Skip to content

Commit

Permalink
Merge remote-tracking branch 'refs/remotes/origin/master'
Browse files Browse the repository at this point in the history
  • Loading branch information
@skublik
skublik committed Mar 20, 2020
2 parents 43c01be + 655dfac commit be77284
Show file tree
Hide file tree
Showing 35 changed files with 8,133 additions and 8,155 deletions.
5 changes: 3 additions & 2 deletions ...min-gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordPanel.java
View file
Expand Up @@ -16,7 +16,7 @@
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.web.page.admin.users.PageUser;
import com.evolveum.midpoint.web.page.self.PageSelfProfile;
import com.evolveum.midpoint.web.page.self.*;
import com.evolveum.midpoint.web.security.MidPointApplication;
import org.apache.commons.lang.StringUtils;
import org.apache.wicket.Application;
Expand Down Expand Up @@ -189,7 +189,8 @@ public boolean isVisible() {
if (pageBase == null){
return false;
}
if (pageBase instanceof PageSelfProfile){
if (pageBase instanceof PageUserSelfProfile || pageBase instanceof PageOrgSelfProfile
|| pageBase instanceof PageRoleSelfProfile || pageBase instanceof PageServiceSelfProfile) {
return false;
}
if (pageBase instanceof PageUser && !((PageUser) pageBase).isLoggedInUserPage()
Expand Down
5,388 changes: 2,694 additions & 2,694 deletions gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java
View file

Large diffs are not rendered by default.

9,053 changes: 4,543 additions & 4,510 deletions gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebComponentUtil.java
View file

Large diffs are not rendered by default.

7 changes: 6 additions & 1 deletion gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/menu/UserMenuPanel.java
View file
Expand Up @@ -41,6 +41,7 @@
import org.apache.wicket.model.Model;
import org.apache.wicket.request.resource.AbstractResource;
import org.apache.wicket.request.resource.ByteArrayResource;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

import javax.xml.namespace.QName;
Expand Down Expand Up @@ -304,7 +305,11 @@ private String getShortUserName() {
}

private String getFocusType() {
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return "Unknown";
}
Object principal = authentication.getPrincipal();

if (principal == null || principal.equals("anonymousUser")) {
return "Unknown";
Expand Down
14 changes: 6 additions & 8 deletions ...-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java
View file
Expand Up @@ -29,6 +29,7 @@
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PolicyRuleEnforcerPreviewOutputType;

import org.apache.wicket.RestartResponseException;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.extensions.markup.html.tabs.ITab;
import org.apache.wicket.markup.html.WebMarkupContainer;
Expand All @@ -46,14 +47,7 @@
* @author mederly
*/
@PageDescriptor(url = "/admin/previewChanges", encoder = OnePageParameterEncoder.class, action = {
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_USERS_ALL_URL, label = "PageAdminUsers.auth.usersAll.label", description = "PageAdminUsers.auth.usersAll.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_USER_URL, label = "PageUser.auth.user.label", description = "PageUser.auth.user.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_ROLES_ALL_URL, label = "PageAdminRoles.auth.roleAll.label", description = "PageAdminRoles.auth.roleAll.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_ROLE_URL, label = "PageRole.auth.role.label", description = "PageRole.auth.role.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_ORG_ALL_URL, label = "PageAdminUsers.auth.orgAll.label", description = "PageAdminUsers.auth.orgAll.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_ORG_UNIT_URL, label = "PageOrgUnit.auth.orgUnit.label", description = "PageOrgUnit.auth.orgUnit.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_SERVICES_ALL_URL, label = "PageAdminServices.auth.servicesAll.label", description = "PageAdminServices.auth.servicesAll.description"),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_SERVICE_URL, label = "PageService.auth.role.label", description = "PageService.auth.role.description")
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_PREVIEW_CHANGES_URL, label = "PageAdmin.auth.previewChanges.label", description = "PageAdmin.auth.previewChanges.description")
})
public class PagePreviewChanges<O extends ObjectType> extends PageAdmin {
private static final long serialVersionUID = 1L;
Expand All @@ -67,6 +61,10 @@ public class PagePreviewChanges<O extends ObjectType> extends PageAdmin {
private Map<PrismObject<O>, ModelContext<O>> modelContextMap;
private ModelInteractionService modelInteractionService;

public PagePreviewChanges() {
throw new RestartResponseException(getApplication().getHomePage());
}

public PagePreviewChanges(Map<PrismObject<O>, ModelContext<O>> modelContextMap, ModelInteractionService modelInteractionService) {
this.modelContextMap = modelContextMap;
this.modelInteractionService = modelInteractionService;
Expand Down
28 changes: 26 additions & 2 deletions ...gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/SceneItemValuePanel.java
View file
Expand Up @@ -9,14 +9,22 @@

import com.evolveum.midpoint.gui.api.component.BasePanel;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.model.api.ModelAuthorizationAction;
import com.evolveum.midpoint.model.api.visualizer.SceneItemValue;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.PrismReference;
import com.evolveum.midpoint.prism.PrismReferenceValue;
import com.evolveum.midpoint.schema.constants.ObjectTypes;
import com.evolveum.midpoint.util.exception.*;
import com.evolveum.midpoint.web.component.data.column.ImagePanel;
import com.evolveum.midpoint.web.component.data.column.LinkPanel;
import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
import com.evolveum.midpoint.web.util.ObjectTypeGuiDescriptor;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;

import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;

import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.model.IModel;
Expand Down Expand Up @@ -98,8 +106,24 @@ public String getObject() {
}

private boolean hasValidReferenceValue(SceneItemValue object) {
return object != null && object.getSourceValue() != null && object.getSourceValue() instanceof PrismReferenceValue
&& ((PrismReferenceValue) object.getSourceValue()).getTargetType() != null;
PrismReferenceValue target = null;
if (object != null && object.getSourceValue() != null
&& object.getSourceValue() instanceof PrismReferenceValue
&& (object.getSourceValue() != null)) {
target = (PrismReferenceValue) object.getSourceValue();
}
if (target == null) {
return false;
}

QName targetType = target.getTargetType();
if (target == null) {
return false;
}

Class<? extends ObjectType> targetClass = getPrismContext().getSchemaRegistry().getCompileTimeClass(targetType);

return WebComponentUtil.isAuthorized(targetClass);
}

private ObjectTypeGuiDescriptor getObjectTypeDescriptor() {
Expand Down
30 changes: 24 additions & 6 deletions gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/ScenePanel.java
View file
Expand Up @@ -10,6 +10,7 @@
import com.evolveum.midpoint.gui.api.component.BasePanel;
import com.evolveum.midpoint.gui.api.page.PageBase;
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.model.api.ModelAuthorizationAction;
import com.evolveum.midpoint.model.api.visualizer.Scene;
import com.evolveum.midpoint.prism.PrismContainerDefinition;
import com.evolveum.midpoint.prism.PrismContainerValue;
Expand All @@ -20,6 +21,8 @@
import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.application.AuthorizationAction;
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.component.AjaxButton;
import com.evolveum.midpoint.web.component.data.column.LinkPanel;
import com.evolveum.midpoint.web.component.util.VisibleBehaviour;
Expand All @@ -36,6 +39,9 @@
import org.apache.wicket.model.*;
import org.jetbrains.annotations.NotNull;

import java.util.ArrayList;
import java.util.List;

/**
* @author mederly
*/
Expand Down Expand Up @@ -200,28 +206,28 @@ public boolean isVisible() {
return getModelObject().isWrapper();
}
};
VisibleEnableBehaviour visibleIfExistingObject = new VisibleEnableBehaviour() {
VisibleEnableBehaviour visibleIfExistingObjectAndAuthorized = new VisibleEnableBehaviour() {
@Override
public boolean isVisible() {
if (getModelObject().isWrapper()) {
return false;
}
return isExistingViewableObject();
return isExistingViewableObject() && isAutorized();
}
};
VisibleEnableBehaviour visibleIfNotWrapperAndNotExistingObject = new VisibleEnableBehaviour() {
VisibleEnableBehaviour visibleIfNotWrapperAndNotExistingObjectAndNotAuthorized = new VisibleEnableBehaviour() {
@Override
public boolean isVisible() {
if (getModelObject().isWrapper()) {
return false;
}
return !isExistingViewableObject();
return !isExistingViewableObject() || !isAutorized();
}
};
headerChangeType.add(visibleIfNotWrapper);
headerObjectType.add(visibleIfNotWrapper);
headerNameLabel.add(visibleIfNotWrapperAndNotExistingObject);
headerNameLink.add(visibleIfExistingObject);
headerNameLabel.add(visibleIfNotWrapperAndNotExistingObjectAndNotAuthorized);
headerNameLink.add(visibleIfExistingObjectAndAuthorized);
headerDescription.add(visibleIfNotWrapper);
headerWrapperDisplayName.add(visibleIfWrapper);

Expand Down Expand Up @@ -397,4 +403,16 @@ private boolean isOperationalItem(IModel<SceneItemDto> sceneDtoModel){
}
return sceneDtoModel.getObject().isOperational();
}

private boolean isAutorized() {
Scene scene = getModelObject().getScene();
PrismContainerValue<?> value = scene.getSourceValue();
if (value == null || !(value.getParent() instanceof PrismObject)) {
return true;
}

Class<? extends ObjectType> clazz = ((PrismObject<? extends ObjectType>) value.getParent()).getCompileTimeClass();

return WebComponentUtil.isAuthorized(clazz);
}
}
17 changes: 4 additions & 13 deletions gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PageOrgSelfProfile.java
View file
Expand Up @@ -24,19 +24,17 @@
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.component.breadcrumbs.Breadcrumb;

/**
* @author Viliam Repan (lazyman)
* @author Radovan Semancik
*/
@PageDescriptor(url = {"/self/profile/org/unit"}, action = {
@AuthorizationAction(actionUri = PageSelf.AUTH_SELF_ALL_URI,
label = PageSelf.AUTH_SELF_ALL_LABEL,
description = PageSelf.AUTH_SELF_ALL_DESCRIPTION),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_SELF_PROFILE_URL,
label = "PageSelfProfile.auth.profile.label",
description = "PageSelfProfile.auth.profile.description")})
label = "PageOrgSelfProfile.auth.profile.label",
description = "PageOrgSelfProfile.auth.profile.description")})
public class PageOrgSelfProfile extends PageOrgUnit {

private static final long serialVersionUID = 1L;

public PageOrgSelfProfile() {
super();
}
Expand All @@ -45,13 +43,6 @@ public PageOrgSelfProfile(PageParameters parameters) {
super(parameters);
}

public PageOrgSelfProfile(PrismObject<OrgType> org) {
super(org);
}

private static final long serialVersionUID = 1L;
private static final Trace LOGGER = TraceManager.getTrace(PageOrgSelfProfile.class);

@Override
protected String getObjectOidParameter() {
return WebModelServiceUtils.getLoggedInFocusOid();
Expand Down
24 changes: 4 additions & 20 deletions gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PageRoleSelfProfile.java
View file
Expand Up @@ -6,39 +6,27 @@
*/
package com.evolveum.midpoint.web.page.self;

import com.evolveum.midpoint.gui.api.GuiConstants;
import com.evolveum.midpoint.gui.api.GuiStyleConstants;
import com.evolveum.midpoint.web.page.admin.roles.PageRole;

import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;

import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.request.mapper.parameter.PageParameters;

import com.evolveum.midpoint.gui.api.GuiStyleConstants;
import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.security.api.AuthorizationConstants;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.application.AuthorizationAction;
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.component.breadcrumbs.Breadcrumb;
import com.evolveum.midpoint.web.page.admin.PageAdminFocus;
import com.evolveum.midpoint.web.page.admin.users.PageUser;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.midpoint.web.page.admin.roles.PageRole;

/**
* @author Viliam Repan (lazyman)
* @author Radovan Semancik
*/
@PageDescriptor(url = {"/self/profile/role"}, action = {
@AuthorizationAction(actionUri = PageSelf.AUTH_SELF_ALL_URI,
label = PageSelf.AUTH_SELF_ALL_LABEL,
description = PageSelf.AUTH_SELF_ALL_DESCRIPTION),
@AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_SELF_PROFILE_URL,
label = "PageSelfProfile.auth.profile.label",
description = "PageSelfProfile.auth.profile.description")})
label = "PageRoleSelfProfile.auth.profile.label",
description = "PageRoleSelfProfile.auth.profile.description")})
public class PageRoleSelfProfile extends PageRole {

public PageRoleSelfProfile() {
Expand All @@ -49,10 +37,6 @@ public PageRoleSelfProfile(PageParameters parameters) {
super(parameters);
}

public PageRoleSelfProfile(PrismObject<RoleType> role) {
super(role);
}

private static final long serialVersionUID = 1L;
private static final Trace LOGGER = TraceManager.getTrace(PageRoleSelfProfile.class);

Expand Down

0 comments on commit be77284

Please sign in to comment.