Commit ae125226 authored by oughdi's avatar oughdi
Browse files

Adding RBAC control for access to view sites

parent 962c102e
File added
......@@ -104,6 +104,7 @@
<artifactId>jira-rest-java-client-core</artifactId>
<version>${jiraVersion}</version>
</dependency>
</dependencies>
<build>
......
......@@ -124,6 +124,17 @@ public final class ClusterHome
return listCluster;
}
/**
* Load the data of all the cluster objects without sites and returns them as a list
*
* @return the list which contains the data of all the cluster objects
*/
public static List<Cluster> getClustersListWithoutSites( )
{
return _dao.selectClustersList( _plugin );
}
/**
* Load the id of all the cluster objects and returns them as a list
*
......
......@@ -37,6 +37,9 @@ import javax.validation.constraints.*;
import org.apache.commons.lang.StringUtils;
import org.hibernate.validator.constraints.*;
import fr.paris.lutece.portal.service.rbac.RBACResource;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
......@@ -45,9 +48,12 @@ import java.util.List;
/**
* This is the business class for the object Site.
*/
public class Site extends AbstractReleaserResource implements Serializable
public class Site extends AbstractReleaserResource implements RBACResource, Serializable
{
// RBAC management
public static final String RESOURCE_TYPE = "site";
/** The Constant serialVersionUID. */
private static final long serialVersionUID = 1L;
......@@ -510,5 +516,24 @@ public class Site extends AbstractReleaserResource implements Serializable
// TODO Auto-generated method stub
return getNextReleaseVersion( );
}
/**
* RBAC resource implementation
* @return The resource type code
*/
public String getResourceTypeCode( )
{
return RESOURCE_TYPE;
}
/**
* RBAC resource implementation
* @return The resourceId
*/
public String getResourceId( )
{
return String.valueOf( _nId );
}
}
......@@ -3,6 +3,13 @@ plugin.provider=City of Paris
plugin.description=Releaser components, sites and clusters
#RBAC Resources
rbac.site.resourceType=site
rbac.site.permission.view=View sites
rbac.site.permission.create=Add sites
rbac.site.permission.delete=Delete sites
# Admin features keys
adminFeature.ManageSites.name=ManageSites
......
......@@ -9,6 +9,13 @@ adminFeature.ManageReleaser.name=Mont\u00e9e de version des composants Lut\u00e8
adminFeature.ManageReleaser.description=Mont\u00e9e de version des composants Lut\u00e8ce
#RBAC Resources
rbac.site.resourceType=sites
rbac.site.permission.view=Visualiser les sites
rbac.site.permission.create=Ajouter des sites
rbac.site.permission.delete=Supprimer des sites
# Business classes keys
......
package fr.paris.lutece.plugins.releaser.service;
import java.util.ArrayList;
import java.util.List;
import fr.paris.lutece.plugins.releaser.business.Cluster;
import fr.paris.lutece.plugins.releaser.business.ClusterHome;
import fr.paris.lutece.plugins.releaser.business.Site;
import fr.paris.lutece.plugins.releaser.business.SiteHome;
import fr.paris.lutece.portal.business.user.AdminUser;import fr.paris.lutece.portal.service.rbac.RBACService;
/**
* ClusterService.
*/
public class ClusterService
{
/**
* Load the liste of sites into each cluster object and returns the list of clusters
*
* @return the list which contains the data of all the cluster objects
*/
public static List<Cluster> getClustersListWithSites( AdminUser adminUser)
{
List<Cluster> listCluster = ClusterHome.getClustersList( );
for ( Cluster cluster : listCluster )
{
List<Site> listSite = SiteHome.findByCluster( cluster.getId( ) );
for ( Site site : listSite )
{
cluster.getSites().add( site );
}
}
return listCluster;
}
/**
* Load the liste of sites into each cluster object and returns the list of clusters
*
* @return the list which contains the data of all the cluster objects
*/
public static List<Cluster> getClustersListWithPermissedSites( AdminUser adminUser)
{
List<Cluster> listCluster = ClusterHome.getClustersList( );
List<Cluster> listClusterWithPermissedSites = new ArrayList<Cluster>( );
for ( Cluster cluster : listCluster )
{
Cluster clusterWithPermissedList = cluster;
List<Site> listPermissedSites = new ArrayList<Site>( );
List<Site> listSite = SiteHome.findByCluster( cluster.getId( ) );
for ( Site site : listSite )
{
if ( RBACService.isAuthorized( Site.RESOURCE_TYPE, site.getResourceId(),
SiteResourceIdService.PERMISSION_VIEW, adminUser ) )
{
listPermissedSites.add( site );
}
}
if ( listPermissedSites != null && !listPermissedSites.isEmpty( ) )
{
clusterWithPermissedList.setSites( listPermissedSites );
listClusterWithPermissedSites.add( clusterWithPermissedList );
}
}
return listClusterWithPermissedSites;
}
}
package fr.paris.lutece.plugins.releaser.service;
import java.util.List;
import java.util.Locale;
import fr.paris.lutece.plugins.releaser.business.Site;
import fr.paris.lutece.plugins.releaser.business.SiteHome;
import fr.paris.lutece.portal.service.rbac.Permission;
import fr.paris.lutece.portal.service.rbac.ResourceIdService;
import fr.paris.lutece.portal.service.rbac.ResourceType;
import fr.paris.lutece.portal.service.rbac.ResourceTypeManager;
import fr.paris.lutece.portal.service.util.AppLogService;
import fr.paris.lutece.util.ReferenceList;
/**
*
* class SiteResourceIdService
*
*/
public final class SiteResourceIdService extends ResourceIdService
{
private static final String PROPERTY_LABEL_RESOURCE_TYPE = "releaser.rbac.site.resourceType";
private static final String PROPERTY_LABEL_CREATE = "releaser.rbac.site.permission.create";
private static final String PROPERTY_LABEL_VIEW = "releaser.rbac.site.permission.view";
private static final String PROPERTY_LABEL_DELETE = "releaser.rbac.site.permission.delete";
private static final String PLUGIN_NAME = "releaser";
/** Permission for creating site */
public static final String PERMISSION_ADD = "ADD";
/** Permission for viewing site */
public static final String PERMISSION_VIEW = "VIEW";
/** Permission for deleting site */
public static final String PERMISSION_DELETE = "DELETE";
/** Permission for modifying site */
public static final String PERMISSION_MODIFY = "MODIFY";
/** Creates a new instance of SuggestTypeResourceIdService */
public SiteResourceIdService( )
{
setPluginName( PLUGIN_NAME );
}
@Override
public void register() {
ResourceType rt = new ResourceType( );
rt.setResourceIdServiceClass( SiteResourceIdService.class.getName( ) );
rt.setPluginName( PLUGIN_NAME );
rt.setResourceTypeKey( Site.RESOURCE_TYPE );
rt.setResourceTypeLabelKey( PROPERTY_LABEL_RESOURCE_TYPE );
Permission p = new Permission( );
p.setPermissionKey( PERMISSION_ADD );
p.setPermissionTitleKey( PROPERTY_LABEL_CREATE );
rt.registerPermission( p );
p = new Permission( );
p.setPermissionKey( PERMISSION_VIEW );
p.setPermissionTitleKey( PROPERTY_LABEL_VIEW );
rt.registerPermission( p );
p = new Permission( );
p.setPermissionKey( PERMISSION_DELETE );
p.setPermissionTitleKey( PROPERTY_LABEL_DELETE );
rt.registerPermission( p );
ResourceTypeManager.registerResourceType( rt );
}
@Override
public ReferenceList getResourceIdList(Locale local) {
ReferenceList referenceListSite = new ReferenceList( );
List<Site> listSites = SiteHome.getSitesList();
for ( Site site : listSites )
{
referenceListSite.addItem( site.getId(), site.getName() );
}
return referenceListSite;
}
@Override
public String getTitle( String strId, Locale locale )
{
int nIdSite = -1;
try
{
nIdSite = Integer.parseInt( strId );
}
catch ( NumberFormatException ne )
{
AppLogService.error( ne );
}
Site site = SiteHome.findByPrimaryKey( nIdSite );
return site.getName();
}
}
......@@ -52,6 +52,7 @@ import java.util.concurrent.Future;
import javax.servlet.http.HttpServletRequest;
import javax.xml.bind.JAXBException;
import fr.paris.lutece.plugins.releaser.business.Cluster;
import fr.paris.lutece.plugins.releaser.business.Component;
import fr.paris.lutece.plugins.releaser.business.Dependency;
import fr.paris.lutece.plugins.releaser.business.ReleaserUser;
......@@ -727,5 +728,6 @@ public class SiteService
}
}
}
......@@ -39,9 +39,11 @@ import fr.paris.lutece.plugins.releaser.business.ReleaserUser;
import fr.paris.lutece.plugins.releaser.business.RepositoryType;
import fr.paris.lutece.plugins.releaser.business.Site;
import fr.paris.lutece.plugins.releaser.business.SiteHome;
import fr.paris.lutece.plugins.releaser.service.ClusterService;
import fr.paris.lutece.plugins.releaser.service.SiteService;
import fr.paris.lutece.plugins.releaser.util.ConstanteUtils;
import fr.paris.lutece.plugins.releaser.util.ReleaserUtils;
import fr.paris.lutece.portal.service.admin.AdminUserService;
import fr.paris.lutece.portal.service.message.AdminMessage;
import fr.paris.lutece.portal.service.message.AdminMessageService;
import fr.paris.lutece.portal.util.mvc.admin.annotations.Controller;
......@@ -150,7 +152,10 @@ public class ClusterJspBean extends ManageSitesJspBean
{
_cluster = null;
_site = null;
List<Cluster> listClusters = ClusterHome.getClustersList( );
//List<Cluster> listClusters = ClusterHome.getClustersList( );
List<Cluster> listClusters = ClusterService.getClustersListWithPermissedSites(AdminUserService.getAdminUser(request));
Map<String, Object> model = getPaginatedListModel( request, MARK_CLUSTER_LIST, listClusters, JSP_MANAGE_CLUSTERS );
model.put( ConstanteUtils.MARK_USER, ReleaserUtils.getReleaserUser( request, getLocale( ) ) );
model.put( MARK_IS_APPLICATION_ACCOUNT, ReleaserUtils.isApplicationAccountEnable( ) );
......
......@@ -40,6 +40,15 @@
</admin-feature>
</admin-features>
<!-- RBAC Resources -->
<rbac-resource-types>
<rbac-resource-type>
<rbac-resource-type-class>
fr.paris.lutece.plugins.releaser.service.SiteResourceIdService
</rbac-resource-type-class>
</rbac-resource-type>
</rbac-resource-types>
<!-- Admin css -->
<admin-css-stylesheets>
<admin-css-stylesheet>css/admin/AdminLTEv2.css</admin-css-stylesheet>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment