You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stanbol.apache.org by re...@apache.org on 2013/03/24 18:16:36 UTC
svn commit: r1460417 - in /stanbol/trunk/commons/security/usermanagement: ./
src/main/java/org/apache/stanbol/commons/usermanagement/resource/
src/main/resources/META-INF/resources/static/user-management/styles/
src/main/resources/templates/html/org/ap...
Author: reto
Date: Sun Mar 24 17:16:36 2013
New Revision: 1460417
URL: http://svn.apache.org/r1460417
Log:
STANBOL-897 applied patch by Danny Ayers, mainly doumentation improvements
Modified:
stanbol/trunk/commons/security/usermanagement/README.md
stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolesCheckboxes.ftl
stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
Modified: stanbol/trunk/commons/security/usermanagement/README.md
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/README.md?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/README.md (original)
+++ stanbol/trunk/commons/security/usermanagement/README.md Sun Mar 24 17:16:36 2013
@@ -1,20 +1,63 @@
-usermanager
-===========
+User Management
+===============
-A usermanager for stanbol. It provides a felix webconsole plugin as well as the
-following HTTP resources to manage users and roles, the HTTP services are
-described in terms of curl-commands and assume Stanbol to be running on localhost.
+A user manager for Stanbol. It provides a Felix Web Console plugin as well as various HTTP-accessible resources to manage users, roles and permissions.
+Data is persisted in the system graph, and access control is managed by existing structures in that graph.
+Server-side the data is accessed through JAX-RS methods (JSR 311, http://jcp.org/en/jsr/detail?id=311).
+
+## Tests
+Functional tests are available under stanbol/integration-tests (package org.apache.stanbol.commons.usermanagement.it). See that documentation for further details, but in short, with a running system:
+ cd stanbol/integration-tests
+ mvn -o test -Dtest.server.url=http://localhost:8080 -Dtest=UserManagement*Test
+
+## Access Modes
+Three different kinds of access are available:
+
+### HTML
+Primarily used by the Felix Web Console plugin running in a browser. Server-side the JAX-RS methods typically delegate to RdfViewable objects which provide HTML serializations, created from combinations of resources in the graph and FreeMarker templates (augmented with RDF view components).
+
+Client-side, regular HTML + Javascript is used, helped by jQuery (mostly Ajax methods) and jQueryAPI (mostly dialogues).
+
+### API
+Endpoint-style access is provided to modify data using custom Turtle format messages.
+
+### RESTful
+Direct access is provided to modify data associated with named resources (URIs).
+
+## User Model
+@@TODO
Note that users are uniquely identified by their cz:userName (= login) but may also have a foaf:name (= full name).
-The following assumes your stanbol instance is running on localhost port 8080.
+## URI Schemes
+The following assumes your Stanbol instance is running on localhost port 8080.
+
+### Primary Resources
+@@TODO media types
+
+http://localhost:8080/user-management/users/{username}
+http://localhost:8080/user-management/roles/{username}
+
+### API Endpoints
+http://localhost:8080/user-management/add-user
+http://localhost:8080/user-management/delete-user
+
+### HTML Helper Resources
+
+
+
+## API Examples
+The following HTTP services are
+described in terms of curl-commands and assume Stanbol to be running on localhost.
+
+The following assumes your Stanbol instance is running on localhost port 8080.
Add user:
curl -i -X POST -H "Content-Type: text/turtle" \
--user admin:admin \
--data \
- ' @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+ ' @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
@prefix cz: <http://clerezza.org/2009/08/platform#> .
[] a foaf:Agent ;
@@ -42,16 +85,16 @@ value isn't specified, the corresponding
e.g. change user name:
- curl -i -X POST -H "Content-Type: text/turtle" --user admin:admin \
- --data " @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . \
- @prefix cz: <http://clerezza.org/2009/08/platform#> . \
- @prefix : <http://stanbol.apache.org/ontologies/usermanagement#>. \
- [] a :Change; \
- cz:userName 'hugob'; \
- :predicate cz:userName; \
- :oldValue 'hugob'; \
- :newValue 'tristant' . " \
- http://localhost:8080/user-management/change-user
+ curl -i -v -X POST -H "Content-Type: text/turtle" --user admin:admin \
+ --data " @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . \
+ @prefix cz: <http://clerezza.org/2009/08/platform#> . \
+ @prefix : <http://stanbol.apache.org/ontologies/usermanagement#>. \
+ [] a :Change; \
+ cz:userName 'hugob'; \
+ :predicate cz:userName; \
+ :oldValue 'hugob'; \
+ :newValue 'tristant' . " \
+ http://localhost:8080/user-management/change-user
e.g. add email (replacing a previous address if any):
@@ -66,6 +109,8 @@ e.g. add email (replacing a previous add
:newValue <ma...@example.org> . " \
http://localhost:8080/user-management/change-user
+## REST Access Examples
+
Get user Turtle :
curl --user admin:admin -H "Accept:text/turtle" http://localhost:8080/user-management/users/anonymous
Modified: stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/java/org/apache/stanbol/commons/usermanagement/resource/UserResource.java Sun Mar 24 17:16:36 2013
@@ -30,10 +30,12 @@ import java.util.List;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
+import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
@@ -83,9 +85,13 @@ import org.apache.stanbol.commons.web.vi
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+/**
+ * Handles HTTP requests related to a user
+ *
+ */
@Component
-@Service( {Object.class, UserResource.class })
-@Property(name="javax.ws.rs", boolValue=true)
+@Service({Object.class, UserResource.class})
+@Property(name = "javax.ws.rs", boolValue = true)
@Path("user-management")
public class UserResource {
@@ -93,8 +99,9 @@ public class UserResource {
@Reference(target = SystemConfig.SYSTEM_GRAPH_FILTER)
private LockableMGraph systemGraph;
@Reference
+ private Serializer serializer;
+ @Reference
private Parser parser;
-
private static GraphNode dummyNode;
static {
@@ -102,9 +109,36 @@ public class UserResource {
dummyNode.addProperty(RDF.type, FOAF.Agent);
}
// **********************************
- // ****** SHOW USER DETAILS ******
+ // ****** SHOW USER DETAILS *********
// **********************************
+ //
+ // ****** RESTful/RDF *******************
+ //
+ /**
+ * RESTful access to individual user data
+ *
+ * [has integration test] currently has a kludge to return an empty graph if
+ * user not found should return a 404
+ *
+ * @param userName
+ * @return context graph for user
+ * @throws UnsupportedEncodingException
+ */
+ @GET
+ @Path("users/{username}")
+ public TripleCollection getUserContext(@PathParam("username") String userName)
+ throws UnsupportedEncodingException {
+ GraphNode userNode = getUser(userName);
+ if (userNode == null) { // a kludge
+ return new SimpleMGraph();
+ }
+ return userNode.getNodeContext();
+ }
+
+ //
+ // ****** HTML *******************
+ //
/**
* lookup a user by name.
*
@@ -126,7 +160,7 @@ public class UserResource {
* @return
*/
@GET
- @Path("user/{username}")
+ @Path("users/edit/{username}")
@Produces(MediaType.TEXT_HTML)
public RdfViewable editUser(@PathParam("username") String userName) {
return new RdfViewable("editUser", getUser(userName),
@@ -137,32 +171,20 @@ public class UserResource {
* Produces suitable permission-checkboxes
*/
@GET
- @Path("user/{username}/permissionsCheckboxes")
+ @Path("users/{username}/permissionsCheckboxes")
@Produces(MediaType.TEXT_HTML)
public RdfViewable permissionsCheckboxes(@PathParam("username") String userName) { //getUser(userName)
- return new RdfViewable("permissionsCheckboxes", getUser(userName), this.getClass());
+ addClassToPermissions(); // workaround
+ showSystem();
+ return new RdfViewable("permissionsCheckboxes", getPermissionType(), this.getClass());
}
/**
- * RESTful access to individual user data [has integration test]
+ * RESTful access to user roles (and nested permissions right now - may
+ * change) [has integration test]
*
* @param userName
- * @return context graph for user
- * @throws UnsupportedEncodingException
- */
- @GET
- @Path("users/{username}")
- public TripleCollection getUserContext(@PathParam("username") String userName)
- throws UnsupportedEncodingException {
- return getUser(userName).getNodeContext();
- }
-
- /**
- * RESTful access to user roles (and permissions right now - may change)
- * [has integration test]
- *
- * @param userName
- * @return context graph for user
+ * @return role graph for user
* @throws UnsupportedEncodingException
*/
@GET
@@ -178,7 +200,8 @@ public class UserResource {
}
/**
- * Update user details.
+ * Update user details
+ * adds triples as appropriate to system graph
*
* @param uriInfo
* @param currentLogin
@@ -192,7 +215,6 @@ public class UserResource {
*/
@POST
@Path("store-user")
- // @Consumes("multipart/form-data")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response storeUser(@Context UriInfo uriInfo,
@FormParam("currentLogin") String currentLogin,
@@ -220,21 +242,12 @@ public class UserResource {
return store(userNode, uriInfo, newLogin, newLogin, fullName, email, password, roles, permissions);
}
- /**
- * produces suitable role checkboxes
- *
- * @return
- */
- @GET
- @Path("rolesCheckboxes")
- @Produces(SupportedFormat.HTML)
- public RdfViewable rolesCheckboxes() {
- return new RdfViewable("rolesCheckboxes", getRoleType(), this.getClass());
- }
-
- /*
- * Modify user given give a graph describing the change.
- */
+/**
+ * Modify user given a graph describing the change.
+ *
+ * @param inputGraph change graph
+ * @return HTTP response
+ */
@POST
@Consumes(SupportedFormat.TURTLE)
@Path("change-user")
@@ -242,10 +255,14 @@ public class UserResource {
Lock readLock = systemGraph.getLock().readLock();
readLock.lock();
+
Iterator<Triple> changes = inputGraph.filter(null, null,
Ontology.Change);
- while (changes.hasNext()) {
+ Triple oldTriple = null;
+ Triple newTriple = null;
+
+ if (changes.hasNext()) {
Triple changeTriple = changes.next();
NonLiteral changeNode = changeTriple.getSubject();
@@ -254,52 +271,71 @@ public class UserResource {
.filter(changeNode, PLATFORM.userName, null).next()
.getObject();
- NonLiteral userNode = (NonLiteral) systemGraph
- .filter(null, PLATFORM.userName, userName).next()
+ Iterator<Triple> userTriples = systemGraph
+ .filter(null, PLATFORM.userName, userName);
+
+ // if (userTriples.hasNext()) {
+ NonLiteral userNode = (NonLiteral) userTriples.next()
.getSubject();
UriRef predicateUriRef = (UriRef) inputGraph
.filter(changeNode, Ontology.predicate, null).next()
.getObject();
- // System.out.println("predicateUriRef = " + predicateUriRef);
-
// handle old value (if it exists)
Iterator<Triple> iterator = inputGraph.filter(changeNode,
Ontology.oldValue, null);
+
Resource oldValue = null;
if (iterator.hasNext()) {
- oldValue = iterator.next().getObject();
+ oldValue = iterator.next().getObject();
// Triple oldTriple = systemGraph.filter(null, predicateUriRef,
// oldValue).next();
- Triple oldTriple = systemGraph.filter(userNode,
- predicateUriRef, oldValue).next();
-
- systemGraph.remove(oldTriple);
+ Iterator<Triple> oldTriples = systemGraph.filter(userNode,
+ predicateUriRef, oldValue);
+ if (oldTriples.hasNext()) {
+ oldTriple = oldTriples.next();
+ }
}
Resource newValue = inputGraph
.filter(changeNode, Ontology.newValue, null).next()
.getObject();
- Triple newTriple = new TripleImpl(userNode, predicateUriRef,
+ newTriple = new TripleImpl(userNode, predicateUriRef,
newValue);
+ // }
+ }
+ readLock.unlock();
- systemGraph.add(newTriple);
+ Lock writeLock = systemGraph.getLock().writeLock();
+ writeLock.lock();
+ if (oldTriple != null) {
+ systemGraph.remove(oldTriple);
}
+ systemGraph.add(newTriple);
+ writeLock.unlock();
- // it's not actually creating a resource at this URI so this
+ // it's not actually creating a resource so this
// seems the most appropriate response
return Response.noContent().build();
}
- /*
- * Isn't very pretty but is just a one-off
- */
+/**
+ * Provides HTML corresponding to a user's roles
+ *
+ * all roles are listed with checkboxes,
+ * the roles this user has are checked
+ *
+ * (isn't very pretty but is just a one-off)
+ *
+ * @param userName the user in question
+ * @return HTML checkboxes as HTTP response
+ */
@GET
- @Path("user/{username}/rolesCheckboxes")
+ @Path("users/{username}/rolesCheckboxes")
@Produces(MediaType.TEXT_HTML)
public Response rolesCheckboxes(@PathParam("username") String userName) {
// return new RdfViewable("rolesCheckboxes", getRoleType(), this.getClass());
@@ -314,16 +350,10 @@ public class UserResource {
try { // pulls out all role names
while (allRoleTriples.hasNext()) {
Triple triple = allRoleTriples.next();
- // if (triple.getPredicate().equals(DC.title)) {
- // allRoleNames.add(((Literal) triple.getObject()).getLexicalForm());
- // System.out.println("system role = "+((Literal) triple.getObject()).getLexicalForm());
- // }
- // NonLiteral roleNode = triple.getSubject();
GraphNode roleNode = new GraphNode(triple.getSubject(), systemGraph);
Iterator<Literal> titlesIterator = roleNode.getLiterals(DC.title);
while (titlesIterator.hasNext()) {
allRoleNames.add(titlesIterator.next().getLexicalForm());
- // System.out.println("system role = " + titlesIterator.next().getLexicalForm());
}
}
} finally {
@@ -342,13 +372,11 @@ public class UserResource {
Iterator<Literal> titlesIterator = roleNode.getLiterals(DC.title);
while (titlesIterator.hasNext()) {
userRoleNames.add(titlesIterator.next().getLexicalForm());
- // System.out.println("user role = " + titlesIterator.next().getLexicalForm());
}
}
for (int i = 0; i < allRoleNames.size(); i++) {
- // BasePermissionsRole
String role = allRoleNames.get(i);
- if (role.equals("BasePermissionsRole")) {
+ if (role.equals("BasePermissionsRole")) { // filter out
continue;
}
if (userRoleNames.contains(role)) {
@@ -362,12 +390,12 @@ public class UserResource {
return Response.ok(html.toString()).build();
}
- /**
- * List the users. I.e. renders the user type with the "listUser" rendering
- * specification.
- *
- * @return
- */
+/**
+ * List the users.
+ * renders the user type with the "listUser" rendering template
+ *
+ * @return rendering specification
+ */
@GET
@Path("users")
@Produces(MediaType.TEXT_HTML)
@@ -375,15 +403,38 @@ public class UserResource {
return new RdfViewable("listUser", getUserType(), this.getClass());
}
+ public GraphNode getUserType() {
+ return new GraphNode(FOAF.Agent, systemGraph);
+ }
+
+ /*
+ * RESTful creation of user
+ * @TODO validity check input
+ */
+ @PUT
+ @Path("users/{username}")
+ @Consumes(SupportedFormat.TURTLE)
+ public Response createUser(@Context UriInfo uriInfo, @PathParam("username") String userName, Graph inputGraph) {
+ Lock writeLock = systemGraph.getLock().writeLock();
+ writeLock.lock();
+ systemGraph.addAll(inputGraph);
+ writeLock.unlock();
+ UriBuilder uriBuilder = uriInfo.getBaseUriBuilder();
+ URI createdResource = uriBuilder.replacePath("/user-management/users/" + userName).build();
+ return Response.created(createdResource).build();
+ }
+
/**
- * Create a user. I.e. returns a dummy use with "editUSer" as rendering
- * specification.
+ * Create a user.
+ * returns a dummy use with "editUser" as rendering
+ * specification (this will be a HTML form)
*
- * @param uriInfo
- * @return
+ * @param uriInfo request details
+ * @return rendering specification
*/
@GET
@Path("create-form")
+ @Produces(MediaType.TEXT_HTML)
public RdfViewable getCreateUserForm(@Context UriInfo uriInfo) {
return new RdfViewable("editUser", dummyNode,
this.getClass());
@@ -395,10 +446,12 @@ public class UserResource {
*
* [has test]
*
+ * @TODO check for password
+ *
* @param userData
* @return HTTP/1.1 204 No Content
*/
- @POST // @TODO add RESTful PUT version
+ @POST
@Consumes(SupportedFormat.TURTLE)
@Path("add-user")
public Response addUser(@Context UriInfo uriInfo, Graph inputGraph) {
@@ -415,6 +468,8 @@ public class UserResource {
Lock writeLock = systemGraph.getLock().writeLock();
writeLock.lock();
try {
+ GraphNode systemUserNode = new GraphNode(userNode, systemGraph);
+ addRole(systemUserNode, "BasePermissionsRole");
while (userTriples.hasNext()) {
userTriple = userTriples.next();
systemGraph.add(userTriple);
@@ -425,34 +480,33 @@ public class UserResource {
}
UriBuilder uriBuilder = uriInfo.getBaseUriBuilder();
-
- URI createdResource = null;
- // try {
- // createdResource = new URI("http://localhost:8080/user-management/users/" + userName);
- createdResource = uriBuilder.replacePath("/user-management/users/" + userName).build();
-// } catch (URISyntaxException ex) {
-// java.util.logging.Logger.getLogger(UserResource.class.getName()).log(Level.SEVERE, null, ex);
-// }
- System.out.println("URI =" + createdResource);
-// from HTTPbis
-//The request has been fulfilled and has resulted in one or more new
-// resources being created.
-// Response.ResponseBuilder builder = Response.status(Response.Status.CREATED);
-// // builder.header("Location", createdResource);
-//
-// Response response = builder.build();
-// MultivaluedMap<String,Object> meta = response.getMetadata();
-// meta.putSingle("Location", createdResource);
+ URI createdResource = uriBuilder.replacePath("/user-management/users/" + userName).build();
return Response.created(createdResource).build();
}
// **********************************
// ****** REMOVE USER ***************
// **********************************
+ /**
+ * Deletes a named user
+ *
+ * (called from HTML form)
+ *
+ * @param userName
+ */
@POST
@Path("delete")
public void removeUser(@FormParam("user") String userName) {
- // System.out.println("DELETE " + userName);
+ remove(userName);
+
+ }
+
+ /**
+ * Deletes a named user
+ *
+ * @param userName
+ */
+ private void remove(String userName) {
Resource userResource = getNamedUser(userName).getNode();
Iterator<Triple> userTriples = systemGraph.filter((NonLiteral) userResource, null, null);
@@ -480,7 +534,24 @@ public class UserResource {
}
/**
- * Endpoint-style user deletion takes a little bunch of Turtle e.g. [] a
+ * RESTful user deletion
+ *
+ * called direct from the URI, e.g.
+ * http://localhost:8080/user-management/users/fred
+ *
+ * @param userName name of the user to delete
+ * @return HTTP/1.1 204 No Content
+ */
+ @DELETE
+ @Path("users/{username}")
+ public Response delete(@PathParam("username") String userName) {
+ remove(userName);
+ return Response.noContent().build();
+ }
+
+ /**
+ * Endpoint-style user deletion takes a little bunch of Turtle describing the user to delete
+ * e.g. [] a
* foaf:Agent ; cz:userName "Hugo Ball" .
*
* @param userData
@@ -503,14 +574,14 @@ public class UserResource {
try {
Iterator<Triple> userTriples = systemGraph.filter(null, null,
userNameNode);
+ if (userTriples.hasNext()) {
+ Triple userTriple = userTriples.next();
+ Iterator<Triple> systemUserTriples = systemGraph.filter(
+ userTriple.getSubject(), null, null);
- Triple userTriple = userTriples.next();
- Iterator<Triple> systemUserTriples = systemGraph.filter(
- userTriple.getSubject(), null, null);
-
-
- while (systemUserTriples.hasNext()) {
- tripleBuffer.add(systemUserTriples.next());
+ while (systemUserTriples.hasNext()) {
+ tripleBuffer.add(systemUserTriples.next());
+ }
}
} finally {
readLock.unlock();
@@ -529,6 +600,10 @@ public class UserResource {
// **********************************
// ****** LIST ROLES ****************
// **********************************
+ /**
+ * Lists all roles using a rendering as specified in template listRole
+ * @return
+ */
@GET
@Path("roles")
@Produces(MediaType.TEXT_HTML)
@@ -536,6 +611,16 @@ public class UserResource {
return new RdfViewable("listRole", getRoleType(), this.getClass());
}
+ /**
+ * Provides the node in the system graph corresponding to rdf:type Role
+ *
+ * @return Role class node
+ */
+ public GraphNode getRoleType() {
+ return new GraphNode(PERMISSION.Role,
+ systemGraph);
+ }
+
// **********************************
// ****** ADD ROLE ******************
// **********************************
@@ -551,14 +636,28 @@ public class UserResource {
// **********************************
// ****** LIST PERMISSIONS **********
// **********************************
+ /*
+ * Provides listing of all permissions present in system graph
+ * rendered according to specification in listPermission template
+ */
@GET
@Path("permissions")
@Produces(MediaType.TEXT_HTML)
public RdfViewable listPermissions() {
- addClassToPermissions();
+ addClassToPermissions(); // workaround
return new RdfViewable("listPermission", getPermissionType(), this.getClass());
}
+ /**
+ * Provides the node in the system graph corresponding to rdf:type Permission
+ *
+ * @return Permission class node
+ */
+ public GraphNode getPermissionType() {
+ return new GraphNode(PERMISSION.Permission,
+ systemGraph);
+ }
+
// **********************************
// ****** ADD PERMISSION TO USER ****
// **********************************
@@ -571,22 +670,23 @@ public class UserResource {
// **************************************
// ****** REMOVE PERMISSION FROM ROLE ***
// **************************************
- // misc
- /* @GET
- public String index() throws UnsupportedEncodingException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- serializer.serialize(baos, systemGraph, SupportedFormat.TURTLE);
- String serialized = new String(baos.toByteArray(), "utf-8");
- return serialized;
- }*/
-
- public GraphNode getUserType() {
- return new GraphNode(FOAF.Agent, systemGraph);
- }
- /**
- * takes edit form data and pushes into store "" values are ignored
- */
+ ////////////////////////////////////////////////////////////////
+
+/**
+ * Pushes user data into system graph
+ *
+ * @param userNode
+ * @param uriInfo
+ * @param currentUserName
+ * @param newUserName
+ * @param fullName
+ * @param email
+ * @param password
+ * @param roles
+ * @param permissions
+ * @return
+ */
private Response store(GraphNode userNode, UriInfo uriInfo,
String currentUserName,
String newUserName,
@@ -654,57 +754,14 @@ public class UserResource {
CacheControl cc = new CacheControl();
cc.setNoCache(true);
+ //showSystem();
+
// see other my not be the best response, but does seem the best given
// the jax-rs things available
return Response.seeOther(pageUri).cacheControl(cc).build();
}
/**
- * NOT CURRENTLY IN USE replaces the subgraph
- * <code>revokedString
- * </code> with the one from
- * <code>assertedString</code>.
- *
- * @param graphUri the graph within which the replacement has to take place
- * or null for the content graph
- * @param assertedString the asserted Graph
- * @param revokedString the revoked Graph
- * @param format the media-type of the rdf format in which the asserted and
- * revoked graph are serialized, default: text/turtle
- */
- @POST
- @Path("replace-subgraph")
- @Consumes(MediaType.MULTIPART_FORM_DATA)
- public void replaceSubGraph(@QueryParam("graph") UriRef graphUri,
- @FormDataParam("assert") String assertedString,
- @FormDataParam("revoke") String revokedString,
- @FormDataParam("format") @DefaultValue(SupportedFormat.TURTLE) String format) {
- final Graph assertedGraph;
- final Graph revokedGraph;
- try {
- assertedGraph = parser.parse(new ByteArrayInputStream(
- assertedString.getBytes("utf-8")), format);
- revokedGraph = parser.parse(
- new ByteArrayInputStream(assertedString.getBytes("utf-8")),
- format);
- } catch (IOException ex) {
- log.error("reading graph {}", ex);
- throw new WebApplicationException(ex, 500);
- }
- try {
- MGraphUtils.removeSubGraph(systemGraph, revokedGraph);
- } catch (NoSuchSubGraphException ex) {
- throw new RuntimeException(ex);
- }
- systemGraph.addAll(assertedGraph);
- }
-
- public GraphNode getPermissionType() {
- return new GraphNode(PERMISSION.Permission,
- systemGraph);
- }
-
- /**
* a kludge - initially the permissions aren't expressed as instances of
* Permission class, this adds the relevant triples
*/
@@ -736,11 +793,12 @@ public class UserResource {
}
}
- public GraphNode getRoleType() {
- return new GraphNode(PERMISSION.Role,
- systemGraph);
- }
-
+ /**
+ * Provides a graph containing Role triples associated with a given user
+ *
+ * @param userName
+ * @return roles graph
+ */
private MGraph getUserRolesGraph(String userName) {
GraphNode userNode = getUser(userName);
@@ -775,7 +833,7 @@ public class UserResource {
* Creates a new user withe the specified user name
*
* @param newUserName
- * @return
+ * @return user node in system graph
*/
private GraphNode createUser(String newUserName) {
BNode subject = new BNode();
@@ -783,7 +841,7 @@ public class UserResource {
GraphNode userNode = new GraphNode(subject, systemGraph);
userNode.addProperty(RDF.type, FOAF.Agent);
userNode.addProperty(PLATFORM.userName, new PlainLiteralImpl(newUserName));
-
+ addRole(userNode, "BasePermissionsRole");
return userNode;
}
// move later?
@@ -793,6 +851,14 @@ public class UserResource {
systemGraph.removeAll(filterToArray(userResource, SIOC.has_function, null));
}
+ /**
+ * convenience - used for buffering
+ *
+ * @param subject
+ * @param predicate
+ * @param object
+ * @return
+ */
private ArrayList<Triple> filterToArray(NonLiteral subject, UriRef predicate, Resource object) {
Iterator<Triple> triples = systemGraph.filter(subject, predicate, object);
ArrayList<Triple> buffer = new ArrayList<Triple>();
@@ -808,8 +874,14 @@ public class UserResource {
return buffer;
}
+ /**
+ * Add a role to a given user in system graph
+ *
+ * @param userNode node corresponding to user
+ * @param roleName name of the role
+ * @return user node
+ */
private GraphNode addRole(GraphNode userNode, String roleName) {
- // System.out.println("ROLENAME = " + roleName);
// is this thing already around? (will be a bnode)
GraphNode roleNode = getTitleNode(roleName);
@@ -827,23 +899,16 @@ public class UserResource {
}
return userNode;
}
+
public final static String permissionsBase = "urn:x-localhost/role/";
- private GraphNode addPermission(GraphNode userNode, String permissionName) {
- // System.out.println("ROLENAME = " + roleName);
-
- // is this thing already around? (will be a bnode)
- // GraphNode permissionNode = getTitleNode(permissionName);
+ private GraphNode addPermission(GraphNode userNode, String permissionString) {
- // otherwise make a new one as a named node
- // if (permissionNode == null) {
-// UriRef permissionUriRef = new UriRef(permissionsBase + permissionName);
-// BNode permissionBNode = new BNode();
GraphNode permissionNode = new GraphNode(new BNode(), systemGraph);
permissionNode.addProperty(RDF.type, PERMISSION.Permission);
// permissionNode.addProperty(DC.title, new PlainLiteralImpl(permissionName));
userNode.addProperty(PERMISSION.hasPermission, permissionNode.getNode());
- permissionNode.addProperty(PERMISSION.javaPermissionEntry, new PlainLiteralImpl(permissionName));
+ permissionNode.addProperty(PERMISSION.javaPermissionEntry, new PlainLiteralImpl(permissionString));
return userNode;
}
@@ -955,8 +1020,6 @@ public class UserResource {
systemGraph.removeAll(oldBuffer);
}
-
-
private GraphNode getUser(@QueryParam("userName") String userName) {
return getNamedUser(userName);
}
@@ -995,4 +1058,18 @@ public class UserResource {
readLock.unlock();
}
}
+
+ /*
+ * Dumps a Turtle serialization of the system graph to System.out
+ * handy for debugging
+ */
+ private void showSystem() {
+ try {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ serializer.serialize(baos, systemGraph, SupportedFormat.TURTLE);
+ System.out.println(new String(baos.toByteArray(), "utf-8"));
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
Modified: stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/resources/META-INF/resources/static/user-management/styles/webconsole.css Sun Mar 24 17:16:36 2013
@@ -23,7 +23,7 @@ ul {
label, input { display:block; float:left }
input.text { margin-bottom:12px; width:95%; padding: .4em; }
-fieldset { padding:10px; margin-top:25px; border: 1px }
+fieldset { padding:4px; margin-top:4px; border: 1px }
legend {
padding: 0.2em 0.5em;
Modified: stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/editUser.ftl Sun Mar 24 17:16:36 2013
@@ -50,18 +50,18 @@ limitations under the License.
<fieldset id="roles-checkboxes">
</fieldset>
-
- <br/>
- <fieldset id="permission-checkboxes" class="labelCheckbox">
-
+ <fieldset id="permissions-checkboxes" class="labelCheckbox">
+ </fieldset>
+
+ <fieldset>
<div class="labelTextbox">
<label for="newPermission">Add Permission</label>
+ <br/>
<input type="text" id="newPermission" name="newPermission">
</div>
- <br/>
- <p>e.g. (org.osgi.framework.ServicePermission "*" "get")</p>
</fieldset>
+ <p>e.g. (org.osgi.framework.ServicePermission "*" "get")</p>
<!-- <button name="addPermission">Add permission</button> -->
</form>
<!--
Modified: stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/permissionsCheckboxes.ftl Sun Mar 24 17:16:36 2013
@@ -3,14 +3,15 @@
<@namespace sioc="http://rdfs.org/sioc/ns#" />
<@namespace dc="http://purl.org/dc/elements/1.1/" />
-<@ldpath path="fn:sort(^rdf:type)">
-
+<!-- @ldpath path="fn:sort(^rdf:type)" -->
+ <@ldpath path="fn:sort(sioc:has_function)">
+
<#assign permission>
<@ldpath path="permission:javaPermissionEntry :: xsd:string"/>
</#assign>
-<!-- div class="permission" --> <!-- labelCheckbox -->
+
<input class="permission" type="checkbox" id="${permission}" name="${permission}" value="${permission}" checked="checked" />
<label for="${permission}">${permission}</label>
<br/>
-
-</...@ldpath>
\ No newline at end of file
+
+</...@ldpath>
Modified: stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolesCheckboxes.ftl
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolesCheckboxes.ftl?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolesCheckboxes.ftl (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/resource/rolesCheckboxes.ftl Sun Mar 24 17:16:36 2013
@@ -1,20 +0,0 @@
-<@namespace platform="http://clerezza.org/2009/08/platform#" />
-<@namespace permission="http://clerezza.org/2008/10/permission#" />
-<@namespace sioc="http://rdfs.org/sioc/ns#" />
-<@namespace dc="http://purl.org/dc/elements/1.1/" />
-
-<@ldpath path="fn:sort(^rdf:type)">
-
-<#assign name>
-<@ldpath path="dc:title :: xsd:string"/>
-</#assign>
-
-<#if name != "BasePermissionsRole"><!-- all users have it, so hide -->
-<!-- div class="labelCheckbox role" -->
- <input class="role" type="checkbox" id="${name}" name="${name}" value="${name}" />
- <label for="${name}">${name}</label>
-
-<br />
-</#if>
-</...@ldpath>
-
Modified: stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl
URL: http://svn.apache.org/viewvc/stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl?rev=1460417&r1=1460416&r2=1460417&view=diff
==============================================================================
--- stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl (original)
+++ stanbol/trunk/commons/security/usermanagement/src/main/resources/templates/html/org/apache/stanbol/commons/usermanagement/webConsole.ftl Sun Mar 24 17:16:36 2013
@@ -49,7 +49,7 @@ limitations under the License.
<script>
$(function() {
- $.ajaxSetup({dataType:"text/html"}); // set default
+ $.ajaxSetup({dataType:"html"}); // set default
$("#tabs").tabs();
showUserList();
showRoleList();
@@ -60,7 +60,7 @@ limitations under the License.
autoOpen: false,
minHeight: 400,
autoResize:true,
- width: 350,
+ width: 500,
modal: true,
buttons: {
"Submit": function() {
@@ -208,12 +208,13 @@ limitations under the License.
$("#editUserForm").html(data);
$("#editUserForm").title = "Create User";
- $.get("/user-management/rolesCheckboxes",
- function(data){
- $("#roles-checkboxes").html(data);
- }, "text/html");
+// $.get("/user-management/rolesCheckboxes",
+// function(data){
+// $("#roles-checkboxes").html(data);
+// }, "text/html");
$("#editUserForm").dialog("open");
+
}
});
@@ -251,23 +252,21 @@ limitations under the License.
});
}
-// accepts: "text/html",
-
function editUser(userName){
- $.ajaxSetup({dataType:"text/html"});
$.ajax({
- url: '/user-management/user/'+userName,
+ url: '/user-management/users/edit/'+userName,
+ dataType: "html",
success: function(data) {
$("#editUserForm").html(data);
$("#password-label").html("<label for='password' id='password-label'>Password (leave blank to retain existing password)</label>");
- $.get("/user-management/user/"+userName+"/rolesCheckboxes",
+ $.get("/user-management/users/"+userName+"/rolesCheckboxes",
function(data){
$("#roles-checkboxes").html(data);
}, "text/html");
- $.get("/user-management/user/"+userName+"/permissionsCheckboxes",
+ $.get("/user-management/users/"+userName+"/permissionsCheckboxes",
function(data){
console.log("permissionsCheckboxes = "+data);
$("#permissions-checkboxes").html(data);