improvements for memeber panel - preparation for fix for MID-4855

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/objectdetails/AbstractRoleMainPanel.java

@@ -17,13 +17,15 @@
 
 import java.util.List;
 
+import javax.xml.namespace.QName;
+
 import org.apache.wicket.ajax.AjaxChannel;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.ajax.attributes.AjaxRequestAttributes;
 import org.apache.wicket.behavior.AttributeAppender;
 import org.apache.wicket.extensions.markup.html.tabs.ITab;
 import org.apache.wicket.markup.html.WebMarkupContainer;
-import org.apache.wicket.markup.html.basic.Label;
+import org.apache.wicket.model.Model;
 
 import com.evolveum.midpoint.gui.api.ComponentConstants;
 import com.evolveum.midpoint.gui.api.component.tabs.CountablePanelTab;
@@ -44,9 +46,6 @@
 import com.evolveum.midpoint.web.component.AjaxButton;
 import com.evolveum.midpoint.web.component.assignment.AssignmentEditorDto;
 import com.evolveum.midpoint.web.component.assignment.AssignmentsUtil;
-import com.evolveum.midpoint.web.component.breadcrumbs.Breadcrumb;
-import com.evolveum.midpoint.web.component.breadcrumbs.BreadcrumbPageClass;
-import com.evolveum.midpoint.web.component.breadcrumbs.BreadcrumbPageInstance;
 import com.evolveum.midpoint.web.component.prism.ContainerStatus;
 import com.evolveum.midpoint.web.component.prism.ObjectWrapper;
 import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
@@ -56,10 +55,12 @@
 import com.evolveum.midpoint.web.page.admin.users.dto.FocusSubwrapperDto;
 import com.evolveum.midpoint.web.page.admin.users.dto.UserDtoStatus;
 import com.evolveum.midpoint.web.page.self.PageAssignmentShoppingCart;
-import com.evolveum.midpoint.web.page.self.PageAssignmentsList;
+import com.evolveum.midpoint.web.security.GuiAuthorizationConstants;
 import com.evolveum.midpoint.web.session.RoleCatalogStorage;
+import com.evolveum.midpoint.web.session.UserProfileStorage.TableId;
 import com.evolveum.midpoint.web.util.ExpressionUtil;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.AreaCategoryType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;
@@ -223,7 +224,7 @@ public String getCount(){
 		if (WebComponentUtil.isAuthorized(ModelAuthorizationAction.AUDIT_READ.getUrl()) && getObjectWrapper().getStatus() != ContainerStatus.ADDING){
 			authorization = new FocusTabVisibleBehavior<>(unwrapModel(), ComponentConstants.UI_FOCUS_TAB_OBJECT_HISTORY_URL, false, isFocusHistoryPage());
 			tabs.add(
-					new PanelTab(parentPage.createStringResource("pageAdminFocus.objectHistory"), authorization) {
+					new PanelTab<R>(parentPage.createStringResource("pageAdminFocus.objectHistory"), authorization) {
 
 						private static final long serialVersionUID = 1L;
 
@@ -236,7 +237,7 @@ public WebMarkupContainer createPanel(String panelId) {
 
 		authorization = new FocusTabVisibleBehavior<>(unwrapModel(),
 				ComponentConstants.UI_FOCUS_TAB_MEMBERS_URL, false, isFocusHistoryPage());
-		tabs.add(new PanelTab(parentPage.createStringResource("pageRole.members"), authorization) {
+		tabs.add(new PanelTab<R>(parentPage.createStringResource("pageRole.members"), authorization) {
 
 			private static final long serialVersionUID = 1L;
 
@@ -256,7 +257,7 @@ public boolean isVisible() {
 		authorization = new FocusTabVisibleBehavior<>(unwrapModel(),
 				ComponentConstants.UI_FOCUS_TAB_GOVERNANCE_URL, false, isFocusHistoryPage());
 
-		tabs.add(new PanelTab(parentPage.createStringResource("pageRole.governance"), authorization) {
+		tabs.add(new PanelTab<R>(parentPage.createStringResource("pageRole.governance"), authorization) {
 
 			private static final long serialVersionUID = 1L;
 
@@ -274,8 +275,38 @@ public boolean isVisible() {
 		return tabs;
 	}
 
-	public abstract AbstractRoleMemberPanel<R> createGovernancePanel(String panelId);
 
+	public AbstractRoleMemberPanel<R> createMemberPanel(String panelId) {
+
+		return new AbstractRoleMemberPanel<R>(panelId, new Model<>(getObject().asObjectable())) {
+
+			private static final long serialVersionUID = 1L;
+
+			@Override
+			protected List<QName> getSupportedRelations() {
+				List<QName> relations =  WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.ADMINISTRATION, getDetailsPage());
+				List<QName> governance = WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.GOVERNANCE, getDetailsPage());
+				governance.forEach(r -> relations.remove(r));
+				return relations;
+			}
+
+		};
+	}
+
+
+	public AbstractRoleMemberPanel<R> createGovernancePanel(String panelId) {
+
+		return new AbstractRoleMemberPanel<R>(panelId, new Model<>(getObject().asObjectable())) {
+
+			private static final long serialVersionUID = 1L;
+
+			@Override
+			protected List<QName> getSupportedRelations() {
+				return WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.GOVERNANCE, getDetailsPage());
+			}
+
+		};
+	}
 
 	private boolean isAllowedToReadRoleMembership(String abstractRoleOid, PageBase parentPage){
 		return isAllowedToReadRoleMembershipItemForType(abstractRoleOid, UserType.class, parentPage)
@@ -284,7 +315,7 @@ private boolean isAllowedToReadRoleMembership(String abstractRoleOid, PageBase p
 				|| isAllowedToReadRoleMembershipItemForType(abstractRoleOid, ServiceType.class, parentPage);
 	}
 
-	private boolean isAllowedToReadRoleMembershipItemForType(String abstractRoleOid, Class type, PageBase parentPage){
+	private <F extends FocusType> boolean isAllowedToReadRoleMembershipItemForType(String abstractRoleOid, Class<F> type, PageBase parentPage){
 		ObjectQuery query = QueryBuilder.queryFor(type, parentPage.getPrismContext())
 				.item(FocusType.F_ROLE_MEMBERSHIP_REF).ref(abstractRoleOid).build();
 		Task task = parentPage.createSimpleTask(OPERATION_CAN_SEARCH_ROLE_MEMBERSHIP_ITEM);
@@ -299,8 +330,7 @@ private boolean isAllowedToReadRoleMembershipItemForType(String abstractRoleOid,
         return isAllowed;
     }
 
-	public abstract AbstractRoleMemberPanel<R> createMemberPanel(String panelId);
-
+
 	private WebMarkupContainer createFocusPolicyRulesTabPanel(String panelId, PageAdminObjectDetails<R> parentPage) {
 		return new FocusPolicyRulesTabPanel<>(panelId, getMainForm(), getObjectModel(), parentPage);
 	}

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/roles/AbstractRoleMemberPanel.java

@@ -18,6 +18,8 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 
@@ -43,6 +45,7 @@
 import org.apache.wicket.markup.repeater.Item;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.Model;
+import org.springframework.security.access.AuthorizationServiceException;
 
 import com.evolveum.midpoint.gui.api.GuiStyleConstants;
 import com.evolveum.midpoint.gui.api.component.BasePanel;
@@ -88,6 +91,7 @@
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.ServiceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 
 import static com.evolveum.midpoint.gui.api.util.WebComponentUtil.isAuthorized;
@@ -117,7 +121,6 @@ protected enum MemberOperation {
 	private static final String ID_OBJECT_TYPE = "type";
 	private static final String ID_TENANT = "tenant";
 	private static final String ID_PROJECT = "project";
-	private static final String ID_INDIRECT_MEMBERS_CONTAINER = "indirectMembersContainer";
 	private static final String ID_INDIRECT_MEMBERS = "indirectMembers";
 
 	protected static final String ID_SEARCH_SCOPE = "searchScope";
@@ -128,15 +131,24 @@ protected enum MemberOperation {
 
 
 	protected static final String ID_SEARCH_BY_RELATION = "searchByRelation";
-	private TableId tableId;
-	private Map<String, String> authorizations;
-
+//	private TableId tableId;
+	private static Map<QName, Map<String, String>> authorizations = new HashMap<>();
+	private static Map<QName, TableId> tablesId = new HashMap<>();
 
+	static {
+		tablesId.put(RoleType.COMPLEX_TYPE, TableId.ROLE_MEMEBER_PANEL);
+		tablesId.put(ServiceType.COMPLEX_TYPE, TableId.SERVICE_MEMEBER_PANEL);
+		tablesId.put(OrgType.COMPLEX_TYPE, TableId.ORG_MEMEBER_PANEL);
+	}
+
+	static {
+		authorizations.put(RoleType.COMPLEX_TYPE, GuiAuthorizationConstants.ROLE_MEMBERS_AUTHORIZATIONS);
+		authorizations.put(ServiceType.COMPLEX_TYPE, GuiAuthorizationConstants.SERVICE_MEMBERS_AUTHORIZATIONS);
+		authorizations.put(OrgType.COMPLEX_TYPE, GuiAuthorizationConstants.ORG_MEMBERS_AUTHORIZATIONS);
+	}
 
-	public AbstractRoleMemberPanel(String id, IModel<R> model, TableId tableId, Map<String, String> authorizations) {
+	public AbstractRoleMemberPanel(String id, IModel<R> model) {
 		super(id, model);
-		this.tableId = tableId;
-		this.authorizations = authorizations;
 	}
 
 	@Override
@@ -153,11 +165,8 @@ protected void initLayout() {
 		initMemberTable(form);
 		setOutputMarkupId(true);
 
-//		initCustomLayout(form, getPageBase());
 	}
 
-//	protected abstract void initCustomLayout(Form<?> form, ModelServiceLocator serviceLocator);
-
 	protected Form<?> getForm() {
 		return (Form) get(ID_FORM);
 	}
@@ -170,7 +179,7 @@ private void initMemberTable(Form<?> form) {
 
 		PageBase pageBase =  getPageBase();
 		MainObjectListPanel<ObjectType> childrenListPanel = new MainObjectListPanel<ObjectType>(
-				ID_MEMBER_TABLE, ObjectType.class, tableId, getSearchOptions(), pageBase) {
+				ID_MEMBER_TABLE, ObjectType.class, getTableId(getComplexTypeQName()), getSearchOptions(), pageBase) {
 
 			private static final long serialVersionUID = 1L;
 
@@ -235,6 +244,18 @@ protected ObjectQuery createContentQuery() {
         childrenListPanel.setOutputMarkupId(true);
         memberContainer.add(childrenListPanel);
     }
+
+	private TableId getTableId(QName complextType) {
+		return tablesId.get(complextType);
+	}
+
+	private Map<String, String> getAuthorizations(QName complexType) {
+		return authorizations.get(complexType);
+	}
+
+	private QName getComplexTypeQName() {
+		return getModelObject().asPrismObject().getComplexTypeDefinition().getTypeName();
+	}
 
     private List<InlineMenuItem> createRowActions() {
         List<InlineMenuItem> menu = new ArrayList<>();
@@ -343,7 +364,8 @@ public void onClick(AjaxRequestTarget target) {
 	protected abstract List<QName> getSupportedRelations();
 
 	private boolean isAuthorized(String action) {
-		return WebComponentUtil.isAuthorized(authorizations.get(action));
+		Map<String, String> memeberAuthz = getAuthorizations(getComplexTypeQName());
+		return WebComponentUtil.isAuthorized(memeberAuthz.get(action));
 	}
 
 	protected <O extends ObjectType> void assignMembers(AjaxRequestTarget target, List<QName> availableRelationList) {

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/roles/PageRole.java

@@ -23,15 +23,12 @@
 import com.evolveum.midpoint.web.application.PageDescriptor;
 import com.evolveum.midpoint.web.component.FocusSummaryPanel;
 import com.evolveum.midpoint.web.component.objectdetails.AbstractObjectMainPanel;
-import com.evolveum.midpoint.web.component.objectdetails.RoleMainPanel;
+import com.evolveum.midpoint.web.component.objectdetails.AbstractRoleMainPanel;
 import com.evolveum.midpoint.web.component.progress.ProgressReportingAwarePage;
 import com.evolveum.midpoint.web.page.admin.PageAdminAbstractRole;
 import com.evolveum.midpoint.web.page.admin.roles.component.RoleSummaryPanel;
-import com.evolveum.midpoint.web.page.admin.users.PageUser;
-import com.evolveum.midpoint.web.page.admin.users.PageUserHistory;
 import com.evolveum.midpoint.web.util.OnePageParameterEncoder;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.request.mapper.parameter.PageParameters;
 
@@ -95,7 +92,7 @@ protected FocusSummaryPanel<RoleType> createSummaryPanel() {
 
 	@Override
 	protected AbstractObjectMainPanel<RoleType> createMainPanel(String id) {
-		return new RoleMainPanel(id, getObjectModel(), getProjectionModel(), this){
+		return new AbstractRoleMainPanel<RoleType>(id, getObjectModel(), getProjectionModel(), this) {
 			private static final long serialVersionUID = 1L;
 
 			@Override

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/services/PageService.java

@@ -95,23 +95,6 @@ protected AbstractObjectMainPanel<ServiceType> createMainPanel(String id) {
 				getProjectionModel(), this) {
 			private static final long serialVersionUID = 1L;
 
-			@Override
-			public AbstractRoleMemberPanel<ServiceType> createMemberPanel(String panelId) {
-
-				return new AbstractRoleMemberPanel<ServiceType>(panelId, Model.of(getObject().asObjectable()), TableId.SERVICE_MEMEBER_PANEL, GuiAuthorizationConstants.SERVICE_MEMBERS_AUTHORIZATIONS) {
-
-					private static final long serialVersionUID = 1L;
-
-					@Override
-					protected List<QName> getSupportedRelations() {
-						List<QName> relations =  WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.ADMINISTRATION, PageService.this);
-						List<QName> governance = WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.GOVERNANCE, PageService.this);
-						governance.forEach(r -> relations.remove(r));
-						return relations;
-					}
-				};
-			}
-
 			@Override
 			protected void viewObjectHistoricalDataPerformed(AjaxRequestTarget target, PrismObject<ServiceType> object, String date){
 				PageService.this.navigateToNext(new PageServiceHistory(object, date));
@@ -122,19 +105,6 @@ protected boolean isFocusHistoryPage(){
 				return PageService.this.isFocusHistoryPage();
 			}
 
-			@Override
-			public AbstractRoleMemberPanel<ServiceType> createGovernancePanel(String panelId) {
-
-				return new AbstractRoleMemberPanel<ServiceType>(panelId, Model.of(getObject().asObjectable()), TableId.SERVICE_MEMEBER_PANEL, GuiAuthorizationConstants.SERVICE_MEMBERS_AUTHORIZATIONS) {
-
-					private static final long serialVersionUID = 1L;
-
-					@Override
-					protected List<QName> getSupportedRelations() {
-						return WebComponentUtil.getCategoryRelationChoices(AreaCategoryType.GOVERNANCE, PageService.this);
-					}
-				};
-			}
 		};
 	}