| 181 |
181 |
logger.info("inserting first data");
|
| 182 |
182 |
checkAdminUser();
|
| 183 |
183 |
checkDefaultGroups();
|
|
184 |
assureRole_REMOTING_forEditors();
|
| 184 |
185 |
checkMetadata();
|
| 185 |
186 |
firstDataInserted = true;
|
| 186 |
187 |
|
| ... | ... | |
| 286 |
287 |
return admin;
|
| 287 |
288 |
}
|
| 288 |
289 |
|
|
290 |
/**
|
|
291 |
* Assures the {@link Role#ROLE_REMOTING} exists.
|
|
292 |
* <p>
|
|
293 |
* If the role is missing in the db it will be created and added to the Groups <code>Editor</code> and <code>EditorExtendedCreate</code>.
|
|
294 |
* <p>
|
|
295 |
* The role will however not be added to the editor groups in case the role exist but is missing from one of these groups. This allows removal
|
|
296 |
* of the role from the editor groups to withdraw the remote editing permission from editors in general for a project.
|
|
297 |
* <p>
|
|
298 |
* see https://dev.e-taxonomy.eu/redmine/issues/7972
|
|
299 |
*/
|
|
300 |
private void assureRole_REMOTING_forEditors(){
|
|
301 |
|
|
302 |
if(!roleExists(Role.ROLE_REMOTING)){
|
|
303 |
GrantedAuthorityImpl roleRemoting = assureRole(Role.ROLE_REMOTING);
|
|
304 |
Group groupEditor = groupService.load(Group.GROUP_EDITOR_UUID);
|
|
305 |
groupEditor.addGrantedAuthority(roleRemoting);
|
|
306 |
groupService.saveOrUpdate(groupEditor);
|
|
307 |
Group groupEditorExtendedCreate = groupService.load(Group.GROUP_EDITOR_EXTENDED_CREATE_UUID);
|
|
308 |
groupEditorExtendedCreate.addGrantedAuthority(roleRemoting);
|
|
309 |
groupService.saveOrUpdate(groupEditorExtendedCreate);
|
|
310 |
}
|
|
311 |
}
|
|
312 |
|
| 289 |
313 |
private void checkAdminRole(User admin) {
|
| 290 |
314 |
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
|
| 291 |
315 |
|
| ... | ... | |
| 301 |
325 |
}
|
| 302 |
326 |
|
| 303 |
327 |
if(!hasRoleAdmin){
|
| 304 |
|
authorities.add(getRoleAdmin());
|
|
328 |
authorities.add(assureRole(Role.ROLE_ADMIN));
|
| 305 |
329 |
admin.setGrantedAuthorities(authorities);
|
| 306 |
330 |
progressMonitor.subTask("Creating Admins Role");
|
| 307 |
331 |
userService.saveOrUpdate(admin);
|
| ... | ... | |
| 312 |
336 |
/**
|
| 313 |
337 |
* @return
|
| 314 |
338 |
*/
|
| 315 |
|
private GrantedAuthorityImpl getRoleAdmin() {
|
| 316 |
|
GrantedAuthorityImpl role_admin = grantedAuthorityService.find(Role.ROLE_ADMIN.getUuid());
|
| 317 |
|
if(role_admin == null){
|
| 318 |
|
role_admin = Role.ROLE_ADMIN.asNewGrantedAuthority();
|
|
339 |
private GrantedAuthorityImpl assureRole(Role role) {
|
|
340 |
GrantedAuthorityImpl roleLoaded = grantedAuthorityService.find(role.getUuid());
|
|
341 |
if(roleLoaded == null){
|
|
342 |
roleLoaded = grantedAuthorityService.save(role.asNewGrantedAuthority());
|
| 319 |
343 |
}
|
| 320 |
|
return role_admin;
|
|
344 |
return roleLoaded;
|
|
345 |
}
|
|
346 |
|
|
347 |
private boolean roleExists(Role role) {
|
|
348 |
GrantedAuthorityImpl roleLoaded = grantedAuthorityService.find(role.getUuid());
|
|
349 |
return roleLoaded != null;
|
| 321 |
350 |
}
|
| 322 |
351 |
|
| 323 |
352 |
private void createMetadata(){
|
ref #7972 FirstdataInserter adding ROLE_REMOTING to the editor groups