Changeset 2802

Timestamp:

Oct 25, 2006, 11:18:11 AM (17 years ago)

Author:

Nicklas Nordborg

Message:

Made it possible to select the requested permissions for a plugin

Location:

trunk

Files:

• src/core/net/sf/basedb/core/Permission.java (modified) (1 diff)
• src/core/net/sf/basedb/core/plugin/Permissions.java (modified) (1 diff)
• www/admin/plugindefinitions/edit_plugin.jsp (modified) (9 diffs)
• www/admin/plugindefinitions/index.jsp (modified) (3 diffs)
• www/admin/plugindefinitions/view_plugin.jsp (modified) (2 diffs)

trunk/src/core/net/sf/basedb/core/Permission.java

@@ -154 +154 @@
 
   /**
+    Expand the given set of permissions to make sure it includes
+    all implicitely granted permissions. For example if the set contains 
+    WRITE it is exapnded to READ, USE, RESTRICTED_WRITE and WRITE.
+    
+    @param permissions The permissions to expand
+    @return A new set containing the expanded permissions or null 
+      if the parameter is null
+  */
+  public static Set<Permission> expand(Set<Permission> permissions)
+  {
+    if (permissions == null) return null;
+    return fromInt(grant(permissions));
+  }
+  
+  /**
     Checks if the given <code>Permission</code> is granted by the 
     <code>permissions</code> code.

trunk/src/core/net/sf/basedb/core/plugin/Permissions.java

@@ -82 +82 @@
   }
   
+  
+  public String toString()
+  {
+    return itemType + "; granted=" + alwaysGranted + "; maybe=" + maybeGranted;
+  }
+  
 }

trunk/www/admin/plugindefinitions/edit_plugin.jsp

@@ -42 +42 @@
   import="net.sf.basedb.core.RoleKey"
   import="net.sf.basedb.core.SystemItems"
+  import="net.sf.basedb.core.plugin.Plugin"
+  import="net.sf.basedb.core.plugin.Permissions"
   import="net.sf.basedb.core.query.Restrictions"
   import="net.sf.basedb.core.query.Orders"
@@ -53 +55 @@
   import="java.util.Map"
   import="java.util.List"
+  import="java.util.Collection"
 %>
 <%@ taglib prefix="base" uri="/WEB-INF/base.tld" %>
@@ -78 +81 @@
   sb.append(" []");
   return sb.toString();
+}
+private void appendPermissionLetter(StringBuilder sb, Permission p, String letter, 
+  Set<Permission> defined, Set<Permission> always, Set<Permission> maybe)
+{
+  if (defined.contains(p))
+  {
+    if (always != null && always.contains(p))
+    {
+      sb.append(letter.toUpperCase());
+    }
+    else if (maybe != null && maybe.contains(p))
+    {
+      sb.append(letter.toLowerCase());
+    }
+    else
+    {
+      sb.append("-");
+    }
+  }
 }
 %>
@@ -94 +116 @@
   boolean isTrusted = true;
   boolean usePermissions = false;
+  Collection<Permissions> requestedPermissions = null;
   
   final int selectedAgentId = Values.getInt(request.getParameter("jobagent_id"), -1);
@@ -127 +150 @@
     agentQuery.join(Hql.innerJoin("plugins", "p"));
     agentQuery.restrict(Restrictions.eq(Hql.property("p", "pluginDefinition"), Hql.entity(plugin)));
+
+    Plugin thePlugin = plugin.newInstance(Plugin.class, null, sc, null, null);
+    requestedPermissions = thePlugin.getPermissions();
   }
   
@@ -490 +516 @@
       if ((defined & permission) > 0)
       {
-        p = (granted & permission) > 0 ? cc : ((denied & permission) > 0 ? '-' : '?');
+        p = (granted & permission) > 0 ? cc.toUpperCase() : ((denied & permission) > 0 ? '-' : cc.toLowerCase());
       }
       return p;
@@ -628 +654 @@
       }
     }
+    <%
+    if (requestedPermissions != null && requestedPermissions.size() > 0)
+    {
+      %>
+      function setRequestedPermissions()
+      {
+        var frm = document.forms['plugin'];
+        // Reset all existing permissions
+        for (var i = 0; i < frm.items.length; i++)
+        {
+          var itemType = frm.items[i].value;
+          if (itemType)
+          {
+            frm[itemType+'_granted'].value = 0;
+            frm[itemType+'_denied'].value = 255;
+          }
+        }
+        // Set requested permissions
+        <%
+        for (Permissions pp : requestedPermissions)
+        {
+          Item ppType = pp.getItemType();
+          Set<Permission> always = Permission.expand(pp.getAlwaysGranted());
+          Set<Permission> maybe = Permission.expand(pp.getMaybeGranted());
+          %>
+          frm['<%=ppType.name()%>_granted'].value = <%=always == null ? 0 : PermissionUtil.getPermissionCode(always)%>;
+          frm['<%=ppType.name()%>_denied'].value = <%=maybe == null ? 255 : 255 & ~PermissionUtil.getPermissionCode(maybe)%>;
+          <%
+        }
+        %>
+        // Update the list
+        initPermissions();
+      }
+      <%
+    }
+    %>
     </script>
   </base:head>
@@ -686 +748 @@
           <input type="radio" name="use_permissions" value="0" 
             <%=!usePermissions ? "checked" : ""%> onclick="usePermissionsOnClick()">no
+          <%
+          if (plugin == null)
+          {
+            %>
+            <input type="radio" name="use_permissions" value="2" 
+              onclick="usePermissionsOnClick()">if requested by plugin
+            <%
+          }
+          %>
         </td>
       </tr>
     </table>
 
-    <table >
+    <table>
     <tr valign="top">
     <td>
@@ -715 +786 @@
     </td>
     <td>
-      <b>Always grant</b><br>
-      <input type="checkbox" name="grant_create" onClick="permissionOnClick(this)">Create<br>
-      <input type="checkbox" name="grant_read" onClick="permissionOnClick(this)">Read<br>
-      <input type="checkbox" name="grant_use" onClick="permissionOnClick(this)">Use<br>
-      <input type="checkbox" name="grant_write" onClick="permissionOnClick(this)">Write<br>
-      <input type="checkbox" name="grant_delete" onClick="permissionOnClick(this)">Delete<br>
-      <input type="checkbox" name="grant_set_owner" onClick="permissionOnClick(this)">Set owner<br>
-      <input type="checkbox" name="grant_set_permission" onClick="permissionOnClick(this)">Set permission<br>
-    </td>
-    <td>
-      <b>Always deny</b><br>
-      <input type="checkbox" name="deny_create" onClick="permissionOnClick(this)">Create<br>
-      <input type="checkbox" name="deny_read" onClick="permissionOnClick(this)">Read<br>
-      <input type="checkbox" name="deny_use" onClick="permissionOnClick(this)">Use<br>
-      <input type="checkbox" name="deny_write" onClick="permissionOnClick(this)">Write<br>
-      <input type="checkbox" name="deny_delete" onClick="permissionOnClick(this)">Delete<br>
-      <input type="checkbox" name="deny_set_owner" onClick="permissionOnClick(this)">Set owner<br>
-      <input type="checkbox" name="deny_set_permission" onClick="permissionOnClick(this)">Set permission<br>
+      <table>
+      <tr><td>
+        <b>Always grant</b><br>
+        <input type="checkbox" name="grant_create" onClick="permissionOnClick(this)">Create<br>
+        <input type="checkbox" name="grant_read" onClick="permissionOnClick(this)">Read<br>
+        <input type="checkbox" name="grant_use" onClick="permissionOnClick(this)">Use<br>
+        <input type="checkbox" name="grant_write" onClick="permissionOnClick(this)">Write<br>
+        <input type="checkbox" name="grant_delete" onClick="permissionOnClick(this)">Delete<br>
+        <input type="checkbox" name="grant_set_owner" onClick="permissionOnClick(this)">Set owner<br>
+        <input type="checkbox" name="grant_set_permission" onClick="permissionOnClick(this)">Set permission
+      </td>
+      <td>
+        <b>Always deny</b><br>
+        <input type="checkbox" name="deny_create" onClick="permissionOnClick(this)">Create<br>
+        <input type="checkbox" name="deny_read" onClick="permissionOnClick(this)">Read<br>
+        <input type="checkbox" name="deny_use" onClick="permissionOnClick(this)">Use<br>
+        <input type="checkbox" name="deny_write" onClick="permissionOnClick(this)">Write<br>
+        <input type="checkbox" name="deny_delete" onClick="permissionOnClick(this)">Delete<br>
+        <input type="checkbox" name="deny_set_owner" onClick="permissionOnClick(this)">Set owner<br>
+        <input type="checkbox" name="deny_set_permission" onClick="permissionOnClick(this)">Set permission
+      </td>
+      <%
+      if (requestedPermissions != null && requestedPermissions.size() > 0)
+      {
+        %>
+        <td>
+        <b>Requested by plugin</b><br>
+        <table>
+        <%
+        for (Permissions pp : requestedPermissions)
+        {
+          Item ppType = pp.getItemType();
+          Set<Permission> always = Permission.expand(pp.getAlwaysGranted());
+          Set<Permission> maybe = Permission.expand(pp.getMaybeGranted());
+          Set<Permission> defined = ppType.getDefinedPermissions();
+          StringBuilder sb = new StringBuilder();
+          sb.append("[");
+          appendPermissionLetter(sb, Permission.CREATE, "C", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.READ, "R", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.USE, "U", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.WRITE, "W", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.DELETE, "D", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.SET_OWNER, "O", defined, always, maybe);
+          appendPermissionLetter(sb, Permission.SET_PERMISSION, "P", defined, always, maybe);
+          sb.append("]");
+          %>
+          <tr>
+            <td><%=ppType%></td>
+            <td><%=sb.toString()%></td>
+          </tr>
+          <%
+        }
+        %>
+        </table>
+        <table><tr><td>
+        <base:button title="Use requested permissions" onclick="setRequestedPermissions()"
+          tooltip="Use the permissions requested by the plugin." />
+        </td></tr></table>
+        </td>
+        <%
+      }
+      %>
+      </tr>
+      </table>
+      <b>Capital letters</b> = Permission is always granted<br>
+      <b>Small letters</b> = Permission is only granted if logged in user 
+        has that permission
+      
     </td>
     </tr>
     </table>
+    
+    
     </t:tab>
     

trunk/www/admin/plugindefinitions/index.jsp

@@ -134 +134 @@
     String className = Values.getStringOrNull(request.getParameter("className"));
     String jarPath = Values.getStringOrNull(request.getParameter("jarPath"));
+    int usePermissions = Values.getInt(request.getParameter("use_permissions"));
     if (plugin == null)
     {
-      plugin = PluginDefinition.getNew(dc, className, jarPath, false);
+      plugin = PluginDefinition.getNew(dc, className, jarPath, usePermissions == 2);
       message = "Plugin created";
       dc.saveItem(plugin);
@@ -143 +144 @@
     {
       dc.reattachItem(plugin);
-      plugin.loadPluginInformation(jarPath, className, false);
+      plugin.loadPluginInformation(jarPath, className, usePermissions == 2);
       message = "Plugin updated";
     }
@@ -160 +161 @@
       plugin.setPermissions(key, PermissionUtil.getPermissions(granted), PermissionUtil.getPermissions(denied));
     }
-    plugin.setUsePermissions(Values.getBoolean(request.getParameter("use_permissions")));
+    plugin.setUsePermissions(usePermissions != 0);
     
     // Installed on job agents

trunk/www/admin/plugindefinitions/view_plugin.jsp

@@ -70 +70 @@
     Set<Permission> defined = itemType.getDefinedPermissions();
     StringBuilder sb = new StringBuilder();
-    if (defined.contains(Permission.CREATE)) sb.append(granted.contains(Permission.CREATE) ? "C" : denied.contains(Permission.CREATE) ? "-" : "?");
-    if (defined.contains(Permission.READ)) sb.append(granted.contains(Permission.READ) ? "R" :  denied.contains(Permission.READ) ? "-" : "?");
-    if (defined.contains(Permission.USE)) sb.append(granted.contains(Permission.USE) ? "U" :  denied.contains(Permission.USE) ? "-" : "?");
-    if (defined.contains(Permission.WRITE)) sb.append(granted.contains(Permission.WRITE) ? "W" :  denied.contains(Permission.WRITE) ? "-" : "?");
-    if (defined.contains(Permission.DELETE)) sb.append(granted.contains(Permission.DELETE) ? "D" :  denied.contains(Permission.DELETE) ? "-" : "?");
-    if (defined.contains(Permission.SET_OWNER)) sb.append(granted.contains(Permission.SET_OWNER) ? "O" :  denied.contains(Permission.SET_OWNER) ? "-" : "?");
-    if (defined.contains(Permission.SET_PERMISSION)) sb.append(granted.contains(Permission.SET_PERMISSION) ? "P" :  denied.contains(Permission.SET_PERMISSION) ? "-" : "?");
+    if (defined.contains(Permission.CREATE)) sb.append(granted.contains(Permission.CREATE) ? "C" : denied.contains(Permission.CREATE) ? "-" : "c");
+    if (defined.contains(Permission.READ)) sb.append(granted.contains(Permission.READ) ? "R" :  denied.contains(Permission.READ) ? "-" : "r");
+    if (defined.contains(Permission.USE)) sb.append(granted.contains(Permission.USE) ? "U" :  denied.contains(Permission.USE) ? "-" : "u");
+    if (defined.contains(Permission.WRITE)) sb.append(granted.contains(Permission.WRITE) ? "W" :  denied.contains(Permission.WRITE) ? "-" : "w");
+    if (defined.contains(Permission.DELETE)) sb.append(granted.contains(Permission.DELETE) ? "D" :  denied.contains(Permission.DELETE) ? "-" : "d");
+    if (defined.contains(Permission.SET_OWNER)) sb.append(granted.contains(Permission.SET_OWNER) ? "O" :  denied.contains(Permission.SET_OWNER) ? "-" : "o");
+    if (defined.contains(Permission.SET_PERMISSION)) sb.append(granted.contains(Permission.SET_PERMISSION) ? "P" :  denied.contains(Permission.SET_PERMISSION) ? "-" : "p");
     return sb.toString();
   }
@@ -554 +554 @@
         <tr class="panel">
         <td colspan="99" class="panel">
-        <b>C</b> = Create, <b>R</b> = Read, <b>U</b> = Use, 
-        <b>W</b> = Write, <b>D</b> = Delete, <b>O</b> = Change owner, <b>P</b> = Change permissions,
-        <b>?</b> = Logged in user's permission, <b>-</b> = Denied
+        Capital letters = Permission is always granted, Small letters = Permission is only granted if logged in user 
+        has that permission<br>
+        <b>C/c</b> = Create, <b>R/r</b> = Read, <b>U/u</b> = Use, 
+        <b>W/w</b> = Write, <b>D/d</b> = Delete, <b>O/o</b> = Change owner, 
+        <b>P/p</b> = Change permissions
         </td>
         </tr>