0c91f..8bf2f6b 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/PermissionView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/PermissionView.java @@ -1,145 +1,143 @@ -/* - * Copyright 2017 Joern Muehlencord . - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package de.muehlencord.shared.account.web.presentation; - -import de.muehlencord.shared.account.business.account.entity.AccountException; -import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity; -import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl; -import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; -import de.muehlencord.shared.jeeutil.FacesUtil; -import java.io.Serializable; -import java.util.List; -import javax.ejb.EJB; -import javax.inject.Named; -import javax.faces.view.ViewScoped; -import javax.inject.Inject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * - * @author Joern Muehlencord - */ -@ViewScoped -@Named("permissionView") -public class PermissionView implements Serializable { - - private static final long serialVersionUID = -1469453490360990772L; - private static final Logger LOGGER = LoggerFactory.getLogger(PermissionView.class); - - @Inject - private ApplicationView applicationView; - - @EJB - ApplicationPermissionControl applicationPermissionService; - private ApplicationPermissionEntity currentPermission; - - public List getAppPermissions() { - return applicationPermissionService.getApplicationPermissions(applicationView.getCurrentApplication()); - } - - public void saveEditPermission() throws AccountException { - if (currentPermission != null) { - String newPermissionName = currentPermission.getPermissionName(); - String newPermissionDescription = currentPermission.getPermissionDescription(); - if ((newPermissionName == null) || (newPermissionName.trim().length() == 0)) { - FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null"); - } else if ((newPermissionDescription == null) || (newPermissionDescription.trim().length() == 0)) { - FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null"); - } else { - if (currentPermission.getId() == null) { - applicationPermissionService.create(applicationView.getCurrentApplication(), newPermissionName, newPermissionDescription); - FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " created"); - } else { - applicationPermissionService.update(currentPermission); - FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " updated"); - } - } - } - } - - public ApplicationEntity getCurrentApplication() { - if (applicationView.getCurrentApplication() == null) { - return null; - } else { - return applicationView.getCurrentApplication(); - } - } - - public void cancelEditPermission() { - this.currentPermission = null; - } - - public void newPermission() { - this.currentPermission = new ApplicationPermissionEntity(); - } - - public void editPermission() { - if (currentPermission == null) { - FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); - } - } - - public void deletePermission() { - if (currentPermission == null) { - FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); - } else { - try { - applicationPermissionService.delete(currentPermission); - currentPermission = null; - } catch (AccountException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.debug(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString()); - } - } - } - - public boolean getCanEdit() { - return isPermissionSelected(); - } - - public boolean getCanDelete() { - return isPermissionSelected(); - } - - /* *** getter / setter *** */ - /** - * required setter for managedProperty - * - * - * @param applicationView the injected applicationView - */ - public void setApplicationView(ApplicationView applicationView) { - this.applicationView = applicationView; - } - - public ApplicationPermissionEntity getCurrentPermission() { - return currentPermission; - } - - public void setCurrentPermission(ApplicationPermissionEntity newCurrentPermission) { - this.currentPermission = newCurrentPermission; - - } - - public boolean isPermissionSelected() { - return currentPermission != null; - } -} +/* + * Copyright 2017 Joern Muehlencord . + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package de.muehlencord.shared.account.web.presentation; + +import de.muehlencord.shared.account.business.account.entity.AccountException; +import de.muehlencord.shared.account.business.application.control.ApplicationPermissionControl; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity; +import de.muehlencord.shared.jeeutil.FacesUtil; +import java.io.Serializable; +import java.util.List; +import javax.ejb.EJB; +import javax.faces.view.ViewScoped; +import javax.inject.Inject; +import javax.inject.Named; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author Joern Muehlencord + */ +@ViewScoped +@Named("permissionView") +public class PermissionView implements Serializable { + + private static final long serialVersionUID = -1469453490360990772L; + private static final Logger LOGGER = LoggerFactory.getLogger(PermissionView.class); + + @Inject + private ApplicationView applicationView; + + @EJB + ApplicationPermissionControl applicationPermissionService; + private ApplicationPermissionEntity currentPermission; + + public List getAppPermissions() { + return applicationPermissionService.getApplicationPermissions(applicationView.getCurrentApplication()); + } + + public void saveEditPermission() throws AccountException { + if (currentPermission != null) { + String newPermissionName = currentPermission.getPermissionName(); + String newPermissionDescription = currentPermission.getPermissionDescription(); + if ((newPermissionName == null) || (newPermissionName.trim().length() == 0)) { + FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null"); + } else if ((newPermissionDescription == null) || (newPermissionDescription.trim().length() == 0)) { + FacesUtil.addErrorMessage("editDialogMessages", "Error", "Permission name must not be null"); + } else { + if (currentPermission.getId() == null) { + applicationPermissionService.create(applicationView.getCurrentApplication(), newPermissionName, newPermissionDescription); + FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " created"); + } else { + applicationPermissionService.update(currentPermission); + FacesUtil.addGlobalInfoMessage("Info", "Permission " + newPermissionName + " updated"); + } + } + } + } + + public ApplicationEntity getCurrentApplication() { + if (applicationView.getCurrentApplication() == null) { + return null; + } else { + return applicationView.getCurrentApplication(); + } + } + + public void cancelEditPermission() { + this.currentPermission = null; + } + + public void newPermission() { + this.currentPermission = new ApplicationPermissionEntity(); + } + + public void editPermission() { + if (currentPermission == null) { + FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); + } + } + + public void deletePermission() { + if (currentPermission == null) { + FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); + } else { + try { + applicationPermissionService.delete(currentPermission); + currentPermission = null; + } catch (AccountException ex) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString()); + } + } + } + + public boolean getCanEdit() { + return isPermissionSelected(); + } + + public boolean getCanDelete() { + return isPermissionSelected(); + } + + /* *** getter / setter *** */ + /** + * required setter for managedProperty + * + * + * @param applicationView the injected applicationView + */ + public void setApplicationView(ApplicationView applicationView) { + this.applicationView = applicationView; + } + + public ApplicationPermissionEntity getCurrentPermission() { + return currentPermission; + } + + public void setCurrentPermission(ApplicationPermissionEntity newCurrentPermission) { + this.currentPermission = newCurrentPermission; + + } + + public boolean isPermissionSelected() { + return currentPermission != null; + } +} diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java index d69937b..601e31d 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/RoleView.java @@ -1,240 +1,236 @@ -/* - * Copyright 2017 Joern Muehlencord . - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package de.muehlencord.shared.account.web.presentation; - -import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl; -import de.muehlencord.shared.account.business.account.entity.AccountException; -import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity; -import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity; -import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; -import de.muehlencord.shared.jeeutil.FacesUtil; -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; -import javax.ejb.EJB; -import javax.faces.view.ViewScoped; -import javax.inject.Named; -import javax.inject.Inject; -import org.primefaces.event.SelectEvent; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * - * @author Joern Muehlencord - */ -@ViewScoped -@Named("roleView") -public class RoleView implements Serializable { - - private static final long serialVersionUID = 1669321020398119007L; - private static final Logger LOGGER = LoggerFactory.getLogger(RoleView.class); - - @Inject - private ApplicationView applicationView; - - @EJB - ApplicationRoleControl applicationRoleControl; - - private List allRoles = null; - private List currentRolePermissions = null; - private List missingApplicationsPermissions = null; - - private ApplicationRoleEntity currentRole; - private ApplicationPermissionEntity currentPermission; - private ApplicationPermissionEntity newPermission; - - public ApplicationEntity getCurrentApplication() { - return applicationView.getCurrentApplication(); - } - - public List getAllRoles() { - if (allRoles == null) { - allRoles = applicationRoleControl.getAllRoles(applicationView.getCurrentApplication()); - } - return allRoles; - } - - public void startNewRole() { - this.currentRole = new ApplicationRoleEntity(applicationView.getCurrentApplication()); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Created new current role: {}", currentRole.toString()); - } - - } - - public void cancelEditRole() { - this.currentRole = null; - } - - public void saveEditRole() { - if ((currentRole == null) || (currentRole.getRoleName() == null) || (currentRole.getRoleName().trim().length() == 0)) { - FacesUtil.addGlobalErrorMessage("Error", "Permission name must not be null"); - } else if (currentRole.getId() == null) { - applicationRoleControl.create(currentRole); - allRoles = null; // force reload - FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " created"); - } else { - applicationRoleControl.update(currentRole); - allRoles = null; // force reload - FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " updated"); - } - } - - public void deleteRole() { - if (currentRole == null) { - FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); - } else { - try { - applicationRoleControl.delete(currentRole); - allRoles = null; // force reload - currentRole = null; - currentRolePermissions = null; - } catch (AccountException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.debug(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString()); - } - } - } - - public boolean getRoleSelected() { - return currentRole != null; - } - - public boolean getPermissionSelected() { - return currentPermission != null; - } - - public boolean getMissingPermissionAvailable() { - return ((missingApplicationsPermissions != null) && (!missingApplicationsPermissions.isEmpty())); - } - - public void onRoleSelect(SelectEvent event) { - currentRolePermissions = null; - currentRolePermissions = getRolePermissions(); - missingApplicationsPermissions = null; - missingApplicationsPermissions = getMissingPermissions(); - } - - public List getRolePermissions() { - if (currentRole == null) { - currentRolePermissions = new ArrayList<>(); - return currentRolePermissions; - } else { - if (currentRolePermissions == null) { - try { - currentRolePermissions = applicationRoleControl.getRolePermissions(currentRole); - } catch (AccountException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.debug(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error while fetching role permissions", "see log for details"); - currentRolePermissions = new ArrayList<>(); - } - } - return currentRolePermissions; - } - } - - public List getMissingPermissions() { - if (currentRole == null) { - missingApplicationsPermissions = new ArrayList<>(); - return missingApplicationsPermissions; - } else { - if (missingApplicationsPermissions == null) { - missingApplicationsPermissions = applicationRoleControl.getNotAssignedApplicationPermissions(currentRole); - - } - return missingApplicationsPermissions; - } - } - - public void addRolePermission() { - if (newPermission == null) { - FacesUtil.addGlobalErrorMessage("Error", "Please select a new permission first"); - } else { - try { - applicationRoleControl.addPermission(currentRole, newPermission); - currentRolePermissions = null; - missingApplicationsPermissions = null; - } catch (AccountException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.debug(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage()); - } - } - - } - - public void removeRolePermission() { - if (currentPermission == null) { - FacesUtil.addGlobalErrorMessage("Error", "Please select a permission first"); - } else { - try { - applicationRoleControl.removePermission(currentRole, currentPermission); - currentRolePermissions = null; - missingApplicationsPermissions = null; - } catch (AccountException ex) { - if (LOGGER.isDebugEnabled()) { - LOGGER.debug(ex.toString(), ex); - } else { - LOGGER.debug(ex.toString()); - } - FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage()); - } - } - - } - - /* *** getter / setter *** */ - public void setApplicationView(ApplicationView applicationView) { - this.applicationView = applicationView; - } - - public ApplicationRoleEntity getCurrentRole() { - return currentRole; - } - - public void setCurrentRole(ApplicationRoleEntity currentRole) { - this.currentRole = currentRole; - } - - public ApplicationPermissionEntity getCurrentPermission() { - return currentPermission; - } - - public void setCurrentPermission(ApplicationPermissionEntity currentPermission) { - this.currentPermission = currentPermission; - } - - public ApplicationPermissionEntity getNewPermission() { - return newPermission; - } - - public void setNewPermission(ApplicationPermissionEntity newPermission) { - this.newPermission = newPermission; - } - -} +/* + * Copyright 2017 Joern Muehlencord . + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package de.muehlencord.shared.account.web.presentation; + +import de.muehlencord.shared.account.business.account.entity.AccountException; +import de.muehlencord.shared.account.business.application.control.ApplicationRoleControl; +import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import de.muehlencord.shared.account.business.application.entity.ApplicationPermissionEntity; +import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity; +import de.muehlencord.shared.jeeutil.FacesUtil; +import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; +import javax.ejb.EJB; +import javax.faces.view.ViewScoped; +import javax.inject.Inject; +import javax.inject.Named; +import org.primefaces.event.SelectEvent; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * + * @author Joern Muehlencord + */ +@ViewScoped +@Named("roleView") +public class RoleView implements Serializable { + + private static final long serialVersionUID = 1669321020398119007L; + private static final Logger LOGGER = LoggerFactory.getLogger(RoleView.class); + + @Inject + private ApplicationView applicationView; + + @EJB + ApplicationRoleControl applicationRoleControl; + + private List allRoles = null; + private List currentRolePermissions = null; + private List missingApplicationsPermissions = null; + + private ApplicationRoleEntity currentRole; + private ApplicationPermissionEntity currentPermission; + private ApplicationPermissionEntity newPermission; + + public ApplicationEntity getCurrentApplication() { + return applicationView.getCurrentApplication(); + } + + public List getAllRoles() { + if (allRoles == null) { + allRoles = applicationRoleControl.getAllRoles(applicationView.getCurrentApplication()); + } + return allRoles; + } + + public void startNewRole() { + this.currentRole = new ApplicationRoleEntity(applicationView.getCurrentApplication()); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Created new current role: {}", currentRole.toString()); + } + + } + + public void cancelEditRole() { + this.currentRole = null; + } + + public void saveEditRole() { + if ((currentRole == null) || (currentRole.getRoleName() == null) || (currentRole.getRoleName().trim().length() == 0)) { + FacesUtil.addGlobalErrorMessage("Error", "Permission name must not be null"); + } else if (currentRole.getId() == null) { + applicationRoleControl.create(currentRole); + allRoles = null; // force reload + FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " created"); + } else { + applicationRoleControl.update(currentRole); + allRoles = null; // force reload + FacesUtil.addGlobalInfoMessage("Info", "Role " + currentRole.getRoleName() + " updated"); + } + } + + public void deleteRole() { + if (currentRole == null) { + FacesUtil.addGlobalErrorMessage("Error", "Please select a permission to edit"); + } else { + try { + applicationRoleControl.delete(currentRole); + allRoles = null; // force reload + currentRole = null; + currentRolePermissions = null; + } catch (AccountException ex) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + + FacesUtil.addGlobalErrorMessage("Error while deleting permission.", ex.toString()); + } + } + } + + public boolean getRoleSelected() { + return currentRole != null; + } + + public boolean getPermissionSelected() { + return currentPermission != null; + } + + public boolean getMissingPermissionAvailable() { + return ((missingApplicationsPermissions != null) && (!missingApplicationsPermissions.isEmpty())); + } + + public void onRoleSelect(SelectEvent event) { + currentRolePermissions = null; + currentRolePermissions = getRolePermissions(); + missingApplicationsPermissions = null; + missingApplicationsPermissions = getMissingPermissions(); + } + + public List getRolePermissions() { + if (currentRole == null) { + currentRolePermissions = new ArrayList<>(); + return currentRolePermissions; + } else { + if (currentRolePermissions == null) { + try { + currentRolePermissions = applicationRoleControl.getRolePermissions(currentRole); + } catch (AccountException ex) { + LOGGER.error(ex.getMessage()); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + + FacesUtil.addGlobalErrorMessage("Error while fetching role permissions", "see log for details"); + currentRolePermissions = new ArrayList<>(); + } + } + return currentRolePermissions; + } + } + + public List getMissingPermissions() { + if (currentRole == null) { + missingApplicationsPermissions = new ArrayList<>(); + return missingApplicationsPermissions; + } else { + if (missingApplicationsPermissions == null) { + missingApplicationsPermissions = applicationRoleControl.getNotAssignedApplicationPermissions(currentRole); + + } + return missingApplicationsPermissions; + } + } + + public void addRolePermission() { + if (newPermission == null) { + FacesUtil.addGlobalErrorMessage("Error", "Please select a new permission first"); + } else { + try { + applicationRoleControl.addPermission(currentRole, newPermission); + currentRolePermissions = null; + missingApplicationsPermissions = null; + } catch (AccountException ex) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + + FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage()); + } + } + + } + + public void removeRolePermission() { + if (currentPermission == null) { + FacesUtil.addGlobalErrorMessage("Error", "Please select a permission first"); + } else { + try { + applicationRoleControl.removePermission(currentRole, currentPermission); + currentRolePermissions = null; + missingApplicationsPermissions = null; + } catch (AccountException ex) { + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Detailed stacktrace", new Object[]{ex}); + } + FacesUtil.addGlobalErrorMessage("Error while adding permission", ex.getMessage()); + } + } + + } + + /* *** getter / setter *** */ + public void setApplicationView(ApplicationView applicationView) { + this.applicationView = applicationView; + } + + public ApplicationRoleEntity getCurrentRole() { + return currentRole; + } + + public void setCurrentRole(ApplicationRoleEntity currentRole) { + this.currentRole = currentRole; + } + + public ApplicationPermissionEntity getCurrentPermission() { + return currentPermission; + } + + public void setCurrentPermission(ApplicationPermissionEntity currentPermission) { + this.currentPermission = currentPermission; + } + + public ApplicationPermissionEntity getNewPermission() { + return newPermission; + } + + public void setNewPermission(ApplicationPermissionEntity newPermission) { + this.newPermission = newPermission; + } + +} diff --git a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationValidator.java b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationValidator.java index 52c8f11..8d2d44c 100644 --- a/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationValidator.java +++ b/account-ui/src/main/java/de/muehlencord/shared/account/web/presentation/UniqueApplicationValidator.java @@ -1,6 +1,6 @@ package de.muehlencord.shared.account.web.presentation; -import de.muehlencord.shared.account.business.application.boundary.ApplicationService; +import de.muehlencord.shared.account.business.application.control.ApplicationControl; import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; import java.io.Serializable; import java.util.UUID; @@ -26,7 +26,7 @@ public class UniqueApplicationValidator implements Validator, Serializable { private static final Logger LOGGER = LoggerFactory.getLogger(UniqueApplicationValidator.class); @Inject - ApplicationService applicationService; + ApplicationControl applicationService; @Override public void validate(FacesContext context, UIComponent component, Object value) throws ValidatorException { diff --git a/account-ui/src/main/webapp/resources/template/leftmenu.xhtml b/account-ui/src/main/webapp/resources/template/leftmenu.xhtml index ff2b155..4fa1419 100644 --- a/account-ui/src/main/webapp/resources/template/leftmenu.xhtml +++ b/account-ui/src/main/webapp/resources/template/leftmenu.xhtml @@ -41,6 +41,7 @@ Roles +
  • diff --git a/account-ui/src/main/webapp/web/accounts.xhtml b/account-ui/src/main/webapp/web/accounts.xhtml index 2a38fbe..9ba4dae 100644 --- a/account-ui/src/main/webapp/web/accounts.xhtml +++ b/account-ui/src/main/webapp/web/accounts.xhtml @@ -1,316 +1,341 @@ - - - - - Account Overview - - - - for #{applicationView.currentApplication.applicationName} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    -
    -
    - - - - -
    -
    - -
    - -
    -
    - -
    -
    - - - -
    - -
    - - - - - - - - - - - - - -
    -
    -     - - - - -     -     - - - - - - - - -
    -
    - -
    -
    - - - - - - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - - - -
    -
    - -
    - - - -
    - -
    -
    - - - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    -     - - -
    - -
    -
    - - - - - - -
    -
    - -
    - - -
    - - -
    -
    - - -
    -
    -     -     - - - - - - - -
    - - -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - -
    -
    - -
    -
    - -
    - -
    - - -
    -
    - - -
    -
    -     -     - -     - + + + + + Account Overview + + + + for #{applicationView.currentApplication.applicationName} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + +
    +
    + + + + +
    +
    +     + + +
    + +
    +     + + +
    + +
    +     + + +
    + + + +
    +     + + +
    + + + + + + + + + + + + + + + + + + + + + + + + +
    +     +
    +     + + + + +     +     + + + + + + + + +
    +
    + +
    +
    + + + + + + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + + + +
    +
    + +
    + + + +
    + +
    +
    + + + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    +     + + +
    + +
    +
    + + + + + + +
    +
    + +
    + + +
    + + +
    +
    + + +
    +
    +     +     + + + + + + + +
    + + +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + +
    +
    + +
    +
    + +
    + +
    + + +
    +
    + + +
    +
    +     +     + +     +     \ No newline at end of file diff --git a/account/src/main/java/de/muehlencord/shared/account/business/account/control/AccountControl.java b/account/src/main/java/de/muehlencord/shared/account/business/account/control/AccountControl.java index 0ce8654..b4fc968 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/account/control/AccountControl.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/account/control/AccountControl.java @@ -21,6 +21,7 @@ import de.muehlencord.shared.account.business.account.entity.AccountLoginEntity; import de.muehlencord.shared.account.business.account.entity.AccountStatus; import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; import de.muehlencord.shared.account.business.application.entity.ApplicationRoleEntity; +import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions; import de.muehlencord.shared.account.business.mail.boundary.MailService; import de.muehlencord.shared.account.business.mail.entity.MailException; import de.muehlencord.shared.account.util.AccountPU; @@ -30,6 +31,7 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.stream.Collectors; import javax.ejb.EJB; import javax.ejb.Stateless; import javax.inject.Inject; @@ -63,12 +65,31 @@ public class AccountControl implements Serializable { @AccountPU EntityManager em; + public List getAllAccounts(boolean includeDisabled) { + List resultList; + if (includeDisabled) { + resultList = getAllAccounts(); + } else { + resultList = getActiveAccounts(); + } + + if (SecurityUtil.checkPermission(ApplicationPermissions.ACCOUNT_LIST)) { + return resultList; + } else { + String currentUserName = SecurityUtils.getSubject().getPrincipal().toString(); + return resultList.stream() + .filter(account -> account.getAccountLogin() != null) + .filter (account -> account.getUsername().equals (currentUserName)) + .collect(Collectors.toList()); + } + } + /** * returns a list of active accounts * * @return a list of active accounts */ - public List getActiveAccounts() { + private List getActiveAccounts() { Query query = em.createQuery("SELECT a FROM AccountEntity a WHERE a.status <> :status", AccountEntity.class); query.setParameter("status", AccountStatus.DISABLED.name()); return query.getResultList(); @@ -79,18 +100,11 @@ public class AccountControl implements Serializable { * * @return a list of active accounts */ - public List getAllAccounts() { + private List getAllAccounts() { Query query = em.createNamedQuery("AccountEntity.findAll"); return query.getResultList(); } - public List getAccounts(boolean includeDisabled) { - if (includeDisabled) { - return getAllAccounts(); - } else { - return getActiveAccounts(); - } - } public AccountEntity getAccountEntity(String userName, boolean loadRoles) { StringBuilder queryBuilder = new StringBuilder(); diff --git a/account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationKey.java b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationKey.java similarity index 92% rename from account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationKey.java rename to account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationKey.java index 60a240b..d8afa4f 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationKey.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationKey.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.accountconfig.entity; +package de.muehlencord.shared.account.business.account.entity; /** * diff --git a/account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationValue.java b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationValue.java similarity index 94% rename from account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationValue.java rename to account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationValue.java index 2357546..f47b639 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/accountconfig/entity/AccountConfigurationValue.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/account/entity/AccountConfigurationValue.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.accountconfig.entity; +package de.muehlencord.shared.account.business.account.entity; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; diff --git a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.java b/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationError.java similarity index 85% rename from account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.java rename to account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationError.java index 334902c..f40f56e 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationError.java @@ -21,14 +21,14 @@ import de.muehlencord.shared.account.util.SecurityError; * * @author Joern Muehlencord */ -public enum ApplicationServiceError implements SecurityError { +public enum ApplicationError implements SecurityError { - LISTALL_DENIED("1000", "listall_denied"); + LIST_DENIED("1000", "list_denied"); private final String errorCode; private final String messageKey; - private ApplicationServiceError(String errorCode, String messageKey) { + private ApplicationError(String errorCode, String messageKey) { this.errorCode = errorCode; this.messageKey = messageKey; } diff --git a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationService.java b/account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationControl.java similarity index 69% rename from account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationService.java rename to account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationControl.java index 64a8848..4212c56 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationService.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationControl.java @@ -13,9 +13,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.application.boundary; +package de.muehlencord.shared.account.business.application.control; import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; +import de.muehlencord.shared.account.business.instance.boundary.ApplicationPermissions; import de.muehlencord.shared.account.util.AccountPU; import de.muehlencord.shared.account.util.AccountSecurityException; import de.muehlencord.shared.account.util.SecurityUtil; @@ -28,6 +29,8 @@ import javax.inject.Inject; import javax.persistence.EntityManager; import javax.persistence.Query; import javax.transaction.Transactional; +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,10 +39,10 @@ import org.slf4j.LoggerFactory; * @author Joern Muehlencord */ @Stateless -public class ApplicationService implements Serializable { +public class ApplicationControl implements Serializable { private static final long serialVersionUID = 4262608935325326191L; - private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationService.class); + private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationControl.class); @Inject @AccountPU @@ -50,14 +53,34 @@ public class ApplicationService implements Serializable { } public List getAllApplications() throws AccountSecurityException { - SecurityUtil.checkPermission(ApplicationPermissions.APP_LISTALL, ApplicationServiceError.LISTALL_DENIED); + List resultList = new ArrayList<>(); Query query = em.createNamedQuery("ApplicationEntity.findAll"); - List resultList = query.getResultList(); - if (resultList == null) { - return new ArrayList<>(); - } else { + List queryList = query.getResultList(); + if ((queryList == null) || (queryList.isEmpty())) { return resultList; } + + Subject currentUser = SecurityUtils.getSubject(); + if (currentUser == null) + return resultList; + String userName = currentUser.getPrincipal().toString(); + + queryList.stream().forEach(app -> { + String applicationName = app.getApplicationName(); // TODO add unique short cut to db model + applicationName = applicationName.toLowerCase(); + applicationName = applicationName.replace (" ", ""); + String permissionName = ApplicationPermissions.APP_LIST.getName()+":"+applicationName; + boolean userHasPermissionToListApplication = SecurityUtil.checkPermission (permissionName); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("validating if user {} has permission {} = {}", userName, permissionName, userHasPermissionToListApplication); + } + + if (userHasPermissionToListApplication) { + resultList.add (app); + } + }); + + return resultList; } @Transactional diff --git a/account/src/main/java/de/muehlencord/shared/account/business/config/boundary/ConfigurationProducer.java b/account/src/main/java/de/muehlencord/shared/account/business/config/boundary/ConfigurationProducer.java index 2ea50df..4a477a4 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/config/boundary/ConfigurationProducer.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/config/boundary/ConfigurationProducer.java @@ -15,8 +15,8 @@ */ package de.muehlencord.shared.account.business.config.boundary; -import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationKey; -import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationValue; +import de.muehlencord.shared.account.business.account.entity.AccountConfigurationKey; +import de.muehlencord.shared.account.business.account.entity.AccountConfigurationValue; import de.muehlencord.shared.account.business.config.entity.ConfigException; import javax.ejb.EJB; import javax.enterprise.context.Dependent; diff --git a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationPermissions.java b/account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/ApplicationPermissions.java similarity index 72% rename from account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationPermissions.java rename to account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/ApplicationPermissions.java index 92488d3..6e9f048 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/ApplicationPermissions.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/ApplicationPermissions.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.application.boundary; +package de.muehlencord.shared.account.business.instance.boundary; import de.muehlencord.shared.account.util.Permission; @@ -23,7 +23,7 @@ import de.muehlencord.shared.account.util.Permission; */ public enum ApplicationPermissions implements Permission { - APP_LISTALL("application:listall", "Allows to list all avaiable applications"), + APP_LIST("application:list", "Allows to list all avaiable applications"), APP_ADD("application:add", "Allow to add a new application"), APP_EDIT("application:edit", "Allow to edit an application"), APP_DELETE("application:delete", "Allow to delete an application"), @@ -34,7 +34,14 @@ public enum ApplicationPermissions implements Permission { ROLE_EDIT("role:edit", "Allow to edit a role"), ROLE_DELETE("role:delete", "Allow to delete a role"), ROLE_PERMISSION_ASSIGN("role:permission:assign", "Allow to assign a permission to role"), - ROLE_PERMISSION_REVOKE("role:permission:revoke", "All ow to revoke a permission from a role"); + ROLE_PERMISSION_REVOKE("role:permission:revoke", "All ow to revoke a permission from a role"), + ACCOUNT_LIST ("account:list", "Allow to list all accounts of an application"), + ACCOUNT_ADD ("account:add", "Allow to create a new account"), + ACCOUNT_EDIT ("account:edit", "Allow to edit an existing account"), + ACCOUNT_DELETE ("account:delete", "Allow to delete an existing account"), + ACCOUNT_LOGIN_ADD ("account:login:add", "Allow to add a login to an account"), + ACCOUNT_LOGIN_EDIT ("account:login:edit", "Allow to overwrite the password of an account"), + ACCOUNT_LOGIN_DELETE ("account:login:delete", "Allow to delete the login of an account"); private final String name; private final String description; diff --git a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/StartupBean.java b/account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/StartupBean.java similarity index 97% rename from account/src/main/java/de/muehlencord/shared/account/business/application/boundary/StartupBean.java rename to account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/StartupBean.java index ba2f048..64aa93a 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/application/boundary/StartupBean.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/instance/boundary/StartupBean.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.application.boundary; +package de.muehlencord.shared.account.business.instance.boundary; import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; import de.muehlencord.shared.account.business.config.boundary.ConfigService; diff --git a/account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationController.java b/account/src/main/java/de/muehlencord/shared/account/business/instance/control/ApplicationController.java similarity index 94% rename from account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationController.java rename to account/src/main/java/de/muehlencord/shared/account/business/instance/control/ApplicationController.java index 67eb3ec..f501ca0 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/application/control/ApplicationController.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/instance/control/ApplicationController.java @@ -13,9 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package de.muehlencord.shared.account.business.application.control; +package de.muehlencord.shared.account.business.instance.control; -import de.muehlencord.shared.account.business.application.boundary.ApplicationService; +import de.muehlencord.shared.account.business.application.control.ApplicationControl; import de.muehlencord.shared.account.business.application.entity.ApplicationEntity; import java.io.IOException; import java.io.InputStream; @@ -40,7 +40,7 @@ public class ApplicationController { private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationController.class); @EJB - ApplicationService applicationService; + ApplicationControl applicationService; private String version; private String buildDate; diff --git a/account/src/main/java/de/muehlencord/shared/account/business/mail/boundary/MailService.java b/account/src/main/java/de/muehlencord/shared/account/business/mail/boundary/MailService.java index b78cbb9..2fde158 100644 --- a/account/src/main/java/de/muehlencord/shared/account/business/mail/boundary/MailService.java +++ b/account/src/main/java/de/muehlencord/shared/account/business/mail/boundary/MailService.java @@ -16,7 +16,7 @@ package de.muehlencord.shared.account.business.mail.boundary; import de.muehlencord.shared.account.business.mail.entity.MailTemplateException; -import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationKey; +import de.muehlencord.shared.account.business.account.entity.AccountConfigurationKey; import de.muehlencord.shared.account.business.account.entity.AccountEntity; import de.muehlencord.shared.account.business.account.entity.AccountLoginEntity; import de.muehlencord.shared.account.business.mail.entity.MailDatamodel; @@ -38,7 +38,7 @@ import javax.mail.internet.MimeMessage; import javax.mail.internet.MimeMultipart; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import de.muehlencord.shared.account.business.accountconfig.entity.AccountConfigurationValue; +import de.muehlencord.shared.account.business.account.entity.AccountConfigurationValue; import java.io.File; import java.io.IOException; import java.io.Serializable; diff --git a/account/src/main/java/de/muehlencord/shared/account/presentation/LoginView.java b/account/src/main/java/de/muehlencord/shared/account/presentation/LoginView.java index e97bdbb..3b41cf1 100644 --- a/account/src/main/java/de/muehlencord/shared/account/presentation/LoginView.java +++ b/account/src/main/java/de/muehlencord/shared/account/presentation/LoginView.java @@ -25,7 +25,6 @@ import javax.faces.context.ExternalContext; import javax.faces.context.FacesContext; import javax.faces.view.ViewScoped; import javax.inject.Named; -import javax.naming.NamingException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -119,7 +118,10 @@ public class LoginView implements Serializable { currentUser.logout(); ExternalContext ec = FacesContext.getCurrentInstance().getExternalContext(); - + + // ensure faces session is invalidated so beans are destroyed + ec.invalidateSession(); + // check if redirect shall be executed // default setting is yes to /login.xhtml // can be overwritten using parameters diff --git a/account/src/main/java/de/muehlencord/shared/account/util/SecurityUtil.java b/account/src/main/java/de/muehlencord/shared/account/util/SecurityUtil.java index 1d188d1..827faab 100644 --- a/account/src/main/java/de/muehlencord/shared/account/util/SecurityUtil.java +++ b/account/src/main/java/de/muehlencord/shared/account/util/SecurityUtil.java @@ -46,16 +46,25 @@ public class SecurityUtil { LOGGER.trace(encryptedPassword); return encryptedPassword; } + + public static boolean checkPermission(Permission permission) { + return checkPermission (permission.getName()); + } - public static void checkPermission(Permission permission, SecurityError error) throws AccountSecurityException { + public static boolean checkPermission(String permissionName) { Subject currentUser = SecurityUtils.getSubject(); if ((currentUser == null) || (!currentUser.isAuthenticated())) { - throw new AccountSecurityException(error); // TODO support special error for not logged in + return false; } - String requiredPermissions = permission.getName(); - if (!currentUser.isPermitted(requiredPermissions)) { + String requiredPermissions = permissionName; + return currentUser.isPermitted(requiredPermissions); + } + + public static void checkPermission(Permission permission, SecurityError error) throws AccountSecurityException { + if (!checkPermission(permission)) { throw new AccountSecurityException(error); } } + } diff --git a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.properties b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.properties index 5cb1cb9..058f521 100644 --- a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.properties +++ b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError.properties @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -listall_denied=You are not allowed to list all applications +list_denied=You are not allowed to list any application diff --git a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_de_DE.properties b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_de_DE.properties index 81d8f4e..954a7db 100644 --- a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_de_DE.properties +++ b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_de_DE.properties @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -listall_denied=Sie haben nicht die n\u00f6tige Rechte alle Applikationen aufzulisten +list_denied=Sie haben nicht die n\u00f6tige Rechte eine Applikationen aufzulisten. diff --git a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_en_US.properties b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_en_US.properties index 9b85c69..d56d6e0 100644 --- a/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_en_US.properties +++ b/account/src/main/resources/de/muehlencord/shared/account/business/application/boundary/ApplicationServiceError_en_US.properties @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -listall_denied=User not allowed to list all applications +list_denied=User not allowed to list any application