You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/08/08 14:50:10 UTC
syncope git commit: [SYNCOPE-1143] Cleaner handling for
less-privileged delegated admins
Repository: syncope
Updated Branches:
refs/heads/2_0_X 0b5da3865 -> bec5e2bb9
[SYNCOPE-1143] Cleaner handling for less-privileged delegated admins
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/bec5e2bb
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/bec5e2bb
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/bec5e2bb
Branch: refs/heads/2_0_X
Commit: bec5e2bb9b9780e58b7798bc8a86ae62e0caad29
Parents: 0b5da38
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Tue Aug 8 16:49:42 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Tue Aug 8 16:50:05 2017 +0200
----------------------------------------------------------------------
.../panels/ProvisionAuxClassesPanel.java | 33 ++++++++++------
.../console/panels/SubmitableModalPanel.java | 4 +-
.../console/topology/TopologyTogglePanel.java | 40 +++++++-------------
.../client/console/wizards/WizardMgtPanel.java | 4 +-
.../resources/ConnectorDetailsPanel.java | 2 +-
.../wizards/resources/ResourceMappingPanel.java | 25 ++++++++++--
.../resources/ResourceProvisionPanel.java | 15 ++++----
7 files changed, 71 insertions(+), 52 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/panels/ProvisionAuxClassesPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/ProvisionAuxClassesPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/ProvisionAuxClassesPanel.java
index 574939a..0ce0ab2 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/ProvisionAuxClassesPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/ProvisionAuxClassesPanel.java
@@ -31,18 +31,22 @@ import org.apache.wicket.markup.html.panel.Panel;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.PropertyModel;
import org.apache.wicket.model.util.ListModel;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class ProvisionAuxClassesPanel extends Panel {
private static final long serialVersionUID = -3962956154520358784L;
- private final ProvisionTO provisionTO;
+ private static final Logger LOG = LoggerFactory.getLogger(ProvisionAuxClassesPanel.class);
- public ProvisionAuxClassesPanel(final String id, final ProvisionTO provisionTO) {
+ private final ProvisionTO provision;
+
+ public ProvisionAuxClassesPanel(final String id, final ProvisionTO provision) {
super(id);
setOutputMarkupId(true);
- this.provisionTO = provisionTO;
+ this.provision = provision;
}
@Override
@@ -51,17 +55,24 @@ public class ProvisionAuxClassesPanel extends Panel {
IModel<List<String>> model;
List<String> choices;
- if (provisionTO == null) {
+ if (provision == null) {
model = new ListModel<>(Collections.<String>emptyList());
choices = Collections.emptyList();
} else {
- model = new PropertyModel<>(provisionTO, "auxClasses");
-
- AnyTypeTO anyType = new AnyTypeRestClient().read(provisionTO.getAnyType());
+ model = new PropertyModel<>(provision, "auxClasses");
choices = new ArrayList<>();
- for (AnyTypeClassTO aux : new AnyTypeClassRestClient().list()) {
- if (!anyType.getClasses().contains(aux.getKey())) {
- choices.add(aux.getKey());
+
+ AnyTypeTO anyType = null;
+ try {
+ anyType = new AnyTypeRestClient().read(provision.getAnyType());
+ } catch (Exception e) {
+ LOG.error("Could not read AnyType {}", provision.getAnyType(), e);
+ }
+ if (anyType != null) {
+ for (AnyTypeClassTO aux : new AnyTypeClassRestClient().list()) {
+ if (!anyType.getClasses().contains(aux.getKey())) {
+ choices.add(aux.getKey());
+ }
}
}
}
@@ -69,7 +80,7 @@ public class ProvisionAuxClassesPanel extends Panel {
new AjaxPalettePanel.Builder<String>().build("auxClasses", model, new ListModel<>(choices)).
hideLabel().
setOutputMarkupId(true).
- setEnabled(provisionTO != null));
+ setEnabled(provision != null));
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/panels/SubmitableModalPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/SubmitableModalPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/SubmitableModalPanel.java
index a7ce5dd..e3f2b17 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/SubmitableModalPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/SubmitableModalPanel.java
@@ -23,7 +23,7 @@ import org.apache.wicket.markup.html.form.Form;
public interface SubmitableModalPanel extends ModalPanel {
- void onSubmit(final AjaxRequestTarget target, final Form<?> form);
+ void onSubmit(AjaxRequestTarget target, Form<?> form);
- void onError(final AjaxRequestTarget target, final Form<?> form);
+ void onError(AjaxRequestTarget target, Form<?> form);
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyTogglePanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyTogglePanel.java b/client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyTogglePanel.java
index df1e273..8b6b1a5 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyTogglePanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyTogglePanel.java
@@ -106,7 +106,9 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
provisionModal = new BaseModal<>("outer");
provisionModal.size(Modal.Size.Large);
- provisionModal.addSubmitButton();
+ if (SyncopeConsoleSession.get().owns(StandardEntitlement.RESOURCE_UPDATE)) {
+ provisionModal.addSubmitButton();
+ }
addOuterObject(provisionModal);
historyModal = new BaseModal<>("outer");
@@ -227,10 +229,6 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
build(BaseModal.CONTENT_ID, AjaxWizard.Mode.CREATE)));
modal.header(new Model<>(MessageFormat.format(getString("connector.new"), node.getKey())));
-
- MetaDataRoleAuthorizationStrategy.
- authorize(modal.getForm(), RENDER, StandardEntitlement.CONNECTOR_CREATE);
-
modal.show(true);
}
@@ -288,10 +286,6 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
build(BaseModal.CONTENT_ID, AjaxWizard.Mode.CREATE)));
modal.header(new Model<>(MessageFormat.format(getString("resource.new"), node.getKey())));
-
- MetaDataRoleAuthorizationStrategy.
- authorize(modal.getForm(), RENDER, StandardEntitlement.RESOURCE_CREATE);
-
modal.show(true);
}
@@ -316,14 +310,13 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
modal.setFormModel(model);
target.add(modal.setContent(new ConnectorWizardBuilder(modelObject, pageRef).
- build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT)));
+ build(BaseModal.CONTENT_ID,
+ SyncopeConsoleSession.get().owns(StandardEntitlement.CONNECTOR_UPDATE)
+ ? AjaxWizard.Mode.EDIT
+ : AjaxWizard.Mode.READONLY)));
modal.header(
new Model<>(MessageFormat.format(getString("connector.edit"), modelObject.getDisplayName())));
-
- MetaDataRoleAuthorizationStrategy.
- authorize(modal.getForm(), RENDER, StandardEntitlement.CONNECTOR_UPDATE);
-
modal.show(true);
}
@@ -333,7 +326,7 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
}
};
- MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.CONNECTOR_UPDATE);
+ MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.CONNECTOR_READ);
fragment.add(edit);
AjaxLink<String> history = new IndicatingAjaxLink<String>("history") {
@@ -402,13 +395,12 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
modal.setFormModel(model);
target.add(modal.setContent(new ResourceWizardBuilder(modelObject, pageRef).
- build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT)));
+ build(BaseModal.CONTENT_ID,
+ SyncopeConsoleSession.get().owns(StandardEntitlement.RESOURCE_UPDATE)
+ ? AjaxWizard.Mode.EDIT
+ : AjaxWizard.Mode.READONLY)));
modal.header(new Model<>(MessageFormat.format(getString("resource.edit"), node.getKey())));
-
- MetaDataRoleAuthorizationStrategy.authorize(
- modal.getForm(), RENDER, StandardEntitlement.RESOURCE_UPDATE);
-
modal.show(true);
}
@@ -418,7 +410,7 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
}
};
- MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.RESOURCE_UPDATE);
+ MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.RESOURCE_READ);
fragment.add(edit);
AjaxLink<String> status = new IndicatingAjaxLink<String>("status") {
@@ -458,10 +450,6 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
target.add(provisionModal.setContent(new ResourceProvisionPanel(provisionModal, resource, pageRef)));
provisionModal.header(new Model<>(MessageFormat.format(getString("resource.edit"), node.getKey())));
-
- MetaDataRoleAuthorizationStrategy.
- authorize(provisionModal.getForm(), RENDER, StandardEntitlement.RESOURCE_UPDATE);
-
provisionModal.show(true);
}
@@ -471,7 +459,7 @@ public class TopologyTogglePanel extends TogglePanel<Serializable> {
}
};
- MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.RESOURCE_UPDATE);
+ MetaDataRoleAuthorizationStrategy.authorize(edit, RENDER, StandardEntitlement.RESOURCE_READ);
fragment.add(provision);
AjaxLink<String> explore = new IndicatingAjaxLink<String>("explore") {
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java
index 509dd92..7f52dd1 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java
@@ -296,7 +296,7 @@ public abstract class WizardMgtPanel<T extends Serializable> extends Panel imple
public MarkupContainer addInnerObject(final Component... childs) {
return initialFragment.add(childs);
}
-
+
/**
* Add or replace object inside the main container.
*
@@ -402,7 +402,7 @@ public abstract class WizardMgtPanel<T extends Serializable> extends Panel imple
*/
public abstract static class Builder<T extends Serializable> implements Serializable {
- private static final long serialVersionUID = 1L;
+ private static final long serialVersionUID = 1908836274665387084L;
protected final PageReference pageRef;
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ConnectorDetailsPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ConnectorDetailsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ConnectorDetailsPanel.java
index 43d4d85..80a7a85 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ConnectorDetailsPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ConnectorDetailsPanel.java
@@ -113,7 +113,7 @@ public class ConnectorDetailsPanel extends WizardStep {
new PropertyModel<String>(connInstanceTO, "bundleName"), false);
((DropDownChoice<String>) bundleName.getField()).setNullValid(true);
- List<String> bundleNames = new ArrayList<String>();
+ List<String> bundleNames = new ArrayList<>();
for (ConnBundleTO bundle : bundles) {
if (!bundleNames.contains(bundle.getBundleName())) {
bundleNames.add(bundle.getBundleName());
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceMappingPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceMappingPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceMappingPanel.java
index 853873e..02ae10f 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceMappingPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceMappingPanel.java
@@ -36,6 +36,8 @@ import org.apache.syncope.common.lib.types.MappingPurpose;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.LoadableDetachableModel;
import org.apache.wicket.model.util.ListModel;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* Resource mapping panel.
@@ -44,6 +46,8 @@ public class ResourceMappingPanel extends AbstractMappingPanel {
private static final long serialVersionUID = -7982691107029848579L;
+ private static final Logger LOG = LoggerFactory.getLogger(ResourceMappingPanel.class);
+
/**
* External resource provisioning configuration instance to be updated.
*/
@@ -120,12 +124,27 @@ public class ResourceMappingPanel extends AbstractMappingPanel {
choices.add("name");
choices.add("fullpath");
} else {
- AnyTypeTO anyTypeTO = anyTypeRestClient.read(provision.getAnyType());
+ AnyTypeTO anyType = null;
+ try {
+ anyType = anyTypeRestClient.read(provision.getAnyType());
+ } catch (Exception e) {
+ LOG.error("Could not read AnyType {}", provision.getAnyType(), e);
+ }
List<AnyTypeClassTO> anyTypeClassTOs = new ArrayList<>();
- anyTypeClassTOs.addAll(anyTypeClassRestClient.list(anyTypeTO.getClasses()));
+ if (anyType != null) {
+ try {
+ anyTypeClassTOs.addAll(anyTypeClassRestClient.list(anyType.getClasses()));
+ } catch (Exception e) {
+ LOG.error("Could not read AnyType classes for {}", anyType.getClasses(), e);
+ }
+ }
for (String auxClass : provision.getAuxClasses()) {
- anyTypeClassTOs.add(anyTypeClassRestClient.read(auxClass));
+ try {
+ anyTypeClassTOs.add(anyTypeClassRestClient.read(auxClass));
+ } catch (Exception e) {
+ LOG.error("Could not read AnyTypeClass for {}", auxClass, e);
+ }
}
switch (provision.getAnyType()) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/bec5e2bb/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceProvisionPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceProvisionPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceProvisionPanel.java
index dfdac8a..ceab536 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceProvisionPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/resources/ResourceProvisionPanel.java
@@ -168,7 +168,7 @@ public class ResourceProvisionPanel extends AbstractModalPanel<Serializable> {
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}
- }, ActionLink.ActionType.MAPPING, StandardEntitlement.RESOURCE_UPDATE).
+ }, ActionLink.ActionType.MAPPING, StandardEntitlement.RESOURCE_READ).
addAction(new ActionLink<ResourceProvision>() {
private static final long serialVersionUID = -7780999687733432439L;
@@ -225,6 +225,7 @@ public class ResourceProvisionPanel extends AbstractModalPanel<Serializable> {
builder.addNewItemPanelBuilder(wizard);
list = builder.build("provision");
+ list.setReadOnly(!SyncopeConsoleSession.get().owns(StandardEntitlement.RESOURCE_UPDATE));
addAjaxLink = new AjaxLink<ResourceProvision>("add") {
@@ -243,14 +244,12 @@ public class ResourceProvisionPanel extends AbstractModalPanel<Serializable> {
// toggle panel, used to choose 'type' before starting wizard - SYNCOPE-1167
final ResourceProvision provision = new ResourceProvision();
provision.setAnyType("");
- objectTypeTogglePanel =
- new ObjectTypeTogglePanel("objectTypeToggle", provision, getAnyTypes(), pageRef) {
+ objectTypeTogglePanel = new ObjectTypeTogglePanel("objectTypeToggle", provision, getAnyTypes(), pageRef) {
private static final long serialVersionUID = 7878063325027015067L;
@Override
protected void onSubmit(final String type, final AjaxRequestTarget target) {
-
provision.setAnyType(type);
send(list, Broadcast.BREADTH,
@@ -348,8 +347,10 @@ public class ResourceProvisionPanel extends AbstractModalPanel<Serializable> {
}
private void checkAddButton() {
- boolean test = !getAnyTypes().getObject().isEmpty();
- addAjaxLink.setVisible(test);
- objectTypeTogglePanel.setEnabled(test);
+ boolean enabled =
+ SyncopeConsoleSession.get().owns(StandardEntitlement.RESOURCE_UPDATE)
+ && !getAnyTypes().getObject().isEmpty();
+ addAjaxLink.setVisible(enabled);
+ objectTypeTogglePanel.setEnabled(enabled);
}
}