* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
/**
* Detail Page for Permissions
- *
+ *
* @author Jonathan
*
*/
/**
* Implement the table content for Permissions Detail
- *
+ *
* @author Jonathan
*
*/
public void prefix(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
final String pRole = trans.get(sRoleName, null);
Validator v = new Validator();
- v.role(pRole);
- if(v.err()) {
+ if(!v.isNull("Role",pRole).err()) {
+ if(!pRole.startsWith(trans.user())) {
+ v.role(pRole);
+ }
+ }
+ if (v.err()) {
trans.warn().printf("Error in PermDetail Request: %s", v.errs());
return;
}
-
- try {
+
+ try {
gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
@Override
public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
try {
Future<Roles> fr = client.read("/authz/roles/"+pRole+"?ns",gui.getDF(Roles.class));
Future<UserRoles> fur = client.read("/authz/userRoles/role/"+pRole,gui.getDF(UserRoles.class));
- if(fr.get(AAF_GUI.TIMEOUT)) {
+ if (fr.get(AAF_GUI.TIMEOUT)) {
List<Role> roles = fr.value.getRole();
- if(!roles.isEmpty()) {
+ if (!roles.isEmpty()) {
Role role = fr.value.getRole().get(0);
trans.put(sRole, role);
Boolean mayWrite = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"write"));
trans.put(sMayWrite,mayWrite);
Boolean mayApprove = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"approve"));
trans.put(sMayApprove, mayApprove);
-
- if(mayWrite || mayApprove) {
+
+ if (mayWrite || mayApprove) {
Mark js = new Mark();
Mark fn = new Mark();
hgen.js(js)
"dcb.checked= (d.orig != d.value)"
).end(fn)
.end(js);
-
+
Mark mark = new Mark();
hgen.incr(mark,"form","method=post");
trans.put(sMark, mark);
trans.error().printf("Error calling AAF for Roles in GUI, Role Detail %d: %s",fr.code(),fr.body());
return false;
}
-
- if(fur.get(AAF_GUI.TIMEOUT)) {
+
+ if (fur.get(AAF_GUI.TIMEOUT)) {
trans.put(sUserRole, fur.value.getUserRole());
} else {
trans.error().printf("Error calling AAF for UserRoles in GUI, Role Detail %d: %s",fr.code(),fr.body());
final String pRole = trans.get(sRoleName, null);
final Role role = trans.get(sRole,null);
ArrayList<AbsCell[]> rv = new ArrayList<>();
-
- if(role!=null) {
+
+ if (role!=null) {
boolean mayWrite = trans.get(sMayWrite, false);
boolean mayApprove = trans.get(sMayApprove, false);
rv.add(new AbsCell[]{
new TextCell("Role:","width=45%"),
new TextCell(pRole)});
- if(mayWrite) {
+ if (mayWrite) {
rv.add(new AbsCell[]{
new TextCell("Description:","width=45%"),
new TextInputCell("description","textInput",desc,"id=descText","onkeypress=touchedDesc()"),
boolean protectedRole = role.getName().endsWith(".owner") ||
role.getName().endsWith(".admin");
boolean first = true;
- for(Pkey r : role.getPerms()) {
+ for (Pkey r : role.getPerms()) {
String key=r.getType() + '|' + r.getInstance() + '|' + r.getAction();
- if(mayWrite) {
+ if (mayWrite) {
rv.add(new AbsCell[] {
AbsCell.Null,
protectedRole && r.getType().endsWith(".access")
new TextCell(key)
});
} else {
- if(first) {
+ if (first) {
rv.add(new AbsCell[] {
new TextCell("Associated Permissions:","width=45%"),
new TextCell(key)
}
}
}
-
- if(mayApprove) {
+
+ if (mayApprove) {
rv.add(AbsCell.HLINE);
- //
+ //
rv.add(new AbsCell[] {
new TextCell("Users in Role:","width=25%"),
new TextCell("Delete","width=10%"),
});
List<UserRole> userroles = trans.get(sUserRole,null);
- if(userroles!=null) {
- for(UserRole ur : userroles) {
+ if (userroles!=null) {
+ for (UserRole ur : userroles) {
String tag = "userrole";
-
+
rv.add(new AbsCell[] {
AbsCell.Null,
new CheckBoxCell(tag+".delete", ur.getUser()),
}
}
}
-
- // History
+
+ // History
rv.add(new AbsCell[] {
- new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false)
+ new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false,"class=greenbutton")
});
} else {
rv.add(new AbsCell[]{
@Override
public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
final Mark mark = trans.get(sMark, null);
- if(mark!=null) {
+ if (mark!=null) {
hgen.tagOnly("input", "type=submit", "value=Submit");
final String pNS = trans.get(sNS, null);
- if(pNS!=null && pNS.length()>0) {
+ if (pNS!=null && pNS.length()>0) {
hgen.leaf(mark,HTMLGen.A,"href="+NsDetail.HREF+"?ns="+pNS,"class=greenbutton").text("Back").end(mark);
}
hgen.end(mark);
}
}
-}
+}
\ No newline at end of file
Code Review / aaf / authz.git / blobdiff