From f0be5ec381492eff23d4576ee4122734af4ad877 Mon Sep 17 00:00:00 2001 From: Bruno Sinou Date: Fri, 20 Nov 2015 17:47:08 +0000 Subject: [PATCH] Work on security Admin UI, batch processing, specific admin abilities, some code cleaning and bug fixes git-svn-id: https://svn.argeo.org/commons/trunk@8577 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../META-INF/spring/commands.xml | 21 +- org.argeo.security.ui.admin/plugin.xml | 24 +- .../ui/admin/internal/UiAdminUtils.java | 11 +- .../ui/admin/internal/UserAdminConstants.java | 9 - .../ui/admin/internal/UserAdminWrapper.java | 6 +- .../ui/admin/internal/commands/NewGroup.java | 27 +- .../ui/admin/internal/commands/NewUser.java | 22 +- .../internal/commands/UserBatchUpdate.java | 47 +- .../ui/admin/internal/parts/GroupsView.java | 33 +- .../internal/parts/UserBatchUpdateWizard.java | 580 ++++++++++++++++++ .../ui/admin/internal/parts/UserEditor.java | 5 +- .../ui/admin/internal/parts/UserMainPage.java | 44 +- .../ui/admin/internal/parts/UsersView.java | 10 +- .../admin/internal/providers/RoleIconLP.java | 4 +- .../providers/UserAdminAbstractLP.java | 4 +- .../admin/internal/providers/UserFilter.java | 31 +- 16 files changed, 747 insertions(+), 131 deletions(-) delete mode 100644 org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminConstants.java create mode 100644 org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserBatchUpdateWizard.java diff --git a/org.argeo.security.ui.admin/META-INF/spring/commands.xml b/org.argeo.security.ui.admin/META-INF/spring/commands.xml index 0015d3fb5..7d3987644 100644 --- a/org.argeo.security.ui.admin/META-INF/spring/commands.xml +++ b/org.argeo.security.ui.admin/META-INF/spring/commands.xml @@ -4,28 +4,31 @@ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> - + - - - - + + + + - - + + - @@ -104,15 +103,6 @@ - - - + diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java index c23f01cff..cb1396c95 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java @@ -2,6 +2,7 @@ package org.argeo.security.ui.admin.internal; import java.security.AccessController; import java.util.List; +import java.util.Set; import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; @@ -12,6 +13,8 @@ import javax.transaction.Status; import javax.transaction.UserTransaction; import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; +import org.argeo.cms.auth.CurrentUser; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.internal.providers.UserTransactionProvider; import org.eclipse.ui.IWorkbenchWindow; @@ -30,6 +33,12 @@ public class UiAdminUtils { return getUsername(getUser(userAdmin, dn)); } + /** Returns true if the current user is in the specified role */ + public static boolean isUserInRole(String role) { + Set roles = CurrentUser.roles(); + return roles.contains(role); + } + public final static boolean isCurrentUser(User user) { String userName = getProperty(user, LdifName.dn.name()); try { @@ -73,7 +82,7 @@ public class UiAdminUtils { /** Simply retrieves a display name of the relevant domain */ public final static String getDomainName(User user) { String dn = (String) user.getProperties().get(LdifName.dn.name()); - if (dn.endsWith(UserAdminConstants.SYSTEM_ROLE_BASE_DN)) + if (dn.endsWith(AuthConstants.ROLES_BASEDN)) return "System roles"; try { LdapName name; diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminConstants.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminConstants.java deleted file mode 100644 index ee7708b99..000000000 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminConstants.java +++ /dev/null @@ -1,9 +0,0 @@ -package org.argeo.security.ui.admin.internal; - -/** Temporary centralization of the user admin constants */ -public interface UserAdminConstants { - - // TO BE CLEANED - public final static String SYSTEM_ROLE_BASE_DN = "ou=roles,ou=node"; - -} \ No newline at end of file diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminWrapper.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminWrapper.java index de09f7b19..2cd3eab21 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminWrapper.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UserAdminWrapper.java @@ -8,6 +8,7 @@ import javax.transaction.Status; import javax.transaction.UserTransaction; import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; import org.argeo.osgi.useradmin.UserAdminConf; import org.osgi.framework.ServiceReference; import org.osgi.service.useradmin.UserAdmin; @@ -32,12 +33,13 @@ public class UserAdminWrapper { } /** Must be called from the UI Thread. */ - public void beginTransactionIfNeeded() { + public UserTransaction beginTransactionIfNeeded() { try { if (userTransaction.getStatus() == Status.STATUS_NO_TRANSACTION) { userTransaction.begin(); UiAdminUtils.notifyTransactionStateChange(userTransaction); } + return userTransaction; } catch (Exception e) { throw new ArgeoException("Unable to begin transaction", e); } @@ -78,7 +80,7 @@ public class UserAdminWrapper { if (onlyWritable && "true".equals(readOnly)) continue; - if (baseDn.equalsIgnoreCase(UserAdminConstants.SYSTEM_ROLE_BASE_DN)) + if (baseDn.equalsIgnoreCase(AuthConstants.ROLES_BASEDN)) continue; dns.add(baseDn); } diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewGroup.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewGroup.java index fba2d3920..bc90a46d7 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewGroup.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewGroup.java @@ -55,9 +55,9 @@ public class NewGroup extends AbstractHandler { public Object execute(ExecutionEvent event) throws ExecutionException { NewGroupWizard newGroupWizard = new NewGroupWizard(); + newGroupWizard.setWindowTitle("Group creation"); WizardDialog dialog = new WizardDialog( HandlerUtil.getActiveShell(event), newGroupWizard); - dialog.setTitle("Create a new group"); dialog.open(); return null; } @@ -78,9 +78,6 @@ public class NewGroup extends AbstractHandler { public void addPages() { mainGroupInfo = new MainGroupInfoWizardPage(); addPage(mainGroupInfo); - - setWindowTitle("Create a new group"); - // mainGroupInfo.setMessage(message, WizardPage.WARNING); } @SuppressWarnings({ "rawtypes", "unchecked" }) @@ -113,7 +110,8 @@ public class NewGroup extends AbstractHandler { public MainGroupInfoWizardPage() { super("Main"); setTitle("General information"); - setMessage("Please provide a common name and a free description"); + setMessage("Please choose a domain, provide a common name " + + "and a free description"); } @Override @@ -121,11 +119,13 @@ public class NewGroup extends AbstractHandler { Composite bodyCmp = new Composite(parent, SWT.NONE); bodyCmp.setLayout(new GridLayout(2, false)); dNameTxt = EclipseUiUtils.createGridLT(bodyCmp, - "Distinguished name", this); + "Distinguished name"); // Read-only -> no listener dNameTxt.setEnabled(false); - baseDnCmb = createGridLC(bodyCmp, "Base DN", this); + baseDnCmb = createGridLC(bodyCmp, "Base DN"); + // Initialise before adding the listener top avoid NPE initialiseDnCmb(baseDnCmb); + baseDnCmb.addModifyListener(this); baseDnCmb.addModifyListener(new ModifyListener() { private static final long serialVersionUID = -1435351236582736843L; @@ -198,7 +198,10 @@ public class NewGroup extends AbstractHandler { public void setVisible(boolean visible) { super.setVisible(visible); if (visible) - commonNameTxt.setFocus(); + if (baseDnCmb.getSelectionIndex() == -1) + baseDnCmb.setFocus(); + else + commonNameTxt.setFocus(); } } @@ -212,20 +215,18 @@ public class NewGroup extends AbstractHandler { throw new ArgeoException( "No writable base dn found. Cannot create user"); combo.setItems(dns.toArray(new String[0])); - // combo.select(0); + if (dns.size() == 1) + combo.select(0); } } - private Combo createGridLC(Composite parent, String label, - ModifyListener modifyListener) { + private Combo createGridLC(Composite parent, String label) { Label lbl = new Label(parent, SWT.LEAD); lbl.setText(label); lbl.setLayoutData(new GridData(SWT.RIGHT, SWT.CENTER, false, false)); Combo combo = new Combo(parent, SWT.LEAD | SWT.BORDER | SWT.READ_ONLY); combo.setLayoutData(new GridData(SWT.FILL, SWT.CENTER, true, false)); - if (modifyListener != null) - combo.addModifyListener(modifyListener); return combo; } diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewUser.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewUser.java index 760088398..c336753dc 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewUser.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/NewUser.java @@ -67,6 +67,7 @@ public class NewUser extends AbstractHandler { public Object execute(ExecutionEvent event) throws ExecutionException { NewUserWizard newUserWizard = new NewUserWizard(); + newUserWizard.setWindowTitle("User creation"); WizardDialog dialog = new WizardDialog( HandlerUtil.getActiveShell(event), newUserWizard); dialog.open(); @@ -84,13 +85,15 @@ public class NewUser extends AbstractHandler { private Combo baseDnCmb; public NewUserWizard() { + } @Override public void addPages() { mainUserInfo = new MainUserInfoWizardPage(); addPage(mainUserInfo); - String message = "Dummy wizard to ease user creation tests:\n Mail and last name are automatically " + String message = "Default wizard that also eases user creation tests:\n " + + "Mail and last name are automatically " + "generated form the uid. Password are defauted to 'demo'."; mainUserInfo.setMessage(message, WizardPage.WARNING); } @@ -154,8 +157,9 @@ public class NewUser extends AbstractHandler { "Distinguished name", this); dNameTxt.setEnabled(false); - baseDnCmb = createGridLC(composite, "Base DN", this); + baseDnCmb = createGridLC(composite, "Base DN"); initialiseDnCmb(baseDnCmb); + baseDnCmb.addModifyListener(this); baseDnCmb.addModifyListener(new ModifyListener() { private static final long serialVersionUID = -1435351236582736843L; @@ -247,7 +251,10 @@ public class NewUser extends AbstractHandler { public void setVisible(boolean visible) { super.setVisible(visible); if (visible) - usernameTxt.setFocus(); + if (baseDnCmb.getSelectionIndex() == -1) + baseDnCmb.setFocus(); + else + usernameTxt.setFocus(); } public String getUsername() { @@ -270,7 +277,8 @@ public class NewUser extends AbstractHandler { throw new ArgeoException( "No writable base dn found. Cannot create user"); combo.setItems(dns.toArray(new String[0])); - // combo.select(0); + if (dns.size() == 1) + combo.select(0); } private String getMail(String username) { @@ -287,18 +295,14 @@ public class NewUser extends AbstractHandler { + username + " with base dn " + baseDn, e); } } - } - private Combo createGridLC(Composite parent, String label, - ModifyListener modifyListener) { + private Combo createGridLC(Composite parent, String label) { Label lbl = new Label(parent, SWT.LEAD); lbl.setText(label); lbl.setLayoutData(new GridData(SWT.RIGHT, SWT.CENTER, false, false)); Combo combo = new Combo(parent, SWT.LEAD | SWT.BORDER | SWT.READ_ONLY); combo.setLayoutData(new GridData(SWT.FILL, SWT.CENTER, true, false)); - if (modifyListener != null) - combo.addModifyListener(modifyListener); return combo; } diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/UserBatchUpdate.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/UserBatchUpdate.java index fb1a491d9..c02f5c220 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/UserBatchUpdate.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/commands/UserBatchUpdate.java @@ -15,43 +15,30 @@ */ package org.argeo.security.ui.admin.internal.commands; +import org.argeo.security.ui.admin.internal.UserAdminWrapper; +import org.argeo.security.ui.admin.internal.parts.UserBatchUpdateWizard; import org.eclipse.core.commands.AbstractHandler; import org.eclipse.core.commands.ExecutionEvent; import org.eclipse.core.commands.ExecutionException; +import org.eclipse.jface.wizard.WizardDialog; +import org.eclipse.ui.handlers.HandlerUtil; -/** Launch a wizard to update various properties about users in JCR. */ +/** Launch a wizard to perform batch process on users */ public class UserBatchUpdate extends AbstractHandler { - // private Repository repository; - // private UserAdminService userAdminService; + + /* DEPENDENCY INJECTION */ + private UserAdminWrapper uaWrapper; public Object execute(ExecutionEvent event) throws ExecutionException { - // Session session = null; - // try { - // session = repository.login(); - // UserBatchUpdateWizard userBatchUpdateWizard = new - // UserBatchUpdateWizard( - // session, userAdminService); - // WizardDialog dialog = new WizardDialog( - // HandlerUtil.getActiveShell(event), userBatchUpdateWizard); - // dialog.open(); - // } catch (Exception e) { - // throw new ExecutionException("Cannot open wizard", e); - // } finally { - // JcrUtils.logoutQuietly(session); - // } + UserBatchUpdateWizard wizard = new UserBatchUpdateWizard(uaWrapper); + wizard.setWindowTitle("User batch processing"); + WizardDialog dialog = new WizardDialog( + HandlerUtil.getActiveShell(event), wizard); + dialog.open(); return null; } -// public void setRepository(Repository repository) { -// this.repository = repository; -// } - // - // public void setUserAdminService(UserAdminService userAdminService) { - // this.userAdminService = userAdminService; - // } - - // public void setJcrSecurityModel(JcrSecurityModel jcrSecurityModel) { - // this.jcrSecurityModel = jcrSecurityModel; - // } - -} + public void setUserAdminWrapper(UserAdminWrapper userAdminWrapper) { + this.uaWrapper = userAdminWrapper; + } +} \ No newline at end of file diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/GroupsView.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/GroupsView.java index 450a4a959..95a4c7f45 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/GroupsView.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/GroupsView.java @@ -21,6 +21,7 @@ import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; import org.argeo.eclipse.ui.ColumnDefinition; import org.argeo.eclipse.ui.EclipseUiUtils; import org.argeo.eclipse.ui.parts.LdifUsersTable; @@ -28,7 +29,6 @@ import org.argeo.jcr.ArgeoNames; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.internal.UiAdminUtils; -import org.argeo.security.ui.admin.internal.UserAdminConstants; import org.argeo.security.ui.admin.internal.UserAdminWrapper; import org.argeo.security.ui.admin.internal.providers.CommonNameLP; import org.argeo.security.ui.admin.internal.providers.DomainNameLP; @@ -72,20 +72,29 @@ public class GroupsView extends ViewPart implements ArgeoNames { @Override public void createPartControl(Composite parent) { parent.setLayout(EclipseUiUtils.noSpaceGridLayout()); + + boolean isAdmin = UiAdminUtils.isUserInRole(AuthConstants.ROLE_ADMIN); + // Define the displayed columns columnDefs.add(new ColumnDefinition(new RoleIconLP(), "", 26)); columnDefs.add(new ColumnDefinition(new CommonNameLP(), "Common Name", 150)); - columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", 120)); - columnDefs.add(new ColumnDefinition(new UserNameLP(), - "Distinguished Name", 300)); + columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", 200)); + // Only show technical DN to admin + if (isAdmin) + columnDefs.add(new ColumnDefinition(new UserNameLP(), + "Distinguished Name", 300)); // Create and configure the table groupTableViewerCmp = new MyUserTableViewer(parent, SWT.MULTI | SWT.H_SCROLL | SWT.V_SCROLL); groupTableViewerCmp.setColumnDefinitions(columnDefs); - groupTableViewerCmp.populateWithStaticFilters(false, false); + if (isAdmin) + groupTableViewerCmp.populateWithStaticFilters(false, false); + else + groupTableViewerCmp.populate(true, false); + groupTableViewerCmp.setLayoutData(EclipseUiUtils.fillAll()); // Links @@ -116,7 +125,7 @@ public class GroupsView extends ViewPart implements ArgeoNames { private class MyUserTableViewer extends LdifUsersTable { private static final long serialVersionUID = 8467999509931900367L; - private Button showSystemRoleBtn; + private boolean showSystemRoles = false; private final String[] knownProps = { LdifName.uid.name(), LdifName.cn.name(), LdifName.dn.name() }; @@ -127,13 +136,15 @@ public class GroupsView extends ViewPart implements ArgeoNames { protected void populateStaticFilters(Composite staticFilterCmp) { staticFilterCmp.setLayout(new GridLayout()); - showSystemRoleBtn = new Button(staticFilterCmp, SWT.CHECK); + final Button showSystemRoleBtn = new Button(staticFilterCmp, + SWT.CHECK); showSystemRoleBtn.setText("Show system roles"); showSystemRoleBtn.addSelectionListener(new SelectionAdapter() { private static final long serialVersionUID = -7033424592697691676L; @Override public void widgetSelected(SelectionEvent e) { + showSystemRoles = showSystemRoleBtn.getSelection(); refresh(); } @@ -158,23 +169,23 @@ public class GroupsView extends ViewPart implements ArgeoNames { builder.append("(&(").append(LdifName.objectClass.name()) .append("=").append(LdifName.groupOfNames.name()) .append(")"); - if (!showSystemRoleBtn.getSelection()) + if (!showSystemRoles) builder.append("(!(").append(LdifName.dn.name()) .append("=*") - .append(UserAdminConstants.SYSTEM_ROLE_BASE_DN) + .append(AuthConstants.ROLES_BASEDN) .append("))"); builder.append("(|"); builder.append(tmpBuilder.toString()); builder.append("))"); } else { - if (!showSystemRoleBtn.getSelection()) + if (!showSystemRoles) builder.append("(&(") .append(LdifName.objectClass.name()) .append("=") .append(LdifName.groupOfNames.name()) .append(")(!(").append(LdifName.dn.name()) .append("=*") - .append(UserAdminConstants.SYSTEM_ROLE_BASE_DN) + .append(AuthConstants.ROLES_BASEDN) .append(")))"); else builder.append("(").append(LdifName.objectClass.name()) diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserBatchUpdateWizard.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserBatchUpdateWizard.java new file mode 100644 index 000000000..5edcfbd4b --- /dev/null +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserBatchUpdateWizard.java @@ -0,0 +1,580 @@ +package org.argeo.security.ui.admin.internal.parts; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.transaction.SystemException; +import javax.transaction.UserTransaction; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; +import org.argeo.eclipse.ui.ColumnDefinition; +import org.argeo.eclipse.ui.EclipseUiUtils; +import org.argeo.eclipse.ui.parts.LdifUsersTable; +import org.argeo.jcr.ArgeoNames; +import org.argeo.osgi.useradmin.LdifName; +import org.argeo.security.ui.admin.internal.UiAdminUtils; +import org.argeo.security.ui.admin.internal.UserAdminWrapper; +import org.argeo.security.ui.admin.internal.providers.CommonNameLP; +import org.argeo.security.ui.admin.internal.providers.DomainNameLP; +import org.argeo.security.ui.admin.internal.providers.MailLP; +import org.argeo.security.ui.admin.internal.providers.UserNameLP; +import org.eclipse.jface.dialogs.IPageChangeProvider; +import org.eclipse.jface.dialogs.IPageChangedListener; +import org.eclipse.jface.dialogs.MessageDialog; +import org.eclipse.jface.dialogs.PageChangedEvent; +import org.eclipse.jface.wizard.IWizardContainer; +import org.eclipse.jface.wizard.Wizard; +import org.eclipse.jface.wizard.WizardPage; +import org.eclipse.swt.SWT; +import org.eclipse.swt.events.ModifyEvent; +import org.eclipse.swt.events.ModifyListener; +import org.eclipse.swt.events.SelectionAdapter; +import org.eclipse.swt.events.SelectionEvent; +import org.eclipse.swt.layout.GridData; +import org.eclipse.swt.layout.GridLayout; +import org.eclipse.swt.widgets.Button; +import org.eclipse.swt.widgets.Combo; +import org.eclipse.swt.widgets.Composite; +import org.eclipse.swt.widgets.Text; +import org.osgi.framework.InvalidSyntaxException; +import org.osgi.service.useradmin.Role; +import org.osgi.service.useradmin.User; + +/** Wizard to update users */ +public class UserBatchUpdateWizard extends Wizard { + + private final static Log log = LogFactory + .getLog(UserBatchUpdateWizard.class); + private UserAdminWrapper userAdminWrapper; + + // pages + private ChooseCommandWizardPage chooseCommandPage; + private ChooseUsersWizardPage userListPage; + private ValidateAndLaunchWizardPage validatePage; + + // Various implemented commands keys + private final static String CMD_UPDATE_PASSWORD = "resetPassword"; + private final static String CMD_GROUP_MEMBERSHIP = "groupMembership"; + + private final Map commands = new HashMap() { + private static final long serialVersionUID = 1L; + { + put("Reset password(s)", CMD_UPDATE_PASSWORD); + // TODO implement role / group management + // put("Add/Remove from group", CMD_GROUP_MEMBERSHIP); + } + }; + + public UserBatchUpdateWizard(UserAdminWrapper userAdminWrapper) { + this.userAdminWrapper = userAdminWrapper; + } + + @Override + public void addPages() { + chooseCommandPage = new ChooseCommandWizardPage(); + addPage(chooseCommandPage); + userListPage = new ChooseUsersWizardPage(); + addPage(userListPage); + validatePage = new ValidateAndLaunchWizardPage(); + addPage(validatePage); + } + + @Override + public boolean performFinish() { + if (!canFinish()) + return false; + UserTransaction ut = userAdminWrapper.getUserTransaction(); + try { + if (ut.getStatus() != javax.transaction.Status.STATUS_NO_TRANSACTION + && !MessageDialog.openConfirm(getShell(), + "Existing Transaction", + "A user transaction is already existing, " + + "are you sure you want to proceed ?")) + return false; + } catch (SystemException e) { + throw new ArgeoException("Cannot get user transaction state " + + "before user batch update", e); + } + + // We cannot use jobs, user modifications are still meant to be done in + // the UIThread + // UpdateJob job = null; + // if (job != null) + // job.schedule(); + + if (CMD_UPDATE_PASSWORD.equals(chooseCommandPage.getCommand())) { + char[] newValue = chooseCommandPage.getPwdValue(); + if (newValue == null) + throw new ArgeoException( + "Password cannot be null or an empty string"); + ResetPassword job = new ResetPassword(userAdminWrapper, + userListPage.getSelectedUsers(), newValue); + job.doUpdate(); + } + return true; + } + + public boolean canFinish() { + if (this.getContainer().getCurrentPage() == validatePage) + return true; + return false; + } + + private class ResetPassword { + private char[] newPwd; + private UserAdminWrapper userAdminWrapper; + private List usersToUpdate; + + public ResetPassword(UserAdminWrapper userAdminWrapper, + List usersToUpdate, char[] newPwd) { + this.newPwd = newPwd; + this.usersToUpdate = usersToUpdate; + this.userAdminWrapper = userAdminWrapper; + } + + @SuppressWarnings("unchecked") + protected void doUpdate() { + UserTransaction userTransaction = userAdminWrapper + .beginTransactionIfNeeded(); + try { + for (User user : usersToUpdate) { + // the char array is emptied after being used. + user.getCredentials().put(null, newPwd.clone()); + } + userTransaction.commit(); + UiAdminUtils.notifyTransactionStateChange(userTransaction); + } catch (Exception e) { + throw new ArgeoException( + "Cannot perform batch update on users", e); + } finally { + UserTransaction ut = userAdminWrapper.getUserTransaction(); + try { + if (ut.getStatus() != javax.transaction.Status.STATUS_NO_TRANSACTION) + ut.rollback(); + } catch (IllegalStateException | SecurityException + | SystemException e) { + log.error("Unable to rollback session in 'finally', " + + "the system might be in a dirty state"); + e.printStackTrace(); + } + } + } + } + + // @SuppressWarnings("unused") + // private class AddToGroup extends UpdateJob { + // private String groupID; + // private Session session; + // + // public AddToGroup(Session session, List nodesToUpdate, + // String groupID) { + // super(session, nodesToUpdate); + // this.session = session; + // this.groupID = groupID; + // } + // + // protected void doUpdate(Node node) { + // log.info("Add/Remove to group actions are not yet implemented"); + // // TODO implement this + // // try { + // // throw new ArgeoException("Not yet implemented"); + // // } catch (RepositoryException re) { + // // throw new ArgeoException( + // // "Unable to update boolean value for node " + node, re); + // // } + // } + // } + + // /** + // * Base privileged job that will be run asynchronously to perform the + // batch + // * update + // */ + // private abstract class UpdateJob extends PrivilegedJob { + // + // private final UserAdminWrapper userAdminWrapper; + // private final List usersToUpdate; + // + // protected abstract void doUpdate(User user); + // + // public UpdateJob(UserAdminWrapper userAdminWrapper, + // List usersToUpdate) { + // super("Perform update"); + // this.usersToUpdate = usersToUpdate; + // this.userAdminWrapper = userAdminWrapper; + // } + // + // @Override + // protected IStatus doRun(IProgressMonitor progressMonitor) { + // try { + // ArgeoMonitor monitor = new EclipseArgeoMonitor(progressMonitor); + // int total = usersToUpdate.size(); + // monitor.beginTask("Performing change", total); + // userAdminWrapper.beginTransactionIfNeeded(); + // for (User user : usersToUpdate) { + // doUpdate(user); + // monitor.worked(1); + // } + // userAdminWrapper.getUserTransaction().commit(); + // } catch (Exception e) { + // throw new ArgeoException( + // "Cannot perform batch update on users", e); + // } finally { + // UserTransaction ut = userAdminWrapper.getUserTransaction(); + // try { + // if (ut.getStatus() != javax.transaction.Status.STATUS_NO_TRANSACTION) + // ut.rollback(); + // } catch (IllegalStateException | SecurityException + // | SystemException e) { + // log.error("Unable to rollback session in 'finally', " + // + "the system might be in a dirty state"); + // e.printStackTrace(); + // } + // } + // return Status.OK_STATUS; + // } + // } + + // PAGES + /** Displays a combo box that enables user to choose which action to perform */ + private class ChooseCommandWizardPage extends WizardPage { + private static final long serialVersionUID = -8069434295293996633L; + private Combo chooseCommandCmb; + private Button trueChk; + private Text valueTxt; + private Text pwdTxt; + private Text pwd2Txt; + + public ChooseCommandWizardPage() { + super("Choose a command to run."); + setTitle("Choose a command to run."); + } + + @Override + public void createControl(Composite parent) { + GridLayout gl = new GridLayout(); + Composite container = new Composite(parent, SWT.NO_FOCUS); + container.setLayout(gl); + + chooseCommandCmb = new Combo(container, SWT.READ_ONLY); + chooseCommandCmb.setLayoutData(EclipseUiUtils.fillWidth()); + String[] values = commands.keySet().toArray(new String[0]); + chooseCommandCmb.setItems(values); + + final Composite bottomPart = new Composite(container, SWT.NO_FOCUS); + bottomPart.setLayoutData(EclipseUiUtils.fillAll()); + bottomPart.setLayout(EclipseUiUtils.noSpaceGridLayout()); + + chooseCommandCmb.addSelectionListener(new SelectionAdapter() { + private static final long serialVersionUID = 1L; + + @Override + public void widgetSelected(SelectionEvent e) { + if (getCommand().equals(CMD_UPDATE_PASSWORD)) + populatePasswordCmp(bottomPart); + else if (getCommand().equals(CMD_GROUP_MEMBERSHIP)) + populateGroupCmp(bottomPart); + else + populateBooleanFlagCmp(bottomPart); + checkPageComplete(); + bottomPart.layout(true, true); + } + }); + setControl(container); + } + + private void populateBooleanFlagCmp(Composite parent) { + EclipseUiUtils.clear(parent); + trueChk = new Button(parent, SWT.CHECK); + trueChk.setText("Do it. (It will to the contrary if unchecked)"); + trueChk.setSelection(true); + trueChk.setLayoutData(new GridData(SWT.LEFT, SWT.TOP, false, false)); + } + + private void populatePasswordCmp(Composite parent) { + EclipseUiUtils.clear(parent); + Composite body = new Composite(parent, SWT.NO_FOCUS); + + ModifyListener ml = new ModifyListener() { + private static final long serialVersionUID = -1558726363536729634L; + + @Override + public void modifyText(ModifyEvent event) { + checkPageComplete(); + } + }; + + body.setLayout(new GridLayout(2, false)); + body.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true)); + pwdTxt = EclipseUiUtils.createGridLP(body, "New password", ml); + pwd2Txt = EclipseUiUtils.createGridLP(body, "Repeat password", ml); + } + + private void checkPageComplete() { + String errorMsg = null; + if (chooseCommandCmb.getSelectionIndex() < 0) + errorMsg = "Please select an action"; + else if (CMD_UPDATE_PASSWORD.equals(getCommand())) { + if (EclipseUiUtils.isEmpty(pwdTxt.getText()) + || pwdTxt.getText().length() < 4) + errorMsg = "Please enter a password that is at least 4 character long"; + else if (!pwdTxt.getText().equals(pwd2Txt.getText())) + errorMsg = "Passwords are different"; + } + if (EclipseUiUtils.notEmpty(errorMsg)) { + setMessage(errorMsg, WizardPage.ERROR); + setPageComplete(false); + } else { + setMessage("Page complete, you can proceed to user choice", + WizardPage.INFORMATION); + setPageComplete(true); + } + + getContainer().updateButtons(); + } + + private void populateGroupCmp(Composite parent) { + EclipseUiUtils.clear(parent); + trueChk = new Button(parent, SWT.CHECK); + trueChk.setText("Add to group. (It will remove user(s) from the " + + "corresponding group if unchecked)"); + trueChk.setSelection(true); + trueChk.setLayoutData(new GridData(SWT.LEFT, SWT.TOP, false, false)); + } + + protected String getCommand() { + return commands.get(chooseCommandCmb.getItem(chooseCommandCmb + .getSelectionIndex())); + } + + protected String getCommandLbl() { + return chooseCommandCmb.getItem(chooseCommandCmb + .getSelectionIndex()); + } + + @SuppressWarnings("unused") + protected boolean getBoleanValue() { + // FIXME this is not consistent and will lead to errors. + if (ArgeoNames.ARGEO_ENABLED.equals(getCommand())) + return trueChk.getSelection(); + else + return !trueChk.getSelection(); + } + + @SuppressWarnings("unused") + protected String getStringValue() { + String value = null; + if (valueTxt != null) { + value = valueTxt.getText(); + if ("".equals(value.trim())) + value = null; + } + return value; + } + + protected char[] getPwdValue() { + // We do not directly reset the password text fields: There is no + // need to over secure this process: setting a pwd to multi users + // at the same time is anyhow a bad practice and should be used only + // in test environment or for temporary access + if (pwdTxt == null || pwdTxt.isDisposed()) + return null; + else + return pwdTxt.getText().toCharArray(); + } + } + + /** + * Displays a list of users with a check box to be able to choose some of + * them + */ + private class ChooseUsersWizardPage extends WizardPage implements + IPageChangedListener { + private static final long serialVersionUID = 7651807402211214274L; + private ChooseUserTableViewer userTableCmp; + + public ChooseUsersWizardPage() { + super("Choose Users"); + setTitle("Select users who will be impacted"); + } + + @Override + public void createControl(Composite parent) { + Composite pageCmp = new Composite(parent, SWT.NONE); + pageCmp.setLayout(EclipseUiUtils.noSpaceGridLayout()); + + // Define the displayed columns + List columnDefs = new ArrayList(); + columnDefs.add(new ColumnDefinition(new CommonNameLP(), + "Common Name", 150)); + columnDefs.add(new ColumnDefinition(new MailLP(), "E-mail", 150)); + columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", + 200)); + + // Only show technical DN to admin + if (UiAdminUtils.isUserInRole(AuthConstants.ROLE_ADMIN)) + columnDefs.add(new ColumnDefinition(new UserNameLP(), + "Distinguished Name", 300)); + + userTableCmp = new ChooseUserTableViewer(pageCmp, SWT.MULTI + | SWT.H_SCROLL | SWT.V_SCROLL); + userTableCmp.setLayoutData(EclipseUiUtils.fillAll()); + userTableCmp.setColumnDefinitions(columnDefs); + userTableCmp.populate(true, true); + userTableCmp.refresh(); + + setControl(pageCmp); + + // Add listener to update message when shown + final IWizardContainer wContainer = this.getContainer(); + if (wContainer instanceof IPageChangeProvider) { + ((IPageChangeProvider) wContainer).addPageChangedListener(this); + } + + } + + @Override + public void pageChanged(PageChangedEvent event) { + if (event.getSelectedPage() == this) { + String msg = "Chosen batch action: " + + chooseCommandPage.getCommandLbl(); + ((WizardPage) event.getSelectedPage()).setMessage(msg); + } + } + + protected List getSelectedUsers() { + return userTableCmp.getSelectedUsers(); + } + + private class ChooseUserTableViewer extends LdifUsersTable { + private static final long serialVersionUID = 5080437561015853124L; + private final String[] knownProps = { LdifName.uid.name(), + LdifName.dn.name(), LdifName.cn.name(), + LdifName.givenname.name(), LdifName.sn.name(), + LdifName.mail.name() }; + + public ChooseUserTableViewer(Composite parent, int style) { + super(parent, style); + } + + @Override + protected List listFilteredElements(String filter) { + Role[] roles; + + try { + StringBuilder builder = new StringBuilder(); + + StringBuilder tmpBuilder = new StringBuilder(); + if (UiAdminUtils.notNull(filter)) + for (String prop : knownProps) { + tmpBuilder.append("("); + tmpBuilder.append(prop); + tmpBuilder.append("=*"); + tmpBuilder.append(filter); + tmpBuilder.append("*)"); + } + if (tmpBuilder.length() > 1) { + builder.append("(&(") + .append(LdifName.objectClass.name()) + .append("=") + .append(LdifName.inetOrgPerson.name()) + .append(")(|"); + builder.append(tmpBuilder.toString()); + builder.append("))"); + } else + builder.append("(").append(LdifName.objectClass.name()) + .append("=") + .append(LdifName.inetOrgPerson.name()) + .append(")"); + roles = userAdminWrapper.getUserAdmin().getRoles( + builder.toString()); + } catch (InvalidSyntaxException e) { + throw new ArgeoException( + "Unable to get roles with filter: " + filter, e); + } + List users = new ArrayList(); + for (Role role : roles) + // Prevent current logged in user to perform batch on + // himself + if (!UiAdminUtils.isCurrentUser((User) role)) + users.add((User) role); + return users; + } + } + } + + /** Summary of input data before launching the process */ + private class ValidateAndLaunchWizardPage extends WizardPage implements + IPageChangedListener { + private static final long serialVersionUID = 7098918351451743853L; + private ChosenUsersTableViewer userTableCmp; + + public ValidateAndLaunchWizardPage() { + super("Validate and launch"); + setTitle("Validate and launch"); + } + + @Override + public void createControl(Composite parent) { + Composite pageCmp = new Composite(parent, SWT.NO_FOCUS); + pageCmp.setLayout(EclipseUiUtils.noSpaceGridLayout()); + + List columnDefs = new ArrayList(); + columnDefs.add(new ColumnDefinition(new CommonNameLP(), + "Common Name", 150)); + columnDefs.add(new ColumnDefinition(new MailLP(), "E-mail", 150)); + columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", + 200)); + // Only show technical DN to admin + if (UiAdminUtils.isUserInRole(AuthConstants.ROLE_ADMIN)) + columnDefs.add(new ColumnDefinition(new UserNameLP(), + "Distinguished Name", 300)); + userTableCmp = new ChosenUsersTableViewer(pageCmp, SWT.MULTI + | SWT.H_SCROLL | SWT.V_SCROLL); + userTableCmp.setLayoutData(EclipseUiUtils.fillAll()); + userTableCmp.setColumnDefinitions(columnDefs); + userTableCmp.populate(false, false); + userTableCmp.refresh(); + setControl(pageCmp); + // Add listener to update message when shown + final IWizardContainer wContainer = this.getContainer(); + if (wContainer instanceof IPageChangeProvider) { + ((IPageChangeProvider) wContainer).addPageChangedListener(this); + } + } + + @Override + public void pageChanged(PageChangedEvent event) { + if (event.getSelectedPage() == this) { + @SuppressWarnings({ "unchecked", "rawtypes" }) + Object[] values = ((ArrayList) userListPage.getSelectedUsers()) + .toArray(new Object[userListPage.getSelectedUsers() + .size()]); + userTableCmp.getTableViewer().setInput(values); + String msg = "Following batch action: [" + + chooseCommandPage.getCommandLbl() + + "] will be perfomed on the users listed below.\n"; + // + "Are you sure you want to proceed?"; + setMessage(msg); + } + } + + private class ChosenUsersTableViewer extends LdifUsersTable { + private static final long serialVersionUID = 7814764735794270541L; + + public ChosenUsersTableViewer(Composite parent, int style) { + super(parent, style); + } + + @Override + protected List listFilteredElements(String filter) { + return userListPage.getSelectedUsers(); + } + } + } +} \ No newline at end of file diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserEditor.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserEditor.java index e49c803e4..8f7762fe7 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserEditor.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserEditor.java @@ -22,7 +22,6 @@ import org.argeo.ArgeoException; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.SecurityAdminPlugin; import org.argeo.security.ui.admin.internal.UiAdminUtils; -import org.argeo.security.ui.admin.internal.UserAdminConstants; import org.argeo.security.ui.admin.internal.UserAdminWrapper; import org.eclipse.core.runtime.IProgressMonitor; import org.eclipse.swt.events.ModifyEvent; @@ -41,7 +40,7 @@ import org.osgi.service.useradmin.UserAdminEvent; import org.osgi.service.useradmin.UserAdminListener; /** Editor for a user, might be a user or a group. */ -public class UserEditor extends FormEditor implements UserAdminConstants { +public class UserEditor extends FormEditor { private static final long serialVersionUID = 8357851520380820241L; public final static String USER_EDITOR_ID = SecurityAdminPlugin.PLUGIN_ID @@ -71,7 +70,7 @@ public class UserEditor extends FormEditor implements UserAdminConstants { } /** - * returns the list of all authorisation for the given user or of the + * returns the list of all authorization for the given user or of the * current displayed user if parameter is null */ protected List getFlatGroups(User aUser) { diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserMainPage.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserMainPage.java index d732e7e7f..9ea1dcffc 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserMainPage.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UserMainPage.java @@ -20,6 +20,7 @@ import java.util.Iterator; import java.util.List; import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; import org.argeo.eclipse.ui.ColumnDefinition; import org.argeo.eclipse.ui.EclipseUiUtils; import org.argeo.eclipse.ui.parts.LdifUsersTable; @@ -54,9 +55,12 @@ import org.eclipse.swt.events.DisposeEvent; import org.eclipse.swt.events.DisposeListener; import org.eclipse.swt.events.ModifyEvent; import org.eclipse.swt.events.ModifyListener; +import org.eclipse.swt.events.SelectionAdapter; +import org.eclipse.swt.events.SelectionEvent; import org.eclipse.swt.graphics.Cursor; import org.eclipse.swt.layout.GridData; import org.eclipse.swt.layout.GridLayout; +import org.eclipse.swt.widgets.Button; import org.eclipse.swt.widgets.Composite; import org.eclipse.swt.widgets.Label; import org.eclipse.swt.widgets.Text; @@ -95,6 +99,7 @@ public class UserMainPage extends FormPage implements ArgeoNames { ScrolledForm form = mf.getForm(); Composite body = form.getBody(); GridLayout mainLayout = new GridLayout(); + // mainLayout.marginRight = 10; body.setLayout(mainLayout); User user = editor.getDisplayedUser(); appendOverviewPart(body, user); @@ -157,9 +162,6 @@ public class UserMainPage extends FormPage implements ArgeoNames { user.getProperties().put(LdifName.cn.name(), commonName.getText()); user.getProperties().put(LdifName.mail.name(), email.getText()); - // Enable common name ? - // editor.setProperty(UserAdminConstants.KEY_CN, - // email.getText()); super.commit(onSave); } @@ -249,22 +251,29 @@ public class UserMainPage extends FormPage implements ArgeoNames { Composite body = (Composite) section.getClient(); body.setLayout(EclipseUiUtils.noSpaceGridLayout()); + boolean isAdmin = UiAdminUtils.isUserInRole(AuthConstants.ROLE_ADMIN); + // Displayed columns List columnDefs = new ArrayList(); columnDefs.add(new ColumnDefinition(new RoleIconLP(), "", 0, 24)); columnDefs.add(new ColumnDefinition(new CommonNameLP(), "Common Name", 150)); columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain Name", - 120)); - columnDefs.add(new ColumnDefinition(new UserNameLP(), - "Distinguished Name", 300)); + 200)); + // Only show technical DN to administrators + if (isAdmin) + columnDefs.add(new ColumnDefinition(new UserNameLP(), + "Distinguished Name", 120)); // Create and configure the table final LdifUsersTable userViewerCmp = new MyUserTableViewer(body, SWT.MULTI | SWT.H_SCROLL | SWT.V_SCROLL, user); userViewerCmp.setColumnDefinitions(columnDefs); - userViewerCmp.populate(true, false); + if (isAdmin) + userViewerCmp.populateWithStaticFilters(false, false); + else + userViewerCmp.populate(true, false); GridData gd = EclipseUiUtils.fillAll(); gd.heightHint = 300; userViewerCmp.setLayoutData(gd); @@ -311,7 +320,9 @@ public class UserMainPage extends FormPage implements ArgeoNames { } private class MyUserTableViewer extends LdifUsersTable { - private static final long serialVersionUID = 8467999509931900367L; + private static final long serialVersionUID = 2653790051461237329L; + + private Button showSystemRoleBtn; private final User user; private final UserFilter userFilter; @@ -320,6 +331,23 @@ public class UserMainPage extends FormPage implements ArgeoNames { super(parent, style, true); this.user = user; userFilter = new UserFilter(); + userFilter.setShowSystemRole(false); + } + + protected void populateStaticFilters(Composite staticFilterCmp) { + staticFilterCmp.setLayout(new GridLayout()); + showSystemRoleBtn = new Button(staticFilterCmp, SWT.CHECK); + showSystemRoleBtn.setText("Show system roles"); + showSystemRoleBtn.addSelectionListener(new SelectionAdapter() { + private static final long serialVersionUID = -7033424592697691676L; + + @Override + public void widgetSelected(SelectionEvent e) { + userFilter.setShowSystemRole(showSystemRoleBtn + .getSelection()); + refresh(); + } + }); } @Override diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UsersView.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UsersView.java index b52e8591e..79e94abc7 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UsersView.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/parts/UsersView.java @@ -19,6 +19,7 @@ import java.util.ArrayList; import java.util.List; import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; import org.argeo.eclipse.ui.ColumnDefinition; import org.argeo.eclipse.ui.EclipseUiUtils; import org.argeo.eclipse.ui.parts.LdifUsersTable; @@ -70,16 +71,17 @@ public class UsersView extends ViewPart implements ArgeoNames { // Define the displayed columns columnDefs.add(new ColumnDefinition(new CommonNameLP(), "Common Name", 150)); - columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", 120)); columnDefs.add(new ColumnDefinition(new MailLP(), "E-mail", 150)); - columnDefs.add(new ColumnDefinition(new UserNameLP(), - "Distinguished Name", 300)); + columnDefs.add(new ColumnDefinition(new DomainNameLP(), "Domain", 200)); + // Only show technical DN to admin + if (UiAdminUtils.isUserInRole(AuthConstants.ROLE_ADMIN)) + columnDefs.add(new ColumnDefinition(new UserNameLP(), + "Distinguished Name", 300)); // Create and configure the table userTableViewerCmp = new MyUserTableViewer(parent, SWT.MULTI | SWT.H_SCROLL | SWT.V_SCROLL); userTableViewerCmp.setLayoutData(EclipseUiUtils.fillAll()); - userTableViewerCmp.setColumnDefinitions(columnDefs); userTableViewerCmp.populate(true, false); diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/RoleIconLP.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/RoleIconLP.java index 1529f9059..010ab5a8a 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/RoleIconLP.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/RoleIconLP.java @@ -1,8 +1,8 @@ package org.argeo.security.ui.admin.internal.providers; +import org.argeo.cms.auth.AuthConstants; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.SecurityAdminImages; -import org.argeo.security.ui.admin.internal.UserAdminConstants; import org.eclipse.swt.graphics.Image; import org.osgi.service.useradmin.Role; import org.osgi.service.useradmin.User; @@ -20,7 +20,7 @@ public class RoleIconLP extends UserAdminAbstractLP { public Image getImage(Object element) { User user = (User) element; String dn = (String) user.getProperties().get(LdifName.dn.name()); - if (dn.endsWith(UserAdminConstants.SYSTEM_ROLE_BASE_DN)) + if (dn.endsWith(AuthConstants.ROLES_BASEDN)) return SecurityAdminImages.ICON_ROLE; else if (user.getType() == Role.GROUP) return SecurityAdminImages.ICON_GROUP; diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserAdminAbstractLP.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserAdminAbstractLP.java index 0590088b2..89901fa7c 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserAdminAbstractLP.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserAdminAbstractLP.java @@ -6,7 +6,6 @@ import javax.naming.ldap.LdapName; import org.argeo.ArgeoException; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.internal.UiAdminUtils; -import org.argeo.security.ui.admin.internal.UserAdminConstants; import org.eclipse.jface.resource.JFaceResources; import org.eclipse.jface.viewers.ColumnLabelProvider; import org.eclipse.swt.SWT; @@ -18,8 +17,7 @@ import org.osgi.service.useradmin.User; * Utility class that add font modifications to a column label provider * depending on the given user properties */ -public abstract class UserAdminAbstractLP extends ColumnLabelProvider implements - UserAdminConstants { +public abstract class UserAdminAbstractLP extends ColumnLabelProvider { private static final long serialVersionUID = 137336765024922368L; // private Font italic; diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserFilter.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserFilter.java index 43c36eb20..59e83852c 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserFilter.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/providers/UserFilter.java @@ -1,5 +1,8 @@ package org.argeo.security.ui.admin.internal.providers; +import static org.argeo.eclipse.ui.EclipseUiUtils.notEmpty; + +import org.argeo.cms.auth.AuthConstants; import org.argeo.osgi.useradmin.LdifName; import org.argeo.security.ui.admin.internal.UiAdminUtils; import org.eclipse.jface.viewers.Viewer; @@ -10,6 +13,7 @@ public class UserFilter extends ViewerFilter { private static final long serialVersionUID = 5082509381672880568L; private String searchString; + private boolean showSystemRole = true; private final String[] knownProps = { LdifName.dn.name(), LdifName.cn.name(), LdifName.givenname.name(), LdifName.sn.name(), @@ -18,33 +22,40 @@ public class UserFilter extends ViewerFilter { public void setSearchText(String s) { // ensure that the value can be used for matching - if (notNull(s)) + if (notEmpty(s)) searchString = ".*" + s.toLowerCase() + ".*"; else searchString = ".*"; } + public void setShowSystemRole(boolean showSystemRole) { + this.showSystemRole = showSystemRole; + } + @Override public boolean select(Viewer viewer, Object parentElement, Object element) { - if (searchString == null || searchString.length() == 0) { - return true; - } User user = (User) element; + if (!showSystemRole + && user.getName().matches( + ".*(" + AuthConstants.ROLES_BASEDN + ")")) + // UiAdminUtils.getProperty(user, LdifName.dn.name()) + // .toLowerCase().endsWith(AuthConstants.ROLES_BASEDN)) + return false; + + if (searchString == null || searchString.length() == 0) + return true; + if (user.getName().matches(searchString)) return true; for (String key : knownProps) { String currVal = UiAdminUtils.getProperty(user, key); - if (notNull(currVal) && currVal.toLowerCase().matches(searchString)) + if (notEmpty(currVal) + && currVal.toLowerCase().matches(searchString)) return true; } - return false; } - private boolean notNull(String str) { - return !(str == null || "".equals(str.trim())); - } - } \ No newline at end of file -- 2.30.2