public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-13 01:36:18 +00:00
Code Issues Releases Wiki Activity

#159: add temporary READ ACL for route step

Browse Source
This commit is contained in:
Benjamin Gamard
2018-02-01 11:48:02 +01:00
parent 503cfff82e
commit c9adff5a25
12 changed files with 106 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java
View File

@@ -2,6 +2,7 @@ package com.sismics.docs.rest.resource;
import com.google.common.collect.Lists;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.AclType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.*;
import com.sismics.docs.core.dao.jpa.criteria.GroupCriteria;
@@ -90,6 +91,7 @@ public class AclResource extends BaseResource {
acl.setSourceId(sourceId);
acl.setPerm(perm);
acl.setTargetId(targetId);
acl.setType(AclType.USER);
// Avoid duplicates
if (!aclDao.checkPermission(acl.getSourceId(), acl.getPerm(), Lists.newArrayList(acl.getTargetId()))) {
@@ -164,7 +166,7 @@ public class AclResource extends BaseResource {
}
// Delete the ACL
aclDao.delete(sourceId, perm, targetId, principal.getId());
aclDao.delete(sourceId, perm, targetId, principal.getId(), AclType.USER);
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()

5
docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java
View File

@@ -2,6 +2,7 @@ package com.sismics.docs.rest.resource;
import com.google.common.base.Joiner;
import com.google.common.base.Strings;
import com.sismics.docs.core.constant.AclType;
import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.*;
@@ -173,7 +174,7 @@ public class DocumentResource extends BaseResource {
JsonArrayBuilder aclList = Json.createArrayBuilder();
for (TagDto tagDto : tagDtoList) {
AclDao aclDao = new AclDao();
List<AclDto> aclDtoList = aclDao.getBySourceId(tagDto.getId());
List<AclDto> aclDtoList = aclDao.getBySourceId(tagDto.getId(), AclType.USER);
for (AclDto aclDto : aclDtoList) {
aclList.add(Json.createObjectBuilder()
.add("perm", aclDto.getPerm().name())
@@ -618,6 +619,7 @@ public class DocumentResource extends BaseResource {
AclDao aclDao = new AclDao();
Acl acl = new Acl();
acl.setPerm(PermType.READ);
acl.setType(AclType.USER);
acl.setSourceId(documentId);
acl.setTargetId(principal.getId());
aclDao.create(acl, principal.getId());
@@ -625,6 +627,7 @@ public class DocumentResource extends BaseResource {
// Create write ACL
acl = new Acl();
acl.setPerm(PermType.WRITE);
acl.setType(AclType.USER);
acl.setSourceId(documentId);
acl.setTargetId(principal.getId());
aclDao.create(acl, principal.getId());

7
docs-web/src/main/java/com/sismics/docs/rest/resource/RouteResource.java
View File

@@ -10,6 +10,7 @@ import com.sismics.docs.core.dao.jpa.RouteStepDao;
import com.sismics.docs.core.model.jpa.Route;
import com.sismics.docs.core.model.jpa.RouteModel;
import com.sismics.docs.core.model.jpa.RouteStep;
import com.sismics.docs.core.util.RoutingUtil;
import com.sismics.docs.core.util.SecurityUtil;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
@@ -97,6 +98,12 @@ public class RouteResource extends BaseResource {
}
routeStepDao.create(routeStep);
if (i == 0) {
// Initialize ACL on the first step
RoutingUtil.updateAcl(documentId, routeStep, null, principal.getId());
// TODO Send an email to the targetId users
}
}
}

2
docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java
View File

@@ -2,6 +2,7 @@ package com.sismics.docs.rest.resource;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.AclType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.ShareDao;
@@ -76,6 +77,7 @@ public class ShareResource extends BaseResource {
Acl acl = new Acl();
acl.setSourceId(documentId);
acl.setPerm(PermType.READ);
acl.setType(AclType.USER);
acl.setTargetId(share.getId());
aclDao.create(acl, principal.getId());

3
docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java
View File

@@ -1,6 +1,7 @@
package com.sismics.docs.rest.resource;
import com.google.common.collect.Sets;
import com.sismics.docs.core.constant.AclType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.TagDao;
@@ -205,6 +206,7 @@ public class TagResource extends BaseResource {
AclDao aclDao = new AclDao();
Acl acl = new Acl();
acl.setPerm(PermType.READ);
acl.setType(AclType.USER);
acl.setSourceId(id);
acl.setTargetId(principal.getId());
aclDao.create(acl, principal.getId());
@@ -212,6 +214,7 @@ public class TagResource extends BaseResource {
// Create write ACL
acl = new Acl();
acl.setPerm(PermType.WRITE);
acl.setType(AclType.USER);
acl.setSourceId(id);
acl.setTargetId(principal.getId());
aclDao.create(acl, principal.getId());

10
docs-web/src/test/java/com/sismics/docs/rest/TestRouteResource.java
View File

@@ -57,16 +57,6 @@ public class TestRouteResource extends BaseJerseyTest {
.param("documentId", document1Id)
.param("routeModelId", routeModels.getJsonObject(0).getString("id"))), JsonObject.class);
// Add an ACL READ for admin with route1
// TODO Remove me when ACLs are automatically added on route step targets
target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, route1Token)
.put(Entity.form(new Form()
.param("source", document1Id)
.param("perm", "READ")
.param("target", "admin")
.param("type", "USER")), JsonObject.class);
// Get document 1 as route1
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, route1Token)