Project

General

Profile

« Previous | Next » 

Revision 1a38cf2c

Added by Andreas Kohlbecker almost 6 years ago

fix #6999 enablement of type and name editor buttons in workingset button group according to granted authorities
- more robust RegistrationRequiredDataInserter
- adding SPECIMENOROBSERVATIONBASE authority default groups
- protecting type and name edit buttons
- adding debug feature to gain per entity permissions for types and names per button click
- implementing PermissionDebugUtils

View differences:

src/main/java/eu/etaxonomy/cdm/addon/config/CdmVaadinConfiguration.java
251 251 
    @Override
252 252 
    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
253 253 
        this.applicationContext = applicationContext;
254 

  		




  255
  254
  
    
    }


  		




  256
  255
  
    

  		




  257
  256
  
    

  		












  

    
      src/main/java/eu/etaxonomy/cdm/dataInserter/RegistrationRequiredDataInserter.java
    
  





  11
  11
  
    
import java.io.IOException;


  		




  12
  12
  
    
import java.util.ArrayList;


  		




  13
  13
  
    
import java.util.Arrays;


  		




  
  14
  
    
import java.util.EnumSet;


  		




  14
  15
  
    
import java.util.HashMap;


  		




  15
  16
  
    
import java.util.HashSet;


  		




  16
  17
  
    
import java.util.List;


  		




  ......




  42
  43
  
    
import eu.etaxonomy.cdm.model.name.RegistrationStatus;


  		




  43
  44
  
    
import eu.etaxonomy.cdm.model.name.TaxonName;


  		




  44
  45
  
    
import eu.etaxonomy.cdm.model.name.TypeDesignationBase;


  		




  
  46
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;


  		




  
  47
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;


  		




  
  48
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionClass;


  		




  45
  49
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.Role;


  		




  46
  50
  
    
import eu.etaxonomy.cdm.persistence.query.MatchMode;


  		




  47
  51
  
    
import eu.etaxonomy.cdm.vaadin.model.registration.DerivationEventTypes;


  		




  ......




  62
  66
  
    

  		




  63
  67
  
    
    protected static final UUID GROUP_CURATOR_UUID = UUID.fromString("135210d3-3db7-4a81-ab36-240444637d45");


  		




  64
  68
  
    

  		




  
  69
  
    
    private static final EnumSet<CRUD> CREATE_READ = EnumSet.of(CRUD.CREATE, CRUD.READ);


  		




  
  70
  
    
    private static final EnumSet<CRUD> CREATE_READ_UPDATE_DELETE = EnumSet.of(CRUD.CREATE, CRUD.READ, CRUD.UPDATE, CRUD.DELETE);


  		




  
  71
  
    

  		




  65
  72
  
    
    private static final Logger logger = Logger.getLogger(RegistrationRequiredDataInserter.class);


  		




  66
  73
  
    

  		




  67
  74
  
    
    private ExtensionType extensionTypeIAPTRegData;


  		




  ......




  117
  124
  
    
            groupCurator.setUuid(GROUP_CURATOR_UUID);


  		




  118
  125
  
    
            groupCurator.setName("Curator");


  		




  119
  126
  
    
        }


  		




  120
  
  
    
        assureGroupHas(groupCurator, "REGISTRATION[CREATE,READ,UPDATE,DELETE]");


  		




  
  127
  
    
        assureGroupHas(groupCurator, new CdmAuthority(CdmPermissionClass.REGISTRATION, CREATE_READ_UPDATE_DELETE).toString());


  		




  121
  128
  
    
        repo.getGroupService().saveOrUpdate(groupCurator);


  		




  122
  129
  
    

  		




  123
  130
  
    
        Group groupSubmitter = repo.getGroupService().load(GROUP_SUBMITTER_UUID, Arrays.asList("grantedAuthorities"));


  		




  ......




  126
  133
  
    
            groupSubmitter.setUuid(GROUP_SUBMITTER_UUID);


  		




  127
  134
  
    
            groupSubmitter.setName("Submitter");


  		




  128
  135
  
    
        }


  		




  129
  
  
    
        assureGroupHas(groupSubmitter, "TAXONNAME.[CREATE,READ]");


  		




  130
  
  
    
        assureGroupHas(groupSubmitter, "TEAMORPERSONBASE.[CREATE,READ]");


  		




  131
  
  
    
        assureGroupHas(groupSubmitter, "REGISTRATION[CREATE,READ]");


  		




  
  136
  
    
        assureGroupHas(groupSubmitter, new CdmAuthority(CdmPermissionClass.TAXONNAME, CREATE_READ).toString());


  		




  
  137
  
    
        assureGroupHas(groupSubmitter, new CdmAuthority(CdmPermissionClass.TEAMORPERSONBASE, CREATE_READ).toString());


  		




  
  138
  
    
        assureGroupHas(groupSubmitter, new CdmAuthority(CdmPermissionClass.REGISTRATION, CREATE_READ).toString());


  		




  
  139
  
    
        assureGroupHas(groupSubmitter, new CdmAuthority(CdmPermissionClass.SPECIMENOROBSERVATIONBASE, CREATE_READ).toString());


  		




  132
  140
  
    
        repo.getGroupService().saveOrUpdate(groupSubmitter);


  		




  133
  141
  
    

  		




  134
  142
  
    
        if(repo.getTermService().find(DerivationEventTypes.PUBLISHED_IMAGE().getUuid()) == null){


  		












  

    
      src/main/java/eu/etaxonomy/cdm/service/CdmUserHelper.java
    
  





  11
  11
  
    
import java.util.EnumSet;


  		




  12
  12
  
    

  		




  13
  13
  
    
import org.springframework.beans.factory.annotation.Autowired;


  		




  
  14
  
    
import org.springframework.beans.factory.annotation.Qualifier;


  		




  14
  15
  
    
import org.springframework.security.authentication.AnonymousAuthenticationToken;


  		




  15
  16
  
    
import org.springframework.security.core.Authentication;


  		




  16
  17
  
    
import org.springframework.security.core.context.SecurityContext;


  		




  ......




  19
  20
  
    
import com.vaadin.spring.annotation.SpringComponent;


  		




  20
  21
  
    
import com.vaadin.spring.annotation.UIScope;


  		




  21
  22
  
    

  		




  
  23
  
    
import eu.etaxonomy.cdm.api.application.CdmRepository;


  		




  22
  24
  
    
import eu.etaxonomy.cdm.database.PermissionDeniedException;


  		




  23
  25
  
    
import eu.etaxonomy.cdm.model.common.CdmBase;


  		




  24
  26
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;


  		




  ......




  39
  41
  
    
    @Autowired


  		




  40
  42
  
    
    private ICdmPermissionEvaluator permissionEvaluator;


  		




  41
  43
  
    

  		




  
  44
  
    
    @Autowired


  		




  
  45
  
    
    @Qualifier("cdmRepository")


  		




  
  46
  
    
    private CdmRepository repo;


  		




  
  47
  
    

  		




  42
  48
  
    
    public CdmUserHelper(){


  		




  43
  49
  
    
        super();


  		




  44
  50
  
    
    }


  		




  ......




  98
  104
  
    
    public boolean userHasPermission(CdmBase entity, Object ... args){


  		




  99
  105
  
    
        EnumSet<CRUD> crudSet = crudSetFromArgs(args);


  		




  100
  106
  
    
        try {


  		




  101
  
  
    
        return permissionEvaluator.hasPermission(getAuthentication(), entity, crudSet);


  		




  
  107
  
    
            return permissionEvaluator.hasPermission(getAuthentication(), entity, crudSet);


  		




  102
  108
  
    
        } catch (PermissionDeniedException e){


  		




  103
  109
  
    
            //IGNORE


  		




  104
  110
  
    
        }


  		




  ......




  109
  115
  
    
    public boolean userHasPermission(Class<? extends CdmBase> cdmType, Integer entitiyId, Object ... args){


  		




  110
  116
  
    
        EnumSet<CRUD> crudSet = crudSetFromArgs(args);


  		




  111
  117
  
    
        try {


  		




  112
  
  
    
            return permissionEvaluator.hasPermission(getAuthentication(), cdmType, entitiyId.toString(), crudSet);


  		




  
  118
  
    
            CdmBase entity = repo.getCommonService().find(cdmType, entitiyId);


  		




  
  119
  
    
            return permissionEvaluator.hasPermission(getAuthentication(), entity, crudSet);


  		




  113
  120
  
    
        } catch (PermissionDeniedException e){


  		




  114
  121
  
    
            //IGNORE


  		




  115
  122
  
    
        }


  		












  

    
      src/main/java/eu/etaxonomy/cdm/service/IRegistrationWorkingSetService.java
    
  





  38
  38
  
    
     * @param  id the CDM Entity id


  		




  39
  39
  
    
     * @return


  		




  40
  40
  
    
     * @throws RegistrationValidationException


  		




  
  41
  
    
     * @deprecated Use {@link  #loadWorkingSetByReferenceID(Integer) instead


  		




  41
  42
  
    
     */


  		




  
  43
  
    
    @Deprecated


  		




  42
  44
  
    
    public RegistrationWorkingSet loadWorkingSetByCitationID(Integer id) throws RegistrationValidationException;


  		




  43
  45
  
    

  		




  44
  46
  
    
    /**


  		












  

    
      src/main/java/eu/etaxonomy/cdm/service/RegistrationWorkingSetService.java
    
  





  102
  102
  
    
     * @throws RegistrationValidationException


  		




  103
  103
  
    
     */


  		




  104
  104
  
    
    @Override


  		




  
  105
  
    
    @Deprecated


  		




  105
  106
  
    
    public RegistrationWorkingSet loadWorkingSetByReferenceID(Integer referenceID) throws RegistrationValidationException {


  		




  
  107
  
    

  		




  106
  108
  
    
        Reference reference = repo.getReferenceService().find(referenceID);


  		




  107
  109
  
    
        Pager<Registration> pager = repo.getRegistrationService().page(Optional.of(reference), null, null, null, null);


  		




  108
  110
  
    
        return new RegistrationWorkingSet(makeDTOs(pager.getRecords()));


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/component/registration/RegistrationItemEditButtonGroup.java
    
  





  25
  25
  
    
import eu.etaxonomy.cdm.model.occurrence.SpecimenOrObservationBase;


  		




  26
  26
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;


  		




  27
  27
  
    
import eu.etaxonomy.cdm.vaadin.model.TypedEntityReference;


  		




  
  28
  
    
import eu.etaxonomy.cdm.vaadin.security.PermissionDebugUtils;


  		




  28
  29
  
    
import eu.etaxonomy.cdm.vaadin.security.UserHelper;


  		




  29
  30
  
    
import eu.etaxonomy.cdm.vaadin.util.converter.TypeDesignationSetManager.TypeDesignationWorkingSet;


  		




  30
  31
  
    
import eu.etaxonomy.cdm.vaadin.util.converter.TypeDesignationSetManager.TypeDesignationWorkingSetType;


  		




  ......




  74
  75
  
    
            nameIdButton = new IdButton<TaxonName>(TaxonName.class, regDto.getName().getId(), nameButton);


  		




  75
  76
  
    
            Label nameLabel = new Label(regDto.getName().getLabel());


  		




  76
  77
  
    
            nameLabel.setWidthUndefined();


  		




  77
  
  
    
            nameButton.setEnabled(!isRegistrationLocked && UserHelper.fromSession().userHasPermission(TaxonName.class, regDto.getName().getId(), CRUD.UPDATE));


  		




  
  78
  
    
            boolean userHasPermission = UserHelper.fromSession().userHasPermission(regDto.registration().getName(), CRUD.UPDATE);


  		




  
  79
  
    
            nameButton.setEnabled(!isRegistrationLocked && userHasPermission);


  		




  78
  80
  
    

  		




  79
  81
  
    
            addComponent(nameIdButton.getButton());


  		




  80
  
  
    
            // PermissionDebugUtils.fromSession().addGainPerEntityPermissionButton(this, TaxonName.class, regDto.getName().getId(), CRUD.UPDATE);


  		




  
  82
  
    
            PermissionDebugUtils.fromSession().addGainPerEntityPermissionButton(this, TaxonName.class, regDto.getName().getId(), EnumSet.of(CRUD.UPDATE, CRUD.DELETE));


  		




  81
  83
  
    
            addComponent(nameLabel);


  		




  82
  84
  
    
        } else {


  		




  83
  85
  
    
            // no name in the registration! we only show the typified name as label


  		




  ......




  94
  96
  
    
                tdButton.setDescription("Edit the type designation working set");


  		




  95
  97
  
    
                tdButton.setEnabled(!isRegistrationLocked && UserHelper.fromSession().userHasPermission(baseEntityRef.getType(), baseEntityRef.getId(), CRUD.UPDATE));


  		




  96
  98
  
    
                addComponent(tdButton);


  		




  97
  
  
    
//                Set<Integer> idSet = new HashSet<>();


  		




  98
  
  
    
//                typeDesignationWorkingSet.getTypeDesignations().forEach(td -> idSet.add(td.getId()));


  		




  
  99
  
    

  		




  
  100
  
    
                PermissionDebugUtils.fromSession().addGainPerEntityPermissionButton(this, SpecimenOrObservationBase.class, baseEntityRef.getId(), EnumSet.of(CRUD.UPDATE, CRUD.DELETE));


  		




  99
  101
  
    

  		




  100
  102
  
    
                typeDesignationButtons.add(new TypeDesignationWorkingSetButton(


  		




  101
  103
  
    
                        typeDesignationWorkingSet.getWorkingsetType(),


  		












  

    
      src/main/java/eu/etaxonomy/cdm/vaadin/security/PermissionDebugUtils.java
    
  





  
  1
  
    
/**


  		




  
  2
  
    
* Copyright (C) 2017 EDIT


  		




  
  3
  
    
* European Distributed Institute of Taxonomy


  		




  
  4
  
    
* http://www.e-taxonomy.eu


  		




  
  5
  
    
*


  		




  
  6
  
    
* The contents of this file are subject to the Mozilla Public License Version 1.1


  		




  
  7
  
    
* See LICENSE.TXT at the top of this package for the full license terms.


  		




  
  8
  
    
*/


  		




  
  9
  
    
package eu.etaxonomy.cdm.vaadin.security;


  		




  
  10
  
    

  		




  
  11
  
    
import java.util.EnumSet;


  		




  
  12
  
    

  		




  
  13
  
    
import org.apache.log4j.Logger;


  		




  
  14
  
    
import org.springframework.beans.factory.annotation.Autowired;


  		




  
  15
  
    
import org.springframework.beans.factory.annotation.Qualifier;


  		




  
  16
  
    
import org.springframework.context.annotation.Profile;


  		




  
  17
  
    
import org.springframework.security.core.Authentication;


  		




  
  18
  
    
import org.springframework.security.core.context.SecurityContextHolder;


  		




  
  19
  
    
import org.springframework.security.core.userdetails.UserDetails;


  		




  
  20
  
    
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;


  		




  
  21
  
    

  		




  
  22
  
    
import com.vaadin.server.FontAwesome;


  		




  
  23
  
    
import com.vaadin.server.VaadinSession;


  		




  
  24
  
    
import com.vaadin.spring.annotation.SpringComponent;


  		




  
  25
  
    
import com.vaadin.spring.annotation.UIScope;


  		




  
  26
  
    
import com.vaadin.ui.AbstractComponentContainer;


  		




  
  27
  
    
import com.vaadin.ui.Button;


  		




  
  28
  
    
import com.vaadin.ui.themes.ValoTheme;


  		




  
  29
  
    

  		




  
  30
  
    
import eu.etaxonomy.cdm.api.application.CdmRepository;


  		




  
  31
  
    
import eu.etaxonomy.cdm.model.common.CdmBase;


  		




  
  32
  
    
import eu.etaxonomy.cdm.model.common.User;


  		




  
  33
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD;


  		




  
  34
  
    
import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority;


  		




  
  35
  
    
import sun.security.provider.PolicyParser.ParsingException;


  		




  
  36
  
    

  		




  
  37
  
    
/**


  		




  
  38
  
    
 * PermissionDebugUtils provide the following tools:


  		




  
  39
  
    
 * <ul>


  		




  
  40
  
    
 *   <li>{@link #addGainPerEntityPermissionButton(AbstractComponentContainer, Class, Integer, EnumSet)}:


  		




  
  41
  
    
 *   A button which gives a per entity authority to the current user.</li>


  		




  
  42
  
    
 * </ul>


  		




  
  43
  
    
 *


  		




  
  44
  
    
 *


  		




  
  45
  
    
 *


  		




  
  46
  
    
 * To enable the PermissionDebugUtils you need to activate the spring profile <code>debug</code>. You can add


  		




  
  47
  
    
 * <code>-Dspring.profiles.active=debug</code> to the command starting the jvm


  		




  
  48
  
    
 * or set this as an environment variable.


  		




  
  49
  
    
 *


  		




  
  50
  
    
 * @author a.kohlbecker


  		




  
  51
  
    
 * @since Oct 11, 2017


  		




  
  52
  
    
 *


  		




  
  53
  
    
 */


  		




  
  54
  
    
@SpringComponent


  		




  
  55
  
    
@UIScope


  		




  
  56
  
    
@Profile("debug")


  		




  
  57
  
    
public class PermissionDebugUtils {


  		




  
  58
  
    

  		




  
  59
  
    

  		




  
  60
  
    
    private final static Logger logger = Logger.getLogger(PermissionDebugUtils.class);


  		




  
  61
  
    

  		




  
  62
  
    
    public static final String VADDIN_SESSION_KEY = "PERMISSION_DEBUG_UTILS";


  		




  
  63
  
    

  		




  
  64
  
    
    public static final String SYSTEM_PROP_KEY = "GainPerEntityPermissionButtons";


  		




  
  65
  
    

  		




  
  66
  
    

  		




  
  67
  
    
    @Autowired


  		




  
  68
  
    
    @Qualifier("cdmRepository")


  		




  
  69
  
    
    private CdmRepository repo;


  		




  
  70
  
    

  		




  
  71
  
    
    public PermissionDebugUtils() {


  		




  
  72
  
    
        VaadinSession.getCurrent().setAttribute(VADDIN_SESSION_KEY, this);


  		




  
  73
  
    
    }


  		




  
  74
  
    

  		




  
  75
  
    
    public static PermissionDebugUtils fromSession() {


  		




  
  76
  
    
        return (PermissionDebugUtils)VaadinSession.getCurrent().getAttribute(VADDIN_SESSION_KEY);


  		




  
  77
  
    
     }


  		




  
  78
  
    

  		




  
  79
  
    
    public Button addGainPerEntityPermissionButton(AbstractComponentContainer toContainer, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud){


  		




  
  80
  
    
        Button button = gainPerEntityPermissionButton(cdmType, entitiyId, crud);


  		




  
  81
  
    
        if(button != null){


  		




  
  82
  
    
            toContainer.addComponent(button);


  		




  
  83
  
    
        }


  		




  
  84
  
    
        return button;


  		




  
  85
  
    
    }


  		




  
  86
  
    

  		




  
  87
  
    
    public Button gainPerEntityPermissionButton(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud){


  		




  
  88
  
    

  		




  
  89
  
    
       Button button = new Button(FontAwesome.BOLT);


  		




  
  90
  
    
       button.addClickListener(e -> createAuthority(cdmType, entitiyId, crud));


  		




  
  91
  
    
       button.addStyleName(ValoTheme.BUTTON_DANGER);


  		




  
  92
  
    
       return button;


  		




  
  93
  
    

  		




  
  94
  
    
    }


  		




  
  95
  
    

  		




  
  96
  
    
    /**


  		




  
  97
  
    
     * @param cdmType


  		




  
  98
  
    
     * @param entitiyId


  		




  
  99
  
    
     * @param crud


  		




  
  100
  
    
     * @return


  		




  
  101
  
    
     */


  		




  
  102
  
    
    private void createAuthority(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud) {


  		




  
  103
  
    
        String username = UserHelper.fromSession().userName();


  		




  
  104
  
    
        UserDetails userDetails = repo.getUserService().loadUserByUsername(username);


  		




  
  105
  
    
        if(userDetails != null){


  		




  
  106
  
    
            User user = (User)userDetails;


  		




  
  107
  
    
            CdmBase entity = repo.getCommonService().find(cdmType, entitiyId);


  		




  
  108
  
    
            CdmAuthority authority = new CdmAuthority(entity, crud);


  		




  
  109
  
    
            try {


  		




  
  110
  
    
                user.getGrantedAuthorities().add(authority.asNewGrantedAuthority());


  		




  
  111
  
    
            } catch (ParsingException e) {


  		




  
  112
  
    
                throw new RuntimeException(e);


  		




  
  113
  
    
            }


  		




  
  114
  
    
            repo.getUserService().saveOrUpdate(user);


  		




  
  115
  
    
            Authentication authentication = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities());


  		




  
  116
  
    
            SecurityContextHolder.getContext().setAuthentication(authentication);


  		




  
  117
  
    
        }


  		




  
  118
  
    
    }


  		




  
  119
  
    
}


  		












  

    
      src/main/java/eu/etaxonomy/vaadin/ui/navigation/NavigationManagerBean.java
    
  





  22
  22
  
    
import com.vaadin.ui.UI;


  		




  23
  23
  
    
import com.vaadin.ui.Window;


  		




  24
  24
  
    

  		




  
  25
  
    
import eu.etaxonomy.cdm.vaadin.security.PermissionDebugUtils;


  		




  25
  26
  
    
import eu.etaxonomy.cdm.vaadin.security.UserHelper;


  		




  26
  27
  
    
import eu.etaxonomy.vaadin.mvp.AbstractEditorPresenter;


  		




  27
  28
  
    
import eu.etaxonomy.vaadin.mvp.AbstractPopupEditor;


  		




  ......




  52
  53
  
    
	@Autowired


  		




  53
  54
  
    
	private PopupEditorFactory popupEditorFactory;


  		




  54
  55
  
    

  		




  
  56
  
    
	/**


  		




  
  57
  
    
	 * This reference will cause the scoped UserHelper being initialized


  		




  
  58
  
    
	 * It is not used in this class but attaches itself to the vaadin session


  		




  
  59
  
    
	 * from where it will be accessible via UserHelper.fromSession()


  		




  
  60
  
    
	 */


  		




  55
  61
  
    
	@Autowired


  		




  56
  62
  
    
    private UserHelper userHelper;


  		




  57
  63
  
    

  		




  
  64
  
    
    /**


  		




  
  65
  
    
     * This reference will cause the scoped PermissionDebugUtils being initialized.


  		




  
  66
  
    
     * It is not used in this class but attaches itself to the vaadin session


  		




  
  67
  
    
     * from where it will be accessible via UserHelper.fromSession()


  		




  
  68
  
    
     *


  		




  
  69
  
    
     * <b>NOTE:</b> PermissionDebugUtils is only available if the spring profile "debug" is active,


  		




  
  70
  
    
     * See


  		




  
  71
  
    
     */


  		




  
  72
  
    
    @Autowired(required=false)


  		




  
  73
  
    
    private PermissionDebugUtils permissionDebugUtils;


  		




  
  74
  
    

  		




  58
  75
  
    
	private Map<PopupView, Window> popupMap;


  		




  59
  76
  
    

  		




  60
  77
  
    
	public NavigationManagerBean() {


  		




  ......




  179
  196
  
    
     *


  		




  180
  197
  
    
     * @return the current view name or <code>null</code>


  		




  181
  198
  
    
     */


  		




  
  199
  
    
    @Override


  		




  182
  200
  
    
    public String getCurrentViewName() {


  		




  183
  201
  
    
        SpringView springViewAnnotation = getCurrentView().getClass().getAnnotation(SpringView.class);


  		




  184
  202
  
    
        if(springViewAnnotation != null){


  		












Also available in:  Unified diff