| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.clerezza.platform.usermanager.webinterface; |
| |
| import java.io.IOException; |
| import java.io.StringWriter; |
| import java.io.UnsupportedEncodingException; |
| import java.net.URISyntaxException; |
| import java.net.URL; |
| import java.net.URLEncoder; |
| import java.security.AccessControlContext; |
| import java.security.AccessControlException; |
| import java.security.AccessController; |
| import java.security.Principal; |
| import java.security.PrivilegedAction; |
| import java.util.ArrayList; |
| import java.util.Arrays; |
| import java.util.HashSet; |
| import java.util.Iterator; |
| import java.util.List; |
| import java.util.Set; |
| import java.util.SortedSet; |
| import java.util.TreeSet; |
| import java.util.concurrent.locks.Lock; |
| import javax.security.auth.Subject; |
| |
| import javax.ws.rs.Consumes; |
| import javax.ws.rs.FormParam; |
| import javax.ws.rs.GET; |
| import javax.ws.rs.POST; |
| import javax.ws.rs.Path; |
| import javax.ws.rs.PathParam; |
| import javax.ws.rs.Produces; |
| import javax.ws.rs.QueryParam; |
| import javax.ws.rs.WebApplicationException; |
| import javax.ws.rs.core.Context; |
| import javax.ws.rs.core.MediaType; |
| import javax.ws.rs.core.Response; |
| import javax.ws.rs.core.UriInfo; |
| import javax.ws.rs.core.Response.ResponseBuilder; |
| import javax.ws.rs.core.Response.Status; |
| |
| import org.apache.clerezza.jaxrs.utils.RedirectUtil; |
| import org.apache.clerezza.jaxrs.utils.TrailingSlash; |
| import org.apache.clerezza.jaxrs.utils.form.MultiPartBody; |
| import org.apache.clerezza.permissiondescriptions.PermissionDescripton; |
| import org.apache.clerezza.permissiondescriptions.PermissionGatherer; |
| import org.apache.clerezza.platform.config.SystemConfig; |
| import org.apache.clerezza.platform.globalmenu.GlobalMenuItem; |
| import org.apache.clerezza.platform.globalmenu.GlobalMenuItemsProvider; |
| import org.apache.clerezza.platform.graphprovider.content.ContentGraphProvider; |
| import org.apache.clerezza.platform.typerendering.RenderletManager; |
| import org.apache.clerezza.platform.typerendering.scalaserverpages.ScalaServerPagesRenderlet; |
| import org.apache.clerezza.platform.usermanager.UserComparator; |
| import org.apache.clerezza.platform.usermanager.UserManager; |
| import org.apache.clerezza.platform.usermanager.webinterface.ontology.USERMANAGER; |
| import org.apache.clerezza.rdf.core.BNode; |
| import org.apache.clerezza.rdf.core.Literal; |
| import org.apache.clerezza.rdf.core.LiteralFactory; |
| import org.apache.clerezza.rdf.core.MGraph; |
| import org.apache.clerezza.rdf.core.NonLiteral; |
| import org.apache.clerezza.rdf.core.PlainLiteral; |
| import org.apache.clerezza.rdf.core.Resource; |
| import org.apache.clerezza.rdf.core.Triple; |
| import org.apache.clerezza.rdf.core.UriRef; |
| import org.apache.clerezza.rdf.core.access.LockableMGraph; |
| import org.apache.clerezza.rdf.core.access.security.TcPermission; |
| import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl; |
| import org.apache.clerezza.rdf.core.impl.SimpleMGraph; |
| import org.apache.clerezza.rdf.core.impl.TripleImpl; |
| import org.apache.clerezza.rdf.core.sparql.ParseException; |
| import org.apache.clerezza.rdf.ontologies.DC; |
| import org.apache.clerezza.rdf.ontologies.DCTERMS; |
| import org.apache.clerezza.rdf.ontologies.FOAF; |
| import org.apache.clerezza.rdf.ontologies.LIST; |
| import org.apache.clerezza.rdf.ontologies.PERMISSION; |
| import org.apache.clerezza.rdf.ontologies.PLATFORM; |
| import org.apache.clerezza.rdf.ontologies.RDF; |
| import org.apache.clerezza.rdf.utils.GraphNode; |
| import org.apache.clerezza.rdf.utils.RdfList; |
| import org.apache.clerezza.rdf.utils.UnionMGraph; |
| import org.apache.clerezza.utils.customproperty.CustomProperty; |
| import org.apache.clerezza.utils.customproperty.ontology.CUSTOMPROPERTY; |
| import org.apache.clerezza.web.fileserver.BundlePathNode; |
| import org.apache.clerezza.web.fileserver.FileServer; |
| import org.apache.felix.scr.annotations.Component; |
| import org.apache.felix.scr.annotations.Property; |
| import org.apache.felix.scr.annotations.Reference; |
| import org.apache.felix.scr.annotations.Service; |
| import org.apache.felix.scr.annotations.Services; |
| import org.osgi.framework.Bundle; |
| import org.osgi.service.component.ComponentContext; |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| import org.wymiwyg.commons.util.dirbrowser.PathNode; |
| |
| /** |
| * @author koersgen, hasan, tio |
| */ |
| @Component(metatype=true) |
| @Services({ |
| @Service(value=Object.class), |
| @Service(value=GlobalMenuItemsProvider.class) |
| }) |
| @Property(name="javax.ws.rs", boolValue=true) |
| @Path("/admin/users") |
| public class UserManagerWeb implements GlobalMenuItemsProvider { |
| |
| @Reference(target=SystemConfig.SYSTEM_GRAPH_FILTER) |
| private LockableMGraph systemGraph; |
| |
| @Reference |
| private RenderletManager renderletManager; |
| |
| @Reference |
| private PermissionGatherer permGatherer; |
| |
| @Reference |
| private ContentGraphProvider cgProvider; |
| |
| @Reference |
| private UserManager userManager; |
| |
| @Reference |
| private CustomProperty customPropertyManager; |
| |
| private final Logger logger = LoggerFactory.getLogger(getClass()); |
| private FileServer fileServer; |
| |
| private final static String ALL_PERMISSION_ENTRY_STRING = "(java.security.AllPermission \"\" \"\")"; |
| |
| protected void activate(final ComponentContext context) throws IOException, |
| URISyntaxException { |
| Bundle bundle = context.getBundleContext().getBundle(); |
| URL resourceDir = getClass().getResource("staticweb"); |
| PathNode pathNode = new BundlePathNode(bundle, resourceDir.getPath()); |
| logger.info("Initializing file server for {} ({})", resourceDir, |
| resourceDir.getFile()); |
| |
| fileServer = new FileServer(pathNode); |
| |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "user-overview-template.ssp").toURI().toString()), |
| USERMANAGER.UserOverviewPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource("add-user-template.ssp") |
| .toURI().toString()), |
| USERMANAGER.AddUserPage, "naked", MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "user-permission-template.ssp").toURI().toString()), |
| USERMANAGER.UserPermissionPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "update-user-template.ssp").toURI().toString()), |
| USERMANAGER.UpdateUserPage, "naked", MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "custom-property-template.ssp").toURI().toString()), |
| USERMANAGER.CustomFieldPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "role-overview-template.ssp").toURI().toString()), |
| USERMANAGER.RoleOverviewPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "role-permission-template.ssp").toURI().toString()), |
| USERMANAGER.RolePermissionPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "add-property-template.ssp").toURI().toString()), |
| USERMANAGER.AddCustomPropertyPage,"naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| renderletManager |
| .registerRenderlet(ScalaServerPagesRenderlet.class.getName(), |
| new UriRef(getClass().getResource( |
| "custom-user-infos-template.ssp").toURI().toString()), |
| USERMANAGER.CustomUserInformationPage, "naked", |
| MediaType.APPLICATION_XHTML_XML_TYPE, true); |
| } |
| |
| @GET |
| public Response userMgmtHome(@Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| if (uriInfo.getAbsolutePath().toString().endsWith("/")) { |
| return RedirectUtil.createSeeOtherResponse("list-users", uriInfo); |
| } |
| return RedirectUtil.createSeeOtherResponse("users/list-users", |
| uriInfo); |
| } |
| |
| @GET |
| @Path("list-users") |
| public GraphNode listUsers(@QueryParam(value = "from") Integer from, |
| @QueryParam(value = "to") Integer to, @Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| MGraph resultGraph = new SimpleMGraph(); |
| |
| Iterator<NonLiteral> users = userManager.getUsers(); |
| SortedSet<GraphNode> sortedSet = new TreeSet<GraphNode>( |
| new UserComparator()); |
| Lock readLock = systemGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| while (users.hasNext()) { |
| sortedSet.add(new GraphNode(users.next(), systemGraph)); |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| List<GraphNode> userList = new ArrayList<GraphNode>(); |
| userList.addAll(sortedSet); |
| |
| if (from == null || from < 0) { |
| logger.debug("Query parameter from is null or negative, set to 1"); |
| from = 0; |
| } |
| if (to == null || to < 0) { |
| logger.debug("Query parameter to is null or negative, set to 10"); |
| to = 10; |
| } |
| if (to > userList.size()) { |
| to = userList.size(); |
| } |
| |
| int prevFrom = from - 10; |
| int nextTo = to + 10; |
| |
| if (prevFrom < 0) { |
| prevFrom = 0; |
| } |
| if (nextTo > userList.size()) { |
| nextTo = userList.size(); |
| } |
| |
| NonLiteral userOverviewPage = new BNode(); |
| List<Resource> resultList = new RdfList(userOverviewPage, resultGraph); |
| for (int i = from; i < to; i++) { |
| resultList.add(userList.get(i).getNode()); |
| } |
| |
| UnionMGraph unionGraph = new UnionMGraph(resultGraph, systemGraph); |
| |
| GraphNode result = new GraphNode(userOverviewPage, unionGraph); |
| |
| result.addProperty(RDF.type, USERMANAGER.UserOverviewPage); |
| result.addProperty(RDF.type, PLATFORM.HeadedPage); |
| result.addProperty(LIST.predecessor, new UriRef(uriInfo |
| .getAbsolutePath().toString() |
| + "?from=" + prevFrom + "&to=" + from)); |
| result.addProperty(LIST.successor, new UriRef(uriInfo.getAbsolutePath() |
| .toString() |
| + "?from=" + to + "&to=" + nextTo)); |
| result.addProperty(LIST.indexFrom, LiteralFactory.getInstance() |
| .createTypedLiteral(from)); |
| result.addProperty(LIST.indexTo, LiteralFactory.getInstance() |
| .createTypedLiteral(to)); |
| result.addProperty(LIST.length, LiteralFactory.getInstance() |
| .createTypedLiteral(sortedSet.size())); |
| |
| return result; |
| } |
| |
| @GET |
| @Path("add-user") |
| public GraphNode addUser(@Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral addUserPage = new BNode(); |
| |
| resultGraph.add(new TripleImpl(addUserPage, RDF.type, |
| USERMANAGER.AddUserPage)); |
| resultGraph.add(new TripleImpl(addUserPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| Lock readLock = contentGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| Iterator<Triple> formFields = contentGraph.filter(null, RDF.type, |
| USERMANAGER.UserFormField); |
| while (formFields.hasNext()) { |
| resultGraph.add(new TripleImpl(addUserPage, |
| CUSTOMPROPERTY.customfield, formFields.next().getSubject())); |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| |
| GraphNode result = new GraphNode(addUserPage, new UnionMGraph( |
| resultGraph, systemGraph, contentGraph)); |
| addAvailableRoles(result); |
| return result; |
| } |
| |
| @POST |
| @Consumes("multipart/form-data") |
| @Path("add-user") |
| public Response addUser(MultiPartBody form, @Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| String userName = form.getTextParameterValues("userName")[0]; |
| String email = form.getTextParameterValues("email")[0]; |
| String pathPrefix = form.getTextParameterValues("pathPrefix")[0]; |
| String psw = form.getTextParameterValues("psw")[0]; |
| String[] userRole = form.getTextParameterValues("userRoles"); |
| |
| List<String> userRoles = Arrays.asList(userRole); |
| |
| String currentUserName = getCurrentUserName(); |
| //Checks if logged in user has all permissions. |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(currentUserName); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| |
| Set<String> currentUserRoleTitles = retrieveRoleTitlesOfUser(getCurrentUserName()); |
| //Current user is not associated with the following roles. |
| Set<String> remainingRoles = new HashSet<String>(userRoles); |
| remainingRoles.removeAll(currentUserRoleTitles); |
| if(!currentUserHasAllPermission && remainingRoles.size() > 0) { |
| return Response.status(Status.FORBIDDEN).entity("You don't have the " |
| + "permissions to add these roles to a user.").build(); |
| } |
| |
| StringWriter writer = new StringWriter(); |
| checkParamLength(writer, userName, "Username"); |
| checkQuote(writer, userName, "Username"); |
| checkParamLength(writer, email, "Email"); |
| checkQuote(writer, email, "Email"); |
| checkQuote(writer, pathPrefix, "Path-Prefix"); |
| checkParamLength(writer, psw, "Password"); |
| checkQuote(writer, psw, "Password"); |
| String message = writer.toString(); |
| if (!message.isEmpty()) { |
| returnInputErrorMessages(message); |
| } |
| userManager.storeUser(userName, email, psw, userRoles, pathPrefix); |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| NonLiteral user = new BNode(); |
| |
| Lock writeLock = contentGraph.getLock().writeLock(); |
| writeLock.lock(); |
| try { |
| contentGraph.add(new TripleImpl(user, RDF.type, FOAF.Agent)); |
| contentGraph.add(new TripleImpl(user, PLATFORM.userName, new PlainLiteralImpl( |
| userName))); |
| } finally { |
| writeLock.unlock(); |
| } |
| |
| saveCustomUserInformation(contentGraph, userName, userRoles, form); |
| return RedirectUtil.createSeeOtherResponse("list-users", uriInfo); |
| } |
| |
| private Set<String> retrieveRoleTitlesOfUser(String userName) { |
| NonLiteral user = userManager.getUserByName(userName); |
| Iterator<NonLiteral> roles = userManager.getRolesOfUser(user); |
| Set<String> userRoleTitles = new HashSet<String>(); |
| Lock lock = systemGraph.getLock().readLock(); |
| lock.lock(); |
| try { |
| while(roles.hasNext()) { |
| Iterator<Triple> titles = systemGraph.filter(roles.next(), DC.title, null); |
| if(titles.hasNext()) { |
| userRoleTitles.add(((Literal) titles.next().getObject()).getLexicalForm()); |
| } |
| } |
| } finally { |
| lock.unlock(); |
| } |
| return userRoleTitles; |
| } |
| |
| private void saveCustomUserInformation(LockableMGraph contentGraph, |
| String userName, List<String> roles, MultiPartBody form) { |
| NonLiteral user = getCustomUser(contentGraph, userName); |
| if (user != null) { |
| for (int i = 0; i < roles.size(); i++) { |
| NonLiteral collection = customPropertyManager |
| .getCustomPropertyCollection(PERMISSION.Role, roles |
| .get(i)); |
| ArrayList<UriRef> customproperties = customPropertyManager.getPropertiesOfCollection(collection); |
| for (UriRef property : customproperties) { |
| String[] values = form.getTextParameterValues(property.getUnicodeString()); |
| Lock writeLock = contentGraph.getLock().writeLock(); |
| writeLock.lock(); |
| try { |
| Iterator<Triple> actualValues = contentGraph.filter(user, |
| property, null); |
| while (actualValues.hasNext()) { |
| contentGraph.remove(actualValues.next()); |
| } |
| for (int k = 0; k < values.length; k++) { |
| contentGraph.add(new TripleImpl(user, property, |
| LiteralFactory.getInstance().createTypedLiteral(values[k]))); |
| } |
| } finally { |
| writeLock.unlock(); |
| } |
| } |
| } |
| } else { |
| System.out.println("No such user in Database"); |
| } |
| } |
| |
| private NonLiteral getCustomUser(LockableMGraph contentGraph, String userName) { |
| Lock readLock = contentGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| Iterator<Triple> users = contentGraph.filter(null, PLATFORM.userName, |
| new PlainLiteralImpl(userName.trim())); |
| if (users.hasNext()) { |
| return users.next().getSubject(); |
| } else { |
| return null; |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| } |
| |
| /** |
| * @return {@link GraphNode} |
| * @throws ParseException |
| */ |
| |
| @GET |
| @Path("custom-user") |
| @Produces("text/plain") |
| public GraphNode getRelevantCustomInformation( |
| @QueryParam(value = "resource") UriRef resource, |
| @QueryParam(value = "roles") String roles, |
| @QueryParam(value = "user") String userName, |
| @Context UriInfo uriInfo) throws ParseException { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral node = new BNode(); |
| |
| resultGraph.add(new TripleImpl(resource, USERMANAGER.custominformation, |
| node)); |
| resultGraph.add(new TripleImpl(node, RDF.type, |
| USERMANAGER.CustomUserInformationPage)); |
| |
| ArrayList<NonLiteral> customfields = new ArrayList<NonLiteral>(); |
| |
| if (!roles.equals("") && roles.trim().length() > 0) { |
| String[] rolesArray = roles.split(","); |
| for (int i = 0; i < rolesArray.length; i++) { |
| NonLiteral collection = customPropertyManager |
| .getCustomPropertyCollection(PERMISSION.Role, |
| rolesArray[i]); |
| customfields.addAll(customPropertyManager |
| .getCustomfieldsOfCollection(collection)); |
| } |
| } |
| |
| for (NonLiteral customField : customfields) { |
| UriRef property = customPropertyManager |
| .getCustomFieldProperty(customField); |
| |
| if (userName != null && !userName.equals("") |
| && userName.trim().length() > 0) { |
| NonLiteral user = getCustomUser(contentGraph, userName); |
| if (user != null) { |
| Lock readLock = contentGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| Iterator<Triple> values = contentGraph.filter(user, |
| property, null); |
| while (values.hasNext()) { |
| Resource value = values.next().getObject(); |
| resultGraph.add(new TripleImpl(customField, |
| CUSTOMPROPERTY.actualvalues, value)); |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| |
| } |
| } |
| resultGraph.add(new TripleImpl(node, CUSTOMPROPERTY.customfield, |
| customField)); |
| } |
| return new GraphNode(node, new UnionMGraph(resultGraph, contentGraph)); |
| } |
| |
| private boolean checkParamLength(StringWriter writer, String param, |
| String paramName) { |
| if ((param == null) || (param.trim().length() == 0)) { |
| writer.append("<p>" + paramName + " may not be null</p>"); |
| return false; |
| } |
| return true; |
| } |
| |
| private boolean checkQuote(StringWriter writer, String param, |
| String paramName) { |
| if ((param != null) && param.contains("\"")) { |
| writer.append("<p>" + paramName + " may not contain \"</p>"); |
| return false; |
| } |
| return true; |
| } |
| |
| private void returnInputErrorMessages(String message) { |
| ResponseBuilder responseBuilder = Response |
| .ok("<html><body><p>Input Error(s):</p>" + message |
| + "</body></html>"); |
| throw new WebApplicationException(responseBuilder.build()); |
| } |
| |
| @POST |
| @Path("delete-user") |
| public Response deleteUser(@FormParam(value = "userName") String userName, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| checkUserParam(userName); |
| userManager.deleteUser(userName); |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| NonLiteral user = getCustomUser(contentGraph, userName); |
| if (user != null) { |
| Lock writeLock = contentGraph.getLock().writeLock(); |
| writeLock.lock(); |
| try { |
| Iterator<Triple> userTriples = contentGraph.filter(user, null, null); |
| while (userTriples.hasNext()) { |
| userTriples.next(); |
| userTriples.remove(); |
| } |
| } finally { |
| writeLock.unlock(); |
| } |
| } |
| return RedirectUtil.createSeeOtherResponse("list-users", uriInfo); |
| } |
| |
| private void checkUserParam(String userName) { |
| StringWriter writer = new StringWriter(); |
| checkParamLength(writer, userName, "Username"); |
| checkQuote(writer, userName, "Username"); |
| String message = writer.toString(); |
| if (!message.isEmpty()) { |
| returnInputErrorMessages(message); |
| } |
| } |
| |
| /** |
| * show page to manage user permissionEntries |
| */ |
| @GET |
| @Path("manage-user-permissions") |
| public GraphNode manageUserPermissions( |
| @QueryParam(value = "userName") String userName, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral userPermissionPage = new BNode(); |
| Iterator<PermissionDescripton> permDescs = permGatherer.getAllPermissionDescriptors(); |
| while(permDescs.hasNext()) { |
| PermissionDescripton desc = permDescs.next(); |
| BNode providedPermission = new BNode(); |
| resultGraph.add(new TripleImpl(userPermissionPage, |
| USERMANAGER.permission, providedPermission)); |
| |
| resultGraph.add(new TripleImpl(providedPermission, |
| PERMISSION.javaPermissionEntry, new PlainLiteralImpl(desc.getJavaPermissionString()))); |
| |
| resultGraph.add(new TripleImpl(providedPermission, |
| DCTERMS.title, new PlainLiteralImpl(desc.getSimpleName()))); |
| |
| resultGraph.add(new TripleImpl(providedPermission, |
| DCTERMS.description, new PlainLiteralImpl(desc.getDescription()))); |
| } |
| resultGraph.add(new TripleImpl(userPermissionPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| resultGraph.add(new TripleImpl(userPermissionPage, RDF.type, |
| USERMANAGER.UserPermissionPage)); |
| |
| NonLiteral user = userManager.getUserByName(userName); |
| if (user != null) { |
| resultGraph.add(new TripleImpl(userPermissionPage, |
| USERMANAGER.user, user)); |
| Iterator<NonLiteral> permissions = userManager |
| .getPermissionsOfUser(user); |
| return new GraphNode(userPermissionPage, new UnionMGraph( |
| resultGraph, systemGraph)); |
| |
| } |
| throw new WebApplicationException(Response.status(Status.NOT_FOUND) |
| .entity("User " + userName + "does not exist in our database") |
| .build()); |
| } |
| |
| /** |
| * update user permissionEntries |
| */ |
| @POST |
| @Path("update-user-permissions") |
| public Response updateUserPermissions( |
| @FormParam(value = "name") String userName, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkUserParam(userName); |
| |
| //Retrieves permissions of the current user. |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| |
| //Retrieves the current permissions of the specified user |
| Iterator<NonLiteral> permissions = userManager.getPermissionsOfUser(userManager.getUserByName(userName)); |
| Set<String> oldPermissionEntries = new HashSet<String>(); |
| retrievePermissionEntries(oldPermissionEntries, permissions); |
| |
| //Permission, which are already assigned to the specified user. |
| Set<String> addedEntries = new HashSet<String>(oldPermissionEntries); |
| addedEntries.retainAll(permissionEntries); |
| availablePermissionEntries.addAll(addedEntries); |
| //Permissions, which should be removed. |
| Set<String> removedEntries = new HashSet<String>(oldPermissionEntries); |
| removedEntries.removeAll(permissionEntries); |
| boolean containsRemovedEntries = availablePermissionEntries.containsAll(removedEntries); |
| if(!currentUserHasAllPermission && (!availablePermissionEntries.containsAll( |
| permissionEntries) || !containsRemovedEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to assign " |
| + "the specified permissions to the user " + userName + ".").build(); |
| } |
| |
| userManager.deleteAllPermissionsOfUser(userName); |
| userManager.assignPermissionsToUser(userName, permissionEntries); |
| return Response.status(Status.CREATED).build(); |
| |
| } |
| |
| private String getCurrentUserName() { |
| final AccessControlContext userContext = AccessController.getContext(); |
| Subject subject = AccessController.doPrivileged( |
| new PrivilegedAction<Subject> (){ |
| @Override |
| public Subject run() { |
| return Subject.getSubject(userContext); |
| } |
| }); |
| if (subject == null) { |
| return null; |
| } |
| Iterator<Principal> iter = subject.getPrincipals().iterator(); |
| String name = null; |
| |
| if (iter.hasNext()) { |
| name = iter.next().getName(); |
| } |
| return name; |
| } |
| |
| private Set<String> retrieveAllPermissionEntriesFromUser(String userName) { |
| Set<String> permissionEntries = new HashSet<String>(); |
| NonLiteral currentUser = (NonLiteral) userManager.getUserInSystemGraph(userName).getNode(); |
| Iterator<NonLiteral> roles = userManager.getRolesOfUser(currentUser); |
| while(roles.hasNext()) { |
| Iterator<NonLiteral> permissions = userManager.getPermissionsOfRole(roles.next()); |
| retrievePermissionEntries(permissionEntries, permissions); |
| } |
| |
| Iterator<NonLiteral> permissions = userManager.getPermissionsOfUser(currentUser); |
| retrievePermissionEntries(permissionEntries, permissions); |
| return permissionEntries; |
| } |
| |
| private void retrievePermissionEntries(Set<String> permissionEntries, Iterator<NonLiteral> permissions) { |
| while(permissions.hasNext()) { |
| NonLiteral permission = permissions.next(); |
| Lock lock = systemGraph.getLock().readLock(); |
| lock.lock(); |
| try { |
| Iterator<Triple> triples = systemGraph.filter(permission, PERMISSION.javaPermissionEntry, null); |
| if(triples.hasNext()) { |
| Literal entry = (Literal) triples.next().getObject(); |
| permissionEntries.add(entry.getLexicalForm()); |
| } |
| } finally { |
| lock.unlock(); |
| } |
| } |
| } |
| |
| |
| /** |
| * add user permissionEntries |
| */ |
| @POST |
| @Path("add-user-permissions") |
| public Response addUserPermissions( |
| @FormParam(value = "name") String userName, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkUserParam(userName); |
| |
| //Retrieves permissions from current user. |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| if(!currentUserHasAllPermission && !availablePermissionEntries.containsAll(permissionEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to assign " |
| + "the specified permissions to the user " + userName + ".").build(); |
| } |
| |
| userManager.assignPermissionsToUser(userName, permissionEntries); |
| try { |
| return RedirectUtil.createSeeOtherResponse( |
| "manage-user-permissions?userName=" |
| + URLEncoder.encode(userName, "UTF-8"), uriInfo); |
| } catch (UnsupportedEncodingException ex) { |
| throw new RuntimeException(ex); |
| } |
| } |
| |
| /** |
| * delete user permissionEntries |
| */ |
| @POST |
| @Path("delete-user-permissions") |
| public Response deleteUserPermissions( |
| @FormParam(value = "name") String userName, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkUserParam(userName); |
| |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| if(!currentUserHasAllPermission && !availablePermissionEntries.containsAll(permissionEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to delete " |
| + "the specified permissions from the user " + userName + ". Refresh the page to get the correct permissions.").build(); |
| } |
| |
| userManager.deletePermissionsOfUser(userName, permissionEntries); |
| try { |
| return RedirectUtil.createSeeOtherResponse( |
| "manage-user-permissions?userName=" |
| + URLEncoder.encode(userName, "UTF-8"), uriInfo); |
| } catch (UnsupportedEncodingException ex) { |
| throw new RuntimeException(ex); |
| } |
| } |
| |
| @GET |
| @Path("update-user") |
| public GraphNode updateUser( |
| @QueryParam(value = "userName") String userName, |
| @Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| NonLiteral user = userManager.getUserByName(userName); |
| if (user != null) { |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral updateUserPage = new BNode(); |
| resultGraph.add(new TripleImpl(updateUserPage, RDF.type, |
| USERMANAGER.UpdateUserPage)); |
| resultGraph.add(new TripleImpl(updateUserPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| |
| |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| resultGraph.add(new TripleImpl(updateUserPage, USERMANAGER.user, |
| user)); |
| |
| Iterator<NonLiteral> userRoles = userManager |
| .getRolesOfUser(user); |
| |
| ArrayList<NonLiteral> customfields = new ArrayList<NonLiteral>(); |
| |
| while (userRoles.hasNext()) { |
| customfields.addAll(customPropertyManager |
| .getCustomfieldsOfCollection(customPropertyManager |
| .getCustomPropertyCollection(PERMISSION.Role, |
| userRoles.next().toString()))); |
| } |
| for (NonLiteral customfield : customfields) { |
| resultGraph.add(new TripleImpl(updateUserPage, |
| CUSTOMPROPERTY.customfield, customfield)); |
| UriRef property = customPropertyManager.getCustomFieldProperty(customfield); |
| NonLiteral contentUser = getCustomUser(contentGraph, userName); |
| |
| Lock readLock = contentGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| Iterator<Triple> values = contentGraph.filter(contentUser, |
| property, null); |
| while (values.hasNext()) { |
| PlainLiteral value = (PlainLiteral) values.next().getObject(); |
| resultGraph.add(new TripleImpl(customfield, |
| CUSTOMPROPERTY.actualvalues, value)); |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| } |
| GraphNode result = new GraphNode(updateUserPage, |
| new UnionMGraph(resultGraph, systemGraph, contentGraph)); |
| addAvailableRoles(result); |
| return result; |
| } |
| throw new WebApplicationException(Response.status(Status.NOT_FOUND).entity("User " + userName + " does not exist in our database").build()); |
| } |
| |
| @POST |
| @Consumes("multipart/form-data") |
| @Path("update-user") |
| public Response updateUser(MultiPartBody form, @Context UriInfo uriInfo) |
| throws UnsupportedEncodingException { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| String userName = getTextParamValueOfForm(form, 0, "userName"); |
| String pathPrefix = getTextParamValueOfForm(form, 0, "pathPrefix"); |
| String[] userRole = form.getTextParameterValues("userRoles"); |
| List<String> userRoleList = Arrays.asList(userRole); |
| String email = getTextParamValueOfForm(form, 0, "email"); |
| |
| if (email != null) { |
| email = email.replaceAll("mailto:", ""); |
| } |
| NonLiteral user = (NonLiteral) userManager.getUserInSystemGraph(userName).getNode(); |
| if (user != null) { |
| |
| //Check if the currently logged in user has the all permissions |
| String currentUserName = getCurrentUserName(); |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(currentUserName); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| |
| //Retrieve all currently assigned roles of the specified user |
| Set<String> oldRoles = retrieveRoleTitlesOfUser(userName); |
| Set<String> currentUserRoleTitles = retrieveRoleTitlesOfUser(getCurrentUserName()); |
| |
| //Roles, which are already assigned |
| Set<String> alreadyAssignedRoles = new HashSet<String>(oldRoles); |
| alreadyAssignedRoles.retainAll(userRoleList); |
| currentUserRoleTitles.addAll(alreadyAssignedRoles); |
| |
| //Roles, which are currently assigned but removed after the update. |
| Set<String> removedRoles = new HashSet<String>(oldRoles); |
| removedRoles.removeAll(userRoleList); |
| boolean containsRemovedRoles = currentUserRoleTitles.containsAll(removedRoles); |
| |
| if(!currentUserHasAllPermission && (!currentUserRoleTitles.containsAll(userRoleList) |
| || !containsRemovedRoles)) { |
| return Response.status(Status.FORBIDDEN).entity("You don't have the " |
| + "permission to assign these permissions to the user.").build(); |
| } |
| userManager.updateUser(userName, email, null, userRoleList, |
| pathPrefix); |
| LockableMGraph contentGraph = (LockableMGraph) cgProvider.getContentGraph(); |
| saveCustomUserInformation(contentGraph, userName, userRoleList, form); |
| return RedirectUtil.createSeeOtherResponse("list-users", uriInfo); |
| } |
| return Response.status(Status.NOT_FOUND).entity( |
| "User " + userName + "does not exist in our database").build(); |
| } |
| |
| private String getTextParamValueOfForm(MultiPartBody form, int index, |
| String paramName) { |
| String value = form.getTextParameterValues(paramName)[index]; |
| return value.trim().length() > 0 ? value : null; |
| } |
| |
| @GET |
| @Path("list-roles") |
| public GraphNode listRoles(@Context UriInfo uriInfo) { |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral roleOverviewPage = new BNode(); |
| resultGraph.add(new TripleImpl(roleOverviewPage, RDF.type, |
| USERMANAGER.RoleOverviewPage)); |
| resultGraph.add(new TripleImpl(roleOverviewPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| |
| GraphNode result = new GraphNode(roleOverviewPage, |
| new UnionMGraph(resultGraph, systemGraph, cgProvider.getContentGraph())); |
| addAvailableRoles(result); |
| addBaseRoles(result); |
| |
| |
| |
| return result; |
| |
| } |
| |
| /** |
| * add role |
| * |
| * @param roleTitle |
| * the title of the new role to add |
| */ |
| @POST |
| @Path("add-role") |
| public Response addRole(@FormParam(value = "roleTitle") String title, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| StringWriter writer = new StringWriter(); |
| checkParamLength(writer, title, "Role title"); |
| checkQuote(writer, title, "Role title"); |
| |
| if (userManager.roleExists(title)) { |
| writer.append("<p>Role with title " + title + " exists</p>"); |
| } |
| String message = writer.toString(); |
| if (!message.isEmpty()) { |
| returnInputErrorMessages(message); |
| } |
| userManager.storeRole(title); |
| |
| return RedirectUtil.createSeeOtherResponse("list-roles", uriInfo); |
| } |
| |
| /** |
| * delete role |
| * |
| * @param roleTitle |
| * the title of the role to delete |
| */ |
| @POST |
| @Path("delete-role") |
| public Response deleteRole(@FormParam(value = "roleTitle") String title, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| checkRoleParam(title); |
| userManager.deleteRole(title); |
| return RedirectUtil.createSeeOtherResponse("list-roles", uriInfo); |
| } |
| |
| private void checkRoleParam(String title) { |
| StringWriter writer = new StringWriter(); |
| checkParamLength(writer, title, "Role title"); |
| checkQuote(writer, title, "Role title"); |
| |
| String message = writer.toString(); |
| if (!message.isEmpty()) { |
| returnInputErrorMessages(message); |
| } |
| } |
| |
| /** |
| * show page to manage role permissionEntries |
| */ |
| @GET |
| @Path("manage-role-permissions") |
| public GraphNode manageRolePermissions( |
| @QueryParam(value = "roleTitle") String title, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral rolePermissionPage = new BNode(); |
| Iterator<PermissionDescripton> permDescs = permGatherer.getAllPermissionDescriptors(); |
| while(permDescs.hasNext()) { |
| PermissionDescripton desc = permDescs.next(); |
| BNode providedPermission = new BNode(); |
| resultGraph.add(new TripleImpl(rolePermissionPage, |
| USERMANAGER.permission, providedPermission)); |
| resultGraph.add(new TripleImpl(providedPermission, |
| PERMISSION.javaPermissionEntry, new PlainLiteralImpl(desc.getJavaPermissionString()))); |
| resultGraph.add(new TripleImpl(providedPermission, |
| DCTERMS.title, new PlainLiteralImpl(desc.getSimpleName()))); |
| resultGraph.add(new TripleImpl(providedPermission, |
| DCTERMS.description, new PlainLiteralImpl(desc.getDescription()))); |
| } |
| |
| resultGraph.add(new TripleImpl(rolePermissionPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| resultGraph.add(new TripleImpl(rolePermissionPage, RDF.type, |
| USERMANAGER.RolePermissionPage)); |
| |
| NonLiteral role = userManager.getRoleByTitle(title); |
| if (role != null) { |
| resultGraph.add(new TripleImpl(rolePermissionPage, |
| USERMANAGER.role, role)); |
| return new GraphNode(rolePermissionPage, new UnionMGraph( |
| resultGraph, systemGraph)); |
| |
| } |
| throw new WebApplicationException(Response.status(Status.NOT_FOUND) |
| .entity("Role " + role + "does not exist in our database") |
| .build()); |
| } |
| |
| /** |
| * add role permissionEntries |
| */ |
| @POST |
| @Path("add-role-permissions") |
| public Response addRolePermissions( |
| @FormParam(value = "roleTitle") String title, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkRoleParam(title); |
| //Retrieves permissions from current user |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| if(!currentUserHasAllPermission && !availablePermissionEntries.containsAll(permissionEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to assign " |
| + "the specified permissions to the role " + title + ".").build(); |
| } |
| |
| userManager.assignPermissionsToRole(title, permissionEntries); |
| try { |
| return RedirectUtil.createSeeOtherResponse( |
| "manage-role-permissions?roleTitle=" |
| + URLEncoder.encode(title, "UTF-8"), uriInfo); |
| } catch (UnsupportedEncodingException ex) { |
| throw new RuntimeException(ex); |
| } |
| } |
| |
| /** |
| * delete role permissionEntries |
| */ |
| @POST |
| @Path("delete-role-permissions") |
| public Response deleteRolePermissions( |
| @FormParam(value = "roleTitle") String title, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkRoleParam(title); |
| |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| if(!currentUserHasAllPermission && !availablePermissionEntries.containsAll(permissionEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to delete " |
| + "the specified permissions from the role " + title + ".").build(); |
| } |
| |
| userManager.deletePermissionsOfRole(title, permissionEntries); |
| try { |
| return RedirectUtil.createSeeOtherResponse( |
| "manage-role-permissions?roleTitle=" |
| + URLEncoder.encode(title, "UTF-8"), uriInfo); |
| } catch (UnsupportedEncodingException ex) { |
| throw new RuntimeException(ex); |
| } |
| } |
| |
| /** |
| * update role permissionEntries |
| */ |
| @POST |
| @Path("update-role-permissions") |
| public Response updateRolePermissions( |
| @FormParam(value = "roleTitle") String title, |
| @FormParam(value = "permEntries") List<String> permissionEntries, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| AccessController.checkPermission(new PermissionManagerAccessPermission()); |
| checkRoleParam(title); |
| |
| Set<String> availablePermissionEntries = retrieveAllPermissionEntriesFromUser(getCurrentUserName()); |
| boolean currentUserHasAllPermission = availablePermissionEntries.contains(ALL_PERMISSION_ENTRY_STRING); |
| Iterator<NonLiteral> permissions = userManager.getPermissionsOfRole( |
| userManager.getRoleByTitle(title)); |
| |
| Set<String> oldPermissionEntries = new HashSet<String>(); |
| retrievePermissionEntries(oldPermissionEntries, permissions); |
| |
| Set<String> addEntries = new HashSet<String>(oldPermissionEntries); |
| addEntries.retainAll(permissionEntries); |
| availablePermissionEntries.addAll(addEntries); |
| Set<String> removedEntries = new HashSet<String>(oldPermissionEntries); |
| removedEntries.removeAll(permissionEntries); |
| boolean containsRemovedEntries = availablePermissionEntries.containsAll(removedEntries); |
| if(!currentUserHasAllPermission && (!availablePermissionEntries.containsAll( |
| permissionEntries) || !containsRemovedEntries)) { |
| return Response.status(Status.FORBIDDEN).entity("You are not allowed to assign " |
| + "the specified permissions to the role " + title + ".").build(); |
| } |
| |
| userManager.deleteAllPermissionsOfRole(title); |
| userManager.assignPermissionsToRole(title, permissionEntries); |
| |
| return Response.status(Status.CREATED).build(); |
| |
| } |
| |
| |
| @GET |
| @Path("add-property") |
| public GraphNode getAddSinglePropertyPage( |
| @QueryParam(value = "roleTitle") String role) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral node = new BNode(); |
| resultGraph.add(new TripleImpl(node, RDF.type, |
| USERMANAGER.AddCustomPropertyPage)); |
| resultGraph.add(new TripleImpl(node, RDF.type, |
| PLATFORM.HeadedPage)); |
| |
| resultGraph.add(new TripleImpl(node, USERMANAGER.role, |
| new PlainLiteralImpl(role))); |
| return new GraphNode(node, resultGraph); |
| } |
| |
| @POST |
| @Path("add-single-property") |
| @Produces("text/plain") |
| public Response addSingleCustomField( |
| @FormParam(value = "title") String title, |
| @FormParam(value = "label") String label, |
| @FormParam(value = "property") String property, |
| @FormParam(value = "length") int length, @Context UriInfo uriInfo) { |
| UriRef propertyUri = new UriRef(property); |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| customPropertyManager.addSingleCustomField(PERMISSION.Role, title, |
| label, propertyUri, length, 1); |
| return RedirectUtil.createSeeOtherResponse("manage-custom-properties?role=" + title, uriInfo); |
| } |
| |
| @POST |
| @Path("add-multiple-property") |
| @Produces("text/plain") |
| public Response addMultipleCustomField( |
| @FormParam(value = "title") String title, |
| @FormParam(value = "label") String label, |
| @FormParam(value = "property") String property, |
| @FormParam(value = "multiselect") String multiselect, |
| @FormParam(value = "selectablevalues") String selectablevalues, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| UriRef propertyUri = new UriRef(property); |
| customPropertyManager.addMultipleCustomField(PERMISSION.Role, title, |
| label, propertyUri, multiselect, selectablevalues, 1); |
| return RedirectUtil.createSeeOtherResponse("manage-custom-properties?role=" + title, uriInfo); |
| } |
| |
| @POST |
| @Path("delete-custom-field") |
| @Produces("text/plain") |
| public Response deleteCustomProperty( |
| @FormParam(value = "role") String role, |
| @FormParam(value = "property") String property, |
| @Context UriInfo uriInfo) { |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| UriRef propertyUri = new UriRef(property); |
| if (customPropertyManager.deleteCustomField(PERMISSION.Role, role, |
| propertyUri)) { |
| return RedirectUtil.createSeeOtherResponse( |
| "manage-custom-properties?role=" + role, uriInfo); |
| } else { |
| return Response.status(Status.BAD_REQUEST).build(); |
| } |
| } |
| |
| @GET |
| @Path("manage-custom-properties") |
| public GraphNode manageCustomProperties( |
| @QueryParam(value = "role") String role, @Context UriInfo uriInfo) { |
| TrailingSlash.enforceNotPresent(uriInfo); |
| |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| MGraph contentGraph = cgProvider.getContentGraph(); |
| MGraph resultGraph = new SimpleMGraph(); |
| NonLiteral propertyManagementPage = new BNode(); |
| resultGraph.add(new TripleImpl(propertyManagementPage, |
| USERMANAGER.role, new PlainLiteralImpl(role))); |
| resultGraph.add(new TripleImpl(propertyManagementPage, RDF.type, |
| USERMANAGER.CustomFieldPage)); |
| resultGraph.add(new TripleImpl(propertyManagementPage, RDF.type, |
| PLATFORM.HeadedPage)); |
| ArrayList<NonLiteral> customfields = customPropertyManager |
| .getCustomfieldsOfCollection(customPropertyManager |
| .getCustomPropertyCollection(PERMISSION.Role, role)); |
| for (NonLiteral customfield : customfields) { |
| resultGraph.add(new TripleImpl(customfield, USERMANAGER.role, |
| new PlainLiteralImpl(role))); |
| resultGraph.add(new TripleImpl(propertyManagementPage, |
| CUSTOMPROPERTY.customfield, customfield)); |
| } |
| return new GraphNode(propertyManagementPage, new UnionMGraph( |
| resultGraph, contentGraph)); |
| } |
| |
| /** |
| * Returns a PathNode of a static file from the staticweb folder. |
| * |
| * @return {@link PathNode} |
| */ |
| @GET |
| @Path("{path:.+}") |
| public PathNode getStaticFile(@PathParam("path") String path) { |
| final PathNode node = fileServer.getNode(path); |
| return node; |
| } |
| |
| @Override |
| public Set<GlobalMenuItem> getMenuItems() { |
| Set<GlobalMenuItem> items = new HashSet<GlobalMenuItem>(); |
| try { |
| AccessController.checkPermission(new TcPermission( |
| SystemConfig.SYSTEM_GRAPH_URI.getUnicodeString(), "readwrite")); |
| AccessController.checkPermission(new UserManagerAccessPermission()); |
| } catch (AccessControlException e) { |
| return items; |
| } |
| items.add(new GlobalMenuItem("/admin/users/", "UMR", "Users", 2, |
| "Administration")); |
| return items; |
| } |
| |
| private void addAvailableRoles(GraphNode result) { |
| Iterator<NonLiteral> roles = userManager.getRoles(); |
| while (roles.hasNext()) { |
| GraphNode role = new GraphNode(roles.next(), systemGraph); |
| result.addProperty(USERMANAGER.role, role.getNode()); |
| addCustomPropertiesOfRole(role, result); |
| } |
| } |
| |
| private void addBaseRoles(GraphNode result) { |
| Lock readLock = systemGraph.getLock().readLock(); |
| readLock.lock(); |
| try { |
| Iterator<Triple> baseRoles = systemGraph.filter(null, RDF.type, PERMISSION.BaseRole); |
| if (baseRoles.hasNext()) { |
| GraphNode baseRole = new GraphNode(baseRoles.next().getSubject(), systemGraph); |
| result.addProperty(USERMANAGER.role, baseRole.getNode()); |
| addCustomPropertiesOfRole(baseRole, result); |
| } |
| } finally { |
| readLock.unlock(); |
| } |
| } |
| private void addCustomPropertiesOfRole(GraphNode role, GraphNode result) { |
| Iterator<Literal> titles = role.getLiterals(DC.title); |
| String title = ""; |
| if(titles.hasNext()) { |
| title = titles.next().getLexicalForm(); |
| } |
| NonLiteral customFieldCollection = customPropertyManager.getCustomPropertyCollection(PERMISSION.Role, title); |
| result.getGraph().add(new TripleImpl((NonLiteral) role.getNode(), USERMANAGER.custominformation, |
| customFieldCollection)); |
| |
| |
| } |
| } |