PL-7711 Ability to copy security roles

2024-12-05 04:38:10 +08:00 · 2016-10-03 10:30:07 +04:00 · 2016-10-03 10:30:07 +04:00 · 5576b390f3
commit 5576b390f3
parent b6bb5d9861
6 changed files with 100 additions and 2 deletions
--- a/modules/core/src/com/haulmont/cuba/security/app/UserManagementServiceBean.java
+++ b/modules/core/src/com/haulmont/cuba/security/app/UserManagementServiceBean.java
@ -46,6 +46,8 @@ public class UserManagementServiceBean implements UserManagementService {

    protected static final String GROUP_COPY_VIEW = "group.copy";

+    protected static final String ROLE_COPY_VIEW = "role.copy";
+
    protected static final String MOVE_USER_TO_GROUP_VIEW = "user.moveToGroup";

    protected static final String RESET_PASSWORD_VIEW = "user.resetPassword";
@ -123,6 +125,36 @@ public class UserManagementServiceBean implements UserManagementService {
        return clone;
    }

+    @Override
+    public Role copyRole(UUID roleId) {
+        checkNotNullArgument(roleId, "Null access role id");
+        checkUpdatePermission(Role.class);
+
+        Role clone = null;
+
+        Transaction tx = persistence.getTransaction();
+        try {
+            EntityManager em = persistence.getEntityManager();
+
+            Query roleNamesQuery = em.createQuery("select g.name from sec$Role g");
+            @SuppressWarnings("unchecked")
+            Set<String> roleNames = new HashSet<>(roleNamesQuery.getResultList());
+
+            Role role = em.find(Role.class, roleId, ROLE_COPY_VIEW);
+            if (role == null)
+                throw new IllegalStateException("Unable to find specified role with id: " + roleId);
+
+            clone = cloneRole(role, roleNames, em);
+            clone.setDefaultRole(false);
+
+            tx.commit();
+        } finally {
+            tx.end();
+        }
+
+        return clone;
+    }
+
    @Override
    public Integer moveUsersToGroup(List<UUID> userIds, @Nullable UUID targetAccessGroupId) {
        checkNotNullArgument(userIds, "Null users list");
@ -527,6 +559,28 @@ public class UserManagementServiceBean implements UserManagementService {
        return modifiedUsers;
    }

+    protected Role cloneRole(Role role, Set<String> roleNames, EntityManager em) {
+        Role roleClone = metadata.create(Role.class);
+
+        String newRoleName = generateName(role.getName(), roleNames);
+        roleClone.setName(newRoleName);
+        roleClone.setType(role.getType());
+        roleClone.setDefaultRole(role.getDefaultRole());
+        roleClone.setLocName(role.getLocName());
+        roleClone.setDescription(role.getDescription());
+
+        em.persist(roleClone);
+
+        if (role.getPermissions() != null) {
+            for (Permission permission : role.getPermissions()) {
+                Permission permissionClone = clonePermission(permission, roleClone);
+                em.persist(permissionClone);
+            }
+        }
+
+        return roleClone;
+    }
+
    protected Group cloneGroup(Group group, Group parent, Set<String> groupNames, EntityManager em) {
        Group groupClone = metadata.create(Group.class);

@ -603,6 +657,16 @@ public class UserManagementServiceBean implements UserManagementService {
        return resultConstraint;
    }

+    protected Permission clonePermission(Permission permission, Role role) {
+        Permission resultPermission = metadata.create(Permission.class);
+        resultPermission.setValue(permission.getValue());
+        resultPermission.setType(permission.getType());
+        resultPermission.setTarget(permission.getTarget());
+        resultPermission.setRole(role);
+
+        return resultPermission;
+    }
+
    /**
     * Template pair : subject + body
     */
--- a/modules/global/src/com/haulmont/cuba/security/app/UserManagementService.java
+++ b/modules/global/src/com/haulmont/cuba/security/app/UserManagementService.java
@ -18,10 +18,10 @@
 package com.haulmont.cuba.security.app;

 import com.haulmont.cuba.security.entity.Group;
+import com.haulmont.cuba.security.entity.Role;

 import javax.annotation.Nullable;
 import java.util.List;
-import java.util.Locale;
 import java.util.Map;
 import java.util.UUID;

@ -41,6 +41,14 @@ public interface UserManagementService {
     */
    Group copyAccessGroup(UUID accessGroupId);

+    /**
+     * Copy user role with all its permissions.
+     *
+     * @param roleId Source access role Id
+     * @return Cloned role
+     */
+    Role copyRole(UUID roleId);
+
    /**
     * Move specified users to a new access group.
     *
--- a/modules/global/src/cuba-views.xml
+++ b/modules/global/src/cuba-views.xml
@ -115,6 +115,14 @@
        <property name="value"/>
    </view>

+    <view class="com.haulmont.cuba.security.entity.Role" name="role.copy">
+        <property name="name"/>
+        <property name="type"/>
+        <property name="locName"/>
+        <property name="permissions" view="role.edit"/>
+        <property name="description"/>
+    </view>
+
    <view class="com.haulmont.cuba.security.entity.Group" name="group.lookup">
        <property name="name"/>
    </view>
--- a/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/RoleBrowser.java
+++ b/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/RoleBrowser.java
@ -29,6 +29,7 @@ import com.haulmont.cuba.gui.export.ByteArrayDataProvider;
 import com.haulmont.cuba.gui.export.ExportDisplay;
 import com.haulmont.cuba.gui.export.ExportFormat;
 import com.haulmont.cuba.gui.upload.FileUploadingAPI;
+import com.haulmont.cuba.security.app.UserManagementService;
 import com.haulmont.cuba.security.entity.*;
 import org.apache.commons.io.IOUtils;
 import org.slf4j.Logger;
@ -50,6 +51,9 @@ public class RoleBrowser extends AbstractLookup {
    @Inject
    protected Table<Role> rolesTable;

+    @Inject
+    protected UserManagementService userManagementService;
+
    @Inject
    protected Security security;

@ -81,6 +85,19 @@ public class RoleBrowser extends AbstractLookup {
    public void init(Map<String, Object> params) {
        super.init(params);

+        Action copyRoles = new ItemTrackingAction("copy") {
+            @Override
+            public void actionPerform(Component component) {
+                userManagementService.copyRole(rolesTable.getSingleSelected().getId());
+                rolesDs.refresh();
+            }
+        };
+
+        boolean hasPermissionsToCreateRole = security.isEntityOpPermitted(Role.class, EntityOp.CREATE);
+        copyRoles.setEnabled(hasPermissionsToCreateRole);
+
+        rolesTable.addAction(copyRoles);
+
        rolesTable.addAction(new ItemTrackingAction("assignToUsers") {
            @Override
            public void actionPerform(Component component) {
--- a/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/messages.properties
+++ b/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/messages.properties
@ -26,4 +26,4 @@ assignToUsers=Assign to users
 selectRole.msg=Select role
 rolesAssigned.msg=Roles assigned
 exportFailed=Export failed
-importError=Import error: %s
+importError=Import error: %s
--- a/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/role-browse.xml
+++ b/modules/gui/src/com/haulmont/cuba/gui/app/security/role/browse/role-browse.xml
@ -45,6 +45,7 @@
                <button action="rolesTable.remove"/>
                <button action="rolesTable.refresh"/>
                <button action="rolesTable.excel"/>
+                <button action="rolesTable.copy" icon="icons/copy.png"/>
                <button action="rolesTable.assignToUsers" icon="icons/user-group-ok.png"/>
                <button action="rolesTable.export" icon="icons/download.png" description="mainMsg://actions.Export"/>
                <upload id="importRolesUpload"