You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@streampipes.apache.org by ri...@apache.org on 2021/10/05 11:58:05 UTC
[incubator-streampipes] 02/02: [STREAMPIPES-426] Let users inherit
group permissions
This is an automated email from the ASF dual-hosted git repository.
riemer pushed a commit to branch STREAMPIPES-426
in repository https://gitbox.apache.org/repos/asf/incubator-streampipes.git
commit c9c8b39b3123143f922d02f367ecc601d205d687
Author: Dominik Riemer <ri...@fzi.de>
AuthorDate: Tue Oct 5 13:57:52 2021 +0200
[STREAMPIPES-426] Let users inherit group permissions
---
.../org/apache/streampipes/rest/impl/UserGroupResource.java | 8 ++++++++
.../user/management/model/PrincipalUserDetails.java | 10 ++++++++++
.../abstract-security-principal-config.ts | 1 +
.../edit-user-dialog/edit-user-dialog.component.html | 2 +-
4 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
index 4331fb2..a5d786b 100644
--- a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
+++ b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/UserGroupResource.java
@@ -55,6 +55,14 @@ public class UserGroupResource extends AbstractAuthGuardedRestResource {
Group group = getUserGroupStorage().getElementById(groupId);
if (group != null) {
getUserGroupStorage().deleteElement(group);
+
+ // TODO remove group from all users
+ getUserStorage().getAllUsers().forEach(user -> {
+ if (user.getGroups().contains(groupId)) {
+ user.getGroups().remove(groupId);
+ getUserStorage().updateUser(user);
+ }
+ });
return ok();
} else {
return badRequest();
diff --git a/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java b/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
index 99a470d..5aa5353 100644
--- a/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
+++ b/streampipes-user-management/src/main/java/org/apache/streampipes/user/management/model/PrincipalUserDetails.java
@@ -18,14 +18,24 @@
package org.apache.streampipes.user.management.model;
import org.apache.streampipes.model.client.user.Principal;
+import org.apache.streampipes.model.client.user.Role;
+import org.apache.streampipes.storage.management.StorageDispatcher;
import org.springframework.security.core.userdetails.UserDetails;
+import java.util.Set;
+
public abstract class PrincipalUserDetails<T extends Principal> implements UserDetails {
protected T details;
+ private Set<Role> allRoles;
public PrincipalUserDetails(T details) {
this.details = details;
+ this.allRoles = this.details.getRoles();
+ details.getGroups().forEach(groupId -> {
+ Set<Role> groupRoles = StorageDispatcher.INSTANCE.getNoSqlStore().getUserGroupStorage().getElementById(groupId).getRoles();
+ allRoles.addAll(groupRoles);
+ });
}
public T getDetails() {
diff --git a/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts b/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
index be1b03d..9d179d2 100644
--- a/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
+++ b/ui/src/app/configuration/security-configuration/abstract-security-principal-config.ts
@@ -68,6 +68,7 @@ export abstract class AbstractSecurityPrincipalConfig<T extends (UserAccount | S
createUser() {
const principal = this.getNewInstance();
principal.roles = [];
+ principal.groups = [];
this.openEditDialog(principal, false);
}
diff --git a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
index e9d5e53..3e5427a 100644
--- a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
+++ b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
@@ -95,7 +95,7 @@
<div class="sp-dialog-actions">
<div fxLayout="row">
<button mat-button mat-raised-button color="accent" (click)="save()" style="margin-right:10px;"
- [disabled]="!parentForm.valid || clonedUser.roles.length == 0"
+ [disabled]="!parentForm.valid"
data-cy="sp-element-edit-user-save">
<i class="material-icons">save</i><span> Save</span>
</button>