From fe50122847a7ae2533de968e46d700618a88411a Mon Sep 17 00:00:00 2001 From: Kevin Roast Date: Thu, 5 Oct 2006 18:05:08 +0000 Subject: [PATCH] . User permissions now applied during Create Website wizard - Content Managers have access to all sandboxes, including staging sandbox - Other invited users have appropriate permissions as per their role - Users (except managers) are now restricted to making changes within their own sandbox - and commiting those changes - TODO: add evaluators to hide inappropriate actions for users . Minor bug fixes to Create XML Form wizard git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/WCM-DEV2/root@4041 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../content/CreateXmlContentTypeWizard.java | 37 +++------- .../web/bean/wcm/CreateWebsiteWizard.java | 71 +++++++++++++++---- source/web/WEB-INF/faces-config-beans.xml | 4 ++ 3 files changed, 73 insertions(+), 39 deletions(-) diff --git a/source/java/org/alfresco/web/bean/content/CreateXmlContentTypeWizard.java b/source/java/org/alfresco/web/bean/content/CreateXmlContentTypeWizard.java index 99942f6c6a..9291c080b9 100644 --- a/source/java/org/alfresco/web/bean/content/CreateXmlContentTypeWizard.java +++ b/source/java/org/alfresco/web/bean/content/CreateXmlContentTypeWizard.java @@ -18,6 +18,7 @@ package org.alfresco.web.bean.content; import java.io.*; import java.util.*; + import javax.faces.context.FacesContext; import javax.faces.event.ValueChangeEvent; import javax.faces.model.SelectItem; @@ -52,7 +53,7 @@ import org.xml.sax.SAXException; /** - * Bean implementation for the "Create Content Wizard" dialog + * Bean implementation for the "Create XML Form" dialog * * @author arielb */ @@ -66,6 +67,7 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean private String presentationTemplateType; protected ContentService contentService; + // ------------------------------------------------------------------------------ // Wizard implementation @@ -118,18 +120,18 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean writer.setEncoding("UTF-8"); writer.putContent(this.getPresentationTemplateFile()); - Map props = new HashMap(3, 1.0f); + Map props = new HashMap(2, 1.0f); props.put(WCMModel.PROP_SCHEMA_ROOT_TAG_NAME, this.getSchemaRootTagName()); props.put(WCMModel.ASSOC_TEMPLATE_OUTPUT_METHODS, presentationTemplateFileNodeRef); this.nodeService.addAspect(schemaFileNodeRef, WCMModel.ASPECT_TEMPLATE, props); // apply the titled aspect - title and description - props = new HashMap(3, 1.0f); + props = new HashMap(2, 1.0f); props.put(ContentModel.PROP_TITLE, this.getTemplateName()); props.put(ContentModel.PROP_DESCRIPTION, ""); this.nodeService.addAspect(schemaFileNodeRef, ContentModel.ASPECT_TITLED, props); - props = new HashMap(3, 1.0f); + props = new HashMap(2, 1.0f); props.put(WCMModel.PROP_TEMPLATE_OUTPUT_METHOD_TYPE, this.getPresentationTemplateType()); props.put(WCMModel.PROP_TEMPLATE_SOURCE, schemaFileNodeRef); this.nodeService.addAspect(presentationTemplateFileNodeRef, WCMModel.ASPECT_TEMPLATE_OUTPUT_METHOD, props); @@ -147,6 +149,8 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean this.removeUploadedPresentationTemplateFile(); this.schemaRootTagName = null; this.templateName = null; + clearUpload("schema"); + clearUpload("pt"); } @Override @@ -179,26 +183,6 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean return disabled; } -// @Override -// protected String doPostCommitProcessing(FacesContext context, String outcome) -// { -// // as we were successful, go to the set properties dialog if asked -// // to otherwise just return -// if (this.showOtherProperties) -// { -// // we are going to immediately edit the properties so we need -// // to setup the BrowseBean context appropriately -// this.browseBean.setDocument(new Node(this.createdNode)); -// -// return getDefaultFinishOutcome() + AlfrescoNavigationHandler.OUTCOME_SEPARATOR + -// "dialog:setContentProperties"; -// } -// else -// { -// return outcome; -// } -// } - /** * Action handler called when the user wishes to remove an uploaded file */ @@ -377,8 +361,6 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean }); } - // ------------------------------------------------------------------------------ - // Action event handlers // ------------------------------------------------------------------------------ // Service Injection @@ -396,6 +378,7 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean // Helper Methods /** + * Clear the uploaded form, clearing the specific Upload component by Id */ protected void clearUpload(final String id) { @@ -405,6 +388,8 @@ public class CreateXmlContentTypeWizard extends BaseWizardBean ctx.getExternalContext().getSessionMap(). get(FileUploadBean.getKey(id)); if (fileBean != null) + { fileBean.setFile(null); + } } } diff --git a/source/java/org/alfresco/web/bean/wcm/CreateWebsiteWizard.java b/source/java/org/alfresco/web/bean/wcm/CreateWebsiteWizard.java index 18b8ab7543..202dbf4de3 100644 --- a/source/java/org/alfresco/web/bean/wcm/CreateWebsiteWizard.java +++ b/source/java/org/alfresco/web/bean/wcm/CreateWebsiteWizard.java @@ -67,6 +67,7 @@ public class CreateWebsiteWizard extends BaseWizardBean private String websitesFolderId = null; protected AVMService avmService; + protected PermissionService permissionService; // ------------------------------------------------------------------------------ @@ -116,28 +117,40 @@ public class CreateWebsiteWizard extends BaseWizardBean wiz.setNode(new Node(nodeRef)); outcome = wiz.finish(); if (outcome != null) - { - // create the AVM stores to represent the newly created location website - createStagingSandbox(this.name); - + { // create a sandbox for each user appropriately with permissions based on role + // build a list of managers who will have full permissions on ALL staging areas + List managers = new ArrayList(4); boolean foundCurrentUser = false; List invitedUserRoles = (List)wiz.getUserRolesDataModel().getWrappedData(); String currentUser = Application.getCurrentUser(context).getUserName(); for (UserGroupRole userRole : invitedUserRoles) { - if (currentUser.equals(userRole.getAuthority())) + String authority = userRole.getAuthority(); + if (currentUser.equals(authority)) { foundCurrentUser = true; } - createUserSandbox(this.name, userRole.getAuthority(), userRole.getRole()); + if (ROLE_CONTENT_MANAGER.equals(userRole)) + { + managers.add(authority); + } } if (foundCurrentUser == false) { - createUserSandbox(this.name, currentUser, ROLE_CONTENT_MANAGER); invitedUserRoles.add(new UserGroupRole(currentUser, ROLE_CONTENT_MANAGER, null)); + managers.add(currentUser); } + // build the sandboxes now we have the manager list and complete user list + for (UserGroupRole userRole : invitedUserRoles) + { + createUserSandbox(this.name, managers, userRole.getAuthority(), userRole.getRole()); + } + + // create the AVM stores to represent the newly created location website + createStagingSandbox(this.name, managers); + // save the list of invited users against the store for (UserGroupRole userRole : invitedUserRoles) { @@ -170,6 +183,14 @@ public class CreateWebsiteWizard extends BaseWizardBean { this.avmService = avmService; } + + /** + * @param permissionService The permissionService to set. + */ + public void setPermissionService(PermissionService permissionService) + { + this.permissionService = permissionService; + } /** * @return Returns the name. @@ -308,8 +329,9 @@ public class CreateWebsiteWizard extends BaseWizardBean * Website Name: .website.name = website name * * @param name The store name to create the sandbox for + * @param managers The list of authorities who have ContentManager role in the website */ - private void createStagingSandbox(String name) + private void createStagingSandbox(String name, List managers) { // create the 'staging' store for the website String stagingStore = AVMConstants.buildAVMStagingStoreName(name); @@ -319,11 +341,16 @@ public class CreateWebsiteWizard extends BaseWizardBean // create the system directories 'appBase' and 'avm_webapps' String path = stagingStore + ":/"; - this.avmService.createDirectory(path, AVMConstants.DIR_APPBASE); //this.fileFolderService.create(AVMNodeConverter.ToNodeRef(-1, path), AVMConstants.DIR_APPBASE, ContentModel.TYPE_AVM_PLAIN_FOLDER); + this.avmService.createDirectory(path, AVMConstants.DIR_APPBASE); + NodeRef dirRef = AVMNodeConverter.ToNodeRef(-1, path + '/' + AVMConstants.DIR_APPBASE); + for (String manager : managers) + { + this.permissionService.setPermission(dirRef, manager, ROLE_CONTENT_MANAGER, true); + } path += AVMConstants.DIR_APPBASE; - this.avmService.createDirectory(path, AVMConstants.DIR_WEBAPPS); //this.fileFolderService.create(AVMNodeConverter.ToNodeRef(-1, path), AVMConstants.DIR_WEBAPPS, ContentModel.TYPE_AVM_PLAIN_FOLDER); + this.avmService.createDirectory(path, AVMConstants.DIR_WEBAPPS); // tag the store with the store type this.avmService.setStoreProperty(stagingStore, @@ -342,8 +369,13 @@ public class CreateWebsiteWizard extends BaseWizardBean // create a layered directory pointing to 'appBase' in the staging area path = previewStore + ":/"; String targetPath = name + AVMConstants.STORE_STAGING + ":/" + AVMConstants.DIR_APPBASE; - this.avmService.createLayeredDirectory(targetPath, path, AVMConstants.DIR_APPBASE); //this.fileFolderService.create(AVMNodeConverter.ToNodeRef(-1, path), AVMConstants.DIR_APPBASE, ContentModel.TYPE_AVM_PLAIN_FOLDER); + this.avmService.createLayeredDirectory(targetPath, path, AVMConstants.DIR_APPBASE); + dirRef = AVMNodeConverter.ToNodeRef(-1, path + '/' + AVMConstants.DIR_APPBASE); + for (String manager : managers) + { + this.permissionService.setPermission(dirRef, manager, ROLE_CONTENT_MANAGER, true); + } // tag the store with the store type this.avmService.setStoreProperty(previewStore, @@ -384,10 +416,11 @@ public class CreateWebsiteWizard extends BaseWizardBean * Website Name: .website.name = website name * * @param name The store name to create the sandbox for + * @param managers The list of authorities who have ContentManager role in the website * @param username Username of the user to create the sandbox for * @param role Role permission for the user */ - private void createUserSandbox(String name, String username, String role) + private void createUserSandbox(String name, List managers, String username, String role) { // create the user 'main' store String userStore = AVMConstants.buildAVMUserMainStoreName(name, username); @@ -399,12 +432,18 @@ public class CreateWebsiteWizard extends BaseWizardBean String path = userStore + ":/"; String targetPath = name + AVMConstants.STORE_STAGING + ":/" + AVMConstants.DIR_APPBASE; this.avmService.createLayeredDirectory(targetPath, path, AVMConstants.DIR_APPBASE); + NodeRef dirRef = AVMNodeConverter.ToNodeRef(-1, path + '/' + AVMConstants.DIR_APPBASE); + this.permissionService.setPermission(dirRef, username, role, true); + for (String manager : managers) + { + this.permissionService.setPermission(dirRef, manager, ROLE_CONTENT_MANAGER, true); + } // tag the store with the store type this.avmService.setStoreProperty(userStore, QName.createQName(null, AVMConstants.PROP_SANDBOX_AUTHOR_MAIN), new PropertyValue(DataTypeDefinition.TEXT, null)); - + // tag the store with the base name of the website so that corresponding // staging areas can be found. this.avmService.setStoreProperty(userStore, @@ -431,6 +470,12 @@ public class CreateWebsiteWizard extends BaseWizardBean path = previewStore + ":/"; targetPath = userStore + ":/" + AVMConstants.DIR_APPBASE; this.avmService.createLayeredDirectory(targetPath, path, AVMConstants.DIR_APPBASE); + dirRef = AVMNodeConverter.ToNodeRef(-1, path + '/' + AVMConstants.DIR_APPBASE); + this.permissionService.setPermission(dirRef, username, role, true); + for (String manager : managers) + { + this.permissionService.setPermission(dirRef, manager, ROLE_CONTENT_MANAGER, true); + } // tag the store with the store type this.avmService.setStoreProperty(previewStore, diff --git a/source/web/WEB-INF/faces-config-beans.xml b/source/web/WEB-INF/faces-config-beans.xml index 446c4c2998..a803e7033f 100644 --- a/source/web/WEB-INF/faces-config-beans.xml +++ b/source/web/WEB-INF/faces-config-beans.xml @@ -2170,6 +2170,10 @@ avmService #{AVMService} + + permissionService + #{PermissionService} +