You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2017/02/13 16:51:11 UTC
svn commit: r1782812 - in /openmeetings/application:
branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/
branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/
trunk/openmeeti...
Author: solomax
Date: Mon Feb 13 16:51:10 2017
New Revision: 1782812
URL: http://svn.apache.org/viewvc?rev=1782812&view=rev
Log:
[OPENMEETINGS-1550] Admin widget is totally hidden for non-admin user
Modified:
openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java
openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java
openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java
openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java
Modified: openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java
URL: http://svn.apache.org/viewvc/openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java?rev=1782812&r1=1782811&r2=1782812&view=diff
==============================================================================
--- openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java (original)
+++ openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java Mon Feb 13 16:51:10 2017
@@ -19,6 +19,7 @@
package org.apache.openmeetings.web.user.dashboard.admin;
import org.apache.wicket.ajax.AjaxRequestTarget;
+import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.model.Model;
import org.wicketstuff.dashboard.Widget;
@@ -26,6 +27,7 @@ import org.wicketstuff.dashboard.web.Wid
import com.googlecode.wicket.jquery.ui.form.button.IndicatingAjaxButton;
+@AuthorizeInstantiation("Admin")
public class AdminWidgetView extends WidgetView {
private static final long serialVersionUID = 1L;
private final AdminCleanupInfoDialog cleanupDialog;
Modified: openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java
URL: http://svn.apache.org/viewvc/openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java?rev=1782812&r1=1782811&r2=1782812&view=diff
==============================================================================
--- openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java (original)
+++ openmeetings/application/branches/3.2.x/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java Mon Feb 13 16:51:10 2017
@@ -18,18 +18,22 @@
*/
package org.apache.openmeetings.web.user.profile;
+import static org.apache.openmeetings.db.util.AuthLevelUtil.hasAdminLevel;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DASHBOARD_SHOW_MYROOMS_KEY;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DASHBOARD_SHOW_RSS_KEY;
import static org.apache.openmeetings.web.app.Application.getBean;
import static org.apache.openmeetings.web.app.Application.getDashboardContext;
import static org.apache.openmeetings.web.app.WebSession.getDashboard;
+import static org.apache.openmeetings.web.app.WebSession.getRights;
+import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.openmeetings.db.dao.basic.ConfigurationDao;
import org.apache.openmeetings.web.user.dashboard.MyRoomsWidget;
import org.apache.openmeetings.web.user.dashboard.RssWidget;
+import org.apache.openmeetings.web.user.dashboard.admin.AdminWidget;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.markup.html.form.AjaxCheckBox;
import org.apache.wicket.markup.html.basic.Label;
@@ -59,7 +63,7 @@ public class WidgetsPanel extends Panel
ConfigurationDao cfgDao = getBean(ConfigurationDao.class);
boolean confShowMyRooms = 1 == cfgDao.getConfValue(CONFIG_DASHBOARD_SHOW_MYROOMS_KEY, Integer.class, "0");
boolean confShowRss = 1 == cfgDao.getConfValue(CONFIG_DASHBOARD_SHOW_RSS_KEY, Integer.class, "0");
- List<WidgetDescriptor> widgets = getDashboardContext().getWidgetRegistry().getWidgetDescriptors();
+ List<WidgetDescriptor> widgets = new ArrayList<>(getDashboardContext().getWidgetRegistry().getWidgetDescriptors());
for (Iterator<WidgetDescriptor> i = widgets.iterator(); i.hasNext();) {
WidgetDescriptor wd = i.next();
if (!confShowMyRooms && MyRoomsWidget.class.getCanonicalName().equals(wd.getWidgetClassName())) {
@@ -70,6 +74,10 @@ public class WidgetsPanel extends Panel
i.remove();
continue;
}
+ if (!hasAdminLevel(getRights()) && AdminWidget.class.getCanonicalName().equals(wd.getWidgetClassName())) {
+ i.remove();
+ continue;
+ }
}
add(new ListView<WidgetDescriptor>("widgets", widgets) {
private static final long serialVersionUID = 1L;
@@ -101,3 +109,4 @@ public class WidgetsPanel extends Panel
});
}
}
+
Modified: openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java
URL: http://svn.apache.org/viewvc/openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java?rev=1782812&r1=1782811&r2=1782812&view=diff
==============================================================================
--- openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java (original)
+++ openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/dashboard/admin/AdminWidgetView.java Mon Feb 13 16:51:10 2017
@@ -19,6 +19,7 @@
package org.apache.openmeetings.web.user.dashboard.admin;
import org.apache.wicket.ajax.AjaxRequestTarget;
+import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.model.Model;
import org.wicketstuff.dashboard.Widget;
@@ -26,6 +27,7 @@ import org.wicketstuff.dashboard.web.Wid
import com.googlecode.wicket.jquery.ui.form.button.IndicatingAjaxButton;
+@AuthorizeInstantiation("Admin")
public class AdminWidgetView extends WidgetView {
private static final long serialVersionUID = 1L;
private final AdminCleanupInfoDialog cleanupDialog;
Modified: openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java
URL: http://svn.apache.org/viewvc/openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java?rev=1782812&r1=1782811&r2=1782812&view=diff
==============================================================================
--- openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java (original)
+++ openmeetings/application/trunk/openmeetings-web/src/main/java/org/apache/openmeetings/web/user/profile/WidgetsPanel.java Mon Feb 13 16:51:10 2017
@@ -18,18 +18,22 @@
*/
package org.apache.openmeetings.web.user.profile;
+import static org.apache.openmeetings.db.util.AuthLevelUtil.hasAdminLevel;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DASHBOARD_SHOW_MYROOMS_KEY;
import static org.apache.openmeetings.util.OpenmeetingsVariables.CONFIG_DASHBOARD_SHOW_RSS_KEY;
import static org.apache.openmeetings.web.app.Application.getBean;
import static org.apache.openmeetings.web.app.Application.getDashboardContext;
import static org.apache.openmeetings.web.app.WebSession.getDashboard;
+import static org.apache.openmeetings.web.app.WebSession.getRights;
+import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.openmeetings.db.dao.basic.ConfigurationDao;
import org.apache.openmeetings.web.user.dashboard.MyRoomsWidget;
import org.apache.openmeetings.web.user.dashboard.RssWidget;
+import org.apache.openmeetings.web.user.dashboard.admin.AdminWidget;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.markup.html.form.AjaxCheckBox;
import org.apache.wicket.markup.html.basic.Label;
@@ -59,7 +63,7 @@ public class WidgetsPanel extends Panel
ConfigurationDao cfgDao = getBean(ConfigurationDao.class);
boolean confShowMyRooms = 1 == cfgDao.getConfValue(CONFIG_DASHBOARD_SHOW_MYROOMS_KEY, Integer.class, "0");
boolean confShowRss = 1 == cfgDao.getConfValue(CONFIG_DASHBOARD_SHOW_RSS_KEY, Integer.class, "0");
- List<WidgetDescriptor> widgets = getDashboardContext().getWidgetRegistry().getWidgetDescriptors();
+ List<WidgetDescriptor> widgets = new ArrayList<>(getDashboardContext().getWidgetRegistry().getWidgetDescriptors());
for (Iterator<WidgetDescriptor> i = widgets.iterator(); i.hasNext();) {
WidgetDescriptor wd = i.next();
if (!confShowMyRooms && MyRoomsWidget.class.getCanonicalName().equals(wd.getWidgetClassName())) {
@@ -70,6 +74,10 @@ public class WidgetsPanel extends Panel
i.remove();
continue;
}
+ if (!hasAdminLevel(getRights()) && AdminWidget.class.getCanonicalName().equals(wd.getWidgetClassName())) {
+ i.remove();
+ continue;
+ }
}
add(new ListView<WidgetDescriptor>("widgets", widgets) {
private static final long serialVersionUID = 1L;
@@ -101,3 +109,4 @@ public class WidgetsPanel extends Panel
});
}
}
+