Merge branch 'master' of github.com:Evolveum/midpoint

Evolveum · Jun 18, 2018 · ac0fbe1 · ac0fbe1
2 parents a6b3615 + 37a697a
commit ac0fbe1
Show file tree

Hide file tree

Showing 7 changed files with 59 additions and 178 deletions.
diff --git a/...rc/main/java/com/evolveum/midpoint/web/page/admin/roles/RoleGovernanceRelationsPanel.java b/...rc/main/java/com/evolveum/midpoint/web/page/admin/roles/RoleGovernanceRelationsPanel.java
@@ -117,7 +117,7 @@ public void onClick(AjaxRequestTarget target) {
                 }));
         return assignMemberMenuItems;
     }
-    
+
     protected List<InlineMenuItem> createUnassignMemberInlineMenuItems() {
 		List<InlineMenuItem> unassignMenuItems = new ArrayList<>();
 		unassignMenuItems
@@ -130,7 +130,7 @@ public void onClick(AjaxRequestTarget target) {
 						removeMembersPerformed(QueryScope.SELECTED, Arrays.asList(SchemaConstants.ORG_APPROVER), target);
 					}
 				}));
-		
+
 		unassignMenuItems
 		.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.unassignOwnersSelected"),
 				false, new HeaderMenuAction(this) {
@@ -141,7 +141,7 @@ public void onClick(AjaxRequestTarget target) {
 				removeMembersPerformed(QueryScope.SELECTED, Arrays.asList(SchemaConstants.ORG_OWNER), target);
 			}
 		}));
-		
+
 		unassignMenuItems
 		.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.unassignManagersSelected"),
 				false, new HeaderMenuAction(this) {
@@ -152,49 +152,40 @@ public void onClick(AjaxRequestTarget target) {
 				removeMembersPerformed(QueryScope.SELECTED, Arrays.asList(SchemaConstants.ORG_MANAGER), target);
 			}
 		}));
-
-		unassignMenuItems.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.unassignMembersAll"),
-				false, new HeaderMenuAction(this) {
-			private static final long serialVersionUID = 1L;
 
-			@Override
-			public void onClick(AjaxRequestTarget target) {
-				removeAllMembersPerformed(target);
-			}
-		}));
 		return unassignMenuItems;
 	}
-    
+
     private void removeAllMembersPerformed(AjaxRequestTarget target) {
-    	
+
     	RoleRelationSelectionPanel relatioNSelectionPanel = new RoleRelationSelectionPanel(getPageBase().getMainPopupBodyId(), new RoleRelationSelectionDto()) {
-			
+
 			private static final long serialVersionUID = 1L;
 
 			@Override
 			protected void onConfirmPerformed(IModel<RoleRelationSelectionDto> model, AjaxRequestTarget target) {
 				getPageBase().hideMainPopup(target);
-				
+
 				RoleRelationSelectionDto relationsSelected = model.getObject();
 				ArrayList<QName> relations=  new ArrayList<>();
 				if (relationsSelected.isApprover()) {
 					relations.add(SchemaConstants.ORG_APPROVER);
 				}
-				
+
 				if (relationsSelected.isOwner()) {
 					relations.add(SchemaConstants.ORG_OWNER);
 				}
-				
+
 				if (relationsSelected.isManager()) {
 					relations.add(SchemaConstants.ORG_MANAGER);
 				}
-				
+
 				removeMembersPerformed(QueryScope.ALL, relations, target);
 			}
 		};
 
 		getPageBase().showMainPopup(relatioNSelectionPanel, target);
-		
+
 	}
 
     @Override
@@ -226,30 +217,35 @@ protected List<InlineMenuItem> createMemberRecomputeInlineMenuItems() {
     protected boolean isRelationColumnVisible(){
         return true;
     }
-    
+
     @Override
     protected boolean isGovernance(){
         return true;
     }
 
     static class RoleRelationSelectionDto implements Serializable {
-		
+
 		private static final long serialVersionUID = 1L;
 		private boolean approver;
 		private boolean owner;
 		private boolean manager;
-		
+
 		public boolean isApprover() {
 			return approver;
 		}
-		
+
 		public boolean isManager() {
 			return manager;
 		}
-		
+
 		public boolean isOwner() {
 			return owner;
 		}
 	}
-
+
+    @Override
+    protected boolean isAuthorizedToUnassignAllMembers(){
+        return true;
+    }
+
 }
diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/roles/RoleMemberPanel.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/roles/RoleMemberPanel.java
@@ -31,6 +31,7 @@
 import com.evolveum.midpoint.schema.constants.ObjectTypes;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
+import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.task.api.TaskCategory;
 import com.evolveum.midpoint.util.exception.SchemaException;
@@ -40,9 +41,11 @@
 import com.evolveum.midpoint.web.component.assignment.RelationTypes;
 import com.evolveum.midpoint.web.component.data.column.IsolatedCheckBoxPanel;
 import com.evolveum.midpoint.web.component.input.QNameChoiceRenderer;
+import com.evolveum.midpoint.web.component.menu.cog.InlineMenuItem;
 import com.evolveum.midpoint.web.component.util.VisibleBehaviour;
 import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
 import com.evolveum.midpoint.web.page.admin.configuration.component.ChooseTypePanel;
+import com.evolveum.midpoint.web.page.admin.configuration.component.HeaderMenuAction;
 import com.evolveum.midpoint.web.page.admin.dto.ObjectViewDto;
 import com.evolveum.midpoint.web.page.admin.users.component.AbstractRoleMemberPanel;
 import com.evolveum.midpoint.web.session.UserProfileStorage.TableId;
@@ -433,6 +436,11 @@ protected ObjectQuery createDirectMemberQuery(List<QName> relations) {
 		}
 	}
 
+	@Override
+	protected boolean isAuthorizedToUnassignAllMembers(){
+		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_UNASSIGN_ALL_MEMBERS_TAB_ACTION_URI);
+	}
+
 	@Override
 	protected List<QName> getNewMemberSupportedTypes(){
 		return WebComponentUtil.createFocusTypeList();

diff --git a/...in/java/com/evolveum/midpoint/web/page/admin/users/component/AbstractRoleMemberPanel.java b/...in/java/com/evolveum/midpoint/web/page/admin/users/component/AbstractRoleMemberPanel.java
@@ -249,12 +249,12 @@ private List<InlineMenuItem> createMembersHeaderInlineMenu() {
 		if (isAuthorizedToUnassignMembers()) {
 			headerMenuItems.addAll(createUnassignMemberInlineMenuItems());
 		}
+		if (isAuthorizedToUnassignAllMembers()) {
+			headerMenuItems.addAll(createUnassignAllMemberInlineMenuItems());
+		}
 		if (isAuthorizedToRecomputeMembers()) {
 			headerMenuItems.addAll(createMemberRecomputeInlineMenuItems());
 		}
-		if (isAuthorizedToDeleteMembers()) {
-			headerMenuItems.addAll(createMemberDeleteInlineMenuItems());
-		}
 		return headerMenuItems;
 	}
 
@@ -270,8 +270,8 @@ protected boolean isAuthorizedToUnassignMembers(){
 		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_UNASSIGN_MEMBER_TAB_ACTION_URI);
 	}
 
-	protected boolean isAuthorizedToDeleteMembers(){
-		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_DELETE_ORG_MEMBER_ACTION_URI);
+	protected boolean isAuthorizedToUnassignAllMembers(){
+		return true;
 	}
 
 	protected boolean isAuthorizedToRecomputeMembers(){
@@ -306,10 +306,6 @@ public void onClick(AjaxRequestTarget target) {
 		return newMemberMenuItems;
 	}
 
-	protected List<InlineMenuItem> createMemberDeleteInlineMenuItems() {
-		return new ArrayList<>();
-	}
-
 	protected List<InlineMenuItem> createMemberRecomputeInlineMenuItems() {
 		List<InlineMenuItem> recomputeMenuItems = new ArrayList<>();
         recomputeMenuItems
@@ -361,18 +357,24 @@ public void onClick(AjaxRequestTarget target) {
 						removeMembersPerformed(QueryScope.SELECTED, null , target);
 					}
 				}));
+		return unassignMenuItems;
+	}
+
+	protected List<InlineMenuItem> createUnassignAllMemberInlineMenuItems() {
+		List<InlineMenuItem> unassignMenuItems = new ArrayList<>();
 		unassignMenuItems.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.unassignMembersAll"),
 				false, new HeaderMenuAction(this) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
 			public void onClick(AjaxRequestTarget target) {
-				removeMembersPerformed(QueryScope.ALL, null ,target);
+				removeMembersPerformed(QueryScope.ALL, null, target);
 			}
 		}));
 		return unassignMenuItems;
 	}
 
+
 	protected void createFocusMemberPerformed(final QName relation, AjaxRequestTarget target) {
 
 		ChooseFocusTypeDialogPanel chooseTypePopupContent = new ChooseFocusTypeDialogPanel(

diff --git a/...ui/src/main/java/com/evolveum/midpoint/web/page/admin/users/component/OrgMemberPanel.java b/...ui/src/main/java/com/evolveum/midpoint/web/page/admin/users/component/OrgMemberPanel.java
@@ -320,35 +320,6 @@ public boolean isVisible(){
 			removeManager.setOutputMarkupId(true);
 			managerMarkup.add(removeManager);
 
-			AjaxButton deleteManager = new AjaxButton(ID_DELETE_MANAGER) {
-
-				@Override
-				public void onClick(AjaxRequestTarget target) {
-					FocusSummaryPanel<FocusType> summary = (FocusSummaryPanel<FocusType>) getParent()
-							.get(ID_MANAGER_SUMMARY);
-					deleteManagerPerformed(summary.getModelObject(), this, target);
-				}
-			};
-			deleteManager.setOutputMarkupId(true);
-			deleteManager.add(new VisibleEnableBehaviour(){
-				private static final long serialVersionUID = 1L;
-
-				@Override
-				public boolean isVisible(){
-					boolean isVisible = false;
-					try {
-						// TODO: the modify authorization here is probably wrong.
-						// It is a model autz. UI autz should be here instead?
-						isVisible = getPageBase().isAuthorized(ModelAuthorizationAction.DELETE.getUrl(), null,
-								managerWrapper.getObject(), null, null, null);
-					} catch (Exception ex) {
-						LoggingUtils.logUnexpectedException(LOGGER, "Failed to check authorization for #delete operation on object " +
-								managerWrapper.getObject(), ex);
-					}
-					return isVisible;
-				}
-			});
-			managerMarkup.add(deleteManager);
 		}
 
 		managerContainer.add(view);
@@ -392,41 +363,6 @@ private void removeManagerPerformed(FocusType manager, AjaxRequestTarget target)
 
 	}
 
-	private void deleteManagerConfirmPerformed(FocusType manager, AjaxRequestTarget target) {
-		getPageBase().hideMainPopup(target);
-		OperationResult parentResult = new OperationResult("Remove manager");
-		Task task = getPageBase().createSimpleTask("Remove manager");
-		try {
-
-			ObjectDelta delta = ObjectDelta.createDeleteDelta(manager.asPrismObject().getCompileTimeClass(), manager.getOid(), getPageBase().getPrismContext());
-			getPageBase().getModelService().executeChanges(WebComponentUtil.createDeltaCollection(delta),
-					null, task, parentResult);
-			parentResult.computeStatus();
-		} catch (SchemaException | ObjectAlreadyExistsException | ObjectNotFoundException
-				| ExpressionEvaluationException | CommunicationException | ConfigurationException
-				| PolicyViolationException | SecurityViolationException e) {
-
-			parentResult.recordFatalError("Failed to remove manager " + e.getMessage(), e);
-			LoggingUtils.logUnexpectedException(LOGGER, "Failed to remove manager", e);
-			getPageBase().showResult(parentResult);
-		}
-		target.add(getPageBase().getFeedbackPanel());
-
-	}
-
-	private void deleteManagerPerformed(final FocusType manager, final Component summary, AjaxRequestTarget target) {
-		ConfirmationPanel confirmDelete = new ConfirmationPanel(getPageBase().getMainPopupBodyId(), createStringResource("TreeTablePanel.menu.deleteManager.confirm")) {
-			@Override
-			public void yesPerformed(AjaxRequestTarget target) {
-				OrgMemberPanel.this.deleteManagerConfirmPerformed(manager, target);
-				summary.getParent().setVisible(false);
-				target.add(OrgMemberPanel.this);
-			}
-		};
-
-		getPageBase().showMainPopup(confirmDelete, target);
-	}
-
 	@Override
 	protected boolean isAuthorizedToUnassignMembers(){
 		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_UNASSIGN_ORG_MEMBER_ACTION_URI);
@@ -437,11 +373,6 @@ protected boolean isAuthorizedToAssignMembers(){
 		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_ASSIGN_ORG_MEMBER_ACTION_URI);
 	}
 
-	@Override
-	protected boolean isAuthorizedToDeleteMembers(){
-		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_DELETE_ORG_MEMBER_ACTION_URI);
-	}
-
 	@Override
 	protected boolean isAuthorizedToRecomputeMembers(){
 		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_RECOMPUTE_ORG_MEMBER_ACTION_URI);
@@ -452,52 +383,6 @@ protected boolean isAuthorizedToCreateMembers(){
 		return WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_ADD_ORG_MEMBER_ACTION_URI);
 	}
 
-	@Override
-	protected List<InlineMenuItem> createMemberDeleteInlineMenuItems() {
-		List<InlineMenuItem> deleteMenuItems = new ArrayList<>();
-
-		deleteMenuItems.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.deleteMember"),
-				false, new HeaderMenuAction(this) {
-
-			@Override
-			public void onClick(AjaxRequestTarget target) {
-				deleteMemberPerformed(QueryScope.SELECTED, null, target, "TreeTablePanel.menu.deleteMember.confirm");
-			}
-		}));
-
-		deleteMenuItems.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.deleteAllMembers"),
-				false, new HeaderMenuAction(this) {
-
-			@Override
-			public void onClick(AjaxRequestTarget target) {
-				deleteMemberPerformed(QueryScope.ALL, null, target, "TreeTablePanel.menu.deleteAllMembers.confirm");
-			}
-		}));
-		return deleteMenuItems;
-	}
-
-	private void deleteMemberPerformed(final QueryScope scope, final QName relation, final AjaxRequestTarget target, String confirmMessageKey) {
-		ConfirmationPanel confirmDelete = new ConfirmationPanel(getPageBase().getMainPopupBodyId(), createStringResource(confirmMessageKey)) {
-			@Override
-			public void yesPerformed(AjaxRequestTarget target) {
-				OrgMemberPanel.this.deleteMemberConfirmPerformed(scope, relation, target);
-			}
-		};
-
-		getPageBase().showMainPopup(confirmDelete, target);
-	}
-
-	private void deleteMemberConfirmPerformed(QueryScope scope, QName relation, AjaxRequestTarget target) {
-		getPageBase().hideMainPopup(target);
-		Task operationalTask = getPageBase().createSimpleTask(getTaskName("Delete", scope, false));
-		ObjectDelta delta = ObjectDelta.createDeleteDelta(FocusType.class, "fakeOid", getPageBase().getPrismContext());
-		if (delta == null) {
-			return;
-		}
-		executeMemberOperation(operationalTask, FocusType.COMPLEX_TYPE, createQueryForMemberAction(scope, relation, true), delta, TaskCategory.EXECUTE_CHANGES, target);
-
-	}
-
 	private List<InlineMenuItem> createManagersHeaderInlineMenu() {
 		List<InlineMenuItem> headerMenuItems = new ArrayList<>();
 
@@ -550,18 +435,6 @@ public void onClick(AjaxRequestTarget target) {
 					}));
 		}
 
-		if (WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_ADMIN_DELETE_ORG_MEMBER_ACTION_URI)) {
-			headerMenuItems
-					.add(new InlineMenuItem(createStringResource("TreeTablePanel.menu.deleteManagersAll"),
-							false, new HeaderMenuAction(this) {
-						private static final long serialVersionUID = 1L;
-
-						@Override
-						public void onClick(AjaxRequestTarget target) {
-							OrgMemberPanel.this.deleteMemberPerformed(QueryScope.ALL, SchemaConstants.ORG_MANAGER, target, "TreeTablePanel.menu.deleteManagersAll.confirm");
-						}
-					}));
-		}
 		return headerMenuItems;
 	}
 

diff --git a/...rc/main/java/com/evolveum/midpoint/web/page/admin/users/component/ServiceMemberPanel.java b/...rc/main/java/com/evolveum/midpoint/web/page/admin/users/component/ServiceMemberPanel.java
@@ -1,5 +1,7 @@
 package com.evolveum.midpoint.web.page.admin.users.component;
 
+import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
+import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import org.apache.wicket.model.IModel;
 
 import com.evolveum.midpoint.web.page.admin.roles.RoleMemberPanel;