From 1d84e36e108c6fc71eb4a45c009e6907a7f109ae Mon Sep 17 00:00:00 2001 From: Yohann Chastagnier Date: Mon, 23 Nov 2015 20:38:17 +0100 Subject: [PATCH] Bug #6909 - fixing some wrong behaviors around the subscription management services (accessible only from kmelia application for now): - the domain isolation was not entirely taken in charge - the application rights were no taken in charge when proposing the users & groups for subscription (subscription panel) Conflicts: ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionUtil.java ejb-core/node/src/test/java/com/silverpeas/subscribe/util/SubscriptionUtilTest.java war-core/src/main/java/org/silverpeas/subscription/control/SubscriptionSessionController.java web-core/src/main/java/com/silverpeas/subscribe/web/SubscriptionResource.java Cleaning also some JS code. --- .../subscribe/SubscriptionService.java | 14 ++-- .../service/SimpleSubscriptionService.java | 20 ++--- .../subscribe/service/SubscriptionDao.java | 17 ++-- .../subscribe/util/SubscriptionList.java | 57 +++++++++++++ .../util/SubscriptionSubscriberList.java | 22 +++++ ...criptionSubscriberMapBySubscriberType.java | 17 ++++ .../subscribe/util/SubscriptionUtil.java | 82 +++++++++++++++++++ .../subscribe/util/SubscriptionUtilTest.java | 71 ++++++++++++++++ .../SubscriptionSessionController.java | 68 ++++++++++++--- .../main/webapp/util/javaScript/silverpeas.js | 8 +- .../subscribe/web/SubscriptionResource.java | 8 +- .../AbstractComponentSessionController.java | 9 +- .../MockableSubscriptionService.java | 15 ++-- .../web/SubscriptionGettingTest.java | 4 +- 14 files changed, 358 insertions(+), 54 deletions(-) create mode 100644 ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionList.java create mode 100644 ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionUtil.java create mode 100644 ejb-core/node/src/test/java/com/silverpeas/subscribe/util/SubscriptionUtilTest.java diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/SubscriptionService.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/SubscriptionService.java index c5413682076..dcd81fccd27 100644 --- a/ejb-core/node/src/main/java/com/silverpeas/subscribe/SubscriptionService.java +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/SubscriptionService.java @@ -25,6 +25,7 @@ package com.silverpeas.subscribe; import com.silverpeas.subscribe.constant.SubscriptionMethod; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import java.util.Collection; @@ -107,7 +108,7 @@ public interface SubscriptionService { * @param resource * @return list of subscriptions */ - public Collection getByResource(SubscriptionResource resource); + public SubscriptionList getByResource(SubscriptionResource resource); /** * Gets all subscriptions in relation to the given resource. @@ -115,8 +116,7 @@ public interface SubscriptionService { * @param method * @return list of subscriptions */ - public Collection getByResource(SubscriptionResource resource, - SubscriptionMethod method); + public SubscriptionList getByResource(SubscriptionResource resource, SubscriptionMethod method); /** * Gets all subscriptions (COMPONENT/NODE and SELF_CREATION/FORCED) in relation to a user. @@ -125,14 +125,14 @@ public Collection getByResource(SubscriptionResource resource, * of users that are subscribed through a subscribed group and of users that have been * subscribed by an other user */ - public Collection getByUserSubscriber(String userId); + public SubscriptionList getByUserSubscriber(String userId); /** * Gets all subscriptions (COMPONENT/NODE and SELF_CREATION/FORCED) in relation to a subscriber. * @param subscriber * @return list of subscriptions */ - public Collection getBySubscriber(SubscriptionSubscriber subscriber); + public SubscriptionList getBySubscriber(SubscriptionSubscriber subscriber); /** * Gets all subscriptions (COMPONENT/NODE and SELF_CREATION/FORCED) in relation to a subscriber @@ -141,7 +141,7 @@ public Collection getByResource(SubscriptionResource resource, * @param instanceId * @return list of subscriptions */ - public Collection getBySubscriberAndComponent(SubscriptionSubscriber subscriber, + public SubscriptionList getBySubscriberAndComponent(SubscriptionSubscriber subscriber, String instanceId); /** @@ -151,7 +151,7 @@ public Collection getBySubscriberAndComponent(SubscriptionSubscrib * @param resource * @return list of subscriptions */ - public Collection getBySubscriberAndResource(SubscriptionSubscriber subscriber, + public SubscriptionList getBySubscriberAndResource(SubscriptionSubscriber subscriber, SubscriptionResource resource); /** diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SimpleSubscriptionService.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SimpleSubscriptionService.java index 504af7c647d..a0976c69fd7 100644 --- a/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SimpleSubscriptionService.java +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SimpleSubscriptionService.java @@ -29,9 +29,9 @@ import com.silverpeas.subscribe.SubscriptionService; import com.silverpeas.subscribe.SubscriptionSubscriber; import com.silverpeas.subscribe.constant.SubscriptionMethod; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import com.stratelia.silverpeas.silvertrace.SilverTrace; -import com.stratelia.webactiv.beans.admin.UserDetail; import com.stratelia.webactiv.util.DBUtil; import com.stratelia.webactiv.util.JNDINames; import com.stratelia.webactiv.util.exception.SilverpeasRuntimeException; @@ -43,8 +43,6 @@ import java.sql.SQLException; import java.util.Collection; import java.util.Collections; -import java.util.HashSet; -import java.util.Set; /** * Class declaration @@ -185,12 +183,12 @@ public boolean existsSubscription(final Subscription subscription) { } @Override - public Collection getByResource(final SubscriptionResource resource) { + public SubscriptionList getByResource(final SubscriptionResource resource) { return getByResource(resource, SubscriptionMethod.UNKNOWN); } @Override - public Collection getByResource(final SubscriptionResource resource, + public SubscriptionList getByResource(final SubscriptionResource resource, final SubscriptionMethod method) { SilverTrace.info("subscribe", "SubscriptionService.getByResource", "root.MSG_GEN_ENTER_METHOD"); Connection con = null; @@ -207,10 +205,10 @@ public Collection getByResource(final SubscriptionResource resourc } @Override - public Collection getByUserSubscriber(final String userId) { + public SubscriptionList getByUserSubscriber(final String userId) { SilverTrace .info("subscribe", "SubscriptionService.getByUserSubscriber", "root.MSG_GEN_ENTER_METHOD"); - Collection subscriptions = + SubscriptionList subscriptions = getBySubscriber(UserSubscriptionSubscriber.from(userId)); for (String groupId : organisationController.getAllGroupIdsOfUser(userId)) { subscriptions.addAll(getBySubscriber(GroupSubscriptionSubscriber.from(groupId))); @@ -219,7 +217,7 @@ public Collection getByUserSubscriber(final String userId) { } @Override - public Collection getBySubscriber(SubscriptionSubscriber subscriber) { + public SubscriptionList getBySubscriber(SubscriptionSubscriber subscriber) { SilverTrace .info("subscribe", "SubscriptionService.getBySubscriber", "root.MSG_GEN_ENTER_METHOD"); Connection con = null; @@ -235,8 +233,8 @@ public Collection getBySubscriber(SubscriptionSubscriber subscribe } @Override - public Collection getBySubscriberAndComponent( - final SubscriptionSubscriber subscriber, final String instanceId) { + public SubscriptionList getBySubscriberAndComponent(final SubscriptionSubscriber subscriber, + final String instanceId) { SilverTrace.info("subscribe", "SubscriptionService.getBySubscriberAndComponent", "root.MSG_GEN_ENTER_METHOD"); Connection con = null; @@ -253,7 +251,7 @@ public Collection getBySubscriberAndComponent( } @Override - public Collection getBySubscriberAndResource(SubscriptionSubscriber subscriber, + public SubscriptionList getBySubscriberAndResource(SubscriptionSubscriber subscriber, SubscriptionResource resource) { SilverTrace.info("subscribe", "SubscriptionService.getBySubscriberAndResource", "root.MSG_GEN_ENTER_METHOD"); diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SubscriptionDao.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SubscriptionDao.java index ff3ffcab2ac..93e0f85f59a 100644 --- a/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SubscriptionDao.java +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/service/SubscriptionDao.java @@ -30,6 +30,7 @@ import com.silverpeas.subscribe.constant.SubscriberType; import com.silverpeas.subscribe.constant.SubscriptionMethod; import com.silverpeas.subscribe.constant.SubscriptionResourceType; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import com.silverpeas.util.ForeignPK; import com.silverpeas.util.StringUtil; @@ -43,12 +44,10 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Timestamp; -import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.Date; import java.util.HashSet; -import java.util.List; import java.util.Set; /** @@ -234,7 +233,7 @@ public boolean existsSubscription(Connection con, Subscription subscription) thr * @throws SQLException * @see */ - public Collection getSubscriptionsBySubscriber(Connection con, + public SubscriptionList getSubscriptionsBySubscriber(Connection con, SubscriptionSubscriber subscriber) throws SQLException { SilverTrace.info("subscribe", "SubscriptionDao.getSubscriptionsBySubscriber", "root.MSG_GEN_ENTER_METHOD"); @@ -259,7 +258,7 @@ public Collection getSubscriptionsBySubscriber(Connection con, * @throws SQLException * @see */ - public Collection getSubscriptionsBySubscriberAndComponent(Connection con, + public SubscriptionList getSubscriptionsBySubscriberAndComponent(Connection con, SubscriptionSubscriber subscriber, String instanceId) throws SQLException { SilverTrace.info("subscribe", "SubscriptionDao.getSubscriptionsBySubscriberAndComponent", "root.MSG_GEN_ENTER_METHOD"); @@ -286,7 +285,7 @@ public Collection getSubscriptionsBySubscriberAndComponent(Connect * @throws SQLException * @see */ - public Collection getSubscriptionsByResource(Connection con, + public SubscriptionList getSubscriptionsByResource(Connection con, SubscriptionResource resource, final SubscriptionMethod method) throws SQLException { SilverTrace.info("subscribe", "SubscriptionDao.getSubscriptionsByResource", "root.MSG_GEN_ENTER_METHOD"); @@ -320,7 +319,7 @@ public Collection getSubscriptionsByResource(Connection con, * @throws SQLException * @see */ - public Collection getSubscriptionsBySubscriberAndResource(Connection con, + public SubscriptionList getSubscriptionsBySubscriberAndResource(Connection con, SubscriptionSubscriber subscriber, SubscriptionResource resource) throws SQLException { SilverTrace.info("subscribe", "SubscriptionDao.getSubscriptionsBySubscriberAndResource", "root.MSG_GEN_ENTER_METHOD"); @@ -374,7 +373,7 @@ public SubscriptionSubscriberList getSubscribers(Connection con, } /** - * Centralied method. + * Centralized method. * @param con * @param resource * @param result @@ -417,8 +416,8 @@ private void findSubscribers(Connection con, SubscriptionResource resource, * @return * @throws SQLException */ - private Collection toList(ResultSet rs) throws SQLException { - List list = new ArrayList(); + private SubscriptionList toList(ResultSet rs) throws SQLException { + SubscriptionList list = new SubscriptionList(); Subscription subscription; while (rs.next()) { subscription = createSubscriptionInstance(rs); diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionList.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionList.java new file mode 100644 index 00000000000..6a2d426b610 --- /dev/null +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionList.java @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2000 - 2015 Silverpeas + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * As a special exception to the terms and conditions of version 3.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * Open Source Software ("FLOSS") applications as described in Silverpeas's + * FLOSS exception. You should have recieved a copy of the text describing + * the FLOSS exception, and it is also available here: + * "http://www.silverpeas.org/docs/core/legal/floss_exception.html" + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.silverpeas.subscribe.util; + +import com.silverpeas.subscribe.Subscription; +import com.stratelia.webactiv.beans.admin.UserDetail; + +import java.util.ArrayList; +import java.util.Iterator; + +import static com.silverpeas.subscribe.util.SubscriptionUtil.isSameVisibilityAsTheCurrentRequester; + +/** + * @author Yohann Chastagnier + */ +public class SubscriptionList extends ArrayList { + private static final long serialVersionUID = -2314233862350010699L; + + /** + * Removes from this list the subscription that the linked subscriber has not the same + * domain visibility as the one of the given user. + * @param user the user that represents the visibility to verify. + */ + public SubscriptionList filterOnDomainVisibilityFrom(final UserDetail user) { + if (user.isDomainRestricted()) { + Iterator itOfSubscriptions = this.iterator(); + while (itOfSubscriptions.hasNext()) { + Subscription subscription = itOfSubscriptions.next(); + if (!isSameVisibilityAsTheCurrentRequester(subscription.getSubscriber(), user)) { + itOfSubscriptions.remove(); + } + } + } + return this; + } +} diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberList.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberList.java index 6f9a5d296e2..2888d6bb1f5 100644 --- a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberList.java +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberList.java @@ -31,9 +31,12 @@ import java.util.ArrayList; import java.util.Collection; import java.util.HashSet; +import java.util.Iterator; import java.util.List; import java.util.Set; +import static com.silverpeas.subscribe.util.SubscriptionUtil.isSameVisibilityAsTheCurrentRequester; + /** * @author Yohann Chastagnier */ @@ -106,4 +109,23 @@ public List getAllUserIds() { public SubscriptionSubscriberMapBySubscriberType indexBySubscriberType() { return new SubscriptionSubscriberMapBySubscriberType(this); } + + /** + * Removes from this list the subscribers that have not the same domain visibility as the one + * of the given user. + * @param user the user that represents the visibility to verify. + * @return itself. + */ + public SubscriptionSubscriberList filterOnDomainVisibilityFrom(final UserDetail user) { + if (user.isDomainRestricted()) { + Iterator itOfSubscribers = this.iterator(); + while (itOfSubscribers.hasNext()) { + SubscriptionSubscriber subscriber = itOfSubscribers.next(); + if (!isSameVisibilityAsTheCurrentRequester(subscriber, user)) { + itOfSubscribers.remove(); + } + } + } + return this; + } } diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberMapBySubscriberType.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberMapBySubscriberType.java index f8bedccc9d6..6ffd303a19b 100644 --- a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberMapBySubscriberType.java +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionSubscriberMapBySubscriberType.java @@ -26,13 +26,16 @@ import com.silverpeas.subscribe.SubscriptionSubscriber; import com.silverpeas.subscribe.constant.SubscriberType; import com.silverpeas.util.CollectionUtil; +import com.stratelia.webactiv.beans.admin.UserDetail; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; +import java.util.Iterator; import java.util.List; +import java.util.Map; import java.util.Set; /** @@ -119,4 +122,18 @@ public List getAllUserIds() { } return new ArrayList(userIds); } + + /** + * Removes from this map the subscribers that have not the same domain visibility as the one + * of the given user. + * @param user the user that represents the visibility to verify. + * @return itself. + */ + public SubscriptionSubscriberMapBySubscriberType filterOnDomainVisibilityFrom( + final UserDetail user) { + for (final Map.Entry entry : entrySet()) { + entry.getValue().filterOnDomainVisibilityFrom(user); + } + return this; + } } diff --git a/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionUtil.java b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionUtil.java new file mode 100644 index 00000000000..438b155a6c9 --- /dev/null +++ b/ejb-core/node/src/main/java/com/silverpeas/subscribe/util/SubscriptionUtil.java @@ -0,0 +1,82 @@ +/* + * Copyright (C) 2000 - 2013 Silverpeas + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * As a special exception to the terms and conditions of version 3.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * Open Source Software ("FLOSS") applications as described in Silverpeas's + * FLOSS exception. You should have recieved a copy of the text describing + * the FLOSS exception, and it is also available here: + * "http://www.silverpeas.org/docs/core/legal/floss_exception.html" + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.silverpeas.subscribe.util; + +import com.silverpeas.subscribe.SubscriptionSubscriber; +import com.silverpeas.util.StringUtil; +import com.stratelia.webactiv.beans.admin.Group; +import com.stratelia.webactiv.beans.admin.UserDetail; + +/** + * Utility class shared by other classes of the same package. + */ +public class SubscriptionUtil { + + /** + * Indicates if the given subscription subscriber has same domain visibility as the current + * requester. + * @param subscriber the subscriber to verify. + * @param currentRequester the current user requester. + * @return true if same domain visibility, false otherwise. + */ + static boolean isSameVisibilityAsTheCurrentRequester( + final SubscriptionSubscriber subscriber, UserDetail currentRequester) { + if (currentRequester.isDomainRestricted()) { + switch (subscriber.getType()) { + case USER: + return isSameVisibilityAsTheCurrentRequester(UserDetail.getById(subscriber.getId()), + currentRequester); + case GROUP: + return isSameVisibilityAsTheCurrentRequester(Group.getById(subscriber.getId()), + currentRequester); + } + return false; + } + return true; + } + + /** + * Indicates if the given user has same domain visibility as the current requester. + * @param user the user to verify. + * @param currentRequester the current user requester. + * @return true if same domain visibility, false otherwise. + */ + public static boolean isSameVisibilityAsTheCurrentRequester(final UserDetail user, + UserDetail currentRequester) { + return !currentRequester.isDomainRestricted() || + user.getDomainId().equals(currentRequester.getDomainId()); + } + + /** + * Indicates if the given group has same domain visibility as the current requester. + * @param group the group to verify. + * @param currentRequester the current user requester. + * @return true if same domain visibility, false otherwise. + */ + public static boolean isSameVisibilityAsTheCurrentRequester(final Group group, + UserDetail currentRequester) { + return !currentRequester.isDomainRestricted() || StringUtil.isNotDefined(group.getDomainId()) || + group.getDomainId().equals(currentRequester.getDomainId()); + } +} diff --git a/ejb-core/node/src/test/java/com/silverpeas/subscribe/util/SubscriptionUtilTest.java b/ejb-core/node/src/test/java/com/silverpeas/subscribe/util/SubscriptionUtilTest.java new file mode 100644 index 00000000000..58383394518 --- /dev/null +++ b/ejb-core/node/src/test/java/com/silverpeas/subscribe/util/SubscriptionUtilTest.java @@ -0,0 +1,71 @@ +/* + * Copyright (C) 2000 - 2013 Silverpeas + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * As a special exception to the terms and conditions of version 3.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * Open Source Software ("FLOSS") applications as described in Silverpeas's + * FLOSS exception. You should have recieved a copy of the text describing + * the FLOSS exception, and it is also available here: + * "http://www.silverpeas.org/docs/core/legal/floss_exception.html" + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ +package com.silverpeas.subscribe.util; + +import com.stratelia.webactiv.beans.admin.Group; +import com.stratelia.webactiv.beans.admin.UserDetail; +import org.junit.Test; + +import static com.silverpeas.subscribe.util.SubscriptionUtil.isSameVisibilityAsTheCurrentRequester; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.is; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +public class SubscriptionUtilTest { + + @Test + public void isUserSameVisibilityAsTheCurrentRequester() { + UserDetail requester = mock(UserDetail.class); + when(requester.getDomainId()).thenReturn("0"); + UserDetail user = mock(UserDetail.class); + when(user.getDomainId()).thenReturn("0"); + assertThat(isSameVisibilityAsTheCurrentRequester(user, requester), is(true)); + + // Not same domainId but no domain isolation + when(user.getDomainId()).thenReturn("1"); + assertThat(isSameVisibilityAsTheCurrentRequester(user, requester), is(true)); + + // Not same domainId but no domain isolation + when(requester.isDomainRestricted()).thenReturn(true); + assertThat(isSameVisibilityAsTheCurrentRequester(user, requester), is(false)); + } + + @Test + public void isGroupSameVisibilityAsTheCurrentRequester() { + UserDetail requester = mock(UserDetail.class); + when(requester.getDomainId()).thenReturn("0"); + Group group = mock(Group.class); + when(group.getDomainId()).thenReturn("0"); + assertThat(isSameVisibilityAsTheCurrentRequester(group, requester), is(true)); + + // Not same domainId but no domain isolation + when(group.getDomainId()).thenReturn("1"); + assertThat(isSameVisibilityAsTheCurrentRequester(group, requester), is(true)); + + // Not same domainId but no domain isolation + when(requester.isDomainRestricted()).thenReturn(true); + assertThat(isSameVisibilityAsTheCurrentRequester(group, requester), is(false)); + } +} diff --git a/war-core/src/main/java/org/silverpeas/subscription/control/SubscriptionSessionController.java b/war-core/src/main/java/org/silverpeas/subscription/control/SubscriptionSessionController.java index 9b73e48f8c6..1541cbbf6b6 100644 --- a/war-core/src/main/java/org/silverpeas/subscription/control/SubscriptionSessionController.java +++ b/war-core/src/main/java/org/silverpeas/subscription/control/SubscriptionSessionController.java @@ -24,14 +24,17 @@ package org.silverpeas.subscription.control; import com.silverpeas.subscribe.Subscription; +import com.silverpeas.subscribe.SubscriptionResource; import com.silverpeas.subscribe.SubscriptionService; import com.silverpeas.subscribe.SubscriptionServiceProvider; import com.silverpeas.subscribe.constant.SubscriberType; import com.silverpeas.subscribe.constant.SubscriptionMethod; +import com.silverpeas.subscribe.constant.SubscriptionResourceType; import com.silverpeas.subscribe.service.ComponentSubscription; import com.silverpeas.subscribe.service.GroupSubscriptionSubscriber; import com.silverpeas.subscribe.service.NodeSubscription; import com.silverpeas.subscribe.service.UserSubscriptionSubscriber; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberMapBySubscriberType; import com.stratelia.silverpeas.peasCore.AbstractComponentSessionController; import com.stratelia.silverpeas.peasCore.ComponentContext; @@ -39,14 +42,23 @@ import com.stratelia.silverpeas.selection.Selection; import com.stratelia.silverpeas.selection.SelectionUsersGroups; import com.stratelia.webactiv.beans.admin.Group; +import com.stratelia.webactiv.beans.admin.ObjectType; import com.stratelia.webactiv.beans.admin.UserDetail; +import com.stratelia.webactiv.util.EJBUtilitaire; import com.stratelia.webactiv.util.GeneralPropertiesManager; +import com.stratelia.webactiv.util.JNDINames; +import com.stratelia.webactiv.util.exception.SilverpeasRuntimeException; +import com.stratelia.webactiv.util.node.control.NodeBm; +import com.stratelia.webactiv.util.node.model.NodeDetail; import com.stratelia.webactiv.util.node.model.NodePK; +import com.stratelia.webactiv.util.node.model.NodeRuntimeException; import org.silverpeas.subscription.SubscriptionContext; import java.util.ArrayList; import java.util.Collection; +import static com.silverpeas.subscribe.util.SubscriptionUtil.isSameVisibilityAsTheCurrentRequester; + /** * User: Yohann Chastagnier * Date: 04/03/13 @@ -92,9 +104,11 @@ public String toUserPanel() { sel.setPopupMode(false); // Subscribers + SubscriptionResource resource = getContext().getResource(); SubscriptionSubscriberMapBySubscriberType subscriberIdsByTypes = getSubscriptionService() - .getSubscribers(getContext().getResource(), SubscriptionMethod.FORCED) - .indexBySubscriberType(); + .getSubscribers(resource, SubscriptionMethod.FORCED) + .indexBySubscriberType().filterOnDomainVisibilityFrom(getUserDetail()); + // Users sel.setSelectedElements(subscriberIdsByTypes.get(SubscriberType.USER).getAllIds()); // Groups @@ -106,6 +120,19 @@ public String toUserPanel() { sel.setFirstPage(Selection.FIRST_PAGE_CART); } + // Add extra params + SelectionUsersGroups sug = new SelectionUsersGroups(); + sug.setComponentId(resource.getInstanceId()); + if (resource.getType() == SubscriptionResourceType.NODE && + getComponentAccessController().isRightOnTopicsEnabled(sug.getComponentId())) { + NodeDetail node = + getNodeService().getHeader(new NodePK(resource.getId(), resource.getInstanceId())); + if (node.haveRights()) { + sug.setObjectId(ObjectType.NODE.getCode() + node.getRightsDependsOn()); + } + } + sel.setExtraParams(sug); + // Returning the destination return Selection.getSelectionURL(Selection.TYPE_USERS_GROUPS); } @@ -121,38 +148,46 @@ public void fromUserPanel() { Group[] groups = SelectionUsersGroups.getGroups(sel.getSelectedSets()); // Initializing necessary subscriptions + SubscriptionResource resource = getContext().getResource(); Collection subscriptions = new ArrayList(users.length + groups.length); for (UserDetail user : users) { - switch (getContext().getResource().getType()) { + if (!isSameVisibilityAsTheCurrentRequester(user, getUserDetail())) { + continue; + } + switch (resource.getType()) { case NODE: subscriptions.add(new NodeSubscription(UserSubscriptionSubscriber.from(user.getId()), - (NodePK) getContext().getResource().getPK(), getUserId())); + (NodePK) resource.getPK(), getUserId())); break; case COMPONENT: subscriptions.add(new ComponentSubscription(UserSubscriptionSubscriber.from(user.getId()), - getContext().getResource().getInstanceId(), getUserId())); + resource.getInstanceId(), getUserId())); break; } } for (Group group : groups) { - switch (getContext().getResource().getType()) { + if (!isSameVisibilityAsTheCurrentRequester(group, getUserDetail())) { + continue; + } + switch (resource.getType()) { case NODE: subscriptions.add(new NodeSubscription(GroupSubscriptionSubscriber.from(group.getId()), - (NodePK) getContext().getResource().getPK(), getUserId())); + (NodePK) resource.getPK(), getUserId())); break; case COMPONENT: subscriptions.add( new ComponentSubscription(GroupSubscriptionSubscriber.from(group.getId()), - getContext().getResource().getInstanceId(), getUserId())); + resource.getInstanceId(), getUserId())); break; } } // Getting all existing subscriptions and selecting those that have to be deleted - Collection subscriptionsToDelete = getSubscriptionService() - .getByResource(getContext().getResource(), SubscriptionMethod.FORCED); + SubscriptionList subscriptionsToDelete = getSubscriptionService() + .getByResource(resource, SubscriptionMethod.FORCED); subscriptionsToDelete.removeAll(subscriptions); + subscriptionsToDelete.filterOnDomainVisibilityFrom(getUserDetail()); // Deleting getSubscriptionService().unsubscribe(subscriptionsToDelete); @@ -163,7 +198,6 @@ public void fromUserPanel() { /** * Gets the subscription service. - * @return */ private SubscriptionService getSubscriptionService() { if (subscriptionService == null) { @@ -171,4 +205,16 @@ private SubscriptionService getSubscriptionService() { } return subscriptionService; } + + /** + * Gets the node service. + */ + private NodeBm getNodeService() { + try { + return EJBUtilitaire.getEJBObjectRef(JNDINames.NODEBM_EJBHOME, NodeBm.class); + } catch (Exception e) { + throw new NodeRuntimeException("SubscriptionSessionController.getNodeService()", + SilverpeasRuntimeException.ERROR, "root.EX_CANT_GET_REMOTE_OBJECT", e); + } + } } diff --git a/war-core/src/main/webapp/util/javaScript/silverpeas.js b/war-core/src/main/webapp/util/javaScript/silverpeas.js index ecc6a9566ae..03a1c81b2f3 100644 --- a/war-core/src/main/webapp/util/javaScript/silverpeas.js +++ b/war-core/src/main/webapp/util/javaScript/silverpeas.js @@ -61,7 +61,7 @@ if (!String.prototype.isNotDefined) { }; } -if (!Number.prototype.round) { +if (!Number.prototype.roundDown) { Number.prototype.roundDown = function(digit) { if (digit || digit === 0) { var digitCoef = Math.pow(10, digit); @@ -70,6 +70,8 @@ if (!Number.prototype.round) { } return this; }; +} +if (!Number.prototype.roundHalfDown) { Number.prototype.roundHalfDown = function(digit) { if (digit || digit === 0) { var digitCoef = Math.pow(10, digit); @@ -83,6 +85,8 @@ if (!Number.prototype.round) { } return this; }; +} +if (!Number.prototype.roundHalfUp) { Number.prototype.roundHalfUp = function(digit) { if (digit || digit === 0) { var digitCoef = Math.pow(10, digit); @@ -96,6 +100,8 @@ if (!Number.prototype.round) { } return this; }; +} +if (!Number.prototype.roundUp) { Number.prototype.roundUp = function(digit) { if (digit || digit === 0) { var digitCoef = Math.pow(10, digit); diff --git a/web-core/src/main/java/com/silverpeas/subscribe/web/SubscriptionResource.java b/web-core/src/main/java/com/silverpeas/subscribe/web/SubscriptionResource.java index 6834e9d705d..45f83d6981a 100644 --- a/web-core/src/main/java/com/silverpeas/subscribe/web/SubscriptionResource.java +++ b/web-core/src/main/java/com/silverpeas/subscribe/web/SubscriptionResource.java @@ -36,6 +36,7 @@ import com.silverpeas.subscribe.service.NodeSubscriptionResource; import com.silverpeas.subscribe.service.ResourceSubscriptionProvider; import com.silverpeas.subscribe.service.SubscribeRuntimeException; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import com.silverpeas.util.StringUtil; import com.silverpeas.web.RESTWebService; @@ -99,7 +100,7 @@ public Collection getComponentSubscriptions() { @Produces(MediaType.APPLICATION_JSON) public Collection getSubscriptions(@PathParam("id") String resourceId) { try { - final Collection subscriptions; + final SubscriptionList subscriptions; if (StringUtil.isDefined(resourceId)) { subscriptions = SubscriptionServiceProvider.getSubscribeService() .getByResource(NodeSubscriptionResource.from(new NodePK(resourceId, componentId))); @@ -107,7 +108,7 @@ public Collection getSubscriptions(@PathParam("id") String r subscriptions = SubscriptionServiceProvider. getSubscribeService().getByResource(ComponentSubscriptionResource.from(componentId)); } - return asWebEntities(subscriptions); + return asWebEntities(subscriptions.filterOnDomainVisibilityFrom(getUserDetail())); } catch (CommentRuntimeException ex) { throw new WebApplicationException(ex, Status.NOT_FOUND); } catch (Exception ex) { @@ -152,7 +153,8 @@ public Collection getSubscribers(@PathParam("id") String resou subscriptionResource = ComponentSubscriptionResource.from(componentId); } return asSubscriberWebEntities(SubscriptionServiceProvider. - getSubscribeService().getSubscribers(subscriptionResource)); + getSubscribeService().getSubscribers(subscriptionResource) + .filterOnDomainVisibilityFrom(getUserDetail())); } catch (SubscribeRuntimeException ex) { throw new WebApplicationException(ex, Status.NOT_FOUND); } catch (Exception ex) { diff --git a/web-core/src/main/java/com/stratelia/silverpeas/peasCore/AbstractComponentSessionController.java b/web-core/src/main/java/com/stratelia/silverpeas/peasCore/AbstractComponentSessionController.java index a56e57e634c..bdb9cfdd6c5 100644 --- a/web-core/src/main/java/com/stratelia/silverpeas/peasCore/AbstractComponentSessionController.java +++ b/web-core/src/main/java/com/stratelia/silverpeas/peasCore/AbstractComponentSessionController.java @@ -24,6 +24,8 @@ package com.stratelia.silverpeas.peasCore; +import com.silverpeas.accesscontrol.AccessController; +import com.silverpeas.accesscontrol.AccessControllerProvider; import com.silverpeas.accesscontrol.ComponentAccessController; import com.silverpeas.admin.components.Parameter; import com.silverpeas.personalization.UserPreferences; @@ -70,9 +72,6 @@ public class AbstractComponentSessionController implements ComponentSessionContr private ResourceLocator settings = null; private String settingsFile = null; - private ComponentAccessController componentAccessController = - new ComponentAccessController(); - /** * Constructor declaration * @param controller @@ -655,6 +654,8 @@ public void setClipboardError(String messageId, Exception ex) throws ClipboardEx } protected ComponentAccessController getComponentAccessController() { - return this.componentAccessController; + AccessController accessController = + AccessControllerProvider.getAccessController("componentAccessController"); + return (ComponentAccessController) accessController; } } diff --git a/web-core/src/test/java/com/silverpeas/subscribe/MockableSubscriptionService.java b/web-core/src/test/java/com/silverpeas/subscribe/MockableSubscriptionService.java index c2af049c747..e8dd1cff00c 100644 --- a/web-core/src/test/java/com/silverpeas/subscribe/MockableSubscriptionService.java +++ b/web-core/src/test/java/com/silverpeas/subscribe/MockableSubscriptionService.java @@ -25,6 +25,7 @@ package com.silverpeas.subscribe; import com.silverpeas.subscribe.constant.SubscriptionMethod; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import com.silverpeas.util.Default; @@ -91,34 +92,34 @@ public boolean existsSubscription(final Subscription subscription) { } @Override - public Collection getByResource(final SubscriptionResource resource) { + public SubscriptionList getByResource(final SubscriptionResource resource) { return realService.getByResource(resource); } @Override - public Collection getByResource(final SubscriptionResource resource, + public SubscriptionList getByResource(final SubscriptionResource resource, final SubscriptionMethod method) { return realService.getByResource(resource, method); } @Override - public Collection getByUserSubscriber(final String userId) { + public SubscriptionList getByUserSubscriber(final String userId) { return realService.getByUserSubscriber(userId); } @Override - public Collection getBySubscriber(SubscriptionSubscriber subscriber) { + public SubscriptionList getBySubscriber(SubscriptionSubscriber subscriber) { return realService.getBySubscriber(subscriber); } @Override - public Collection getBySubscriberAndComponent( - final SubscriptionSubscriber subscriber, final String instanceId) { + public SubscriptionList getBySubscriberAndComponent(final SubscriptionSubscriber subscriber, + final String instanceId) { return realService.getBySubscriberAndComponent(subscriber, instanceId); } @Override - public Collection getBySubscriberAndResource(SubscriptionSubscriber subscriber, + public SubscriptionList getBySubscriberAndResource(SubscriptionSubscriber subscriber, SubscriptionResource resource) { return realService.getBySubscriberAndResource(subscriber, resource); } diff --git a/web-core/src/test/java/com/silverpeas/subscribe/web/SubscriptionGettingTest.java b/web-core/src/test/java/com/silverpeas/subscribe/web/SubscriptionGettingTest.java index 2c343ca6ce2..dde52005053 100644 --- a/web-core/src/test/java/com/silverpeas/subscribe/web/SubscriptionGettingTest.java +++ b/web-core/src/test/java/com/silverpeas/subscribe/web/SubscriptionGettingTest.java @@ -31,6 +31,7 @@ import com.silverpeas.subscribe.service.GroupSubscriptionSubscriber; import com.silverpeas.subscribe.service.NodeSubscriptionResource; import com.silverpeas.subscribe.service.UserSubscriptionSubscriber; +import com.silverpeas.subscribe.util.SubscriptionList; import com.silverpeas.subscribe.util.SubscriptionSubscriberList; import com.silverpeas.subscribe.util.SubscriptionSubscriberMapBySubscriberType; import com.silverpeas.util.CollectionUtil; @@ -116,7 +117,8 @@ public void getComponentSubscriptionByAnAuthenticatedUser() throws Exception { String sessionKey = authenticate(user); SubscriptionService mockedSubscriptionService = mock(SubscriptionService.class); ComponentSubscription subscription = new ComponentSubscription(user.getId(), COMPONENT_ID); - Collection subscriptions = CollectionUtil.asList((Subscription) subscription); + SubscriptionList subscriptions = new SubscriptionList(); + subscriptions.add(subscription); when(mockedSubscriptionService. getByResource(ComponentSubscriptionResource.from(COMPONENT_ID))).thenReturn(subscriptions); getTestResources().getMockableSubscriptionService()