-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add permissions for Site Administrators to manage groups
- Loading branch information
1 parent
57142e1
commit c9f973c
Showing
45 changed files
with
686 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<groupId>es.keensoft.alfresco</groupId> | ||
<artifactId>site-groups-repo</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
<name>site-groups-repo Repository AMP project</name> | ||
<packaging>amp</packaging> | ||
<description>Manages the lifecycle of the site-groups-repo Repository AMP (Alfresco Module Package)</description> | ||
|
||
<parent> | ||
<groupId>org.alfresco.maven</groupId> | ||
<artifactId>alfresco-sdk-parent</artifactId> | ||
<version>2.1.0</version> | ||
</parent> | ||
|
||
<!-- | ||
SDK properties have sensible defaults in the SDK parent, | ||
but you can override the properties below to use another version. | ||
For more available properties see the alfresco-sdk-parent POM. | ||
--> | ||
<properties> | ||
<!-- The following are default values for data location and Alfresco Community version. | ||
Uncomment if you need to change (Note. current default version for Enterprise edition is 5.0.1) | ||
<alfresco.version>5.0.d</alfresco.version> | ||
<alfresco.data.location>alf_data_dev</alfresco.data.location> --> | ||
|
||
<!-- This control the root logging level for all apps uncomment and change, defaults to WARN | ||
<app.log.root.level>WARN</app.log.root.level> | ||
--> | ||
|
||
<!-- Set the enviroment to use, this controls which properties will be picked in src/test/properties | ||
for embedded run, defaults to the 'local' environment. See SDK Parent POM for more info. | ||
<env>local</env> | ||
--> | ||
</properties> | ||
|
||
<!-- Here we realize the connection with the Alfresco selected platform | ||
(e.g.version and edition) --> | ||
<dependencyManagement> | ||
<dependencies> | ||
<!-- Setup what versions of the different Alfresco artifacts that will be used (depends on alfresco.version), | ||
so we don't have to specify version in any of the dependency definitions in our POM. | ||
For more info see: | ||
http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html#Importing_Dependencies | ||
--> | ||
<dependency> | ||
<groupId>${alfresco.groupId}</groupId> | ||
<artifactId>alfresco-platform-distribution</artifactId> | ||
<version>${alfresco.version}</version> | ||
<type>pom</type> | ||
<scope>import</scope> | ||
</dependency> | ||
</dependencies> | ||
</dependencyManagement> | ||
|
||
<dependencies> | ||
<!-- Following dependencies are needed for compiling Java code in src/main/java; | ||
<scope>provided</scope> is inherited for each of the following; | ||
for more info, please refer to alfresco-platform-distribution POM --> | ||
<dependency> | ||
<groupId>${alfresco.groupId}</groupId> | ||
<artifactId>alfresco-repository</artifactId> | ||
</dependency> | ||
</dependencies> | ||
|
||
<profiles> | ||
<!-- | ||
Brings in the extra Enterprise specific repository classes, | ||
if the 'enterprise' profile has been activated, needs to be activated manually. | ||
--> | ||
<profile> | ||
<id>enterprise</id> | ||
<dependencies> | ||
<dependency> | ||
<groupId>${alfresco.groupId}</groupId> | ||
<artifactId>alfresco-enterprise-repository</artifactId> | ||
<version>${alfresco.version}</version> | ||
<scope>provided</scope> | ||
</dependency> | ||
</dependencies> | ||
</profile> | ||
|
||
<!-- | ||
If the 'amp-to-war' profile is enabled then make sure to bring in the alfresco-rad module, | ||
which has the H2 scripts and other RAD features. | ||
|
||
TODO: TO INVESTIGATE: This dependency is already defined in the parent SDK pom in the 'amp-to-war' profile | ||
but this does not work, it is not include... | ||
--> | ||
<profile> | ||
<id>amp-to-war</id> | ||
<dependencies> | ||
<dependency> | ||
<groupId>org.alfresco.maven</groupId> | ||
<artifactId>alfresco-rad</artifactId> | ||
<version>${maven.alfresco.version}</version> | ||
</dependency> | ||
</dependencies> | ||
</profile> | ||
</profiles> | ||
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: | ||
:: Dev environment startup script for Alfresco Community. :: | ||
:: :: | ||
:: Downloads the spring-loaded lib if not existing and :: | ||
:: runs the Repo AMP applied to Alfresco WAR. :: | ||
:: Note. the Share WAR is not deployed. :: | ||
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: | ||
@echo off | ||
|
||
set springloadedfile=%HOME%\.m2\repository\org\springframework\springloaded\1.2.3.RELEASE\springloaded-1.2.3.RELEASE.jar | ||
|
||
if not exist %springloadedfile% ( | ||
mvn validate -Psetup | ||
) | ||
|
||
set MAVEN_OPTS=-javaagent:"%springloadedfile%" -noverify -Xms256m -Xmx2G | ||
|
||
mvn integration-test -Pamp-to-war -nsu | ||
:: mvn integration-test -Pamp-to-war |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
#!/bin/bash | ||
# Downloads the spring-loaded lib if not existing and | ||
# runs the Repo AMP applied to Alfresco WAR. | ||
# Note. the Share WAR is not deployed. | ||
springloadedfile=~/.m2/repository/org/springframework/springloaded/1.2.3.RELEASE/springloaded-1.2.3.RELEASE.jar | ||
|
||
if [ ! -f $springloadedfile ]; then | ||
mvn validate -Psetup | ||
fi | ||
|
||
MAVEN_OPTS="-javaagent:$springloadedfile -noverify -Xms256m -Xmx2G" mvn integration-test -Pamp-to-war |
5 changes: 5 additions & 0 deletions
5
...oups-repo/src/main/amp/config/alfresco/module/site-groups-repo/alfresco-global.properties
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
## This Alfresco Repo Configuration file should be used for custom properties that are introduced by this module. | ||
## Define default values for all properties here. | ||
## System Administrators can override these values in environment specific configurations in | ||
## alfresco/tomcat/shared/classes/alfresco-global.properties. | ||
## |
25 changes: 25 additions & 0 deletions
25
...s-repo/src/main/amp/config/alfresco/module/site-groups-repo/context/webscript-context.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<?xml version='1.0' encoding='UTF-8'?> | ||
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'> | ||
<!-- | ||
Licensed to the Apache Software Foundation (ASF) under one or more | ||
contributor license agreements. See the NOTICE file distributed with | ||
this work for additional information regarding copyright ownership. | ||
The ASF licenses this file to You under the Apache License, Version 2.0 | ||
(the "License"); you may not use this file except in compliance with | ||
the License. You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
--> | ||
<beans> | ||
<bean class="es.keensoft.alfresco.webscript.RunAsUtil" id="runAsAdminUtil" parent="baseJavaScriptExtension"> | ||
<property name="extensionName"> | ||
<value>runAsAdminUtil</value> | ||
</property> | ||
</bean> | ||
</beans> |
39 changes: 39 additions & 0 deletions
39
site-groups-repo/src/main/amp/config/alfresco/module/site-groups-repo/log4j.properties
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Licensed to the Apache Software Foundation (ASF) under one or more | ||
# contributor license agreements. See the NOTICE file distributed with | ||
# this work for additional information regarding copyright ownership. | ||
# The ASF licenses this file to You under the Apache License, Version 2.0 | ||
# (the "License"); you may not use this file except in compliance with | ||
# the License. You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
#----------------------------------------------------------------------- | ||
# ${artifactId} module log4j.properties | ||
# | ||
# NOTE | ||
# ---- | ||
# Log4j uses the following logging levels: | ||
# debug,info,warn,error,fatal | ||
# | ||
# To set the logging level of {fullClassName} to {loglevel}, | ||
# add a line to this file of the following form: | ||
# | ||
# log4j.logger.{fullClassName}={loglevel} | ||
# | ||
# For example, to make 'com.example.MyExample' produce 'debug' | ||
# logs, add a line like this: | ||
# | ||
# log4j.logger.com.example.MyExample=debug | ||
# | ||
# | ||
# WARNING | ||
# ------- | ||
# Log properties in this log4j.properties file override/augment | ||
# those in the webapp's main log4j.properties. | ||
# | ||
#----------------------------------------------------------------------- |
24 changes: 24 additions & 0 deletions
24
site-groups-repo/src/main/amp/config/alfresco/module/site-groups-repo/module-context.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<?xml version='1.0' encoding='UTF-8'?> | ||
<!-- | ||
Licensed to the Apache Software Foundation (ASF) under one or more | ||
contributor license agreements. | ||
The ASF licenses this file to You under the Apache License, Version 2.0 | ||
(the "License"); you may not use this file except in compliance with | ||
the License. You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
--> | ||
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'> | ||
|
||
<beans> | ||
<!-- This is filtered by Maven at build time, so that module name is single sourced. --> | ||
<import resource="classpath:alfresco/module/${project.artifactId}/context/webscript-context.xml" /> | ||
|
||
</beans> |
15 changes: 15 additions & 0 deletions
15
...sco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.delete.desc.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
<webscript> | ||
<shortname>Remove an authority from a group</shortname> | ||
<description><![CDATA[ | ||
Remove an authority (USER or GROUP) from a group. A user will not be deleted by this method. | ||
<br /> | ||
You must have "administrator" privileges to alter a group. | ||
<br /> | ||
]]> | ||
</description> | ||
<url>/api/keensoft/groups/{shortGroupName}/children/{fullAuthorityName}</url> | ||
<format default="json">argument</format> | ||
<authentication>user</authentication> | ||
<transaction>required</transaction> | ||
<lifecycle>draft_public_api</lifecycle> | ||
</webscript> |
22 changes: 22 additions & 0 deletions
22
.../alfresco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.delete.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
function main() { | ||
runAsAdminUtil.runAsAdmin(deleteChildrenGroups); | ||
} | ||
|
||
var deleteChildrenGroups = function deleteChildrenGroups() | ||
{ | ||
var urlElements = url.extension.split("/"); | ||
var shortName = urlElements[0]; | ||
var fullAuthorityName = urlElements[2]; | ||
|
||
var group = groups.getGroup(shortName); | ||
if (group == null) | ||
{ | ||
// Group cannot be found | ||
status.setCode(status.STATUS_NOT_FOUND, "The group :" + shortName + ", does not exist."); | ||
return; | ||
} | ||
|
||
group.removeAuthority(fullAuthorityName); | ||
} | ||
|
||
main(); |
6 changes: 6 additions & 0 deletions
6
...sco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.delete.json.ftl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
<#-- Remove Group --> | ||
|
||
<#import "../authority.lib.ftl" as authorityLib/> | ||
{ | ||
|
||
} |
17 changes: 17 additions & 0 deletions
17
...resco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.post.desc.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<webscript> | ||
<shortname>Add group or user to a group</shortname> | ||
<description><![CDATA[ | ||
Adds a group or user to a group. The webscript will create a sub group if one does not already exist, with the fullAuthorityName. | ||
<br />You must have "administrator" privileges to modify groups. | ||
<br />If the authority is for a group and doe not exist then it is created. | ||
<br />The webscript returns Status_Created if a new group is created, otherwise it returns Status_OK. | ||
If Status_Created returns the new sub group, otherwise returns the group. | ||
]]> | ||
</description> | ||
<url>/api/keensoft/groups/{shortName}/children/{fullAuthorityName}</url> | ||
<format default="json">argument</format> | ||
<authentication>user</authentication> | ||
<transaction>required</transaction> | ||
<lifecycle>draft_public_api</lifecycle> | ||
</webscript> |
59 changes: 59 additions & 0 deletions
59
...ig/alfresco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.post.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
function main() { | ||
runAsAdminUtil.runAsAdmin(modifyChildrenGroups); | ||
} | ||
|
||
var modifyChildrenGroups = function modifyChildrenGroups() | ||
{ | ||
// Check that post is submitted as application/json | ||
if (headers["Content-Type"].indexOf("application/json") != 0) | ||
{ | ||
status.setCode(status.STATUS_BAD_REQUEST, "Request must be submitted as application/json"); | ||
return; | ||
} | ||
|
||
var urlElements = url.extension.split("/"); | ||
var shortName = urlElements[0]; | ||
var fullAuthorityName = urlElements[2]; | ||
|
||
var group = groups.getGroup(shortName); | ||
var GROUP_PREFIX = "GROUP_"; | ||
|
||
if (group == null) | ||
{ | ||
// Parent Group cannot be found | ||
status.setCode(status.STATUS_NOT_FOUND, "The group :" + shortName + ", does not exist."); | ||
return; | ||
} | ||
|
||
if (fullAuthorityName.match("^" + GROUP_PREFIX + "*")) | ||
{ | ||
var subGroupName = fullAuthorityName.substr(GROUP_PREFIX.length); | ||
var child = groups.getGroup(subGroupName); | ||
|
||
// This is a group authority | ||
if(child == null) | ||
{ | ||
// child does not exist | ||
child = group.createGroup(subGroupName, subGroupName); | ||
status.code = status.STATUS_CREATED; | ||
model.group = child; | ||
return; | ||
} | ||
} | ||
|
||
// Link an existing group or user | ||
try | ||
{ | ||
group.addAuthority(fullAuthorityName); | ||
} | ||
catch(e) | ||
{ | ||
status.code = status.STATUS_INTERNAL_SERVER_ERROR; | ||
return; | ||
} | ||
|
||
status.code = status.STATUS_OK; | ||
model.group | ||
} | ||
|
||
main(); |
10 changes: 10 additions & 0 deletions
10
...resco/templates/webscripts/org/alfresco/repository/groups/keensoft/children.post.json.ftl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
<#-- post children - add group or user to a group --> | ||
|
||
<#import "../authority.lib.ftl" as authorityLib/> | ||
{ | ||
<#if group??> | ||
"data": <@authorityLib.authorityJSON authority=group /> | ||
<#else> | ||
"data": { } | ||
</#if> | ||
} |
Oops, something went wrong.