base implementation and configuration for securing the editor - #4055 (action enablem...
authorAndreas Kohlbecker <a.kohlbecker@bgbm.org>
Wed, 19 Feb 2014 14:52:23 +0000 (14:52 +0000)
committerAndreas Kohlbecker <a.kohlbecker@bgbm.org>
Wed, 19 Feb 2014 14:52:23 +0000 (14:52 +0000)
.gitattributes
eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.equinox.common-3.6.0.v20110523.jar
eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.osgi-3.7.2.v20120110-1415.jar
eu.etaxonomy.taxeditor.navigation/plugin.xml
eu.etaxonomy.taxeditor.navigation/src/main/java/eu/etaxonomy/taxeditor/navigation/NavigationUtil.java
eu.etaxonomy.taxeditor.navigation/src/main/java/eu/etaxonomy/taxeditor/navigation/navigator/handler/MoveTaxonHandler.java
eu.etaxonomy.taxeditor.store/plugin.xml
eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/PermissionPropertyTester.java [new file with mode: 0644]

index 1c5ff176418393d16844e3ad5b359d50affda7f0..73c2c268a335b6597526721c0a435574c9b2c09c 100644 (file)
@@ -1266,6 +1266,7 @@ eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/preference/men
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/preference/menu/TaxonRelationshipTypeMenuPreferences.java -text
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/preference/wizard/VocabularyTermWizard.java -text
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/preference/wizard/VocabularyTermWizardPage.java -text
+eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/PermissionPropertyTester.java -text
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/RequiredPermissions.java -text
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/CdmStore.java -text
 eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/store/CdmStoreConnector.java -text
index 4cf488ee33f1a17bac6e7badc2adfac6cf54f75d..9fb167cc8644ced846238dee40784f7341832719 100644 (file)
Binary files a/eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.equinox.common-3.6.0.v20110523.jar and b/eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.equinox.common-3.6.0.v20110523.jar differ
index f131a431cbf20a8f2194c84912950bd3e0a6485b..25f118068392d39fda76feea6c855dfb3633db17 100644 (file)
Binary files a/eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.osgi-3.7.2.v20120110-1415.jar and b/eu.etaxonomy.taxeditor.cdmlib/lib/org.eclipse.osgi-3.7.2.v20120110-1415.jar differ
index d47aa7435eab5938173f057e0263bc0585622f1e..2cc27a798b069675ec4878774cb5811731706282 100644 (file)
@@ -84,7 +84,7 @@
                id="eu.etaxonomy.navigation.menu.new"
                label="New">
             <command
-                  commandId="eu.etaxonomy.taxeditor.navigation.newTaxonNode"
+                  commandId="eu.etaxonomy.taxeditor.navigation.command.create.taxonNode"
                   label="Taxon"
                   style="push">
             </command>
@@ -93,8 +93,8 @@
                   visible="true">
             </separator>
             <command
-                  commandId="eu.etaxonomy.taxeditor.navigation.newClassification"
-                  id="eu.etaxonomy.taxeditor.navigation.newClassificationHandler"
+                  commandId="eu.etaxonomy.taxeditor.navigation.create.classification"
+                  id="eu.etaxonomy.taxeditor.navigation.create.classificationHandler"
                   label="Classification"
                   style="push">
             </command>
                visible="true">
          </separator>
          <command
-               commandId="eu.etaxonomy.taxeditor.navigation.command.editSelection"
+               commandId="eu.etaxonomy.taxeditor.navigation.command.update.editSelection"
                label="Edit"
                style="push">       
             <visibleWhen
             </visibleWhen>
          </command>
          <command
-               commandId="eu.etaxonomy.taxeditor.navigator.command.changeAcceptedToSynonym"
+               commandId="eu.etaxonomy.taxeditor.navigator.command.update.changeAcceptedToSynonym"
                label="Change Accepted Taxon to Synonym"
                style="push">
                <visibleWhen
             </visibleWhen>
          </command>
          <command
-               commandId="eu.etaxonomy.taxeditor.navigation.command.moveTaxon"
+               commandId="eu.etaxonomy.taxeditor.navigation.command.update.moveTaxon"
                label="Move Taxon (with child taxa)"
                style="push">
             <visibleWhen
                   checkEnabled="true">
-               <reference
-                     definitionId="isTaxonNode">
-               </reference>
+                  <reference
+                        definitionId="isTaxonNode">
+                  </reference>
             </visibleWhen>
          </command>
          <separator
       <menuContribution
             locationURI="menu:eu.etaxonomy.navigation.menu.new">
          <command
-               commandId="eu.etaxonomy.taxeditor.navigation.newTaxonNode"
+               commandId="eu.etaxonomy.taxeditor.navigation.command.create.taxonNode"
                label="Taxon"
                style="push">
          </command>
                visible="true">
          </separator>
          <command
-               commandId="eu.etaxonomy.taxeditor.navigation.newClassification"
-               id="eu.etaxonomy.taxeditor.navigation.newClassificationHandler"
+               commandId="eu.etaxonomy.taxeditor.navigation.create.classification"
+               id="eu.etaxonomy.taxeditor.navigation.create.classificationHandler"
                label="Classification"
                style="push">
          </command>
          point="org.eclipse.ui.commands">
       <command
             defaultHandler="eu.etaxonomy.taxeditor.navigation.navigator.handler.NewTaxonNodeHandler"
-            id="eu.etaxonomy.taxeditor.navigation.newTaxonNode"
+            id="eu.etaxonomy.taxeditor.navigation.command.create.taxonNode"
             name="New Taxon Node">
       </command>
       <command
             defaultHandler="eu.etaxonomy.taxeditor.navigation.navigator.handler.NewClassificationHandler"
-            id="eu.etaxonomy.taxeditor.navigation.newClassification"
+            id="eu.etaxonomy.taxeditor.navigation.create.classification"
             name="New Classification">
       </command>
    </extension>
          point="org.eclipse.ui.commands">
       <command
             defaultHandler="eu.etaxonomy.taxeditor.navigation.navigator.handler.EditHandler"
-            id="eu.etaxonomy.taxeditor.navigation.command.editSelection"
+            id="eu.etaxonomy.taxeditor.navigation.command.update.editSelection"
             name="Edit">
       </command>
       <command
             defaultHandler="eu.etaxonomy.taxeditor.navigation.navigator.handler.MoveTaxonHandler"
-            id="eu.etaxonomy.taxeditor.navigation.command.moveTaxon"
+            id="eu.etaxonomy.taxeditor.navigation.command.update.moveTaxon"
             name="Move Taxon">
       </command>
       <command
       </command>
       <command
             defaultHandler="eu.etaxonomy.taxeditor.navigation.navigator.handler.ChangeAcceptedTaxonToSynonymHandler"
-            id="eu.etaxonomy.taxeditor.navigator.command.changeAcceptedToSynonym"
+            id="eu.etaxonomy.taxeditor.navigator.command.update.changeAcceptedToSynonym"
             name="Change Accepted Taxon to Synonym">
       </command>
    </extension>
index 9fdb66b7acb266a0dcae034a2c7766d74e3b7150..7ea9ed09d861b2ba5c606f843a76f140eb397994 100644 (file)
@@ -58,7 +58,7 @@ public class NavigationUtil extends AbstractUtility{
         */
        public static void executeEditHandler(){
 
-               String commandId = "eu.etaxonomy.taxeditor.navigation.command.editSelection";
+               String commandId = "eu.etaxonomy.taxeditor.navigation.command.update.editSelection";
 
                IHandlerService handlerService = (IHandlerService) AbstractUtility.getService(IHandlerService.class);
                try {
index a7c8a2b0dd1a0244185c31ec7a2c24d1c37be597..02f6a6659ce850958a82cf74cbe711b84a8ba6da 100644 (file)
@@ -104,4 +104,5 @@ public class MoveTaxonHandler extends AbstractHandler implements IPostOperationE
        public boolean onComplete() {
                return false;
        }
+       
 }
index 21eff652c0858c429258f9b2018090ea5bbde54b..03fd6d030704ae36747ee6e75745b112b6bad46d 100644 (file)
          properties="isModifiable"
          type="org.eclipse.jface.viewers.IStructuredSelection">
    </propertyTester>
+   <propertyTester
+        class="eu.etaxonomy.taxeditor.security.PermissionPropertyTester"
+        id="eu.etaxonomy.taxeditor.security.permissionTester"
+        namespace="eu.etaxonomy.taxeditor.security.permissionTester"
+        properties="hasPermissions, hasRoles"
+        type="org.eclipse.jface.viewers.IStructuredSelection">
+   </propertyTester>
 </extension>
 <extension
       point="org.eclipse.core.expressions.definitions">
          </test>
       </with>
    </definition>
+   <definition
+            id="canUPDATE">
+               <with
+                       variable="selection">
+                <test
+                      args="UPDATE"
+                      property="eu.etaxonomy.taxeditor.security.permissionTester.hasPermissions">
+                </test>
+         </with>
+      </definition>
+      <definition
+            id="canDELETE">
+         <with
+               variable="selection">
+            <test
+                  args="DELETE"
+                  property="eu.etaxonomy.taxeditor.security.permissionTester.hasPermissions">
+            </test>
+         </with>
+    </definition>
+      <definition
+            id="canCREATE">
+         <with
+               variable="selection">
+            <test
+                  args="CREATE"
+                  property="eu.etaxonomy.taxeditor.security.permissionTester.hasPermissions">
+            </test>
+         </with>
+      </definition>
+      <definition
+            id="hasROLE_USER_MANAGER">
+            <test
+                  args="ROLE_USER_MANAGER"
+                  property="eu.etaxonomy.taxeditor.security.permissionTester.hasRole">
+            </test>
+      </definition>
+</extension>
+<extension
+      point="org.eclipse.ui.activities">
+   <activity
+         description="DELETE permission dependent ui contributions"
+         id="eu.etaxonomy.taxeditor.store.activityDelete"
+         name="Delete">
+      <enabledWhen>
+         <reference
+               definitionId="canDELETE">
+         </reference>
+      </enabledWhen>
+   </activity>
+   <activityPatternBinding
+         activityId="eu.etaxonomy.taxeditor.store.activityDelete"
+         pattern="eu\.etaxonomy\.taxeditor\..*/.*.delete">
+   </activityPatternBinding>
+   <activity
+         description="UPDATE permission dependent ui contributions"
+         id="eu.etaxonomy.taxeditor.store.activityUpdate"
+         name="Update">
+      <enabledWhen>
+         <reference
+               definitionId="canUPDATE">
+         </reference>
+      </enabledWhen>
+   </activity>
+   <activityPatternBinding
+         activityId="eu.etaxonomy.taxeditor.store.activityUpdate"
+         pattern="eu\.etaxonomy\.taxeditor\..*/.*.command\.update\..*">
+   </activityPatternBinding>
+   <activity
+         description="CREATE permission dependent ui contributions"
+         id="eu.etaxonomy.taxeditor.store.activityCreate"
+         name="Delete">
+      <enabledWhen>
+         <reference
+               definitionId="canDELETE">
+         </reference>
+      </enabledWhen>
+   </activity>
+   <activityPatternBinding
+         activityId="eu.etaxonomy.taxeditor.store.activityCreate"
+         pattern="eu\.etaxonomy\.taxeditor\..*/.*.command\.create\..*">
+   </activityPatternBinding>
+   <activity
+         description="ROLE_USER_MANAGER dependent ui contributions"
+         id="eu.etaxonomy.taxeditor.store.activityUserManagement"
+         name="UserManagement">
+      <enabledWhen>
+         <reference
+               definitionId="hasROLE_USER_MANAGER">
+         </reference>
+      </enabledWhen>
+   </activity>
+   <activityPatternBinding
+         activityId="eu.etaxonomy.taxeditor.store.activityUserManagement"
+         pattern="eu\.etaxonomy\.taxeditor\..*/.*.UserManagement">
+   </activityPatternBinding>
 </extension>
        
 </plugin>
diff --git a/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/PermissionPropertyTester.java b/eu.etaxonomy.taxeditor.store/src/main/java/eu/etaxonomy/taxeditor/security/PermissionPropertyTester.java
new file mode 100644 (file)
index 0000000..e9adcf3
--- /dev/null
@@ -0,0 +1,81 @@
+package eu.etaxonomy.taxeditor.security;
+
+import java.util.ArrayList;
+import java.util.EnumSet;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.management.relation.Role;
+
+import org.apache.commons.lang.StringUtils;
+import org.eclipse.core.expressions.PropertyTester;
+import org.eclipse.jface.viewers.IStructuredSelection;
+
+import eu.etaxonomy.cdm.model.common.CdmBase;
+import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;
+import eu.etaxonomy.taxeditor.store.CdmStore;
+
+public class PermissionPropertyTester extends PropertyTester {
+       
+       private static final String HAS_ROLES = "hasRoles";
+       private static final String HAS_PERMISSIONS = "hasPermissions";
+       
+       private static final String CREATE = CRUD.CREATE.toString();
+       private static final String READ = CRUD.READ.toString();
+       private static final String UPDATE = CRUD.UPDATE.toString();
+       private static final String DELETE = CRUD.DELETE.toString();
+
+       @Override
+       public boolean test(Object receiver, String property, Object[] args,
+                       Object expectedValue) {
+               
+               
+               if(property.equals(HAS_PERMISSIONS)){
+                       
+                       return checkHasPermission(receiver, args);
+               }
+               
+               if(property.equals(HAS_ROLES)){
+                       return checkHasRoles(property, args);
+               }
+                       
+               return false;
+       }
+
+       private boolean checkHasRoles(String property, Object[] args) {
+                       List<Role> roles = new ArrayList<Role>();
+                       for(int i = 0; i < args.length; i++){
+                               roles.add((Role)args[i]);
+                       }
+//                     return CdmStore.currentAuthentiationHasOneOfRoles(roles.get(0)); // FIXME
+                       return false;
+                       
+       }
+
+       private boolean checkHasPermission(Object receiver, Object[] args) {
+               EnumSet<CRUD> crudSet = crudSetFromArgs(args);
+
+               
+               List<Object> selectedElements = ((IStructuredSelection) receiver).toList();
+               for(Object selectedElement : selectedElements){
+                       if(selectedElement instanceof CdmBase && ! CdmStore.currentAuthentiationHasPermission((CdmBase) selectedElement, crudSet)){
+                               return false;
+                       }
+               }
+
+               return true;
+       }
+
+       private EnumSet<CRUD> crudSetFromArgs(Object[] args) {
+               EnumSet<CRUD> crudSet = EnumSet.noneOf(CRUD.class);
+               for(int i = 0; i < args.length; i++){
+                       try {
+                               crudSet.add(CRUD.valueOf(args[i].toString()));
+                       } catch (Exception e){
+                               System.err.println("could not add " + args[i]);
+                       }
+               }
+               return crudSet;
+       }
+
+}