From 61320e5902070e49d32379aab06faaa1544835ab Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Sun, 23 Sep 2012 19:31:09 +0000 Subject: [PATCH] Fix security git-svn-id: https://svn.argeo.org/commons/trunk@5568 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../META-INF/spring/commands.xml | 5 +- .../META-INF/spring/common.xml | 3 + .../security/ui/admin/commands/NewUser.java | 14 ++- .../ui/admin/commands/RefreshUsersList.java | 11 +- .../ui/admin/editors/ArgeoUserEditor.java | 9 +- .../ui/admin/editors/DefaultUserMainPage.java | 1 + .../security/ui/admin/views/UsersView.java | 106 +++++------------- .../ui/admin/wizards/NewUserWizard.java | 4 +- .../security/ui/rap/RapWorkbenchAdvisor.java | 8 +- .../src/main/java/org/argeo/jcr/JcrUtils.java | 10 +- 10 files changed, 70 insertions(+), 101 deletions(-) diff --git a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml index 94a222d0f..65a88be37 100644 --- a/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml +++ b/security/plugins/org.argeo.security.ui.admin/META-INF/spring/commands.xml @@ -11,14 +11,15 @@ - + + - + + + + \ No newline at end of file diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java index dab1b4ce7..f8ab321a3 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/NewUser.java @@ -15,8 +15,10 @@ */ package org.argeo.security.ui.admin.commands; +import javax.jcr.Repository; import javax.jcr.Session; +import org.argeo.jcr.JcrUtils; import org.argeo.security.UserAdminService; import org.argeo.security.jcr.JcrSecurityModel; import org.argeo.security.ui.admin.wizards.NewUserWizard; @@ -28,25 +30,29 @@ import org.eclipse.ui.handlers.HandlerUtil; /** Command handler to set visible or open a Argeo user. */ public class NewUser extends AbstractHandler { - private Session session; + private Repository repository; private UserAdminService userAdminService; private JcrSecurityModel jcrSecurityModel; public Object execute(ExecutionEvent event) throws ExecutionException { + Session session = null; try { + session = repository.login(); NewUserWizard newUserWizard = new NewUserWizard(session, - userAdminService,jcrSecurityModel); + userAdminService, jcrSecurityModel); WizardDialog dialog = new WizardDialog( HandlerUtil.getActiveShell(event), newUserWizard); dialog.open(); } catch (Exception e) { throw new ExecutionException("Cannot open wizard", e); + } finally { + JcrUtils.logoutQuietly(session); } return null; } - public void setSession(Session session) { - this.session = session; + public void setRepository(Repository repository) { + this.repository = repository; } public void setUserAdminService(UserAdminService userAdminService) { diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java index c40d4ab5d..71ec21c44 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/commands/RefreshUsersList.java @@ -19,6 +19,7 @@ import java.util.Set; import javax.jcr.Node; import javax.jcr.NodeIterator; +import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.jcr.query.Query; @@ -40,11 +41,13 @@ import org.eclipse.ui.handlers.HandlerUtil; */ public class RefreshUsersList extends AbstractHandler { private UserAdminService userAdminService; - private Session session; + private Repository repository; public Object execute(ExecutionEvent event) throws ExecutionException { Set users = userAdminService.listUsers(); + Session session = null; try { + session = repository.login(); Query query = session .getWorkspace() .getQueryManager() @@ -63,6 +66,8 @@ public class RefreshUsersList extends AbstractHandler { } catch (RepositoryException e) { JcrUtils.discardQuietly(session); throw new ArgeoException("Cannot list users", e); + } finally { + JcrUtils.logoutQuietly(session); } userAdminService.synchronize(); @@ -77,8 +82,8 @@ public class RefreshUsersList extends AbstractHandler { this.userAdminService = userAdminService; } - public void setSession(Session session) { - this.session = session; + public void setRepository(Repository repository) { + this.repository = repository; } } \ No newline at end of file diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java index 3ea3cf816..2daae6321 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/ArgeoUserEditor.java @@ -20,7 +20,6 @@ import javax.jcr.RepositoryException; import javax.jcr.Session; import org.argeo.ArgeoException; -import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.UserJcrUtils; import org.argeo.security.UserAdminService; import org.argeo.security.jcr.JcrUserDetails; @@ -39,7 +38,8 @@ public class ArgeoUserEditor extends FormEditor { public final static String ID = "org.argeo.security.ui.admin.adminArgeoUserEditor"; private JcrUserDetails userDetails; - private Node userHome; + // private Node userHome; + private Node userProfile; private UserAdminService userAdminService; private Session session; @@ -48,7 +48,7 @@ public class ArgeoUserEditor extends FormEditor { super.init(site, input); String username = ((ArgeoUserEditorInput) getEditorInput()) .getUsername(); - userHome = UserJcrUtils.getUserHome(session, username); + userProfile = UserJcrUtils.getUserProfile(session, username); if (userAdminService.userExists(username)) { userDetails = (JcrUserDetails) userAdminService @@ -69,8 +69,7 @@ public class ArgeoUserEditor extends FormEditor { protected void addPages() { try { - addPage(new DefaultUserMainPage(this, - userHome.getNode(ArgeoNames.ARGEO_PROFILE))); + addPage(new DefaultUserMainPage(this, userProfile)); addPage(new UserRolesPage(this, userDetails, userAdminService)); } catch (Exception e) { throw new ArgeoException("Cannot add pages", e); diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/DefaultUserMainPage.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/DefaultUserMainPage.java index c19e122fb..39450bc28 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/DefaultUserMainPage.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/editors/DefaultUserMainPage.java @@ -126,6 +126,7 @@ public class DefaultUserMainPage extends FormPage implements ArgeoNames { }; // if (username != null) // username.addModifyListener(new FormPartML(part)); + commonName.addModifyListener(new FormPartML(part)); firstName.addModifyListener(new FormPartML(part)); lastName.addModifyListener(new FormPartML(part)); email.addModifyListener(new FormPartML(part)); diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java index ca89aef44..8879e8fd4 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/views/UsersView.java @@ -31,10 +31,10 @@ import javax.jcr.query.Query; import org.argeo.ArgeoException; import org.argeo.eclipse.ui.EclipseUiUtils; import org.argeo.eclipse.ui.specific.EclipseUiSpecificUtils; +import org.argeo.jcr.ArgeoJcrConstants; import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.ArgeoTypes; import org.argeo.jcr.JcrUtils; -import org.argeo.jcr.UserJcrUtils; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.commands.OpenArgeoUserEditor; import org.eclipse.core.commands.Command; @@ -60,13 +60,14 @@ import org.eclipse.ui.handlers.IHandlerService; import org.eclipse.ui.part.ViewPart; /** List all users. */ -public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { +public class UsersView extends ViewPart implements ArgeoNames { public final static String ID = "org.argeo.security.ui.admin.adminUsersView"; private TableViewer viewer; private Session session; private UserStructureListener userStructureListener; + private UserPropertiesListener userPropertiesListener; private Font italic; private Font bold; @@ -87,8 +88,13 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { userStructureListener = new UserStructureListener(); JcrUtils.addListener(session, userStructureListener, Event.NODE_ADDED - | Event.NODE_REMOVED, UserJcrUtils.DEFAULT_HOME_BASE_PATH, - ArgeoTypes.ARGEO_USER_HOME); + | Event.NODE_REMOVED, ArgeoJcrConstants.PEOPLE_BASE_PATH, null); + userPropertiesListener = new UserPropertiesListener(); + JcrUtils.addListener(session, userStructureListener, + Event.PROPERTY_CHANGED | Event.PROPERTY_ADDED + | Event.PROPERTY_REMOVED, + ArgeoJcrConstants.PEOPLE_BASE_PATH, + ArgeoTypes.ARGEO_USER_PROFILE); } protected TableViewer createTableViewer(final Composite parent) { @@ -160,8 +166,8 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { // disabled try { - Node userHome = (Node) elem; - Node userProfile = userHome.getNode(ARGEO_PROFILE); + Node userProfile = (Node) elem; + // Node userProfile = userHome.getNode(ARGEO_PROFILE); if (!userProfile.getProperty(ARGEO_ENABLED).getBoolean()) return italic; else @@ -173,76 +179,6 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { } - // protected Table createTable(Composite parent) { - // // TODO use a more flexible API - // Table table = new Table(parent, SWT.MULTI | SWT.H_SCROLL | SWT.V_SCROLL); - // table.setLinesVisible(true); - // table.setHeaderVisible(true); - // TableColumn column = new TableColumn(table, SWT.LEFT, 0); - // column.setText("Username"); - // column.setWidth(100); - // column = new TableColumn(table, SWT.LEFT, 1); - // column.setText("Displayed name"); - // column.setWidth(150); - // column = new TableColumn(table, SWT.LEFT, 2); - // column.setText("E-mail"); - // column.setWidth(100); - // column = new TableColumn(table, SWT.LEFT, 3); - // column.setText("First Name"); - // column.setWidth(100); - // column = new TableColumn(table, SWT.LEFT, 4); - // column.setText("Last Name"); - // column.setWidth(100); - // column = new TableColumn(table, SWT.LEFT, 5); - // column.setText("Status"); - // column.setWidth(50); - // column = new TableColumn(table, SWT.LEFT, 6); - // column.setText("Description"); - // column.setWidth(200); - // return table; - // } - - // private class UsersLabelProvider extends LabelProvider implements - // ITableLabelProvider { - // public String getColumnText(Object element, int columnIndex) { - // try { - // Node userHome = (Node) element; - // Node userProfile = userHome.getNode(ARGEO_PROFILE); - // switch (columnIndex) { - // case 0: - // String username = userHome.getProperty(ARGEO_USER_ID) - // .getString(); - // if (username.equals(session.getUserID())) - // return "[" + username + "]"; - // else - // return username; - // case 1: - // return getProperty(userProfile, Property.JCR_TITLE); - // case 2: - // return getProperty(userProfile, ARGEO_PRIMARY_EMAIL); - // case 3: - // return getProperty(userProfile, ARGEO_FIRST_NAME); - // case 4: - // return getProperty(userProfile, ARGEO_LAST_NAME); - // case 5: - // return userProfile.getProperty(ARGEO_ENABLED).getBoolean() ? "" - // : "disabled"; - // case 6: - // return getProperty(userProfile, Property.JCR_DESCRIPTION); - // default: - // throw new ArgeoException("Unmanaged column " + columnIndex); - // } - // } catch (RepositoryException e) { - // throw new ArgeoException("Cannot get text", e); - // } - // } - // - // public Image getColumnImage(Object element, int columnIndex) { - // return null; - // } - // - // } - @Override public void setFocus() { viewer.getTable().setFocus(); @@ -251,6 +187,7 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { @Override public void dispose() { JcrUtils.removeListenerQuietly(session, userStructureListener); + JcrUtils.removeListenerQuietly(session, userPropertiesListener); super.dispose(); } @@ -270,8 +207,8 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { protected String getProperty(Object element, String name) { try { - Node userHome = (Node) element; - Node userProfile = userHome.getNode(ARGEO_PROFILE); + Node userProfile = (Node) element; + // Node userProfile = userHome.getNode(ARGEO_PROFILE); return userProfile.hasProperty(name) ? userProfile .getProperty(name).getString() : ""; } catch (RepositoryException e) { @@ -287,6 +224,14 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { } } + private class UserPropertiesListener implements EventListener { + + @Override + public void onEvent(EventIterator events) { + viewer.refresh(); + } + } + private class UsersContentProvider implements IStructuredContentProvider { public Object[] getElements(Object inputElement) { @@ -295,8 +240,9 @@ public class UsersView extends ViewPart implements ArgeoNames, ArgeoTypes { .getWorkspace() .getQueryManager() .createQuery( - "select [" + ARGEO_PROFILE + "] from [" - + ARGEO_USER_HOME + "]", Query.JCR_SQL2); + "select * from [" + + ArgeoTypes.ARGEO_USER_PROFILE + "]", + Query.JCR_SQL2); NodeIterator nit = query.execute().getNodes(); List userProfiles = new ArrayList(); while (nit.hasNext()) { diff --git a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java index 719290f10..cfb783303 100644 --- a/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java +++ b/security/plugins/org.argeo.security.ui.admin/src/main/java/org/argeo/security/ui/admin/wizards/NewUserWizard.java @@ -63,8 +63,8 @@ public class NewUserWizard extends Wizard { // Node userProfile = SecurityJcrUtils.createUserProfile(session, // username); Node userProfile = jcrSecurityModel.sync(session, username); - // session.getWorkspace().getVersionManager() - // .checkout(userProfile.getPath()); + session.getWorkspace().getVersionManager() + .checkout(userProfile.getPath()); mainUserInfo.mapToProfileNode(userProfile); String password = mainUserInfo.getPassword(); // TODO add roles diff --git a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/RapWorkbenchAdvisor.java b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/RapWorkbenchAdvisor.java index d897b46b0..25bda0fd3 100644 --- a/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/RapWorkbenchAdvisor.java +++ b/security/plugins/org.argeo.security.ui.rap/src/main/java/org/argeo/security/ui/rap/RapWorkbenchAdvisor.java @@ -24,6 +24,8 @@ import org.eclipse.ui.application.WorkbenchWindowAdvisor; /** Eclipse RAP specific workbench advisor */ public class RapWorkbenchAdvisor extends WorkbenchAdvisor { public final static String INITIAL_PERSPECTIVE_PROPERTY = "org.argeo.security.ui.initialPerspective"; + public final static String SAVE_AND_RESTORE_PROPERTY = "org.argeo.security.ui.saveAndRestore"; + private String initialPerspective = System.getProperty( INITIAL_PERSPECTIVE_PROPERTY, null); @@ -33,14 +35,14 @@ public class RapWorkbenchAdvisor extends WorkbenchAdvisor { this.username = username; } - @Override public void initialize(IWorkbenchConfigurer configurer) { super.initialize(configurer); - configurer.setSaveAndRestore(true); + Boolean saveAndRestore = Boolean.parseBoolean(System.getProperty( + SAVE_AND_RESTORE_PROPERTY, "false")); + configurer.setSaveAndRestore(saveAndRestore); } - public WorkbenchWindowAdvisor createWorkbenchWindowAdvisor( IWorkbenchWindowConfigurer configurer) { return new RapWindowAdvisor(configurer, username); diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java index a33f6d407..1ace83fcd 100644 --- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java +++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java @@ -1116,8 +1116,14 @@ public class JcrUtils implements ArgeoJcrConstants { try { session.getWorkspace() .getObservationManager() - .addEventListener(listener, eventTypes, basePath, true, - null, new String[] { nodeType }, true); + .addEventListener( + listener, + eventTypes, + basePath, + true, + null, + nodeType == null ? null : new String[] { nodeType }, + true); } catch (RepositoryException e) { throw new ArgeoException("Cannot add JCR listener " + listener + " to session " + session, e); -- 2.30.2