This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new 576f61c [OPENMEETINGS-2546] additional types of admins are added
new 573ee52 Merge branch 'master' of github.com:apache/openmeetings
576f61c is described below
commit 576f61c91bc784d18b0043ea0d31ad9d0373bef3
Author: Maxim Solodovnik <solomax...@gmail.com>
AuthorDate: Wed Mar 24 19:20:43 2021 +0700
[OPENMEETINGS-2546] additional types of admins are added
---
.../apache/openmeetings/db/entity/user/User.java | 37 ++++++++++++++++++----
.../openmeetings/web/admin/backup/BackupPanel.java | 2 ++
.../web/admin/configurations/ConfigsPanel.java | 2 ++
.../web/admin/connection/ConnectionsPanel.java | 2 ++
.../openmeetings/web/admin/labels/LangPanel.java | 2 ++
.../openmeetings/web/admin/users/UserForm.java | 8 +----
.../apache/openmeetings/web/common/MainPanel.java | 27 ++++++++++++----
.../web/util/RestrictiveChoiceProvider.java | 4 ---
8 files changed, 60 insertions(+), 24 deletions(-)
diff --git
a/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java
b/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java
index d93f90f..fb9cb98 100644
---
a/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java
+++
b/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/user/User.java
@@ -34,6 +34,8 @@ import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.StringJoiner;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
import javax.persistence.Basic;
import javax.persistence.CascadeType;
@@ -135,12 +137,35 @@ public class User extends HistoricalEntity {
@XmlType(namespace="org.apache.openmeetings.user.right")
public enum Right {
- ADMIN // access to Admin module
- , GROUP_ADMIN // partial access to Admin module (should not
be directly assigned)
- , ROOM // enter the room
- , DASHBOARD // access the dashboard
- , LOGIN // login to Om internal DB
- , SOAP // use rest/soap calls
+ ADMIN(false) // access to Admin module
+ , GROUP_ADMIN(false) // partial access to Admin module
(should not be directly assigned)
+ , ADMIN_CONFIG(false)
+ , ADMIN_CONNECTIONS(false)
+ , ADMIN_BACKUP(false)
+ , ADMIN_LABEL(false)
+ , ROOM(true) // enter the room
+ , DASHBOARD(true) // access the dashboard
+ , LOGIN(true) // login to Om internal DB
+ , SOAP(false); // use rest/soap calls
+
+ private final boolean groupAdminAllowed;
+
+ private Right(boolean groupAdminAllowed) {
+ this.groupAdminAllowed = groupAdminAllowed;
+ }
+
+ public boolean isGroupAdminAllowed() {
+ return groupAdminAllowed;
+ }
+
+ public static List<Right> getAllowed(boolean groupAdmin) {
+ Stream<Right> stream = Stream.of(Right.values())
+ .filter(r -> Right.GROUP_ADMIN != r);
+ if (groupAdmin) {
+ stream =
stream.filter(Right::isGroupAdminAllowed);
+ }
+ return stream.collect(Collectors.toList());
+ }
}
@XmlType(namespace="org.apache.openmeetings.user.type")
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/backup/BackupPanel.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/backup/BackupPanel.java
index 305f4a4..06c939f 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/backup/BackupPanel.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/backup/BackupPanel.java
@@ -41,6 +41,7 @@ import
org.apache.openmeetings.web.util.upload.BootstrapFileUploadBehavior;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.AjaxFormSubmitBehavior;
+import
org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.core.request.handler.IPartialPageRequestHandler;
import org.apache.wicket.extensions.ajax.AjaxDownloadBehavior;
import org.apache.wicket.markup.html.WebMarkupContainer;
@@ -70,6 +71,7 @@ import
de.agilecoders.wicket.core.markup.html.bootstrap.utilities.BackgroundColo
* @author swagner
*
*/
+@AuthorizeInstantiation({"ADMIN", "ADMIN_BACKUP"})
public class BackupPanel extends AdminBasePanel {
private static final Logger log =
LoggerFactory.getLogger(BackupPanel.class);
private static final long serialVersionUID = 1L;
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/configurations/ConfigsPanel.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/configurations/ConfigsPanel.java
index f010a1c..1c50a1e 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/configurations/ConfigsPanel.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/configurations/ConfigsPanel.java
@@ -31,6 +31,7 @@ import
org.apache.openmeetings.web.data.SearchableDataProvider;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.ajax.AjaxEventBehavior;
import org.apache.wicket.ajax.AjaxRequestTarget;
+import
org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.repeater.Item;
@@ -42,6 +43,7 @@ import org.apache.wicket.spring.injection.annot.SpringBean;
* @author swagner
*
*/
+@AuthorizeInstantiation({"ADMIN", "ADMIN_CONFIG"})
public class ConfigsPanel extends AdminBasePanel {
private static final long serialVersionUID = 1L;
private ConfigForm form;
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/connection/ConnectionsPanel.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/connection/ConnectionsPanel.java
index f2bad46..0c933c2 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/connection/ConnectionsPanel.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/connection/ConnectionsPanel.java
@@ -42,6 +42,7 @@ import
org.apache.openmeetings.web.data.SearchableDataProvider;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.ajax.AjaxEventBehavior;
import org.apache.wicket.ajax.AjaxRequestTarget;
+import
org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.repeater.Item;
@@ -52,6 +53,7 @@ import org.apache.wicket.spring.injection.annot.SpringBean;
import
de.agilecoders.wicket.core.markup.html.bootstrap.button.BootstrapAjaxLink;
import de.agilecoders.wicket.core.markup.html.bootstrap.button.Buttons;
+@AuthorizeInstantiation({"ADMIN", "ADMIN_CONNECTIONS"})
public class ConnectionsPanel extends AdminBasePanel {
private static final long serialVersionUID = 1L;
@SpringBean
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/labels/LangPanel.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/labels/LangPanel.java
index 0a5774e..05219d3 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/labels/LangPanel.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/labels/LangPanel.java
@@ -46,6 +46,7 @@ import org.apache.wicket.ajax.AjaxEventBehavior;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.AjaxFormSubmitBehavior;
import org.apache.wicket.ajax.markup.html.AjaxLink;
+import
org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.extensions.ajax.AjaxDownloadBehavior;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.basic.Label;
@@ -72,6 +73,7 @@ import
de.agilecoders.wicket.extensions.markup.html.bootstrap.icon.FontAwesome5I
* @author solomax, swagner
*
*/
+@AuthorizeInstantiation({"ADMIN", "ADMIN_LABEL"})
public class LangPanel extends AdminBasePanel {
private static final long serialVersionUID = 1L;
private static final Logger log =
LoggerFactory.getLogger(LangPanel.class);
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/users/UserForm.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/users/UserForm.java
index 7119198..b60059c 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/users/UserForm.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/admin/users/UserForm.java
@@ -154,13 +154,7 @@ public class UserForm extends AdminBaseForm<User> {
@Override
public void query(String term, int page,
Response<Right> response) {
boolean isGroupAdmin =
hasGroupAdminLevel(getRights());
- for (Right r : Right.values()) {
- if (Right.GROUP_ADMIN == r) {
- continue;
- }
- if (isGroupAdmin && (Right.ADMIN == r
|| Right.SOAP == r)) {
- continue;
- }
+ for (Right r : Right.getAllowed(isGroupAdmin)) {
if (Strings.isEmpty(term) ||
r.name().contains(term)) {
response.add(r);
}
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/common/MainPanel.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/common/MainPanel.java
index 7020e06..f1382fe 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/common/MainPanel.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/common/MainPanel.java
@@ -319,22 +319,35 @@ public class MainPanel extends Panel {
}
createSettingsMenu(mmenu);
Set<Right> r = WebSession.getRights();
- boolean isAdmin = hasAdminLevel(r);
- if (isAdmin || hasGroupAdminLevel(r)) {
+ if (r.stream().anyMatch(right ->
right.name().contains("ADMIN"))) {
+ boolean isAdmin = hasAdminLevel(r);
+ boolean isGrpAdmin = hasGroupAdminLevel(r);
// Administration Menu Points
List<INavbarComponent> l = new ArrayList<>();
- l.add(getSubItem("125", "1454",
MenuActions.ADMIN_USER));
- if (isAdmin) {
+ if (isAdmin || isGrpAdmin) {
+ l.add(getSubItem("125", "1454",
MenuActions.ADMIN_USER));
+ }
+ if (isAdmin || r.contains(Right.ADMIN_CONNECTIONS)) {
l.add(getSubItem("597", "1455",
MenuActions.ADMIN_CONNECTION));
}
- l.add(getSubItem("126", "1456",
MenuActions.ADMIN_GROUP));
- l.add(getSubItem("186", "1457",
MenuActions.ADMIN_ROOM));
- if (isAdmin) {
+ if (isAdmin || isGrpAdmin) {
+ l.add(getSubItem("126", "1456",
MenuActions.ADMIN_GROUP));
+ l.add(getSubItem("186", "1457",
MenuActions.ADMIN_ROOM));
+ }
+ if (isAdmin || r.contains(Right.ADMIN_CONFIG)) {
l.add(getSubItem("263", "1458",
MenuActions.ADMIN_CONFIG));
+ }
+ if (isAdmin || r.contains(Right.ADMIN_LABEL)) {
l.add(getSubItem("348", "1459",
MenuActions.ADMIN_LABEL));
+ }
+ if (isAdmin) {
l.add(getSubItem("1103", "1454",
MenuActions.ADMIN_LDAP));
l.add(getSubItem("1571", "1572",
MenuActions.ADMIN_OAUTH));
+ }
+ if (isAdmin || r.contains(Right.ADMIN_BACKUP)) {
l.add(getSubItem("367", "1461",
MenuActions.ADMIN_BACKUP));
+ }
+ if (isAdmin) {
l.add(getSubItem("main.menu.admin.email",
"main.menu.admin.email.desc", MenuActions.ADMIN_EMAIL));
}
mmenu.add(new OmMenuItem(getString("6"), l));
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/util/RestrictiveChoiceProvider.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/util/RestrictiveChoiceProvider.java
index e5c9695..16af623 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/util/RestrictiveChoiceProvider.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/util/RestrictiveChoiceProvider.java
@@ -52,8 +52,4 @@ public abstract class RestrictiveChoiceProvider<T> extends
ChoiceProvider<T> {
}
return c;
}
-
- @Override
- public void detach() {
- }
}
