{
addRepository();
- roleManager.addRepository( getRepoId() );
+ roleManager.addRepository( repository.getId() );
configurationStore.storeConfiguration( configuration );
}
roleManager.addUser( user.getPrincipal().toString() );
+ addActionMessage( "user " + username + " was successfully registered!");
}
if ( hasActionErrors() )
// for displaying the potential repositories to be displayed, remove the global resource
// from the list
resources = rbacManager.getAllResources();
- resources.remove( rbacManager.getGlobalResource() );
+ //resources.remove( rbacManager.getGlobalResource() );
// check if the user has any roles assigned to them, and populate the lists for
// rendering assign and remove roles links
manager.saveOperation( operation );
}
+ if ( !manager.operationExists( "grant-roles" ) )
+ {
+ Operation operation = manager.createOperation( "grant-roles" );
+ manager.saveOperation( operation );
+ }
+
if ( !manager.operationExists( "remove-roles" ) )
{
Operation operation = manager.createOperation( "remove-roles" );
manager.savePermission( editAllUsers );
}
+ if ( !manager.permissionExists( "Grant Roles" ) )
+ {
+ Permission granRoles = manager.createPermission( "Grant Roles", "grant-roles",
+ manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( granRoles );
+ }
+
if ( !manager.permissionExists( "Remove Roles" ) )
{
- Permission editAllUsers = manager.createPermission( "Remove Roles", "remove-roles",
+ Permission removeRoles = manager.createPermission( "Remove Roles", "remove-roles",
manager.getGlobalResource().getIdentifier() );
- manager.savePermission( editAllUsers );
+ manager.savePermission( removeRoles );
}
if ( !manager.permissionExists( "Regenerate Index" ) )
Role userAdmin = manager.createRole( "User Administrator" );
userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
+ userAdmin.addPermission( manager.getPermission( "Grant Roles" ) );
userAdmin.setAssignable( true );
manager.saveRole( userAdmin );
}
if ( !manager.roleExists( "System Administrator" ) )
{
Role admin = manager.createRole( "System Administrator" );
- admin.addChildRole( manager.getRole( "User Administrator" ) );
+ admin.addChildRoleName( manager.getRole( "User Administrator" ).getName() );
admin.addPermission( manager.getPermission( "Edit Configuration" ) );
admin.addPermission( manager.getPermission( "Run Indexer" ) );
admin.addPermission( manager.getPermission( "Add Repository" ) );
regenReports = manager.savePermission( regenReports );
// make the roles
- Role repositoryObserver = manager.createRole( "Repository Manager - " + repositoryName );
+ Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
repositoryObserver.addPermission( editRepo );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
repositoryManager.addPermission( editRepo );
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( regenReports );
- repositoryManager.addChildRole( repositoryObserver );
+ repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );
</action>
- <action name="user" class="userManagement">
+ <action name="user" class="userManagement" method="display">
<result name="success">/WEB-INF/jsp/user.jsp</result>
</action>
<c:forEach items="${repositories}" var="repository" varStatus="i">
<div>
<div style="float: right">
- <%-- TODO replace with icons --%>
- <a href="<ww:url action="editRepository" method="input"><ww:param name="repoId" value="%{'${repository.id}'}" /></ww:url>">Edit
- Repository</a> | <a
- href="<ww:url action="deleteRepository" method="input"><ww:param name="repoId" value="%{'${repository.id}'}" /></ww:url>">Delete
- Repository</a>
+ <ww:url id="editRepositoryUrl" action="editRepository" method="input">
+ <ww:param name="repoId" value="%{'${repository.id}'}" />
+ </ww:url>
+ <ww:url id="deleteRepositoryUrl" action="deleteRepository" method="input">
+ <ww:param name="repoId" value="%{'${repository.id}'}" />
+ </ww:url>
+ <%-- TODO replace with icons --%>
+ <pss:ifAuthorized permission="edit-repository" resource="${repository.id}"><ww:a href="%{editRepositoryUrl}">Edit Repository</ww:a></pss:ifAuthorized> | <pss:ifAuthorized permission="delete-repository" resource="${repository.id}"><ww:a href="%{deleteRepositoryUrl}">Delete Repository</ww:a></pss:ifAuthorized>
</div>
<h3>${repository.name}</h3>
<table class="infoTable">
<my:currentWWUrl action="browse" namespace="/">Browse</my:currentWWUrl>
</li>
</ul>
- <h5>Manage</h5>
- <ul>
- <li class="none">
- <my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
- </li>
-
- <%-- TODO
- <li class="none">
- <a href="#">Synchronisation</a>
- </li>
- --%>
-
- <li class="expanded">
- <my:currentWWUrl action="index" namespace="/admin">Administration</my:currentWWUrl>
- <ul>
+ <pss:ifAnyAuthorized permissions="edit-all-users,get-reports,edit-configuration">
+ <h5>Manage</h5>
+ <ul>
+ <pss:ifAuthorized permission="get-reports">
<li class="none">
- <my:currentWWUrl action="proxiedRepositories" namespace="/admin">Proxied Repositories</my:currentWWUrl>
+ <my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
</li>
-
- <%-- TODO: add back after synced repos are implemented
- <li class="none">
- <my:currentWWUrl action="syncedRepositories" namespace="/admin">Synced Repositories</my:currentWWUrl>
- </li>
+ </pss:ifAuthorized>
+ <%-- TODO
+ <li class="none">
+ <a href="#">Synchronisation</a>
+ </li>
--%>
- <pss:ifAuthorized permission="edit-all-users">
- <li class="none">
- <my:currentWWUrl action="userManagement" namespace="/admin">User Management</my:currentWWUrl>
- </li>
- </pss:ifAuthorized>
- </ul>
- </li>
- </ul>
-
+ <pss:ifAnyAuthorized permissions="edit-configuration,edit-all-users">
+ <li class="expanded">
+ <pss:ifAuthorized permission="edit-all-users">
+ <my:currentWWUrl action="userManagement" namespace="/admin">User Management</my:currentWWUrl>
+ </pss:ifAuthorized>
+ </li>
+ <li>
+ <pss:ifAuthorized permission="edit-configuration">
+ <my:currentWWUrl action="index" namespace="/admin">Administration</my:currentWWUrl>
+ </pss:ifAuthorized>
+
+ <ul>
+ <li class="none">
+ <my:currentWWUrl action="proxiedRepositories" namespace="/admin">Proxied Repositories</my:currentWWUrl>
+ </li>
+
+ <%-- TODO: add back after synced repos are implemented
+ <li class="none">
+ <my:currentWWUrl action="syncedRepositories" namespace="/admin">Synced Repositories</my:currentWWUrl>
+ </li>
+ --%>
+ </ul>
+ </li>
+ </pss:ifAnyAuthorized>
+ </ul>
+ </pss:ifAnyAuthorized>
<br/>
</div>
</div>
</div>
+ <p>
+ <ww:actionmessage/>
+ </p>
+
<h2>Login</h2>
<ww:form action="login">
<table class="bodyTable">
<table class="bodyTable">
<ww:iterator id="role" value="assignedRoles">
- <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
- <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
- <ww:param name="roleName">${sessionScope.SecuritySessionUser.name}</ww:param>
- </ww:url>
+
<tr class="a">
<td>
<em>${role.name}</em><br/>
</td>
<td>
- <ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
+ <pss:ifAuthorized permission="remove-roles">
+ <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
+ <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
+ </pss:ifAuthorized>
</td>
</tr>
</ww:iterator>
</table>
+ <%-- this is for debug purposes only --%>
+ <div id="sidebar">
+ <ww:iterator id="role" value="availableRoles">
+ <ww:url id="addRoleUrl" action="assignRoleToUser">
+ <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{addRoleUrl}">${role.name}</ww:a>
+ <br/>
+ </ww:iterator>
+ </div>
+
<h2>Grant Roles</h2>
<p>
- <ww:iterator id="role" value="availableRoles">
- <ww:url id="addRoleUrl" action="assignRoleToUser">
- <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
- <ww:param name="roleName">${role.name}</ww:param>
- </ww:url>
- <ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
- </ww:iterator>
+
</p>
+ <pss:ifAuthorized permission="grant-roles">
+ <ww:iterator id="role" value="availableRoles">
+ <ww:url id="addRoleUrl" action="assignRoleToUser">
+ <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{addRoleUrl}">${role.name}</ww:a>
+ <br/>
+ </ww:iterator>
+ </pss:ifAuthorized>
<%--
<p>
This following screen needs have the various roles worked into it.
</td>
</tr>
- --%>
+
<tr class="a">
<td></td>
<td>
</tr>
</table>
-
+ --%>
</div>
</div>
projects / archiva.git / commitdiff