Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XWIKI-17533: Allow to set custom rights in administration #1644

Merged
merged 4 commits into from Jun 17, 2021
Merged

XWIKI-17533: Allow to set custom rights in administration #1644

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ddc9d9f
XWIKI-17533: Allow to set custom rights in administration
surli Jun 14, 2021
bb3dcc4
XWIKI-17533: Allow to set custom rights in administration
surli Jun 15, 2021
54ce02c
XWIKI-17533: Allow to set custom rights in administration
surli Jun 16, 2021
515c452
XWIKI-17533: Allow to set custom rights in administration
surli Jun 17, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
301 changes: 301 additions & 0 deletions ...tion/xwiki-platform-administration-ui/src/main/resources/XWiki/AdminCustomRightsSheet.xml
View file
Open in desktop
@@ -0,0 +1,301 @@
<?xml version="1.1" encoding="UTF-8"?>

<!--
* See the NOTICE file distributed with this work for additional
* information regarding copyright ownership.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
-->

<xwikidoc version="1.4" reference="XWiki.AdminCustomRightsSheet" locale="">
<web>XWiki</web>
<name>AdminCustomRightsSheet</name>
<language/>
<defaultLanguage/>
<translation>0</translation>
<creator>xwiki:XWiki.Admin</creator>
<parent>Main.WebHome</parent>
<author>xwiki:XWiki.Admin</author>
<contentAuthor>xwiki:XWiki.Admin</contentAuthor>
<version>1.1</version>
<title>AdminCustomRightsSheet</title>
<comment/>
<minorEdit>false</minorEdit>
<syntaxId>xwiki/2.1</syntaxId>
<hidden>true</hidden>
<content>{{velocity}}
### Sheet used to generically display the XWikiPreferences object fields in the administration sheets.
{{html}}
&lt;form method="post" action="$xwiki.getURL($currentDoc, 'saveandcontinue')" class="xform"&gt;
############################################################################################
## RIGHTS
############################################################################################
&lt;fieldset&gt;
#template('rightsUI.vm')
&lt;/fieldset&gt;
&lt;/form&gt;
{{/html}}
{{/velocity}}</content>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think of adding a PageTest for this document?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

quite frankly I'm not sure it worthes it

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would you not? Templates are very easy to break on change, so adding some test (even if it's only testing what you changed) seems valuable to me.

Copy link
Member

@vmassol vmassol Jun 15, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@surli said differently, where do you validate that the HTML is correct and that it works? do you have a functional test? it's definitely needed to test somewhere this code.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No I don't have test for now for this. I'll try to provide it for 13.5, I'll merge it like that for now so that I can ensure it's possible to have it for 13.5RC1. Note that I tested it manually and also this code is a copy/paste of what's in AdminWikisRightsSheet.

<object>
<name>XWiki.AdminCustomRightsSheet</name>
<number>0</number>
<className>XWiki.ConfigurableClass</className>
<guid>bad3af00-4a01-48b8-94ca-2111b758d219</guid>
<class>
<name>XWiki.ConfigurableClass</name>
<customClass/>
<customMapping/>
<defaultViewSheet/>
<defaultEditSheet/>
<defaultWeb/>
<nameField/>
<validationScript/>
<categoryIcon>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>categoryIcon</name>
<number>11</number>
<picker>0</picker>
<prettyName>categoryIcon</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</categoryIcon>
<codeToExecute>
<contenttype>VelocityWiki</contenttype>
<customDisplay/>
<disabled>0</disabled>
<editor>---</editor>
<hint/>
<name>codeToExecute</name>
<number>7</number>
<picker>0</picker>
<prettyName>codeToExecute</prettyName>
<rows>5</rows>
<size>40</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.TextAreaClass</classType>
</codeToExecute>
<configurationClass>
<cache>0</cache>
<classname/>
<customDisplay/>
<defaultValue/>
<disabled>0</disabled>
<displayType>input</displayType>
<freeText/>
<hint/>
<idField/>
<largeStorage>0</largeStorage>
<multiSelect>0</multiSelect>
<name>configurationClass</name>
<number>3</number>
<picker>1</picker>
<prettyName>configurationClass</prettyName>
<relationalStorage>0</relationalStorage>
<separator> </separator>
<separators/>
<size>30</size>
<sort>none</sort>
<sql/>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<valueField/>
<classType>com.xpn.xwiki.objects.classes.PageClass</classType>
</configurationClass>
<configureGlobally>
<customDisplay/>
<defaultValue/>
<disabled>0</disabled>
<displayFormType>checkbox</displayFormType>
<displayType/>
<hint/>
<name>configureGlobally</name>
<number>4</number>
<prettyName>configureGlobally</prettyName>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.BooleanClass</classType>
</configureGlobally>
<displayBeforeCategory>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>displayBeforeCategory</name>
<number>10</number>
<picker>0</picker>
<prettyName>displayBeforeCategory</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</displayBeforeCategory>
<displayInCategory>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>displayInCategory</name>
<number>9</number>
<picker>0</picker>
<prettyName>displayInCategory</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</displayInCategory>
<displayInSection>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>displayInSection</name>
<number>1</number>
<picker>0</picker>
<prettyName>displayInSection</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</displayInSection>
<heading>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>heading</name>
<number>2</number>
<picker>0</picker>
<prettyName>heading</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</heading>
<iconAttachment>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>iconAttachment</name>
<number>8</number>
<picker>0</picker>
<prettyName>iconAttachment</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</iconAttachment>
<linkPrefix>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>linkPrefix</name>
<number>5</number>
<picker>0</picker>
<prettyName>linkPrefix</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.StringClass</classType>
</linkPrefix>
<propertiesToShow>
<cache>0</cache>
<customDisplay/>
<defaultValue/>
<disabled>0</disabled>
<displayType>input</displayType>
<freeText/>
<hint/>
<largeStorage>0</largeStorage>
<multiSelect>1</multiSelect>
<name>propertiesToShow</name>
<number>6</number>
<picker>0</picker>
<prettyName>propertiesToShow</prettyName>
<relationalStorage>1</relationalStorage>
<separator> </separator>
<separators> ,|</separators>
<size>20</size>
<sort>none</sort>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<values/>
<classType>com.xpn.xwiki.objects.classes.StaticListClass</classType>
</propertiesToShow>
<sectionOrder>
<customDisplay/>
<disabled>0</disabled>
<hint/>
<name>sectionOrder</name>
<number>12</number>
<numberType>integer</numberType>
<prettyName>sectionOrder</prettyName>
<size>30</size>
<unmodifiable>0</unmodifiable>
<validationMessage/>
<validationRegExp/>
<classType>com.xpn.xwiki.objects.classes.NumberClass</classType>
</sectionOrder>
</class>
<property>
<categoryIcon/>
</property>
<property>
<codeToExecute>{{include reference="XWiki.AdminCustomRightsSheet" /}}</codeToExecute>
</property>
<property>
<configurationClass/>
</property>
<property>
<configureGlobally>1</configureGlobally>
</property>
<property>
<displayBeforeCategory/>
</property>
<property>
<displayInCategory>usersgroups</displayInCategory>
</property>
<property>
<displayInSection>usersgroups.customrights</displayInSection>
</property>
<property>
<heading/>
</property>
<property>
<iconAttachment/>
</property>
<property>
<linkPrefix/>
</property>
<property>
<propertiesToShow/>
</property>
<property>
<sectionOrder>375</sectionOrder>
</property>
</object>
</xwikidoc>
1 change: 1 addition & 0 deletions ...istration/xwiki-platform-administration-ui/src/main/resources/XWiki/AdminTranslations.xml
View file
Open in desktop
Expand Up @@ -140,6 +140,7 @@ administration.section.users.deleteUser.newAuthor.hint=Select an user that has {
administration.section.users.deleteUser.newAuthor.error=The selected user doesn''t have {0} rights!
administration.section.users.deleteUser.newAuthor.programming=programming
administration.section.users.deleteUser.newAuthor.script=script
admin.usersgroups.customrights=Custom Rights

# Other Category
admin.other=Other
Expand Down
33 changes: 24 additions & 9 deletions ...mingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/rightsUI.vm
View file
Open in desktop
Expand Up @@ -40,13 +40,25 @@ $xwiki.ssfx.use('js/xwiki/usersandgroups/usersandgroups.css', true)
$xwiki.jsfx.use('js/xwiki/table/livetable.js', true)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think of adding a PageTest for this template?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same answer

$xwiki.ssfx.use('js/xwiki/table/livetable.css', true)
## for admin, register, programming and createwiki, allow preceedes over deny
#if("$!request.section"=='wikis.rights')
#set ($standardRights = ['view', 'comment', 'edit', 'script', 'delete', 'admin', 'register', 'programming', 'login',
'createwiki'])
#set ($sectionWikiRights = "wikis.rights")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

very minor, could be in single quotes

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there any advantage to use single quote vs double quote? I generally use double quote because of the Java habit

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIRC single quote content is not interpreted whereas double quotes content is, making the single quote alternative slightly faster on static content such as this one.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok so indeed might worth it to change that, thanks

Copy link
Member

@vmassol vmassol Jun 15, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes it's our best practice to use single quotes to the max (for the reason mentioned by Manuel)

#set ($sectionExtensionRights = "usersgroups.customrights")
#if("$!request.section"==$sectionWikiRights)
#set ($rightsLevels = {'createwiki': 0})
#set ($allowWins = [0])
## This should be changed in the future to include dynamically registered rights.
#elseif ($services.security.authorization.isRightRegistered('like'))
#set ($rightsLevels = {'view': 0, 'like': 1, 'comment': 2, 'edit': 3, 'script': 4, 'delete': 5, 'admin': 6, 'register': 7, 'programming': 8})
#set ($allowWins = [5, 6, 7])
#elseif ("$!request.section"==$sectionExtensionRights)
#set ($allRights = $services.security.authorization.allRightsNames)
#set ($rightsLevels = {})
#set ($allowWins = [])
#set ($index = 0)
#foreach ($right in $allRights)
#if (!$standardRights.contains($right))
#set ($discard = $rightsLevels.put($right, $index))
#set ($discard = $allowWins.add($index))
#set ($index = $index + 1)
#end
#end
#else
#set ($rightsLevels = {'view': 0, 'comment': 1, 'edit': 2, 'script': 3, 'delete': 4, 'admin': 5, 'register': 6, 'programming': 7})
#set ($allowWins = [5, 6, 7])
Expand All @@ -56,7 +68,7 @@ $xwiki.ssfx.use('js/xwiki/table/livetable.css', true)
#set ($discard = $levelsRights.put($rightsLevels.get($r), $r))
#end
#set ($maxlevel = $rightsLevels.get('delete')) ## Default: view, comment, edit, script, delete
#if("$!request.section"=='wikis.rights')
#if("$!request.section"==$sectionWikiRights)
#set ($maxlevel = $rightsLevels.get('createwiki'))
#set ($clsname = 'XWiki.XWikiGlobalRights')
#else
Expand All @@ -82,7 +94,9 @@ $xwiki.ssfx.use('js/xwiki/table/livetable.css', true)
#set ($clsname = 'XWiki.XWikiRights')
#end
#end

#if ("$!request.section"==$sectionExtensionRights)
#set ($maxlevel = $index - 1)
#end
## Get rights allowed for the current user
#set ($currentAllowed = {})
#foreach ($i in [0..$maxlevel])
Expand Down Expand Up @@ -235,7 +249,8 @@ $xwiki.ssfx.use('js/xwiki/table/livetable.css', true)
</table>
## Global settings: mandatory authentication for view/edit, captcha
#set ($guest_comment_captcha_prop = $targetDocument.getObject('XWiki.XWikiPreferences').getxWikiClass().get('guest_comment_requires_captcha'))
#if (("$!request.editor" == 'globaladmin' || "$!editor" == 'globaladmin' || $guest_comment_captcha_prop) && $request.section != 'wikis.rights')
#if (("$!request.editor" == 'globaladmin' || "$!editor" == 'globaladmin' || $guest_comment_captcha_prop)
&& $request.section != $sectionWikiRights && $request.section != $sectionExtensionRights)
<dl class="rights-settings">
#if ("$!request.editor" == 'globaladmin' || "$!editor" == 'globaladmin')
#set ($auth_view = $targetDocument.getObject('XWiki.XWikiPreferences').getProperty('authenticate_view').getValue())
Expand Down Expand Up @@ -342,7 +357,7 @@ $xwiki.ssfx.use('js/xwiki/table/livetable.css', true)
$('unregistered').removeClassName('hidden');
}
});
#if("$!editor" == 'globaladmin' && $request.section != 'wikis.rights')
#if("$!editor" == 'globaladmin' && $request.section != $sectionWikiRights && $request.section != $sectionExtensionRights)
Event.observe($('authenticate_view'), 'click', setBooleanPropertyFromLiveCheckbox($('authenticate_view'), '$xwiki.getURL('XWiki.XWikiPreferences', 'save', "form_token=$!{services.csrf.getToken()}")', 'XWiki.XWikiPreferences', 0));
Event.observe($('authenticate_edit'), 'click', setBooleanPropertyFromLiveCheckbox($('authenticate_edit'), '$xwiki.getURL('XWiki.XWikiPreferences', 'save', "form_token=$!{services.csrf.getToken()}")', 'XWiki.XWikiPreferences', 0));
#end
Expand Down