You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/07/12 08:20:21 UTC
[1/2] syncope git commit: [SYNCOPE-1152] Adaptations for reasonable
working with delegated admin
Repository: syncope
Updated Branches:
refs/heads/2_0_X 6d086d5f3 -> 26cd1d419
refs/heads/master 20596e2e0 -> f9c61fbc6
[SYNCOPE-1152] Adaptations for reasonable working with delegated admin
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/26cd1d41
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/26cd1d41
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/26cd1d41
Branch: refs/heads/2_0_X
Commit: 26cd1d4198a158e021c9290f9194b67d368e1eb0
Parents: 6d086d5
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Wed Jul 12 10:19:58 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Wed Jul 12 10:19:58 2017 +0200
----------------------------------------------------------------------
.../console/commons/ResourceStatusDataProvider.java | 10 +++++-----
.../client/console/layout/FormLayoutInfoUtils.java | 3 ++-
.../apache/syncope/client/console/panels/AnyPanel.java | 5 ++---
.../client/console/panels/GroupDirectoryPanel.java | 2 +-
.../apache/syncope/client/console/panels/Realm.java | 13 ++++++++-----
.../client/console/panels/RoleDirectoryPanel.java | 2 +-
.../syncope/client/console/widgets/NumberWidget.java | 1 +
.../syncope/common/lib/types/StandardEntitlement.java | 2 --
.../org/apache/syncope/core/logic/DynRealmLogic.java | 1 -
.../src/test/resources/domains/MasterContent.xml | 8 ++++++++
10 files changed, 28 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java b/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
index d743971..0d936a5 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
@@ -93,7 +93,7 @@ public class ResourceStatusDataProvider extends DirectoryDataProvider<StatusBean
setSort("connObjectLink", SortOrder.ASCENDING);
- this.comparator = new SortableDataProviderComparator<StatusBean>(this);
+ this.comparator = new SortableDataProviderComparator<>(this);
this.realm = realm;
this.type = type;
@@ -106,15 +106,15 @@ public class ResourceStatusDataProvider extends DirectoryDataProvider<StatusBean
}
final int page = ((int) first / paginatorRows);
- List<? extends AnyTO> result
- = restClient.search(realm, fiql, (page < 0 ? 0 : page) + 1, paginatorRows, getSort(), type);
+ List<? extends AnyTO> result =
+ restClient.search(realm, fiql, (page < 0 ? 0 : page) + 1, paginatorRows, getSort(), type);
List<StatusBean> res = CollectionUtils.collect(result, new Transformer<AnyTO, StatusBean>() {
@Override
public StatusBean transform(final AnyTO input) {
- final List<ConnObjectWrapper> connObjects
- = statusUtils.getConnectorObjects(input, Collections.singletonList(resource));
+ final List<ConnObjectWrapper> connObjects =
+ statusUtils.getConnectorObjects(input, Collections.singletonList(resource));
return statusUtils.getStatusBean(
input,
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java b/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
index 2ac6f41..2a6a191 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
@@ -23,6 +23,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
+import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -45,7 +46,7 @@ public final class FormLayoutInfoUtils {
private static final ObjectMapper MAPPER = new ObjectMapper();
public static Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> fetch(
- final List<String> anyTypes) {
+ final Collection<String> anyTypes) {
List<String> ownedRoles = SyncopeConsoleSession.get().getSelfTO().getRoles();
try {
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
index 8cffcc1..de9aa11 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
@@ -36,7 +36,6 @@ import org.apache.syncope.client.console.panels.search.SearchClausePanel;
import org.apache.syncope.client.console.panels.search.SearchUtils;
import org.apache.syncope.client.console.panels.search.UserSearchPanel;
import org.apache.syncope.client.console.rest.AnyTypeClassRestClient;
-import org.apache.syncope.client.console.rest.AnyTypeRestClient;
import org.apache.syncope.client.console.wicket.markup.html.bootstrap.tabs.Accordion;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.SyncopeConstants;
@@ -87,14 +86,14 @@ public class AnyPanel extends Panel implements ModalPanel {
public AnyPanel(
final String id,
- final String anyType,
+ final AnyTypeTO anyTypeTO,
final RealmTO realmTO,
final Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> formLayoutInfo,
final boolean enableSearch,
final PageReference pageRef) {
super(id);
- this.anyTypeTO = new AnyTypeRestClient().read(anyType);
+ this.anyTypeTO = anyTypeTO;
this.realmTO = realmTO;
this.formLayoutInfo = formLayoutInfo;
this.pageRef = pageRef;
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
index 6ea455a..d4e182e 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
@@ -100,7 +100,7 @@ public class GroupDirectoryPanel extends AnyDirectoryPanel<GroupTO, GroupRestCli
final AnyTypeTO anyTypeTO = typeRestClient.read(type);
- ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, type, null, null, false, pageRef) {
+ ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO, null, null, false, pageRef) {
private static final long serialVersionUID = 7980820232811890502L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
index 2a62ae1..fe708f8 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
@@ -24,6 +24,7 @@ import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
@@ -41,7 +42,9 @@ import org.apache.syncope.client.console.wicket.markup.html.form.ActionLink;
import org.apache.syncope.client.console.wicket.markup.html.form.ActionsPanel;
import org.apache.syncope.client.console.wizards.WizardMgtPanel;
import org.apache.syncope.client.console.wizards.any.ConnObjectPanel;
+import org.apache.syncope.common.lib.EntityTOUtils;
import org.apache.syncope.common.lib.SyncopeConstants;
+import org.apache.syncope.common.lib.to.AnyTypeTO;
import org.apache.syncope.common.lib.to.ConnObjectTO;
import org.apache.syncope.common.lib.to.PropagationStatus;
import org.apache.syncope.common.lib.to.ProvisioningResult;
@@ -67,14 +70,14 @@ public abstract class Realm extends WizardMgtPanel<RealmTO> {
private final RealmTO realmTO;
- private final List<String> anyTypes;
+ private final List<AnyTypeTO> anyTypes;
protected final RealmWizardBuilder wizardBuilder;
public Realm(final String id, final RealmTO realmTO, final PageReference pageRef, final int selectedIndex) {
super(id, true);
this.realmTO = realmTO;
- this.anyTypes = new AnyTypeRestClient().list();
+ this.anyTypes = new AnyTypeRestClient().listAnyTypes();
setPageRef(pageRef);
@@ -164,11 +167,11 @@ public abstract class Realm extends WizardMgtPanel<RealmTO> {
});
final Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> formLayoutInfo =
- FormLayoutInfoUtils.fetch(anyTypes);
+ FormLayoutInfoUtils.fetch(CollectionUtils.collect(anyTypes, EntityTOUtils.keyTransformer()));
- for (final String anyType : anyTypes) {
+ for (final AnyTypeTO anyType : anyTypes) {
tabs.add(new ITabComponent(
- new Model<>(anyType),
+ new Model<>(anyType.getKey()),
StandardEntitlement.ANYTYPE_READ, String.format("%s_SEARCH", anyType)) {
private static final long serialVersionUID = 1169585538404171118L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
index d7d8a9d..bb7d9d9 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
@@ -166,7 +166,7 @@ public class RoleDirectoryPanel extends DirectoryPanel<RoleTO, RoleWrapper, Role
final AnyTypeTO anyTypeTO = typeRestClient.read(AnyTypeKind.USER.name());
- ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO.getKey(), null, null, false, pageRef) {
+ ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO, null, null, false, pageRef) {
private static final long serialVersionUID = -7514498203393023415L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java b/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
index 0aa5d60..c7e71a7 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
@@ -63,6 +63,7 @@ public class NumberWidget extends BaseWidget {
case "totalGroups":
pageParameters.add("selectedIndex", 2);
responsePage = Realms.class;
+ isAuthorized = SyncopeConsoleSession.get().owns(StandardEntitlement.GROUP_SEARCH);
break;
case "totalAny1OrRoles":
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
----------------------------------------------------------------------
diff --git a/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java b/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
index 9657bc3..8a7fe36 100644
--- a/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
+++ b/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
@@ -86,8 +86,6 @@ public final class StandardEntitlement {
public static final String ROLE_DELETE = "ROLE_DELETE";
- public static final String DYNREALM_LIST = "DYNREALM_LIST";
-
public static final String DYNREALM_CREATE = "DYNREALM_CREATE";
public static final String DYNREALM_READ = "DYNREALM_READ";
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
index c0ab811..0b17724 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
@@ -55,7 +55,6 @@ public class DynRealmLogic extends AbstractTransactionalLogic<DynRealmTO> {
return binder.getDynRealmTO(dynRealm);
}
- @PreAuthorize("hasRole('" + StandardEntitlement.DYNREALM_LIST + "')")
public List<DynRealmTO> list() {
return CollectionUtils.collect(dynRealmDAO.findAll(), new Transformer<DynRealm, DynRealmTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/26cd1d41/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/test/resources/domains/MasterContent.xml b/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
index 717535f..1010dff 100644
--- a/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
+++ b/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
@@ -252,6 +252,10 @@ under the License.
<SyncopeRole_entitlements entitlement="USER_READ" role_id="User reviewer"/>
<SyncopeRole_entitlements entitlement="USER_LIST" role_id="User reviewer"/>
<SyncopeRole_entitlements entitlement="USER_SEARCH" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_LIST" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_READ" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_LIST" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_READ" role_id="User reviewer"/>
<SyncopeRole_Realm role_id="User reviewer" realm_id="722f3d84-9c2b-4525-8f6e-e4b82c55a36c"/>
<SyncopeRole_Realm role_id="User reviewer" realm_id="c5b75db1-fce7-470f-b780-3b9934d82a9d"/>
@@ -259,6 +263,10 @@ under the License.
<SyncopeRole_entitlements entitlement="USER_READ" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="USER_LIST" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="USER_SEARCH" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_LIST" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_READ" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_LIST" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_READ" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="WORKFLOW_FORM_CLAIM" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="WORKFLOW_FORM_SUBMIT" role_id="User manager"/>
<SyncopeRole_Realm role_id="User manager" realm_id="e4c28e7a-9dbf-4ee7-9441-93812a0d4a28"/>
[2/2] syncope git commit: [SYNCOPE-1152] Adaptations for reasonable
working with delegated admin
Posted by il...@apache.org.
[SYNCOPE-1152] Adaptations for reasonable working with delegated admin
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/f9c61fbc
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/f9c61fbc
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/f9c61fbc
Branch: refs/heads/master
Commit: f9c61fbc6d9a1760bdcc777f3427e49b9349c5b6
Parents: 20596e2
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Wed Jul 12 10:19:58 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Wed Jul 12 10:20:13 2017 +0200
----------------------------------------------------------------------
.../console/commons/ResourceStatusDataProvider.java | 10 +++++-----
.../client/console/layout/FormLayoutInfoUtils.java | 3 ++-
.../apache/syncope/client/console/panels/AnyPanel.java | 5 ++---
.../client/console/panels/GroupDirectoryPanel.java | 2 +-
.../apache/syncope/client/console/panels/Realm.java | 13 ++++++++-----
.../client/console/panels/RoleDirectoryPanel.java | 2 +-
.../syncope/client/console/widgets/NumberWidget.java | 1 +
.../syncope/common/lib/types/StandardEntitlement.java | 2 --
.../org/apache/syncope/core/logic/DynRealmLogic.java | 1 -
.../src/test/resources/domains/MasterContent.xml | 8 ++++++++
10 files changed, 28 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java b/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
index d743971..0d936a5 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/commons/ResourceStatusDataProvider.java
@@ -93,7 +93,7 @@ public class ResourceStatusDataProvider extends DirectoryDataProvider<StatusBean
setSort("connObjectLink", SortOrder.ASCENDING);
- this.comparator = new SortableDataProviderComparator<StatusBean>(this);
+ this.comparator = new SortableDataProviderComparator<>(this);
this.realm = realm;
this.type = type;
@@ -106,15 +106,15 @@ public class ResourceStatusDataProvider extends DirectoryDataProvider<StatusBean
}
final int page = ((int) first / paginatorRows);
- List<? extends AnyTO> result
- = restClient.search(realm, fiql, (page < 0 ? 0 : page) + 1, paginatorRows, getSort(), type);
+ List<? extends AnyTO> result =
+ restClient.search(realm, fiql, (page < 0 ? 0 : page) + 1, paginatorRows, getSort(), type);
List<StatusBean> res = CollectionUtils.collect(result, new Transformer<AnyTO, StatusBean>() {
@Override
public StatusBean transform(final AnyTO input) {
- final List<ConnObjectWrapper> connObjects
- = statusUtils.getConnectorObjects(input, Collections.singletonList(resource));
+ final List<ConnObjectWrapper> connObjects =
+ statusUtils.getConnectorObjects(input, Collections.singletonList(resource));
return statusUtils.getStatusBean(
input,
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java b/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
index 2ac6f41..2a6a191 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/layout/FormLayoutInfoUtils.java
@@ -23,6 +23,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
+import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -45,7 +46,7 @@ public final class FormLayoutInfoUtils {
private static final ObjectMapper MAPPER = new ObjectMapper();
public static Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> fetch(
- final List<String> anyTypes) {
+ final Collection<String> anyTypes) {
List<String> ownedRoles = SyncopeConsoleSession.get().getSelfTO().getRoles();
try {
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
index 8cffcc1..de9aa11 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/AnyPanel.java
@@ -36,7 +36,6 @@ import org.apache.syncope.client.console.panels.search.SearchClausePanel;
import org.apache.syncope.client.console.panels.search.SearchUtils;
import org.apache.syncope.client.console.panels.search.UserSearchPanel;
import org.apache.syncope.client.console.rest.AnyTypeClassRestClient;
-import org.apache.syncope.client.console.rest.AnyTypeRestClient;
import org.apache.syncope.client.console.wicket.markup.html.bootstrap.tabs.Accordion;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.SyncopeConstants;
@@ -87,14 +86,14 @@ public class AnyPanel extends Panel implements ModalPanel {
public AnyPanel(
final String id,
- final String anyType,
+ final AnyTypeTO anyTypeTO,
final RealmTO realmTO,
final Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> formLayoutInfo,
final boolean enableSearch,
final PageReference pageRef) {
super(id);
- this.anyTypeTO = new AnyTypeRestClient().read(anyType);
+ this.anyTypeTO = anyTypeTO;
this.realmTO = realmTO;
this.formLayoutInfo = formLayoutInfo;
this.pageRef = pageRef;
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
index 6ea455a..d4e182e 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/GroupDirectoryPanel.java
@@ -100,7 +100,7 @@ public class GroupDirectoryPanel extends AnyDirectoryPanel<GroupTO, GroupRestCli
final AnyTypeTO anyTypeTO = typeRestClient.read(type);
- ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, type, null, null, false, pageRef) {
+ ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO, null, null, false, pageRef) {
private static final long serialVersionUID = 7980820232811890502L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
index 2a62ae1..fe708f8 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/Realm.java
@@ -24,6 +24,7 @@ import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
@@ -41,7 +42,9 @@ import org.apache.syncope.client.console.wicket.markup.html.form.ActionLink;
import org.apache.syncope.client.console.wicket.markup.html.form.ActionsPanel;
import org.apache.syncope.client.console.wizards.WizardMgtPanel;
import org.apache.syncope.client.console.wizards.any.ConnObjectPanel;
+import org.apache.syncope.common.lib.EntityTOUtils;
import org.apache.syncope.common.lib.SyncopeConstants;
+import org.apache.syncope.common.lib.to.AnyTypeTO;
import org.apache.syncope.common.lib.to.ConnObjectTO;
import org.apache.syncope.common.lib.to.PropagationStatus;
import org.apache.syncope.common.lib.to.ProvisioningResult;
@@ -67,14 +70,14 @@ public abstract class Realm extends WizardMgtPanel<RealmTO> {
private final RealmTO realmTO;
- private final List<String> anyTypes;
+ private final List<AnyTypeTO> anyTypes;
protected final RealmWizardBuilder wizardBuilder;
public Realm(final String id, final RealmTO realmTO, final PageReference pageRef, final int selectedIndex) {
super(id, true);
this.realmTO = realmTO;
- this.anyTypes = new AnyTypeRestClient().list();
+ this.anyTypes = new AnyTypeRestClient().listAnyTypes();
setPageRef(pageRef);
@@ -164,11 +167,11 @@ public abstract class Realm extends WizardMgtPanel<RealmTO> {
});
final Triple<UserFormLayoutInfo, GroupFormLayoutInfo, Map<String, AnyObjectFormLayoutInfo>> formLayoutInfo =
- FormLayoutInfoUtils.fetch(anyTypes);
+ FormLayoutInfoUtils.fetch(CollectionUtils.collect(anyTypes, EntityTOUtils.keyTransformer()));
- for (final String anyType : anyTypes) {
+ for (final AnyTypeTO anyType : anyTypes) {
tabs.add(new ITabComponent(
- new Model<>(anyType),
+ new Model<>(anyType.getKey()),
StandardEntitlement.ANYTYPE_READ, String.format("%s_SEARCH", anyType)) {
private static final long serialVersionUID = 1169585538404171118L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
index d7d8a9d..bb7d9d9 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/panels/RoleDirectoryPanel.java
@@ -166,7 +166,7 @@ public class RoleDirectoryPanel extends DirectoryPanel<RoleTO, RoleWrapper, Role
final AnyTypeTO anyTypeTO = typeRestClient.read(AnyTypeKind.USER.name());
- ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO.getKey(), null, null, false, pageRef) {
+ ModalPanel panel = new AnyPanel(BaseModal.CONTENT_ID, anyTypeTO, null, null, false, pageRef) {
private static final long serialVersionUID = -7514498203393023415L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java b/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
index 0aa5d60..c7e71a7 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/widgets/NumberWidget.java
@@ -63,6 +63,7 @@ public class NumberWidget extends BaseWidget {
case "totalGroups":
pageParameters.add("selectedIndex", 2);
responsePage = Realms.class;
+ isAuthorized = SyncopeConsoleSession.get().owns(StandardEntitlement.GROUP_SEARCH);
break;
case "totalAny1OrRoles":
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
----------------------------------------------------------------------
diff --git a/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java b/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
index 9657bc3..8a7fe36 100644
--- a/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
+++ b/common/lib/src/main/java/org/apache/syncope/common/lib/types/StandardEntitlement.java
@@ -86,8 +86,6 @@ public final class StandardEntitlement {
public static final String ROLE_DELETE = "ROLE_DELETE";
- public static final String DYNREALM_LIST = "DYNREALM_LIST";
-
public static final String DYNREALM_CREATE = "DYNREALM_CREATE";
public static final String DYNREALM_READ = "DYNREALM_READ";
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
index c0ab811..0b17724 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/DynRealmLogic.java
@@ -55,7 +55,6 @@ public class DynRealmLogic extends AbstractTransactionalLogic<DynRealmTO> {
return binder.getDynRealmTO(dynRealm);
}
- @PreAuthorize("hasRole('" + StandardEntitlement.DYNREALM_LIST + "')")
public List<DynRealmTO> list() {
return CollectionUtils.collect(dynRealmDAO.findAll(), new Transformer<DynRealm, DynRealmTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/f9c61fbc/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/test/resources/domains/MasterContent.xml b/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
index 717535f..1010dff 100644
--- a/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
+++ b/core/persistence-jpa/src/test/resources/domains/MasterContent.xml
@@ -252,6 +252,10 @@ under the License.
<SyncopeRole_entitlements entitlement="USER_READ" role_id="User reviewer"/>
<SyncopeRole_entitlements entitlement="USER_LIST" role_id="User reviewer"/>
<SyncopeRole_entitlements entitlement="USER_SEARCH" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_LIST" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_READ" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_LIST" role_id="User reviewer"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_READ" role_id="User reviewer"/>
<SyncopeRole_Realm role_id="User reviewer" realm_id="722f3d84-9c2b-4525-8f6e-e4b82c55a36c"/>
<SyncopeRole_Realm role_id="User reviewer" realm_id="c5b75db1-fce7-470f-b780-3b9934d82a9d"/>
@@ -259,6 +263,10 @@ under the License.
<SyncopeRole_entitlements entitlement="USER_READ" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="USER_LIST" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="USER_SEARCH" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_LIST" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPE_READ" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_LIST" role_id="User manager"/>
+ <SyncopeRole_entitlements entitlement="ANYTYPECLASS_READ" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="WORKFLOW_FORM_CLAIM" role_id="User manager"/>
<SyncopeRole_entitlements entitlement="WORKFLOW_FORM_SUBMIT" role_id="User manager"/>
<SyncopeRole_Realm role_id="User manager" realm_id="e4c28e7a-9dbf-4ee7-9441-93812a0d4a28"/>