Revision 3d9a0098
Added by Andreas Kohlbecker over 6 years ago
src/main/java/eu/etaxonomy/cdm/service/CdmUserHelper.java | ||
---|---|---|
216 | 216 |
createAuthorityFor(userName(), cdmType, entitiyId, crud, property); |
217 | 217 |
} |
218 | 218 |
|
219 |
/** |
|
220 |
* {@inheritDoc} |
|
221 |
*/ |
|
222 |
@Override |
|
223 |
public void createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property) { |
|
224 |
UserDetails userDetails = repo.getUserService().loadUserByUsername(username); |
|
225 |
if(userDetails != null){ |
|
226 |
User user = (User)userDetails; |
|
227 |
CdmAuthority authority = new CdmAuthority(cdmEntity, property, crud); |
|
228 |
try { |
|
229 |
user.getGrantedAuthorities().add(authority.asNewGrantedAuthority()); |
|
230 |
} catch (CdmAuthorityParsingException e) { |
|
231 |
throw new RuntimeException(e); |
|
232 |
} |
|
233 |
repo.getSession().flush(); |
|
234 |
logger.debug("new authority for " + username + ": " + authority.toString()); |
|
235 |
Authentication authentication = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities()); |
|
236 |
SecurityContextHolder.getContext().setAuthentication(authentication); |
|
237 |
logger.debug("security context refreshed with user " + username); |
|
238 |
} |
|
239 |
|
|
240 |
} |
|
241 |
|
|
242 |
/** |
|
243 |
* {@inheritDoc} |
|
244 |
*/ |
|
245 |
@Override |
|
246 |
public void createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property) { |
|
247 |
createAuthorityFor(userName(), cdmEntity, crud, property); |
|
248 |
|
|
249 |
} |
|
250 |
|
|
219 | 251 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/security/UserHelper.java | ||
---|---|---|
53 | 53 |
|
54 | 54 |
boolean userIsAutheticated(); |
55 | 55 |
|
56 |
public void createAuthorityFor(String username, CdmBase cdmEntity, EnumSet<CRUD> crud, String property); |
|
57 |
|
|
56 | 58 |
public void createAuthorityFor(String username, Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property); |
57 | 59 |
|
58 | 60 |
/** |
... | ... | |
62 | 64 |
*/ |
63 | 65 |
void createAuthorityForCurrentUser(Class<? extends CdmBase> cdmType, Integer entitiyId, EnumSet<CRUD> crud, String property); |
64 | 66 |
|
67 |
/** |
|
68 |
* @param cdmType |
|
69 |
* @param entitiyId |
|
70 |
* @param crud |
|
71 |
*/ |
|
72 |
void createAuthorityForCurrentUser(CdmBase cdmEntity, EnumSet<CRUD> crud, String property); |
|
73 |
|
|
65 | 74 |
|
66 | 75 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/view/PerEntityAuthorityGrantingEditor.java | ||
---|---|---|
1 |
/** |
|
2 |
* Copyright (C) 2017 EDIT |
|
3 |
* European Distributed Institute of Taxonomy |
|
4 |
* http://www.e-taxonomy.eu |
|
5 |
* |
|
6 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
|
7 |
* See LICENSE.TXT at the top of this package for the full license terms. |
|
8 |
*/ |
|
9 |
package eu.etaxonomy.cdm.vaadin.view; |
|
10 |
|
|
11 |
import java.util.EnumSet; |
|
12 |
|
|
13 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
14 |
|
|
15 |
/** |
|
16 |
* @author a.kohlbecker |
|
17 |
* @since 20.10.2017 |
|
18 |
* |
|
19 |
*/ |
|
20 |
public interface PerEntityAuthorityGrantingEditor { |
|
21 |
|
|
22 |
public void grantToCurrentUser(EnumSet<CRUD> crud); |
|
23 |
|
|
24 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/SpecimenTypeDesignationWorkingsetEditorPresenter.java | ||
---|---|---|
9 | 9 |
package eu.etaxonomy.cdm.vaadin.view.name; |
10 | 10 |
|
11 | 11 |
import java.util.Arrays; |
12 |
import java.util.EnumSet; |
|
12 | 13 |
import java.util.HashSet; |
13 | 14 |
import java.util.Iterator; |
14 | 15 |
import java.util.Set; |
... | ... | |
31 | 32 |
import eu.etaxonomy.cdm.model.occurrence.GatheringEvent; |
32 | 33 |
import eu.etaxonomy.cdm.model.occurrence.SpecimenOrObservationBase; |
33 | 34 |
import eu.etaxonomy.cdm.model.reference.Reference; |
35 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
34 | 36 |
import eu.etaxonomy.cdm.service.CdmFilterablePagingProvider; |
35 | 37 |
import eu.etaxonomy.cdm.service.CdmStore; |
36 | 38 |
import eu.etaxonomy.cdm.vaadin.component.CdmBeanItemContainerFactory; |
... | ... | |
40 | 42 |
import eu.etaxonomy.cdm.vaadin.model.registration.RegistrationTermLists; |
41 | 43 |
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationDTO; |
42 | 44 |
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationWorkingSetDTO; |
45 |
import eu.etaxonomy.cdm.vaadin.security.UserHelper; |
|
43 | 46 |
import eu.etaxonomy.cdm.vaadin.util.CdmTitleCacheCaptionGenerator; |
44 | 47 |
import eu.etaxonomy.cdm.vaadin.util.converter.TypeDesignationSetManager.TypeDesignationWorkingSet; |
45 | 48 |
import eu.etaxonomy.cdm.vaadin.view.registration.RegistrationDTO; |
... | ... | |
63 | 66 |
|
64 | 67 |
private TaxonName typifiedName; |
65 | 68 |
|
69 |
/** |
|
70 |
* if not null, this CRUD set is to be used to create a CdmAuthoritiy for the base entitiy which will be |
|
71 |
* granted to the current use as long this grant is not assigned yet. |
|
72 |
*/ |
|
73 |
private EnumSet<CRUD> crud = null; |
|
74 |
|
|
66 | 75 |
protected CdmStore<Registration, IRegistrationService> getStore() { |
67 | 76 |
if(store == null){ |
68 | 77 |
store = new CdmStore<>(getRepo(), getRepo().getRegistrationService()); |
... | ... | |
87 | 96 |
|
88 | 97 |
SpecimenTypeDesignationWorkingSetDTO workingSetDto; |
89 | 98 |
if(identifier != null){ |
99 |
|
|
90 | 100 |
TypeDesignationWorkingsetEditorIdSet idset = (TypeDesignationWorkingsetEditorIdSet)identifier; |
91 | 101 |
Registration reg = getRepo().getRegistrationService().loadByIds(Arrays.asList(idset.registrationId), null).get(0); |
102 |
|
|
92 | 103 |
if(idset.workingsetId != null){ |
93 | 104 |
RegistrationDTO regDTO = new RegistrationDTO(reg); |
94 | 105 |
// find the working set |
... | ... | |
102 | 113 |
citation = getRepo().getReferenceService().find(idset.publicationId); |
103 | 114 |
typifiedName = getRepo().getNameService().find(idset.typifiedNameId); |
104 | 115 |
} |
116 |
|
|
105 | 117 |
} else { |
106 | 118 |
workingSetDto = null; |
107 | 119 |
} |
... | ... | |
266 | 278 |
} |
267 | 279 |
addCandidates.forEach(std -> reg.addTypeDesignation(std)); |
268 | 280 |
|
281 |
|
|
282 |
if(crud != null){ |
|
283 |
UserHelper.fromSession().createAuthorityForCurrentUser(dto.getFieldUnit(), crud, null); |
|
284 |
} |
|
285 |
|
|
269 | 286 |
getStore().saveBean(reg); |
270 | 287 |
} |
271 | 288 |
|
... | ... | |
309 | 326 |
} |
310 | 327 |
|
311 | 328 |
|
329 |
/** |
|
330 |
* @param crud |
|
331 |
*/ |
|
332 |
public void setGrantsForCurrentUser(EnumSet<CRUD> crud) { |
|
333 |
this.crud = crud; |
|
334 |
|
|
335 |
} |
|
336 |
|
|
337 |
|
|
312 | 338 |
} |
src/main/java/eu/etaxonomy/cdm/vaadin/view/name/SpecimenTypeDesignationWorkingsetPopupEditor.java | ||
---|---|---|
9 | 9 |
package eu.etaxonomy.cdm.vaadin.view.name; |
10 | 10 |
|
11 | 11 |
import java.util.Collection; |
12 |
import java.util.EnumSet; |
|
12 | 13 |
|
13 | 14 |
import org.springframework.security.core.GrantedAuthority; |
14 | 15 |
import org.vaadin.viritin.fields.ElementCollectionField; |
... | ... | |
22 | 23 |
import com.vaadin.ui.TextArea; |
23 | 24 |
import com.vaadin.ui.TextField; |
24 | 25 |
|
26 |
import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; |
|
25 | 27 |
import eu.etaxonomy.cdm.vaadin.component.PartialDateField; |
26 | 28 |
import eu.etaxonomy.cdm.vaadin.component.common.GeoLocationField; |
27 | 29 |
import eu.etaxonomy.cdm.vaadin.component.common.MinMaxTextField; |
... | ... | |
29 | 31 |
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationDTO; |
30 | 32 |
import eu.etaxonomy.cdm.vaadin.model.registration.SpecimenTypeDesignationWorkingSetDTO; |
31 | 33 |
import eu.etaxonomy.cdm.vaadin.security.AccessRestrictedView; |
34 |
import eu.etaxonomy.cdm.vaadin.view.PerEntityAuthorityGrantingEditor; |
|
32 | 35 |
import eu.etaxonomy.vaadin.mvp.AbstractPopupEditor; |
33 | 36 |
|
34 | 37 |
/** |
... | ... | |
38 | 41 |
*/ |
39 | 42 |
public class SpecimenTypeDesignationWorkingsetPopupEditor |
40 | 43 |
extends AbstractPopupEditor<SpecimenTypeDesignationWorkingSetDTO, SpecimenTypeDesignationWorkingsetEditorPresenter> |
41 |
implements SpecimenTypeDesignationWorkingsetPopupEditorView, AccessRestrictedView { |
|
44 |
implements SpecimenTypeDesignationWorkingsetPopupEditorView, AccessRestrictedView, PerEntityAuthorityGrantingEditor {
|
|
42 | 45 |
|
43 | 46 |
/** |
44 | 47 |
* @param layout |
... | ... | |
59 | 62 |
|
60 | 63 |
private ElementCollectionField<SpecimenTypeDesignationDTO> typeDesignationsCollectionField; |
61 | 64 |
|
65 |
private EnumSet<CRUD> crud; |
|
66 |
|
|
62 | 67 |
/** |
63 | 68 |
* @return the countrySelectField |
64 | 69 |
*/ |
... | ... | |
236 | 241 |
} |
237 | 242 |
} |
238 | 243 |
|
244 |
/** |
|
245 |
* {@inheritDoc} |
|
246 |
*/ |
|
247 |
@Override |
|
248 |
public void grantToCurrentUser(EnumSet<CRUD> crud) { |
|
249 |
getPresenter().setGrantsForCurrentUser(crud); |
|
250 |
|
|
251 |
} |
|
252 |
|
|
239 | 253 |
|
240 | 254 |
|
241 | 255 |
|
src/main/java/eu/etaxonomy/cdm/vaadin/view/registration/RegistrationWorkingsetPresenter.java | ||
---|---|---|
295 | 295 |
|
296 | 296 |
if(event.getWorkingSetType() == TypeDesignationWorkingSetType.SPECIMEN_TYPE_DESIGNATION_WORKINGSET ){ |
297 | 297 |
SpecimenTypeDesignationWorkingsetPopupEditor popup = getNavigationManager().showInPopup(SpecimenTypeDesignationWorkingsetPopupEditor.class); |
298 |
popup.withDeleteButton(true); |
|
298 | 299 |
popup.loadInEditor(new TypeDesignationWorkingsetEditorIdSet(event.getRegistrationId(), event.getEntityId())); |
299 | 300 |
} else { |
300 | 301 |
// TypeDesignationWorkingSetType.NAME_TYPE_DESIGNATION_WORKINGSET |
... | ... | |
327 | 328 |
getView().getCitationID(), |
328 | 329 |
typifiedNameId |
329 | 330 |
); |
330 |
popup.loadInEditor(identifierSet
|
|
331 |
);
|
|
331 |
popup.grantToCurrentUser(EnumSet.of(CRUD.UPDATE));
|
|
332 |
popup.loadInEditor(identifierSet);
|
|
332 | 333 |
popup.withDeleteButton(true); |
333 | 334 |
} else { |
334 | 335 |
// TypeDesignationWorkingSetType.NAME_TYPE_DESIGNATION_WORKINGSET |
... | ... | |
353 | 354 |
public void onDoneWithTypeDesignationEditor(DoneWithPopupEvent event) throws RegistrationValidationException{ |
354 | 355 |
if(event.getPopup() instanceof SpecimenTypeDesignationWorkingsetPopupEditor){ |
355 | 356 |
if(event.getReason().equals(Reason.SAVE)){ |
356 |
refreshView();
|
|
357 |
refreshView(); |
|
357 | 358 |
} else if(event.getReason().equals(Reason.CANCEL)){ |
358 | 359 |
// clean up |
359 | 360 |
if(newRegistrationDTOWithExistingName != null){ |
src/main/java/eu/etaxonomy/vaadin/mvp/AbstractPopupEditor.java | ||
---|---|---|
248 | 248 |
// notify the NavigationManagerBean to close the window and to dispose the view |
249 | 249 |
eventBus.publishEvent(new DoneWithPopupEvent(AbstractPopupEditor.this, Reason.SAVE)); |
250 | 250 |
} catch (Exception e) { |
251 |
logger.error(e); |
|
251 | 252 |
throw new CommitException("Failed to store data to backend", e); |
252 | 253 |
} |
253 | 254 |
} |
Also available in: Unified diff
ref #6867 RegistrationWorkingsetEditor: granting UPDATE permissions for SpecimenOrObservationBase entities