taylor 2002/11/08 14:12:22 Modified: webapp/WEB-INF/conf JetspeedSecurity.properties admin.xreg webapp/WEB-INF/psml/user/admin/html default.psml webapp/WEB-INF/templates/vm/portlets/html user-browser.vm Added: src/java/org/apache/jetspeed/modules/actions/portlets/security UserGroupUpdateAction.java webapp/WEB-INF/templates/vm/portlets/html user-group-form.vm Log: User-Group management for Admin contributed by Scott Weaver Revision Changes Path 1.1 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserGroupUpdateAction.java Index: UserGroupUpdateAction.java =================================================================== /* ==================================================================== * The Apache Software License, Version 1.1 * * Copyright (c) 2000-2001 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Apache" and "Apache Software Foundation" and * "Apache Jetspeed" must not be used to endorse or promote products * derived from this software without prior written permission. For * written permission, please contact [EMAIL PROTECTED] * * 5. Products derived from this software may not be called "Apache" or * "Apache Jetspeed", nor may "Apache" appear in their name, without * prior written permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * <http://www.apache.org/>. */ package org.apache.jetspeed.modules.actions.portlets.security; // java util import java.util.ArrayList; import java.util.Iterator; import java.util.List; import org.apache.jetspeed.modules.actions.portlets.VelocityPortletAction; import org.apache.jetspeed.modules.actions.portlets.security.SecurityConstants; import org.apache.jetspeed.om.security.Group; import org.apache.jetspeed.om.security.JetspeedUser; import org.apache.jetspeed.om.security.Role; import org.apache.jetspeed.portal.portlets.VelocityPortlet; import org.apache.jetspeed.services.JetspeedSecurity; import org.apache.jetspeed.services.resources.JetspeedResources; import org.apache.turbine.util.DynamicURI; import org.apache.turbine.util.Log; import org.apache.turbine.util.RunData; import org.apache.turbine.util.StringUtils; import org.apache.velocity.context.Context; /** * This action sets up the template context for editing security roles in the Turbine database * for a given user. * * @author <a href="mailto:taylor@;apache.org">David Sean Taylor</a> * @version $Id: UserGroupUpdateAction.java,v 1.1 2002/11/08 22:12:21 taylor Exp $ */ public class UserGroupUpdateAction extends VelocityPortletAction { /** * Build the maximized state content for this portlet. (Same as normal state). * * @param portlet The velocity-based portlet that is being built. * @param context The velocity context for this request. * @param rundata The turbine rundata context for this request. */ protected void buildMaximizedContext( VelocityPortlet portlet, Context context, RunData rundata ) { buildNormalContext( portlet, context, rundata); } /** * Build the configure state content for this portlet. * TODO: we could configure this portlet with configurable skins, etc.. * * @param portlet The velocity-based portlet that is being built. * @param context The velocity context for this request. * @param rundata The turbine rundata context for this request. */ protected void buildConfigureContext( VelocityPortlet portlet, Context context, RunData rundata ) { buildNormalContext( portlet, context, rundata); } /** * Build the normal state content for this portlet. * * @param portlet The velocity-based portlet that is being built. * @param context The velocity context for this request. * @param rundata The turbine rundata context for this request. */ protected void buildNormalContext( VelocityPortlet portlet, Context context, RunData rundata ) { try { Group group = null; /* * Grab the mode for the user form. */ String mode = rundata.getParameters().getString(SecurityConstants.PARAM_MODE); // // check to see if we are adding a role for a single user // String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID); if (entityid == null || entityid.trim().length() == 0) { return; } buildUserGroupsContext(portlet, context, rundata, entityid); // // if there was an error, display the message // String msgid = rundata.getParameters().getString(SecurityConstants.PARAM_MSGID); if (msgid != null) { int id = Integer.parseInt(msgid); if (id < SecurityConstants.MESSAGES.length) context.put(SecurityConstants.PARAM_MSG, SecurityConstants.MESSAGES[id]); } } catch (Exception e) { Log.error(e); rundata.setMessage("Error in Jetspeed User Group Security: " + e.toString()); rundata.setStackTrace(StringUtils.stackTrace(e), e); rundata.setScreenTemplate(JetspeedResources.getString("template.error","Error")); } } /** * Database Update Action for Security Roles. Performs updates into security database. * * @param rundata The turbine rundata context for this request. * @param context The velocity context for this request. */ public void doUpdate(RunData rundata, Context context) throws Exception { String entityid = rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID); if (entityid == null || entityid.trim().length() == 0) { Log.error("UserGroupBrowser: Failed to get entity: " + entityid ); DynamicURI duri = new DynamicURI (rundata); duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm"); duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER); rundata.setRedirectURI(duri.toString()); return; } JetspeedUser user = JetspeedSecurity.getUser(entityid); if (null == user) { Log.error("UserGroupBrowser: Failed to get user: " + entityid ); DynamicURI duri = new DynamicURI (rundata); duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm"); duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER); rundata.setRedirectURI(duri.toString()); return; } try { List groups = (List)rundata.getUser().getTemp(SecurityConstants.CONTEXT_GROUPS); List selected = (List)rundata.getUser().getTemp(SecurityConstants.CONTEXT_SELECTED); if (groups == null || selected == null) { DynamicURI duri = new DynamicURI (rundata); duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm"); duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_MISSING_PARAMETER); rundata.setRedirectURI(duri.toString()); return; } // // walk thru all the roles, see if anything changed // if changed, update the database // for (int ix = 0; ix < groups.size(); ix++) { boolean newValue = rundata.getParameters().getBoolean("box_" + ((Group)groups.get(ix)).getName(), false); boolean oldValue = ((Boolean)selected.get(ix + 1)).booleanValue(); if (newValue != oldValue) { if (newValue == true) { // grant a role to a user JetspeedSecurity.joinGroup( user.getUserName(), ((Group)groups.get(ix)).getName() ); } else { // revoke a role from a user JetspeedSecurity.unjoinGroup( user.getUserName(), ((Group)groups.get(ix)).getName() ); } } } // clear the temp values rundata.getUser().setTemp(SecurityConstants.CONTEXT_GROUPS, null); rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, null); } catch (Exception e) { // log the error msg Log.error("Failed update role+permission: " + e); // // error on update - display error message // DynamicURI duri = new DynamicURI (rundata); duri.addPathInfo(SecurityConstants.PANE_NAME, "UserGroupForm"); duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED); if (user != null) duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName()); rundata.setRedirectURI(duri.toString()); } } /** * Build the context for a role browser for a specific user. * * @param portlet The velocity-based portlet that is being built. * @param context The velocity context for this request. * @param rundata The turbine rundata context for this request. * @param userid The userid of the user that we are building a role context for. */ private void buildUserGroupsContext(VelocityPortlet portlet, Context context, RunData rundata, String userid) throws Exception { // get the user object JetspeedUser user = JetspeedSecurity.getUser(userid); if (null == user) { // no User found Log.error("UserGroupBrowser: Failed to get user: " + userid ); return; } // get master list of roles Iterator groups = JetspeedSecurity.getGroups(); ArrayList masterGroups = new ArrayList(); ArrayList selected = new ArrayList(); int ix = 0; boolean sel = false; selected.add(ix, new Boolean(sel)); while(groups.hasNext()) { Group group = (Group)groups.next(); masterGroups.add(group); sel = JetspeedSecurity.inGroup(user.getUserName(), group.getName()); ix = ix + 1; selected.add(ix, new Boolean(sel)); } masterGroups.trimToSize(); selected.trimToSize(); rundata.getUser().setTemp(SecurityConstants.CONTEXT_GROUPS, masterGroups); rundata.getUser().setTemp(SecurityConstants.CONTEXT_SELECTED, selected); context.put(SecurityConstants.CONTEXT_USER, user); context.put(SecurityConstants.CONTEXT_GROUPS, masterGroups); context.put(SecurityConstants.CONTEXT_SELECTED, selected); } } 1.40 +0 -0 jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties Index: JetspeedSecurity.properties =================================================================== RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v retrieving revision 1.39 retrieving revision 1.40 diff -u -r1.39 -r1.40 1.25 +13 -0 jakarta-jetspeed/webapp/WEB-INF/conf/admin.xreg Index: admin.xreg =================================================================== RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/admin.xreg,v retrieving revision 1.24 retrieving revision 1.25 diff -u -r1.24 -r1.25 --- admin.xreg 30 Oct 2002 15:55:50 -0000 1.24 +++ admin.xreg 8 Nov 2002 22:12:21 -0000 1.25 @@ -350,6 +350,19 @@ <category>admin.security</category> </portlet-entry> + <portlet-entry name="UserGroupForm" hidden="false" type="ref" parent="CustomizerVelocity" application="false"> + <security role="admin"/> + <security-ref parent="admin-only"/> + <parameter name="template" value="user-group-form" /> + <parameter name="action" value="portlets.security.UserGroupUpdateAction" /> + <meta-info> + <title>User Groups</title> + <description>User Group Form for Jetspeed Security Management</description> + </meta-info> + <media-type ref="html"/> + <category group="Jetspeed">admin.security</category> + </portlet-entry> + <portlet-entry type="ref" parent="CustomizerVelocity" name="RolePermissionForm"> <security role="admin"/> <security-ref parent="admin-only"/> 1.15 +4 -0 jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml Index: default.psml =================================================================== RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/user/admin/html/default.psml,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- default.psml 30 Oct 2002 15:55:51 -0000 1.14 +++ default.psml 8 Nov 2002 22:12:21 -0000 1.15 @@ -38,6 +38,9 @@ <entry id='330' parent="UserRoleForm"> <parameter name="_menustate" value="closed"/> </entry> + <entry id="999" parent="UserGroupForm"> + <parameter name="_menustate" value="closed"/> + </entry> <entry id='331' parent="RolePermissionForm"> <parameter name="_menustate" value="closed"/> </entry> @@ -45,6 +48,7 @@ <parameter name="_menustate" value="closed"/> </entry> <entry id='344' parent="SecurityBrowser" /> + </portlets> <portlets id='303'> <controller name="CardPortletController"> 1.7 +2 -1 jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm Index: user-browser.vm =================================================================== RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- user-browser.vm 11 Oct 2002 20:07:17 -0000 1.6 +++ user-browser.vm 8 Nov 2002 22:12:22 -0000 1.7 @@ -41,6 +41,7 @@ <td> <a href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","update")">Edit</a> <a href="$jslink.getPaneByName("UserRoleForm").addPathInfo("entityid",$user.UserName)">Roles</a> + <a href="$jslink.getPaneByName("UserGroupForm").addPathInfo("entityid",$user.UserName)">Groups</a> <a href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","delete")">Remove</a> </td> </tr> 1.1 jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-group-form.vm Index: user-group-form.vm =================================================================== #** @author <a href="mailto:sweaver@;rippe.com">Scott Weaver</a> *# <h3>Groups for $user.FirstName $user.LastName<h3> #set ( $headings = ["Group Name", "Assign"] ) <form method="post" action="$jslink.getPaneByName("UserBrowser").addPathInfo($jslink.ActionKey,"portlets.security.UserGroupUpdateAction")"> <table> <tr> <td> <table border="true" cellspacing="1" cellpadding="3"> <tr> #foreach ($heading in $headings) #headerCell ($heading) #end </tr> #foreach ($group in $groups) <tr> #entryCell ($group.Name) #formCheckBox ($group.Name $selected.get($velocityCount).booleanValue()) </tr> #end </table> </td> </tr> <tr> <td> <input type="submit" name="eventSubmit_doUpdate" value="Update"/> <input type="button" name="Done" Value="Done" onClick="location.href='$jslink.getPaneByName("UserBrowser")'"> <td> <td> $!msg </td> </tr> </table> <input type="hidden" name="entityid" value="$!user.UserName"/> </form>
-- To unsubscribe, e-mail: <mailto:jetspeed-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:jetspeed-dev-help@;jakarta.apache.org>