taylor 2002/11/08 14:12:22
Modified: webapp/WEB-INF/conf JetspeedSecurity.properties admin.xreg
webapp/WEB-INF/psml/user/admin/html default.psml
webapp/WEB-INF/templates/vm/portlets/html user-browser.vm
Added: src/java/org/apache/jetspeed/modules/actions/portlets/security
UserGroupUpdateAction.java
webapp/WEB-INF/templates/vm/portlets/html user-group-form.vm
Log:
User-Group management for Admin contributed by Scott Weaver
Revision Changes Path
1.1
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserGroupUpdateAction.java
Index: UserGroupUpdateAction.java
===================================================================
/* ====================================================================
* The Apache Software License, Version 1.1
*
* Copyright (c) 2000-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution,
* if any, must include the following acknowledgment:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowledgment may appear in the software itself,
* if and wherever such third-party acknowledgments normally appear.
*
* 4. The names "Apache" and "Apache Software Foundation" and
* "Apache Jetspeed" must not be used to endorse or promote products
* derived from this software without prior written permission. For
* written permission, please contact [EMAIL PROTECTED]
*
* 5. Products derived from this software may not be called "Apache" or
* "Apache Jetspeed", nor may "Apache" appear in their name, without
* prior written permission of the Apache Software Foundation.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/
package org.apache.jetspeed.modules.actions.portlets.security;
// java util
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.jetspeed.modules.actions.portlets.VelocityPortletAction;
import org.apache.jetspeed.modules.actions.portlets.security.SecurityConstants;
import org.apache.jetspeed.om.security.Group;
import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.jetspeed.om.security.Role;
import org.apache.jetspeed.portal.portlets.VelocityPortlet;
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.services.resources.JetspeedResources;
import org.apache.turbine.util.DynamicURI;
import org.apache.turbine.util.Log;
import org.apache.turbine.util.RunData;
import org.apache.turbine.util.StringUtils;
import org.apache.velocity.context.Context;
/**
* This action sets up the template context for editing security roles in the
Turbine database
* for a given user.
*
* @author <a href="mailto:taylor@;apache.org">David Sean Taylor</a>
* @version $Id: UserGroupUpdateAction.java,v 1.1 2002/11/08 22:12:21 taylor Exp $
*/
public class UserGroupUpdateAction extends VelocityPortletAction
{
/**
* Build the maximized state content for this portlet. (Same as normal state).
*
* @param portlet The velocity-based portlet that is being built.
* @param context The velocity context for this request.
* @param rundata The turbine rundata context for this request.
*/
protected void buildMaximizedContext( VelocityPortlet portlet,
Context context,
RunData rundata )
{
buildNormalContext( portlet, context, rundata);
}
/**
* Build the configure state content for this portlet.
* TODO: we could configure this portlet with configurable skins, etc..
*
* @param portlet The velocity-based portlet that is being built.
* @param context The velocity context for this request.
* @param rundata The turbine rundata context for this request.
*/
protected void buildConfigureContext( VelocityPortlet portlet,
Context context,
RunData rundata )
{
buildNormalContext( portlet, context, rundata);
}
/**
* Build the normal state content for this portlet.
*
* @param portlet The velocity-based portlet that is being built.
* @param context The velocity context for this request.
* @param rundata The turbine rundata context for this request.
*/
protected void buildNormalContext( VelocityPortlet portlet,
Context context,
RunData rundata )
{
try
{
Group group = null;
/*
* Grab the mode for the user form.
*/
String mode =
rundata.getParameters().getString(SecurityConstants.PARAM_MODE);
//
// check to see if we are adding a role for a single user
//
String entityid =
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
if (entityid == null || entityid.trim().length() == 0)
{
return;
}
buildUserGroupsContext(portlet, context, rundata, entityid);
//
// if there was an error, display the message
//
String msgid =
rundata.getParameters().getString(SecurityConstants.PARAM_MSGID);
if (msgid != null)
{
int id = Integer.parseInt(msgid);
if (id < SecurityConstants.MESSAGES.length)
context.put(SecurityConstants.PARAM_MSG,
SecurityConstants.MESSAGES[id]);
}
}
catch (Exception e)
{
Log.error(e);
rundata.setMessage("Error in Jetspeed User Group Security: " +
e.toString());
rundata.setStackTrace(StringUtils.stackTrace(e), e);
rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
}
}
/**
* Database Update Action for Security Roles. Performs updates into security
database.
*
* @param rundata The turbine rundata context for this request.
* @param context The velocity context for this request.
*/
public void doUpdate(RunData rundata, Context context)
throws Exception
{
String entityid =
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID);
if (entityid == null || entityid.trim().length() == 0)
{
Log.error("UserGroupBrowser: Failed to get entity: " + entityid );
DynamicURI duri = new DynamicURI (rundata);
duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm");
duri.addPathInfo(SecurityConstants.PARAM_MSGID,
SecurityConstants.MID_MISSING_PARAMETER);
rundata.setRedirectURI(duri.toString());
return;
}
JetspeedUser user = JetspeedSecurity.getUser(entityid);
if (null == user)
{
Log.error("UserGroupBrowser: Failed to get user: " + entityid );
DynamicURI duri = new DynamicURI (rundata);
duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm");
duri.addPathInfo(SecurityConstants.PARAM_MSGID,
SecurityConstants.MID_MISSING_PARAMETER);
rundata.setRedirectURI(duri.toString());
return;
}
try
{
List groups =
(List)rundata.getUser().getTemp(SecurityConstants.CONTEXT_GROUPS);
List selected =
(List)rundata.getUser().getTemp(SecurityConstants.CONTEXT_SELECTED);
if (groups == null || selected == null)
{
DynamicURI duri = new DynamicURI (rundata);
duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm");
duri.addPathInfo(SecurityConstants.PARAM_MSGID,
SecurityConstants.MID_MISSING_PARAMETER);
rundata.setRedirectURI(duri.toString());
return;
}
//
// walk thru all the roles, see if anything changed
// if changed, update the database
//
for (int ix = 0; ix < groups.size(); ix++)
{
boolean newValue = rundata.getParameters().getBoolean("box_" +
((Group)groups.get(ix)).getName(), false);
boolean oldValue = ((Boolean)selected.get(ix + 1)).booleanValue();
if (newValue != oldValue)
{
if (newValue == true)
{
// grant a role to a user
JetspeedSecurity.joinGroup( user.getUserName(),
((Group)groups.get(ix)).getName() );
}
else
{
// revoke a role from a user
JetspeedSecurity.unjoinGroup( user.getUserName(),
((Group)groups.get(ix)).getName() );
}
}
}
// clear the temp values
rundata.getUser().setTemp(SecurityConstants.CONTEXT_GROUPS, null);
rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, null);
}
catch (Exception e)
{
// log the error msg
Log.error("Failed update role+permission: " + e);
//
// error on update - display error message
//
DynamicURI duri = new DynamicURI (rundata);
duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm");
duri.addPathInfo(SecurityConstants.PARAM_MSGID,
SecurityConstants.MID_UPDATE_FAILED);
if (user != null)
duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID,
user.getUserName());
rundata.setRedirectURI(duri.toString());
}
}
/**
* Build the context for a role browser for a specific user.
*
* @param portlet The velocity-based portlet that is being built.
* @param context The velocity context for this request.
* @param rundata The turbine rundata context for this request.
* @param userid The userid of the user that we are building a role context for.
*/
private void buildUserGroupsContext(VelocityPortlet portlet,
Context context,
RunData rundata,
String userid)
throws Exception
{
// get the user object
JetspeedUser user = JetspeedSecurity.getUser(userid);
if (null == user)
{
// no User found
Log.error("UserGroupBrowser: Failed to get user: " + userid );
return;
}
// get master list of roles
Iterator groups = JetspeedSecurity.getGroups();
ArrayList masterGroups = new ArrayList();
ArrayList selected = new ArrayList();
int ix = 0;
boolean sel = false;
selected.add(ix, new Boolean(sel));
while(groups.hasNext())
{
Group group = (Group)groups.next();
masterGroups.add(group);
sel = JetspeedSecurity.inGroup(user.getUserName(), group.getName());
ix = ix + 1;
selected.add(ix, new Boolean(sel));
}
masterGroups.trimToSize();
selected.trimToSize();
rundata.getUser().setTemp(SecurityConstants.CONTEXT_GROUPS, masterGroups);
rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, selected);
context.put(SecurityConstants.CONTEXT_USER, user);
context.put(SecurityConstants.CONTEXT_GROUPS, masterGroups);
context.put(SecurityConstants.CONTEXT_SELECTED, selected);
}
}
1.40 +0 -0 jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties
Index: JetspeedSecurity.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
1.25 +13 -0 jakarta-jetspeed/webapp/WEB-INF/conf/admin.xreg
Index: admin.xreg
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/admin.xreg,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- admin.xreg 30 Oct 2002 15:55:50 -0000 1.24
+++ admin.xreg 8 Nov 2002 22:12:21 -0000 1.25
@@ -350,6 +350,19 @@
<category>admin.security</category>
</portlet-entry>
+ <portlet-entry name="UserGroupForm" hidden="false" type="ref"
parent="CustomizerVelocity" application="false">
+ <security role="admin"/>
+ <security-ref parent="admin-only"/>
+ <parameter name="template" value="user-group-form" />
+ <parameter name="action" value="portlets.security.UserGroupUpdateAction" />
+ <meta-info>
+ <title>User Groups</title>
+ <description>User Group Form for Jetspeed Security Management</description>
+ </meta-info>
+ <media-type ref="html"/>
+ <category group="Jetspeed">admin.security</category>
+ </portlet-entry>
+
<portlet-entry type="ref" parent="CustomizerVelocity" name="RolePermissionForm">
<security role="admin"/>
<security-ref parent="admin-only"/>
1.15 +4 -0
jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- default.psml 30 Oct 2002 15:55:51 -0000 1.14
+++ default.psml 8 Nov 2002 22:12:21 -0000 1.15
@@ -38,6 +38,9 @@
<entry id='330' parent="UserRoleForm">
<parameter name="_menustate" value="closed"/>
</entry>
+ <entry id="999" parent="UserGroupForm">
+ <parameter name="_menustate" value="closed"/>
+ </entry>
<entry id='331' parent="RolePermissionForm">
<parameter name="_menustate" value="closed"/>
</entry>
@@ -45,6 +48,7 @@
<parameter name="_menustate" value="closed"/>
</entry>
<entry id='344' parent="SecurityBrowser" />
+
</portlets>
<portlets id='303'>
<controller name="CardPortletController">
1.7 +2 -1
jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm
Index: user-browser.vm
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- user-browser.vm 11 Oct 2002 20:07:17 -0000 1.6
+++ user-browser.vm 8 Nov 2002 22:12:22 -0000 1.7
@@ -41,6 +41,7 @@
<td>
<a
href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","update")">Edit</a>
<a
href="$jslink.getPaneByName("UserRoleForm").addPathInfo("entityid",$user.UserName)">Roles</a>
+ <a
href="$jslink.getPaneByName("UserGroupForm").addPathInfo("entityid",$user.UserName)">Groups</a>
<a
href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","delete")">Remove</a>
</td>
</tr>
1.1
jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-group-form.vm
Index: user-group-form.vm
===================================================================
#**
@author <a href="mailto:sweaver@;rippe.com">Scott Weaver</a>
*#
<h3>Groups for $user.FirstName $user.LastName<h3>
#set ( $headings = ["Group Name", "Assign"] )
<form method="post"
action="$jslink.getPaneByName("UserBrowser").addPathInfo($jslink.ActionKey,"portlets.security.UserGroupUpdateAction")">
<table>
<tr>
<td>
<table border="true" cellspacing="1" cellpadding="3">
<tr>
#foreach ($heading in $headings)
#headerCell ($heading)
#end
</tr>
#foreach ($group in $groups)
<tr>
#entryCell ($group.Name)
#formCheckBox ($group.Name $selected.get($velocityCount).booleanValue())
</tr>
#end
</table>
</td>
</tr>
<tr>
<td>
<input type="submit" name="eventSubmit_doUpdate" value="Update"/>
<input type="button" name="Done" Value="Done"
onClick="location.href='$jslink.getPaneByName("UserBrowser")'">
<td>
<td>
$!msg
</td>
</tr>
</table>
<input type="hidden" name="entityid" value="$!user.UserName"/>
</form>
--
To unsubscribe, e-mail: <mailto:jetspeed-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@;jakarta.apache.org>
