You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/08/08 10:40:55 UTC
[1/4] syncope git commit: [SYNCOPE-1188] Making key mandatory for
dynamic realms
Repository: syncope
Updated Branches:
refs/heads/2_0_X c138cefd4 -> 4af3c2175
refs/heads/master 2cab5d247 -> b7458d070
[SYNCOPE-1188] Making key mandatory for dynamic realms
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c6ffe56b
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c6ffe56b
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c6ffe56b
Branch: refs/heads/2_0_X
Commit: c6ffe56b201687df6af77e98f07bc8326ca500b1
Parents: c138cef
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Aug 8 11:49:25 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Aug 8 11:54:33 2017 +0200
----------------------------------------------------------------------
.../console/panels/DynRealmDirectoryPanel.java | 22 ++++++++++++++++++++
.../console/panels/DynRealmModalPanel.java | 1 +
.../console/panels/RoleDirectoryPanel.java | 6 +++---
3 files changed, 26 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/c6ffe56b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmDirectoryPanel.java
index c20efb5..8098aef 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmDirectoryPanel.java
@@ -24,16 +24,19 @@ import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
+import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.client.console.SyncopeConsoleSession;
import org.apache.syncope.client.console.commons.Constants;
import org.apache.syncope.client.console.commons.DirectoryDataProvider;
import org.apache.syncope.client.console.commons.SortableDataProviderComparator;
+import org.apache.syncope.client.console.pages.BasePage;
import org.apache.syncope.client.console.panels.DynRealmDirectoryPanel.DynRealmDataProvider;
import org.apache.syncope.client.console.rest.DynRealmRestClient;
import org.apache.syncope.client.console.wicket.markup.html.form.ActionLink;
import org.apache.syncope.client.console.wicket.markup.html.form.ActionsPanel;
import org.apache.syncope.client.console.wizards.DynRealmWrapper;
import org.apache.syncope.client.console.wizards.WizardMgtPanel;
+import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.to.DynRealmTO;
import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.wicket.PageReference;
@@ -130,6 +133,25 @@ public class DynRealmDirectoryPanel extends
}
}, ActionLink.ActionType.EDIT, StandardEntitlement.DYNREALM_UPDATE);
+ panel.add(new ActionLink<DynRealmTO>() {
+
+ private static final long serialVersionUID = 3766262567901552032L;
+
+ @Override
+ public void onClick(final AjaxRequestTarget target, final DynRealmTO ignore) {
+ try {
+ restClient.delete(model.getObject().getKey());
+ SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
+ target.add(container);
+ } catch (SyncopeClientException e) {
+ LOG.error("While deleting dynamic realm {}", model.getObject().getKey(), e);
+ SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage())
+ ? e.getClass().getName() : e.getMessage());
+ }
+ ((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
+ }
+ }, ActionLink.ActionType.DELETE, StandardEntitlement.DYNREALM_DELETE, true);
+
return panel;
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/c6ffe56b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
index dd22e23..734bd62 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
@@ -65,6 +65,7 @@ public class DynRealmModalPanel extends AbstractModalPanel<DynRealmWrapper> {
AjaxTextFieldPanel key = new AjaxTextFieldPanel(
"key", "key", new PropertyModel<String>(dynRealmWrapper.getInnerObject(), "key"), false);
key.setReadOnly(!create);
+ key.setRequired(true);
add(key);
add(new Accordion("cond", Collections.<ITab>singletonList(
http://git-wip-us.apache.org/repos/asf/syncope/blob/c6ffe56b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
index bb7d9d9..2231bdf 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
@@ -246,9 +246,9 @@ public class RoleDirectoryPanel extends DirectoryPanel<RoleTO, RoleWrapper, Role
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
- LOG.error("While deleting object {}", model.getObject().getKey(), e);
- SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().
- getName() : e.getMessage());
+ LOG.error("While deleting dynamic realm {}", model.getObject().getKey(), e);
+ SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage())
+ ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
[4/4] syncope git commit: [SYNCOPE-1189] Clarifying about additional
entitlements needed for delegated administration via Admin Console
Posted by il...@apache.org.
[SYNCOPE-1189] Clarifying about additional entitlements needed for delegated administration via Admin Console
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/b7458d07
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/b7458d07
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/b7458d07
Branch: refs/heads/master
Commit: b7458d070f88a18ea098dc0196177a502f0623ac
Parents: 0d93a3a
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Aug 8 12:40:22 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Aug 8 12:40:45 2017 +0200
----------------------------------------------------------------------
pom.xml | 4 ++--
.../reference-guide/concepts/roles.adoc | 22 ++++++++++++++++++++
2 files changed, 24 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/b7458d07/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 3c23485..6c7bb02 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2257,7 +2257,7 @@ under the License.
<plugin>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctor-maven-plugin</artifactId>
- <version>1.5.6</version>
+ <version>1.5.5</version>
<dependencies>
<dependency>
<groupId>org.asciidoctor</groupId>
@@ -2267,7 +2267,7 @@ under the License.
<dependency>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctorj</artifactId>
- <version>1.5.5</version>
+ <version>1.5.6</version>
</dependency>
</dependencies>
<configuration>
http://git-wip-us.apache.org/repos/asf/syncope/blob/b7458d07/src/main/asciidoc/reference-guide/concepts/roles.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/roles.adoc b/src/main/asciidoc/reference-guide/concepts/roles.adoc
index 662febc..63949f4 100644
--- a/src/main/asciidoc/reference-guide/concepts/roles.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/roles.adoc
@@ -81,3 +81,25 @@ The practical consequence of this setting is that Users owning a Group (either b
or members of the owning group) is that they are entitled to perform all operations (create, update, delete, ...) on the
owned group, regardless of the Realm.
====
+
+[[delegated-administration-console]]
+[TIP]
+.Delegated Administration via Admin Console
+====
+When administering via <<REST>>, the entitlements to be granted to delegated administrators are straightforward:
+`USER_CREATE` for certain <<Realms>> will allow to create users under such Realms.
+
+When using the <<Admin Console>>, instead, more entitlements are generally required: this because the underlying
+implementation takes care of simplifying the UX as much as possible. +
+For example, the following entitlements are normally required to be granted for user administration, besides the actual
+`USER_CREATE`, `USER_UPDATE` and `USER_DELETE`:
+
+. `USER_SEARCH`
+. `USER_LIST`
+. `ANYTYPECLASS_READ`
+. `ANYTYPE_LIST`
+. `ANYTYPECLASS_LIST`
+. `USER_READ`
+. `ANYTYPE_READ`
+. `REALM_LIST`
+====
[3/4] syncope git commit: [SYNCOPE-1188] Making key mandatory for
dynamic realms
Posted by il...@apache.org.
[SYNCOPE-1188] Making key mandatory for dynamic realms
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/0d93a3a5
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/0d93a3a5
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/0d93a3a5
Branch: refs/heads/master
Commit: 0d93a3a5bba32a9a544eaea12df72b2d165c51f8
Parents: 2cab5d2
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Aug 8 11:49:25 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Aug 8 12:40:42 2017 +0200
----------------------------------------------------------------------
.../apache/syncope/client/console/panels/DynRealmModalPanel.java | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/0d93a3a5/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
index dd22e23..734bd62 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/DynRealmModalPanel.java
@@ -65,6 +65,7 @@ public class DynRealmModalPanel extends AbstractModalPanel<DynRealmWrapper> {
AjaxTextFieldPanel key = new AjaxTextFieldPanel(
"key", "key", new PropertyModel<String>(dynRealmWrapper.getInnerObject(), "key"), false);
key.setReadOnly(!create);
+ key.setRequired(true);
add(key);
add(new Accordion("cond", Collections.<ITab>singletonList(
[2/4] syncope git commit: [SYNCOPE-1189] Clarifying about additional
entitlements needed for delegated administration via Admin Console
Posted by il...@apache.org.
[SYNCOPE-1189] Clarifying about additional entitlements needed for delegated administration via Admin Console
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/4af3c217
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/4af3c217
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/4af3c217
Branch: refs/heads/2_0_X
Commit: 4af3c2175e874d9abbc41f2323ad9e945b956ead
Parents: c6ffe56
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Aug 8 12:40:22 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Aug 8 12:40:22 2017 +0200
----------------------------------------------------------------------
pom.xml | 4 ++--
.../reference-guide/concepts/roles.adoc | 22 ++++++++++++++++++++
2 files changed, 24 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/4af3c217/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index be12b2c..58ae149 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2331,7 +2331,7 @@ under the License.
<plugin>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctor-maven-plugin</artifactId>
- <version>1.5.6</version>
+ <version>1.5.5</version>
<dependencies>
<dependency>
<groupId>org.asciidoctor</groupId>
@@ -2341,7 +2341,7 @@ under the License.
<dependency>
<groupId>org.asciidoctor</groupId>
<artifactId>asciidoctorj</artifactId>
- <version>1.5.5</version>
+ <version>1.5.6</version>
</dependency>
</dependencies>
<configuration>
http://git-wip-us.apache.org/repos/asf/syncope/blob/4af3c217/src/main/asciidoc/reference-guide/concepts/roles.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/reference-guide/concepts/roles.adoc b/src/main/asciidoc/reference-guide/concepts/roles.adoc
index 662febc..63949f4 100644
--- a/src/main/asciidoc/reference-guide/concepts/roles.adoc
+++ b/src/main/asciidoc/reference-guide/concepts/roles.adoc
@@ -81,3 +81,25 @@ The practical consequence of this setting is that Users owning a Group (either b
or members of the owning group) is that they are entitled to perform all operations (create, update, delete, ...) on the
owned group, regardless of the Realm.
====
+
+[[delegated-administration-console]]
+[TIP]
+.Delegated Administration via Admin Console
+====
+When administering via <<REST>>, the entitlements to be granted to delegated administrators are straightforward:
+`USER_CREATE` for certain <<Realms>> will allow to create users under such Realms.
+
+When using the <<Admin Console>>, instead, more entitlements are generally required: this because the underlying
+implementation takes care of simplifying the UX as much as possible. +
+For example, the following entitlements are normally required to be granted for user administration, besides the actual
+`USER_CREATE`, `USER_UPDATE` and `USER_DELETE`:
+
+. `USER_SEARCH`
+. `USER_LIST`
+. `ANYTYPECLASS_READ`
+. `ANYTYPE_LIST`
+. `ANYTYPECLASS_LIST`
+. `USER_READ`
+. `ANYTYPE_READ`
+. `REALM_LIST`
+====