public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-24 23:22:56 +00:00
Code Issues Releases Wiki Activity

#13: ACL system

Browse Source
This commit is contained in:
jendib
2015-05-09 14:44:19 +02:00
parent 6ff639baac
commit fc1bb22d8d
30 changed files with 1197 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java Normal file
View File

@@ -0,0 +1,174 @@
package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
import com.sismics.docs.core.dao.jpa.UserDao;
import com.sismics.docs.core.dao.jpa.criteria.UserCriteria;
import com.sismics.docs.core.dao.jpa.dto.UserDto;
import com.sismics.docs.core.model.jpa.Acl;
import com.sismics.docs.core.model.jpa.Document;
import com.sismics.docs.core.model.jpa.User;
import com.sismics.docs.core.util.jpa.PaginatedList;
import com.sismics.docs.core.util.jpa.PaginatedLists;
import com.sismics.docs.core.util.jpa.SortCriteria;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.ValidationUtil;
/**
* ACL REST resources.
*
* @author bgamard
*/
@Path("/acl")
public class AclResource extends BaseResource {
/**
* Add an ACL.
*
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response add(@FormParam("source") String sourceId,
@FormParam("perm") String permStr,
@FormParam("username") String username) throws JSONException {
if (!authenticate()) {
throw new ForbiddenClientException();
}
// Validate input
sourceId = ValidationUtil.validateLength(sourceId, "source", 36, 36, false);
PermType perm = PermType.valueOf(ValidationUtil.validateLength(permStr, "perm", 1, 30, false));
username = ValidationUtil.validateLength(username, "username", 1, 50, false);
// Validate the target user
UserDao userDao = new UserDao();
User user = userDao.getActiveByUsername(username);
if (user == null) {
throw new ClientException("UserNotFound", MessageFormat.format("User not found: {0}", username));
}
// Check permission on the source by the principal
AclDao aclDao = new AclDao();
if (!aclDao.checkPermission(sourceId, PermType.WRITE, principal.getId())) {
throw new ForbiddenClientException();
}
// Create the ACL
Acl acl = new Acl();
acl.setSourceId(sourceId);
acl.setPerm(perm);
acl.setTargetId(user.getId());
// Avoid duplicates
if (!aclDao.checkPermission(acl.getSourceId(), acl.getPerm(), acl.getTargetId())) {
aclDao.create(acl);
// Returns the ACL
JSONObject response = new JSONObject();
response.put("perm", acl.getPerm().name());
response.put("id", acl.getTargetId());
response.put("name", user.getUsername());
response.put("type", AclTargetType.USER.name());
return Response.ok().entity(response).build();
}
return Response.ok().entity(new JSONObject()).build();
}
/**
* Deletes an ACL.
*
* @param id ACL ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{sourceId: [a-z0-9\\-]+}/{perm: READ|WRITE}/{targetId: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("sourceId") String sourceId,
@PathParam("perm") String permStr,
@PathParam("targetId") String targetId) throws JSONException {
if (!authenticate()) {
throw new ForbiddenClientException();
}
// Validate input
sourceId = ValidationUtil.validateLength(sourceId, "source", 36, 36, false);
PermType perm = PermType.valueOf(ValidationUtil.validateLength(permStr, "perm", 1, 30, false));
targetId = ValidationUtil.validateLength(targetId, "target", 36, 36, false);
// Check permission on the source by the principal
AclDao aclDao = new AclDao();
if (!aclDao.checkPermission(sourceId, PermType.WRITE, principal.getId())) {
throw new ForbiddenClientException();
}
// Cannot delete R/W on a source document if the target is the creator
DocumentDao documentDao = new DocumentDao();
Document document = documentDao.getById(sourceId);
if (document != null && document.getUserId().equals(targetId)) {
throw new ClientException("AclError", "Cannot delete base ACL on a document");
}
// Delete the ACL
aclDao.delete(sourceId, perm, targetId);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
}
@GET
@Path("target/search")
@Produces(MediaType.APPLICATION_JSON)
public Response targetList(@QueryParam("search") String search) throws JSONException {
if (!authenticate()) {
throw new ForbiddenClientException();
}
// Validate input
search = ValidationUtil.validateLength(search, "search", 1, 50, false);
// Search users
UserDao userDao = new UserDao();
JSONObject response = new JSONObject();
List<JSONObject> users = new ArrayList<>();
PaginatedList<UserDto> paginatedList = PaginatedLists.create();
SortCriteria sortCriteria = new SortCriteria(1, true);
userDao.findByCriteria(paginatedList, new UserCriteria().setSearch(search), sortCriteria);
for (UserDto userDto : paginatedList.getResultList()) {
JSONObject user = new JSONObject();
user.put("username", userDto.getUsername());
users.add(user);
}
response.put("users", users);
return Response.ok().entity(response).build();
}
}

60
docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java
View File

@@ -6,6 +6,8 @@ import java.util.List;
import java.util.Map;
import java.util.ResourceBundle;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
@@ -20,11 +22,14 @@ import org.apache.log4j.Logger;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
import com.sismics.docs.core.dao.jpa.FileDao;
import com.sismics.docs.core.dao.jpa.criteria.DocumentCriteria;
import com.sismics.docs.core.dao.jpa.dto.DocumentDto;
import com.sismics.docs.core.model.context.AppContext;
import com.sismics.docs.core.model.jpa.Acl;
import com.sismics.docs.core.model.jpa.File;
import com.sismics.docs.core.util.ConfigUtil;
import com.sismics.docs.core.util.DirectoryUtil;
@@ -34,6 +39,7 @@ import com.sismics.docs.core.util.jpa.SortCriteria;
import com.sismics.docs.rest.constant.BaseFunction;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.exception.ServerException;
import com.sismics.util.context.ThreadLocalContext;
import com.sismics.util.log4j.LogCriteria;
import com.sismics.util.log4j.LogEntry;
import com.sismics.util.log4j.MemoryAppender;
@@ -206,4 +212,58 @@ public class AppResource extends BaseResource {
response.put("status", "ok");
return Response.ok().entity(response).build();
}
/**
* Rebuild ACLs.
* Set Read + Write on documents' creator.
* Loose all sharing.
*
* @return Response
* @throws JSONException
*/
@POST
@Path("batch/rebuild_acls")
@Produces(MediaType.APPLICATION_JSON)
public Response batchRebuildAcls() throws JSONException {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
AclDao aclDao = new AclDao();
EntityManager em = ThreadLocalContext.get().getEntityManager();
em.createNativeQuery("truncate table T_ACL").executeUpdate();
em.createNativeQuery("truncate table T_SHARE").executeUpdate();
Query q = em.createNativeQuery("select DOC_ID_C, DOC_IDUSER_C from T_DOCUMENT");
@SuppressWarnings("unchecked")
List<Object[]> l = q.getResultList();
for (Object[] o : l) {
String documentId = (String) o[0];
String userId = (String) o[1];
// Create read ACL
Acl acl = new Acl();
acl.setPerm(PermType.READ);
acl.setSourceId(documentId);
acl.setTargetId(userId);
System.out.println(acl);
aclDao.create(acl);
// Create write ACL
acl = new Acl();
acl.setPerm(PermType.WRITE);
acl.setSourceId(documentId);
acl.setTargetId(userId);
System.out.println(acl);
aclDao.create(acl);
}
int mod = em.createNativeQuery("update T_FILE set FIL_IDUSER_C = (select DOC_IDUSER_C from T_DOCUMENT where DOC_ID_C = FIL_IDDOC_C) where FIL_IDDOC_C is not null").executeUpdate();
JSONObject response = new JSONObject();
response.put("status", "ok");
response.put("file_id_user_updated", mod);
return Response.ok().entity(response).build();
}
}

66
docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java
View File

@@ -33,11 +33,13 @@ import org.joda.time.format.DateTimeParser;
import com.google.common.base.Joiner;
import com.google.common.base.Strings;
import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
import com.sismics.docs.core.dao.jpa.FileDao;
import com.sismics.docs.core.dao.jpa.ShareDao;
import com.sismics.docs.core.dao.jpa.TagDao;
import com.sismics.docs.core.dao.jpa.criteria.DocumentCriteria;
import com.sismics.docs.core.dao.jpa.dto.AclDto;
import com.sismics.docs.core.dao.jpa.dto.DocumentDto;
import com.sismics.docs.core.dao.jpa.dto.TagDto;
import com.sismics.docs.core.event.DocumentCreatedAsyncEvent;
@@ -45,9 +47,9 @@ import com.sismics.docs.core.event.DocumentDeletedAsyncEvent;
import com.sismics.docs.core.event.DocumentUpdatedAsyncEvent;
import com.sismics.docs.core.event.FileDeletedAsyncEvent;
import com.sismics.docs.core.model.context.AppContext;
import com.sismics.docs.core.model.jpa.Acl;
import com.sismics.docs.core.model.jpa.Document;
import com.sismics.docs.core.model.jpa.File;
import com.sismics.docs.core.model.jpa.Share;
import com.sismics.docs.core.model.jpa.Tag;
import com.sismics.docs.core.util.jpa.PaginatedList;
import com.sismics.docs.core.util.jpa.PaginatedLists;
@@ -67,7 +69,7 @@ public class DocumentResource extends BaseResource {
/**
* Returns a document.
*
* @param id Document ID
* @param documentId Document ID
* @return Response
* @throws JSONException
*/
@@ -75,22 +77,22 @@ public class DocumentResource extends BaseResource {
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response get(
@PathParam("id") String id,
@PathParam("id") String documentId,
@QueryParam("share") String shareId) throws JSONException {
authenticate();
DocumentDao documentDao = new DocumentDao();
ShareDao shareDao = new ShareDao();
AclDao aclDao = new AclDao();
Document documentDb;
try {
documentDb = documentDao.getDocument(id);
documentDb = documentDao.getDocument(documentId);
// Check document visibility
if (!shareDao.checkVisibility(documentDb, principal.getId(), shareId)) {
if (!aclDao.checkPermission(documentId, PermType.READ, shareId == null ? principal.getId() : shareId)) {
throw new ForbiddenClientException();
}
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", id));
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", documentId));
}
JSONObject document = new JSONObject();
@@ -99,10 +101,11 @@ public class DocumentResource extends BaseResource {
document.put("description", documentDb.getDescription());
document.put("create_date", documentDb.getCreateDate().getTime());
document.put("language", documentDb.getLanguage());
document.put("creator", documentDb.getUserId());
// Add tags
TagDao tagDao = new TagDao();
List<TagDto> tagDtoList = tagDao.getByDocumentId(id);
List<TagDto> tagDtoList = tagDao.getByDocumentId(documentId);
List<JSONObject> tags = new ArrayList<>();
for (TagDto tagDto : tagDtoList) {
JSONObject tag = new JSONObject();
@@ -113,16 +116,24 @@ public class DocumentResource extends BaseResource {
}
document.put("tags", tags);
// Add shares
List<Share> shareDbList = shareDao.getByDocumentId(id);
List<JSONObject> shareList = new ArrayList<>();
for (Share shareDb : shareDbList) {
JSONObject share = new JSONObject();
share.put("id", shareDb.getId());
share.put("name", shareDb.getName());
shareList.add(share);
// Add ACL
List<AclDto> aclDtoList = aclDao.getBySourceId(documentId);
List<JSONObject> aclList = new ArrayList<>();
boolean writable = false;
for (AclDto aclDto : aclDtoList) {
JSONObject acl = new JSONObject();
acl.put("perm", aclDto.getPerm().name());
acl.put("id", aclDto.getTargetId());
acl.put("name", aclDto.getTargetName());
acl.put("type", aclDto.getTargetType());
aclList.add(acl);
if (aclDto.getTargetId().equals(principal.getId()) && aclDto.getPerm() == PermType.WRITE) {
writable = true;
}
}
document.put("shares", shareList);
document.put("acls", aclList);
document.put("writable", writable);
return Response.ok().entity(document).build();
}
@@ -341,6 +352,21 @@ public class DocumentResource extends BaseResource {
}
String documentId = documentDao.create(document);
// Create read ACL
AclDao aclDao = new AclDao();
Acl acl = new Acl();
acl.setPerm(PermType.READ);
acl.setSourceId(documentId);
acl.setTargetId(principal.getId());
aclDao.create(acl);
// Create write ACL
acl = new Acl();
acl.setPerm(PermType.WRITE);
acl.setSourceId(documentId);
acl.setTargetId(principal.getId());
aclDao.create(acl);
// Update tags
updateTagList(documentId, tagList);
@@ -389,7 +415,7 @@ public class DocumentResource extends BaseResource {
DocumentDao documentDao = new DocumentDao();
Document document;
try {
document = documentDao.getDocument(id, principal.getId());
document = documentDao.getDocument(id, PermType.WRITE, principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", id));
}
@@ -470,7 +496,7 @@ public class DocumentResource extends BaseResource {
Document document;
List<File> fileList;
try {
document = documentDao.getDocument(id, principal.getId());
document = documentDao.getDocument(id, PermType.WRITE, principal.getId());
fileList = fileDao.getByDocumentId(principal.getId(), id);
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", id));

44
docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java
View File

@@ -36,9 +36,10 @@ import org.codehaus.jettison.json.JSONObject;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.common.io.ByteStreams;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
import com.sismics.docs.core.dao.jpa.FileDao;
import com.sismics.docs.core.dao.jpa.ShareDao;
import com.sismics.docs.core.dao.jpa.UserDao;
import com.sismics.docs.core.event.FileCreatedAsyncEvent;
import com.sismics.docs.core.event.FileDeletedAsyncEvent;
@@ -97,7 +98,7 @@ public class FileResource extends BaseResource {
} else {
DocumentDao documentDao = new DocumentDao();
try {
document = documentDao.getDocument(documentId, principal.getId());
document = documentDao.getDocument(documentId, PermType.WRITE, principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", documentId));
}
@@ -194,7 +195,7 @@ public class FileResource extends BaseResource {
File file;
try {
file = fileDao.getFile(id, principal.getId());
document = documentDao.getDocument(documentId, principal.getId());
document = documentDao.getDocument(documentId, PermType.WRITE, principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", documentId));
}
@@ -254,7 +255,7 @@ public class FileResource extends BaseResource {
// Get the document
DocumentDao documentDao = new DocumentDao();
try {
documentDao.getDocument(documentId, principal.getId());
documentDao.getDocument(documentId, PermType.WRITE, principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", documentId));
}
@@ -293,10 +294,8 @@ public class FileResource extends BaseResource {
// Check document visibility
if (documentId != null) {
try {
DocumentDao documentDao = new DocumentDao();
Document document = documentDao.getDocument(documentId);
ShareDao shareDao = new ShareDao();
if (!shareDao.checkVisibility(document, principal.getId(), shareId)) {
AclDao aclDao = new AclDao();
if (!aclDao.checkPermission(documentId, PermType.READ, shareId == null ? principal.getId() : shareId)) {
throw new ForbiddenClientException();
}
} catch (NoResultException e) {
@@ -354,7 +353,7 @@ public class FileResource extends BaseResource {
throw new ForbiddenClientException();
}
} else {
documentDao.getDocument(file.getDocumentId(), principal.getId());
documentDao.getDocument(file.getDocumentId(), PermType.WRITE, principal.getId());
}
} catch (NoResultException e) {
throw new ClientException("FileNotFound", MessageFormat.format("File not found: {0}", id));
@@ -398,11 +397,8 @@ public class FileResource extends BaseResource {
// Get the file
FileDao fileDao = new FileDao();
DocumentDao documentDao = new DocumentDao();
UserDao userDao = new UserDao();
File file;
Document document;
String userId;
try {
file = fileDao.getFile(fileId);
@@ -412,16 +408,10 @@ public class FileResource extends BaseResource {
// But not ours
throw new ForbiddenClientException();
}
userId = file.getUserId();
} else {
// It's a file linked to a document
document = documentDao.getDocument(file.getDocumentId());
userId = document.getUserId();
// Check document visibility
ShareDao shareDao = new ShareDao();
if (!shareDao.checkVisibility(document, principal.getId(), shareId)) {
// Check document accessibility
AclDao aclDao = new AclDao();
if (!aclDao.checkPermission(file.getDocumentId(), PermType.READ, shareId == null ? principal.getId() : shareId)) {
throw new ForbiddenClientException();
}
}
@@ -451,7 +441,8 @@ public class FileResource extends BaseResource {
// Stream the output and decrypt it if necessary
StreamingOutput stream;
User user = userDao.getById(userId);
// A file is always encrypted by the creator of it
User user = userDao.getById(file.getUserId());
try {
InputStream fileInputStream = new FileInputStream(storedfile);
final InputStream responseInputStream = decrypt ?
@@ -500,8 +491,8 @@ public class FileResource extends BaseResource {
document = documentDao.getDocument(documentId);
// Check document visibility
ShareDao shareDao = new ShareDao();
if (!shareDao.checkVisibility(document, principal.getId(), shareId)) {
AclDao aclDao = new AclDao();
if (!aclDao.checkPermission(documentId, PermType.READ, shareId == null ? principal.getId() : shareId)) {
throw new ForbiddenClientException();
}
} catch (NoResultException e) {
@@ -510,9 +501,8 @@ public class FileResource extends BaseResource {
// Get files and user associated with this document
FileDao fileDao = new FileDao();
UserDao userDao = new UserDao();
final UserDao userDao = new UserDao();
final List<File> fileList = fileDao.getByDocumentId(principal.getId(), documentId);
final User user = userDao.getById(document.getUserId());
// Create the ZIP stream
StreamingOutput stream = new StreamingOutput() {
@@ -526,6 +516,8 @@ public class FileResource extends BaseResource {
InputStream fileInputStream = new FileInputStream(storedfile);
// Add the decrypted file to the ZIP stream
// Files are encrypted by the creator of them
User user = userDao.getById(file.getUserId());
try (InputStream decryptedStream = EncryptionUtil.decryptInputStream(fileInputStream, user.getPrivateKey())) {
ZipEntry zipEntry = new ZipEntry(index + "." + MimeTypeUtil.getFileExtension(file.getMimeType()));
zipOutputStream.putNextEntry(zipEntry);

44
docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java
View File

@@ -2,6 +2,7 @@ package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import java.util.List;
import javax.persistence.NoResultException;
import javax.ws.rs.DELETE;
@@ -16,8 +17,12 @@ import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.DocumentDao;
import com.sismics.docs.core.dao.jpa.ShareDao;
import com.sismics.docs.core.model.jpa.Acl;
import com.sismics.docs.core.model.jpa.Share;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
@@ -53,7 +58,7 @@ public class ShareResource extends BaseResource {
// Get the document
DocumentDao documentDao = new DocumentDao();
try {
documentDao.getDocument(documentId, principal.getId());
documentDao.getDocument(documentId, PermType.WRITE, principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", documentId));
}
@@ -61,14 +66,23 @@ public class ShareResource extends BaseResource {
// Create the share
ShareDao shareDao = new ShareDao();
Share share = new Share();
share.setDocumentId(documentId);
share.setName(name);
shareDao.create(share);
// Create the ACL
AclDao aclDao = new AclDao();
Acl acl = new Acl();
acl.setSourceId(documentId);
acl.setPerm(PermType.READ);
acl.setTargetId(share.getId());
aclDao.create(acl);
// Always return ok
// Returns the created ACL
JSONObject response = new JSONObject();
response.put("status", "ok");
response.put("id", share.getId());
response.put("perm", acl.getPerm().name());
response.put("id", acl.getTargetId());
response.put("name", name);
response.put("type", AclTargetType.SHARE);
return Response.ok().entity(response).build();
}
@@ -88,23 +102,21 @@ public class ShareResource extends BaseResource {
throw new ForbiddenClientException();
}
// Get the share
ShareDao shareDao = new ShareDao();
DocumentDao documentDao = new DocumentDao();
Share share = shareDao.getShare(id);
if (share == null) {
// Check that the user can share the linked document
AclDao aclDao = new AclDao();
List<Acl> aclList = aclDao.getByTargetId(id);
if (aclList.size() == 0) {
throw new ClientException("ShareNotFound", MessageFormat.format("Share not found: {0}", id));
}
// Check that the user is the owner of the linked document
try {
documentDao.getDocument(share.getDocumentId(), principal.getId());
} catch (NoResultException e) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", share.getDocumentId()));
Acl acl = aclList.get(0);
if (!aclDao.checkPermission(acl.getSourceId(), PermType.WRITE, principal.getId())) {
throw new ClientException("DocumentNotFound", MessageFormat.format("Document not found: {0}", acl.getSourceId()));
}
// Delete the share
shareDao.delete(share.getId());
ShareDao shareDao = new ShareDao();
shareDao.delete(id);
// Always return ok
JSONObject response = new JSONObject();

4
docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java
View File

@@ -4,6 +4,7 @@ import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
import com.sismics.docs.core.dao.jpa.RoleBaseFunctionDao;
import com.sismics.docs.core.dao.jpa.UserDao;
import com.sismics.docs.core.dao.jpa.criteria.UserCriteria;
import com.sismics.docs.core.dao.jpa.dto.UserDto;
import com.sismics.docs.core.model.jpa.AuthenticationToken;
import com.sismics.docs.core.model.jpa.User;
@@ -19,6 +20,7 @@ import com.sismics.rest.util.ValidationUtil;
import com.sismics.security.UserPrincipal;
import com.sismics.util.LocaleUtil;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
@@ -517,7 +519,7 @@ public class UserResource extends BaseResource {
SortCriteria sortCriteria = new SortCriteria(sortColumn, asc);
UserDao userDao = new UserDao();
userDao.findAll(paginatedList, sortCriteria);
userDao.findByCriteria(paginatedList, new UserCriteria(), sortCriteria);
for (UserDto userDto : paginatedList.getResultList()) {
JSONObject user = new JSONObject();
user.put("id", userDto.getId());

71
docs-web/src/main/webapp/src/app/docs/controller/DocumentView.js
View File

@@ -3,12 +3,22 @@
/**
* Document view controller.
*/
angular.module('docs').controller('DocumentView', function ($scope, $state, $stateParams, $location, $dialog, $modal, Restangular, $upload) {
angular.module('docs').controller('DocumentView', function ($scope, $state, $stateParams, $location, $dialog, $modal, Restangular, $upload, $q) {
// Load data from server
Restangular.one('document', $stateParams.id).get().then(function(data) {
$scope.document = data;
});
// Watch for ACLs change and group them for easy displaying
$scope.$watch('document.acls', function(acls) {
$scope.acls = _.groupBy(acls, function(acl) {
return acl.id;
});
});
// Initialize add ACL
$scope.acl = { perm: 'READ' };
/**
* Configuration for file sorting.
*/
@@ -17,7 +27,7 @@ angular.module('docs').controller('DocumentView', function ($scope, $state, $sta
forcePlaceholderSize: true,
tolerance: 'pointer',
handle: '.handle',
stop: function (e, ui) {
stop: function () {
// Send new positions to server
$scope.$apply(function () {
Restangular.one('file').post('reorder', {
@@ -103,15 +113,10 @@ angular.module('docs').controller('DocumentView', function ($scope, $state, $sta
Restangular.one('share').put({
name: name,
id: $stateParams.id
}).then(function (data) {
var share = {
name: name,
id: data.id
};
// Display the new share and add it to the local shares
$scope.showShare(share);
$scope.document.shares.push(share);
}).then(function (acl) {
// Display the new share ACL and add it to the local ACLs
$scope.showShare(acl);
$scope.document.acls.push(acl);
})
});
};
@@ -135,7 +140,7 @@ angular.module('docs').controller('DocumentView', function ($scope, $state, $sta
if (result == 'unshare') {
// Unshare this document and update the local shares
Restangular.one('share', share.id).remove().then(function () {
$scope.document.shares = _.reject($scope.document.shares, function(s) {
$scope.document.acls = _.reject($scope.document.acls, function(s) {
return share.id == s.id;
});
});
@@ -148,6 +153,10 @@ angular.module('docs').controller('DocumentView', function ($scope, $state, $sta
* @param files
*/
$scope.fileDropped = function(files) {
if (!$scope.document.writable) {
return;
}
if (files && files.length) {
// Adding files to the UI
var newfiles = [];
@@ -197,4 +206,42 @@ angular.module('docs').controller('DocumentView', function ($scope, $state, $sta
newfile.id = data.id;
});
};
/**
* Delete an ACL.
* @param acl
*/
$scope.deleteAcl = function(acl) {
Restangular.one('acl/' + $stateParams.id + '/' + acl.perm + '/' + acl.id, null).remove().then(function () {
$scope.document.acls = _.reject($scope.document.acls, function(s) {
return angular.equals(acl, s);
});
});
};
/**
* Add an ACL.
*/
$scope.addAcl = function() {
$scope.acl.source = $stateParams.id;
Restangular.one('acl').put($scope.acl).then(function(acl) {
$scope.acl = { perm: 'READ' };
if (_.isUndefined(acl.id)) {
return;
}
$scope.document.acls.push(acl);
$scope.document.acls = angular.copy($scope.document.acls);
});
};
$scope.getTargetAclTypeahead = function($viewValue) {
var deferred = $q.defer();
Restangular.one('acl/target/search')
.get({
search: $viewValue
}).then(function(data) {
deferred.resolve(_.pluck(data.users, 'username'), true);
});
return deferred.promise;
};
});

3
docs-web/src/main/webapp/src/index.html
View File

@@ -104,6 +104,9 @@
<span class="glyphicon glyphicon-warning-sign"></span> {{ errorNumber }} new error{{ errorNumber > 1 ? 's' : '' }}
</a>
</li>
<li>
<a href="#/settings/account" title="Logged in as {{ userInfo.username }}">{{ userInfo.username }}</a>
</li>
<li ng-class="{active: $uiRoute}" ui-route="/settings.*">
<a href="#/settings/account">
<span class="glyphicon glyphicon-cog"></span> Settings

134
docs-web/src/main/webapp/src/partial/docs/document.view.html
View File

@@ -1,7 +1,7 @@
<img src="img/loader.gif" ng-show="!document" />
<div ng-show="document">
<div class="text-right">
<div class="text-right" ng-show="document.writable">
<div class="btn-group">
<button class="btn btn-danger" ng-click="deleteDocument(document)"><span class="glyphicon glyphicon-trash"></span> Delete</button>
<a href="#/document/edit/{{ document.id }}" class="btn btn-primary"><span class="glyphicon glyphicon-pencil"></span> Edit</a>
@@ -16,11 +16,11 @@
<span class="glyphicon glyphicon-download-alt"></span>
</a>
</h1>
<p>
<p ng-show="document.writable">
<button class="btn btn-sm btn-info" ng-click="share()">
<span class="glyphicon glyphicon-share"></span> Share
</button>
<button class="btn btn-default btn-sm" ng-repeat="share in document.shares" ng-click="showShare(share)">
<button class="btn btn-default btn-sm" ng-repeat="share in document.acls | filter: { 'type': 'SHARE' }" ng-click="showShare(share)">
<span class="glyphicon glyphicon-ok"></span> {{ share.name ? share.name : 'shared' }}
</button>
</p>
@@ -30,44 +30,112 @@
</li>
</ul>
</div>
<p ng-bind-html="document.description | newline"></p>
<div ng-file-drop drag-over-class="bg-success" ng-multiple="true" allow-dir="false" ng-model="dropFiles"
accept="image/*,application/pdf,application/zip" ng-file-change="fileDropped($files, $event, $rejectedFiles)">
<div class="row upload-zone" ui-sortable="fileSortableOptions" ng-model="files">
<div class="col-xs-6 col-sm-4 col-md-3 col-lg-2 text-center" ng-repeat="file in files">
<div class="thumbnail" ng-if="file.id">
<a ng-click="openFile(file)">
<img class="thumbnail-file" ng-src="../api/file/{{ file.id }}/data?size=thumb" tooltip="{{ file.mimetype }}" tooltip-placement="top" />
</a>
<div class="caption">
<div class="pull-left">
<div class="btn btn-default handle"><span class="glyphicon glyphicon-resize-horizontal"></span></div>
<tabset>
<tab>
<tab-heading class="pointer">
<span class="glyphicon glyphicon-file"></span> Content
</tab-heading>
<p ng-bind-html="document.description | newline"></p>
<div ng-file-drop drag-over-class="bg-success" ng-multiple="true" allow-dir="false" ng-model="dropFiles"
accept="image/*,application/pdf,application/zip" ng-file-change="fileDropped($files, $event, $rejectedFiles)">
<div class="row upload-zone" ui-sortable="fileSortableOptions" ng-model="files">
<div class="col-xs-6 col-sm-4 col-md-3 col-lg-2 text-center" ng-repeat="file in files">
<div class="thumbnail" ng-if="file.id">
<a ng-click="openFile(file)">
<img class="thumbnail-file" ng-src="../api/file/{{ file.id }}/data?size=thumb" tooltip="{{ file.mimetype }}" tooltip-placement="top" />
</a>
<div class="caption" ng-show="document.writable">
<div class="pull-left">
<div class="btn btn-default handle"><span class="glyphicon glyphicon-resize-horizontal"></span></div>
</div>
<div class="pull-right">
<button class="btn btn-danger" ng-click="deleteFile(file)"><span class="glyphicon glyphicon-trash"></span></button>
</div>
<div class="clearfix"></div>
</div>
</div>
<div class="pull-right">
<button class="btn btn-danger" ng-click="deleteFile(file)"><span class="glyphicon glyphicon-trash"></span></button>
<div class="thumbnail" ng-if="!file.id">
<p class="text-center lead">
{{ file.status }}
</p>
<div class="caption">
<progressbar value="file.progress" class="progress-info active"></progressbar>
</div>
</div>
<div class="clearfix"></div>
</div>
</div>
<div class="thumbnail" ng-if="!file.id">
<p class="text-center lead">
{{ file.status }}
<p class="text-center well-lg" ng-if="files.length == 0">
<span class="glyphicon glyphicon-move"></span>
Drag &amp; drop files here to upload
</p>
<div class="caption">
<progressbar value="file.progress" class="progress-info active"></progressbar>
</div>
</div>
</div>
</tab>
<tab>
<tab-heading class="pointer">
<span class="glyphicon glyphicon-user"></span> Permissions
</tab-heading>
<table class="table">
<tr>
<th style="width: 40%">For</th>
<th style="width: 40%">Permission</th>
</tr>
<tr ng-repeat="(id, acl) in acls">
<td><em>{{ acl[0].type == 'SHARE' ? 'Shared' : 'User' }}</em> {{ acl[0].name }}</td>
<td>
<span class="label label-default" style="margin-right: 6px;" ng-repeat="a in acl | orderBy: 'perm'">
{{ a.perm }}
<span ng-show="document.creator != a.id && document.writable"
class="glyphicon glyphicon-remove pointer"
ng-click="deleteAcl(a)"></span>
</span>
</td>
</tr>
</table>
<div ng-show="document.writable">
<h4>Add a permission</h4>
<form name="aclForm" class="form-horizontal">
<div class="form-group">
<label class=" col-sm-2 control-label" for="inputTarget">User</label>
<div class="col-sm-3">
<input required ng-maxlength="50" class="form-control" type="text" id="inputTarget"
placeholder="Type a username" name="username" ng-model="acl.username" autocomplete="off"
typeahead="username for username in getTargetAclTypeahead($viewValue) | filter: $viewValue"
typeahead-wait-ms="200" />
</div>
</div>
<div class="form-group">
<label class=" col-sm-2 control-label" for="inputPermission">Permission</label>
<div class="col-sm-3">
<select class="form-control" ng-model="acl.perm" id="inputPermission">
<option value="READ">Read</option>
<option value="WRITE">Write</option>
</select>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-primary" ng-disabled="!aclForm.$valid" ng-click="addAcl()">
<span class="glyphicon glyphicon-plus"></span>
Add
</button>
</div>
</div>
</form>
</div>
</tab>
</tabset>
<p class="text-center well-lg" ng-if="files.length == 0">
<span class="glyphicon glyphicon-move"></span>
Drag &amp; drop files here to upload
</p>
</div>
</div>
<div ui-view="file"></div>
</div>

4
docs-web/src/main/webapp/src/style/main.less
View File

@@ -179,4 +179,8 @@ input[readonly].share-link {
.pointer {
cursor: pointer;
}
.tab-pane {
margin-top: 20px;
}