source: trunk/www/admin/roles/edit_role.jsp @ 7216

<%-- $Id: edit_role.jsp 7216 2016-10-19 20:17:37Z nicklas $
  ------------------------------------------------------------------
  Copyright (C) 2005 Nicklas Nordborg
  Copyright (C) 2006 Jari Häkkinen, Nicklas Nordborg, Martin Svensson
  Copyright (C) 2007 Nicklas Nordborg

  This file is part of BASE - BioArray Software Environment.
  Available at http://base.thep.lu.se/

  BASE is free software; you can redistribute it and/or
  modify it under the terms of the GNU General Public License
  as published by the Free Software Foundation; either version 3
  of the License, or (at your option) any later version.

  BASE is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with BASE. If not, see <http://www.gnu.org/licenses/>.
  ------------------------------------------------------------------


  @author Nicklas
  @version 2.0
--%>
<%@ page pageEncoding="UTF-8" session="false"
  import="net.sf.basedb.core.SessionControl"
  import="net.sf.basedb.core.DbControl"
  import="net.sf.basedb.core.SystemItems"
  import="net.sf.basedb.core.Item"
  import="net.sf.basedb.core.ItemContext"
  import="net.sf.basedb.core.Include"
  import="net.sf.basedb.core.Permission"
  import="net.sf.basedb.core.User"
  import="net.sf.basedb.core.Role"
  import="net.sf.basedb.core.RoleKey"
  import="net.sf.basedb.core.ItemQuery"
  import="net.sf.basedb.core.ItemResultList"
  import="net.sf.basedb.core.BaseException"
  import="net.sf.basedb.core.PermissionDeniedException"
  import="net.sf.basedb.core.query.Orders"
  import="net.sf.basedb.core.query.Hql"
  import="net.sf.basedb.clients.web.Base"
  import="net.sf.basedb.clients.web.PermissionUtil"
  import="net.sf.basedb.clients.web.util.HTML"
  import="net.sf.basedb.util.Values"
  import="net.sf.basedb.core.plugin.GuiContext"
  import="net.sf.basedb.clients.web.extensions.ExtensionsControl"
  import="net.sf.basedb.clients.web.extensions.JspContext"
  import="net.sf.basedb.clients.web.extensions.edit.EditUtil"
  import="net.sf.basedb.util.extensions.ExtensionsInvoker"
  import="net.sf.basedb.util.json.JsonUtil"
  import="net.sf.basedb.util.json.NameableConverter"
  import="java.util.EnumSet"
  import="java.util.Set"
  import="java.util.Map"
  import="java.util.List"
  import="org.json.simple.JSONArray"
  import="org.json.simple.JSONObject"
%>
<%@ taglib prefix="base" uri="/WEB-INF/base.tld" %>
<%@ taglib prefix="t" uri="/WEB-INF/tab.tld" %>
<%@ taglib prefix="ext" uri="/WEB-INF/extensions.tld" %>
<%!
private static final int DENY_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.DENIED));
private static final int CREATE_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.CREATE));
private static final int READ_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.READ));
private static final int USE_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.USE));
private static final int RESTRICTED_WRITE_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.RESTRICTED_WRITE));
private static final int WRITE_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.WRITE));
private static final int DELETE_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.DELETE));
private static final int SET_OWNER_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.SET_OWNER));
private static final int SET_PERMISSION_CODE = PermissionUtil.getPermissionCode(EnumSet.of(Permission.SET_PERMISSION));

private String getOption(DbControl dc, Role role, Item itemType)
  throws BaseException
{
  int keyId = SystemItems.getRoleKeyId(itemType);
  if (keyId == 0) return "";

  RoleKey key = RoleKey.getById(dc, keyId);
  Set<Permission> permissions = role == null ? EnumSet.noneOf(Permission.class) : key.getPermissions(role);
  StringBuilder sb = new StringBuilder();
  sb.append("<option value=\"").append(key.getItemType().name()).append("\">");
  sb.append(HTML.encodeTags(key.getName()));
  sb.append(" [");
  if (permissions.contains(Permission.DENIED)) 
  {
    sb.append("DENIED");
  }
  else
  {
    Set<Permission> defined = itemType.getDefinedPermissions();
    if (defined != null)
    {
      if (defined.contains(Permission.CREATE)) sb.append(permissions.contains(Permission.CREATE) ? "C" : "-");
      if (defined.contains(Permission.READ)) sb.append(permissions.contains(Permission.READ) ? "R" : "-");
      if (defined.contains(Permission.USE)) sb.append(permissions.contains(Permission.USE) ? "U" : "-");
      if (defined.contains(Permission.RESTRICTED_WRITE)) sb.append(permissions.contains(Permission.RESTRICTED_WRITE) ? "A" : "-");
      if (defined.contains(Permission.WRITE)) sb.append(permissions.contains(Permission.WRITE) ? "W" : "-");
      if (defined.contains(Permission.DELETE)) sb.append(permissions.contains(Permission.DELETE) ? "D" : "-");
      if (defined.contains(Permission.SET_OWNER)) sb.append(permissions.contains(Permission.SET_OWNER) ? "O" : "-");
      if (defined.contains(Permission.SET_PERMISSION)) sb.append(permissions.contains(Permission.SET_PERMISSION) ? "P" : "-");
    }
  }
  sb.append("]");
  return sb.toString();
}
%>
<%
final Item itemType = Item.ROLE;
final SessionControl sc = Base.getExistingSessionControl(pageContext, true);
final ItemContext cc = Base.getAndSetCurrentContext(sc, itemType, null, null);
final int itemId = cc.getId();
final String ID = sc.getId();
final float scale = Base.getScale(sc);
final DbControl dc = sc.newDbControl();
try
{
  String title = null;
  Role role = null;
  boolean isDefault = false;

  if (itemId == 0)
  {
    title = "Create role";
    cc.removeObject("item");
    isDefault = Values.getBoolean(cc.getPropertyValue("default"), false);
  }
  else
  {
    role = Role.getById(dc, itemId);
    role.checkPermission(Permission.WRITE);
    cc.setObject("item", role);
    isDefault = role.isDefault();
    title = "Edit role -- " + HTML.encodeTags(role.getName());
    
  }
  
  final boolean useUsers = sc.hasPermission(Permission.WRITE, Item.USER);
  RoleKey system = RoleKey.getById(dc, SystemItems.getRoleKeyId(Item.SYSTEM));
  final boolean hasShareToEveryone = role == null ? false : system.getPermissions(role).contains(Permission.SHARE_TO_EVERYONE);
  final boolean hasActAsAnotherUser = role == null ? false : system.getPermissions(role).contains(Permission.ACT_AS_ANOTHER_USER);
  final boolean hasSelectJobagent = role == null ? false : system.getPermissions(role).contains(Permission.SELECT_JOBAGENT);
  
  // Query to retrieve role keys
  final ItemQuery<RoleKey> roleKeyQuery = RoleKey.getQuery();
  roleKeyQuery.order(Orders.asc(Hql.property("name")));

  // Load user members as JSON objects
  JSONObject jsonUsers = new JSONObject();
  jsonUsers.put("itemType", "USER");
  if (role != null)
  {
    ItemQuery<User> query = role.getUsers();
    query.include(Include.ALL);
    query.order(Orders.asc(Hql.property("name")));
    jsonUsers.put("items", JsonUtil.toArray(query.iterate(dc), new NameableConverter()));
  }

  JspContext jspContext = ExtensionsControl.createContext(dc, pageContext, GuiContext.item(itemType), role);
  ExtensionsInvoker invoker = EditUtil.useEditExtensions(jspContext);
  %>
  <base:page type="popup" title="<%=title%>" id="edit-page">
  <base:head scripts="tabcontrol-2.js,linkitems-2.js,~roles.js" styles="tabcontrol.css">
    <ext:scripts context="<%=jspContext%>" />
    <ext:stylesheets context="<%=jspContext%>" />
  </base:head>
  <base:body>
    <h1><%=title%> <base:help tabcontrol="settings" /></h1>
    
    <form action="index.jsp?ID=<%=ID%>" method="post" name="role">
    <input type="hidden" name="cmd" value="UpdateItem">

    <t:tabcontrol id="settings" 
      subclass="content dialogtabcontrol"
      position="bottom" remember="<%=role != null%>"
      extensions="<%=invoker%>">
    <t:tab id="info" title="Role" helpid="role.edit">
      <table class="fullform input100">
      <tr>
        <th>Name</th>
        <td><input class="text required auto-init" data-auto-init="<%=role == null ? "focus-select" : "focus" %>"
          type="text" name="name" 
          value="<%=HTML.encodeTags(role == null ? Values.getString(cc.getPropertyValue("name"), "New role") : role.getName())%>" 
          maxlength="<%=Role.MAX_NAME_LENGTH%>"></td>
        <td></td>
      </tr>
      <tr class="big">
        <th>System-level<br>permissions</th>
        <td>
          <input type="checkbox" name="share_to_everyone" id="share_to_everyone"
            value="<%=PermissionUtil.getPermissionCode(EnumSet.of(Permission.SHARE_TO_EVERYONE))%>" 
            <%=hasShareToEveryone ? "checked" : ""%>
            ><label for="share_to_everyone">Share to Everyone</label><br>
          <input type="checkbox" name="act_as_another_user" id="act_as_another_user"
            value="<%=PermissionUtil.getPermissionCode(EnumSet.of(Permission.ACT_AS_ANOTHER_USER))%>"
            <%=hasActAsAnotherUser ? "checked" : ""%>
            ><label for="act_as_another_user">Act as another user</label><br>
          <input type="checkbox" name="select_jobagent" id="select_jobagent"
            value="<%=PermissionUtil.getPermissionCode(EnumSet.of(Permission.SELECT_JOBAGENT))%>"
            <%=hasSelectJobagent ? "checked" : ""%>
            ><label for="select_jobagent">Select job agent for jobs</label><br>
        </td>
        <td></td>
      </tr>
      <tr>
        <th>Default</th>
        <td>
          <input type="radio" name="is_default" id="defaultNo" value="0" 
            <%=!isDefault ? "checked" : ""%>><label for="defaultNo">no</label>
          <input type="radio" name="is_default" id="defaultYes" value="1" 
            <%=isDefault ? "checked" : ""%>><label for="defaultYes">yes</label>
        </td>
        <td></td>
      </tr> 

      <tr class="dynamic">
        <th>Description</th>
        <td>
          <textarea class="text" rows="6" name="description" id="description"
            ><%=HTML.encodeTags(role == null ? cc.getPropertyValue("description") : role.getDescription())%></textarea>
        </td>
        <td style="width: 20px;">
          <base:zoom textarea="description" title="Description" />
        </td>
      </tr>
      </table>
    </t:tab>
    
    <t:tab id="permissions" title="Permissions" 
      tooltip="Set permissions for this role" helpid="role.edit.permissions">
      <table class="fullform input100">
      <tr class="dynamic">
      <th>Item types</th>
      <td>
        <div class="selectionlist">
        <table>
        <tr>
        <td>
          <select name="items" size="15" id="items" multiple>
          <%
          Map<String, List<Item>> permissionGroups = PermissionUtil.getPermissionGroups();
          for (Map.Entry<String, List<Item>> entry : permissionGroups.entrySet())
          {
            String name = entry.getKey();
            List<Item> items = entry.getValue();
            %>
            <option class="selectoptionheader" value="">-- <%=name%>
            <%
            for (Item item : items)
            {
              %>
              <%=getOption(dc, role, item)%>
              <%
            }
          }
          %>
          </select>
        </td>
        <td style="vertical-align: top;">
          <div style="width: 15em;">
          <b>Permissions</b><br>
          <input type="checkbox" name="deny" id="deny" value="<%=DENY_CODE%>"><label for="deny">Deny</label><br>
          <input type="checkbox" name="create" id="create" value="<%=CREATE_CODE%>"><label for="create">Create</label><br>
          <input type="checkbox" name="read" id="read" value="<%=READ_CODE%>"><label for="read">Read</label><br>
          <input type="checkbox" name="use" id="use" value="<%=USE_CODE%>"><label for="use">Use</label><br>
          <input type="checkbox" name="restricted_write" id="restricted_write" value="<%=RESTRICTED_WRITE_CODE%>"><label for="restricted_write">Annotate</label><br>
          <input type="checkbox" name="write" id="write" value="<%=WRITE_CODE%>"><label for="write">Write</label><br>
          <input type="checkbox" name="delete" id="delete" value="<%=DELETE_CODE%>"><label for="delete">Delete</label><br>
          <input type="checkbox" name="set_owner" id="set_owner" value="<%=SET_OWNER_CODE%>"><label for="set_owner">Set owner</label><br>
          <input type="checkbox" name="set_permission" id="set_permission" value="<%=SET_PERMISSION_CODE%>"><label for="set_permission">Set permission</label><br>
          </div>
        </td>
        </tr>
        </table>
        </div>
      </td>
      </tr>
      </table>
    </t:tab>
    
    <t:tab id="members" title="Members" tooltip="Add/remove members of this role" 
      helpid="role.edit.members">
      <table class="fullform input100">
      <tr class="dynamic">
      <th>Members</th>
      <td>
          <div class="selectionlist">
          <table>
          <tr>
            <td>
            <select name="members" id="members" 
              class="auto-init" data-auto-init="link-container"
              data-initial-items="[<%=HTML.encodeTags(jsonUsers.toJSONString()) %>]"
              data-initial-action="<%=role == null ? 0 : 1%>"
              size="15" multiple <%=!useUsers ? "disabled readonly class=\"disabled\"" : ""%>>
            </select>
          </td>
          <td style="vertical-align: top;">
            <base:buttongroup vertical="true">
              <base:button 
                id="btnAddUsers"
                subclass="leftaligned auto-init"
                data-auto-init="add-link"
                data-list-id="members"
                data-item-type="USER"
                style="width: 12em;"
                title="Add&nbsp;users&hellip;" 
                tooltip="Add users to this role"
                disabled="<%=!useUsers %>" 
              />
              <base:button 
                id="btnRemoveUsers"
                subclass="leftaligned auto-init"
                data-auto-init="remove-link"
                data-list-id="members"
                style="width: 12em;"
                title="Remove" 
                tooltip="Remove the selected items from this role"
                disabled="<%=!useUsers%>" 
              />
            </base:buttongroup>
          </td>
          </tr>
          </table>
          </div>
      </td>
      </tr>
      </table>
    </t:tab>
    </t:tabcontrol>
    <%
    ItemResultList<RoleKey> roleKeys = roleKeyQuery.list(dc);
    for (RoleKey key : roleKeys)
    {
      int permissionCode = role == null ? 0 : PermissionUtil.getPermissionCode(key.getPermissions(role));
      int definedCode = key.getItemType().getDefinedPermissions() == null ? 0 : PermissionUtil.getPermissionCode(key.getItemType().getDefinedPermissions());
      String name = key.getItemType().name();
      %>
      <input type="hidden" name="<%=name%>" value="<%=permissionCode%>">
      <input type="hidden" name="<%=name%>_defined" value="<%=definedCode%>">
      <%
    }
    %>
    </form>
    
    <div class="legend">
      <base:icon image="required.png" />= required information
    </div>

    <base:buttongroup subclass="dialogbuttons">
      <base:button id="btnSave" title="Save" />
      <base:button id="close" title="Cancel" />
    </base:buttongroup>

  </base:body>
  </base:page>
  <%
}
finally
{
  if (dc != null) dc.close();
}
%>