You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@streampipes.apache.org by ri...@apache.org on 2021/10/05 11:58:05 UTC

[incubator-streampipes] 02/02: [STREAMPIPES-426] Let users inherit group permissions

This is an automated email from the ASF dual-hosted git repository.

riemer pushed a commit to branch STREAMPIPES-426
in repository https://gitbox.apache.org/repos/asf/incubator-streampipes.git

commit c9c8b39b3123143f922d02f367ecc601d205d687
Author: Dominik Riemer <ri...@fzi.de>
AuthorDate: Tue Oct 5 13:57:52 2021 +0200

    [STREAMPIPES-426] Let users inherit group permissions
---
 .../org/apache/streampipes/rest/impl/UserGroupResource.java    |  8 ++++++++
 .../user/management/model/PrincipalUserDetails.java            | 10 ++++++++++
 .../abstract-security-principal-config.ts                      |  1 +
 .../edit-user-dialog/edit-user-dialog.component.html           |  2 +-
 4 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
index 4331fb2..a5d786b 100644
--- a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
+++ b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
@@ -55,6 +55,14 @@ public class UserGroupResource extends AbstractAuthGuardedRestResource {
     Group group = getUserGroupStorage().getElementById(groupId);
     if (group != null) {
       getUserGroupStorage().deleteElement(group);
+
+      // TODO remove group from all users
+      getUserStorage().getAllUsers().forEach(user -> {
+        if (user.getGroups().contains(groupId)) {
+          user.getGroups().remove(groupId);
+          getUserStorage().updateUser(user);
+        }
+      });
       return ok();
     } else {
       return badRequest();
diff --git a/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java b/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
index 99a470d..5aa5353 100644
--- a/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
+++ b/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
@@ -18,14 +18,24 @@
 package org.apache.streampipes.user.management.model;
 
 import org.apache.streampipes.model.client.user.Principal;
+import org.apache.streampipes.model.client.user.Role;
+import org.apache.streampipes.storage.management.StorageDispatcher;
 import org.springframework.security.core.userdetails.UserDetails;
 
+import java.util.Set;
+
 public abstract class PrincipalUserDetails<T extends Principal> implements UserDetails {
 
   protected T details;
+  private Set<Role> allRoles;
 
   public PrincipalUserDetails(T details) {
     this.details = details;
+    this.allRoles = this.details.getRoles();
+    details.getGroups().forEach(groupId -> {
+      Set<Role> groupRoles = StorageDispatcher.INSTANCE.getNoSqlStore().getUserGroupStorage().getElementById(groupId).getRoles();
+      allRoles.addAll(groupRoles);
+    });
   }
 
   public T getDetails() {
diff --git a/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts b/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
index be1b03d..9d179d2 100644
--- a/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
+++ b/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
@@ -68,6 +68,7 @@ export abstract class AbstractSecurityPrincipalConfig<T extends (UserAccount | S
   createUser() {
     const principal = this.getNewInstance();
     principal.roles = [];
+    principal.groups = [];
     this.openEditDialog(principal, false);
   }
 
diff --git a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
index e9d5e53..3e5427a 100644
--- a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
+++ b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
@@ -95,7 +95,7 @@
     <div class="sp-dialog-actions">
         <div fxLayout="row">
             <button mat-button mat-raised-button color="accent" (click)="save()" style="margin-right:10px;"
-                    [disabled]="!parentForm.valid || clonedUser.roles.length == 0"
+                    [disabled]="!parentForm.valid"
                     data-cy="sp-element-edit-user-save">
                 <i class="material-icons">save</i><span>&nbsp;Save</span>
             </button>