From 77acba82e122dd76d41e932334b9e66a5d00cde5 Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Sun, 14 Apr 2013 15:53:23 +0200
Subject: [PATCH] start implementation of a ui for the security system
 configuration

---
 .../SecurityConfigurationResource.java        | 136 ++++++++++++++++++
 scm-webapp/src/main/webapp/index.mustache     |   4 +
 .../resources/js/security/sonia.security.js   |  33 +++++
 .../sonia.security.permissionspanel.js        |  51 +++++++
 .../src/main/webapp/resources/js/sonia.scm.js |  17 ++-
 5 files changed, 239 insertions(+), 2 deletions(-)
 create mode 100644 scm-webapp/src/main/java/sonia/scm/api/rest/resources/SecurityConfigurationResource.java
 create mode 100644 scm-webapp/src/main/webapp/resources/js/security/sonia.security.js
 create mode 100644 scm-webapp/src/main/webapp/resources/js/security/sonia.security.permissionspanel.js

diff --git a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/SecurityConfigurationResource.java b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/SecurityConfigurationResource.java
new file mode 100644
index 0000000000..332f1c1bf5
--- /dev/null
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/SecurityConfigurationResource.java
@@ -0,0 +1,136 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.api.rest.resources;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.inject.Inject;
+
+import org.apache.shiro.SecurityUtils;
+
+import org.codehaus.enunciate.jaxrs.TypeHint;
+import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
+
+import sonia.scm.security.Role;
+import sonia.scm.security.SecurityConfiguration;
+import sonia.scm.security.SecuritySystem;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@Path("security")
+@ExternallyManagedLifecycle
+public class SecurityConfigurationResource
+{
+
+  /**
+   * Constructs ...
+   *
+   *
+   * @param system
+   */
+  @Inject
+  public SecurityConfigurationResource(SecuritySystem system)
+  {
+    this.system = system;
+  }
+
+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @GET
+  @TypeHint(SecurityConfiguration.class)
+  @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+  public Response getConfiguration()
+  {
+    Response response = null;
+
+    if (SecurityUtils.getSubject().hasRole(Role.ADMIN))
+    {
+      response = Response.ok(system.getConfiguration()).build();
+    }
+    else
+    {
+      response = Response.status(Response.Status.FORBIDDEN).build();
+    }
+
+    return response;
+  }
+
+  //~--- set methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param uriInfo
+   * @param newConfig
+   *
+   * @return
+   */
+  @POST
+  @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+  public Response setConfig(@Context UriInfo uriInfo,
+    SecurityConfiguration newConfig)
+  {
+
+    // TODO replace by checkRole
+    SecurityUtils.getSubject().checkRole(Role.ADMIN);
+
+    system.setConfiguration(newConfig);
+
+    return Response.created(uriInfo.getRequestUri()).build();
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private SecuritySystem system;
+}
diff --git a/scm-webapp/src/main/webapp/index.mustache b/scm-webapp/src/main/webapp/index.mustache
index 869112096e..32929592a7 100644
--- a/scm-webapp/src/main/webapp/index.mustache
+++ b/scm-webapp/src/main/webapp/index.mustache
@@ -143,6 +143,10 @@
     <script type="text/javascript" src="resources/js/group/sonia.group.memberformpanel.js"></script>
     <script type="text/javascript" src="resources/js/group/sonia.group.panel.js"></script>
 
+    <!-- sonia.security -->
+    <script type="text/javascript" src="resources/js/security/sonia.security.js"></script>
+    <script type="text/javascript" src="resources/js/security/sonia.security.permissionspanel.js"></script>
+    
     <!-- sonia.config -->
     <script type="text/javascript" src="resources/js/config/sonia.config.js"></script>
     <script type="text/javascript" src="resources/js/config/sonia.config.configpanel.js"></script>
diff --git a/scm-webapp/src/main/webapp/resources/js/security/sonia.security.js b/scm-webapp/src/main/webapp/resources/js/security/sonia.security.js
new file mode 100644
index 0000000000..9625f214d2
--- /dev/null
+++ b/scm-webapp/src/main/webapp/resources/js/security/sonia.security.js
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2010, Sebastian Sdorra
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+// register namespace
+Ext.ns('Sonia.security');
diff --git a/scm-webapp/src/main/webapp/resources/js/security/sonia.security.permissionspanel.js b/scm-webapp/src/main/webapp/resources/js/security/sonia.security.permissionspanel.js
new file mode 100644
index 0000000000..4d9940f3bb
--- /dev/null
+++ b/scm-webapp/src/main/webapp/resources/js/security/sonia.security.permissionspanel.js
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2010, Sebastian Sdorra
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+Sonia.security.PermissionsPanel = Ext.extend(Ext.Panel, {
+
+  //TODO i18n
+  titleText: 'Permissions',
+
+  initComponent: function(){
+
+    var config = {
+      title: this.titleText,
+      bodyCssClass: 'x-panel-mc'
+    };
+
+    Ext.apply(this, Ext.apply(this.initialConfig, config));
+    Sonia.security.PermissionsPanel.superclass.initComponent.apply(this, arguments);
+  }
+
+});
+
+// register xtype
+Ext.reg('permissionsPanel', Sonia.security.PermissionsPanel);
\ No newline at end of file
diff --git a/scm-webapp/src/main/webapp/resources/js/sonia.scm.js b/scm-webapp/src/main/webapp/resources/js/sonia.scm.js
index 547465a758..4771e61e0b 100644
--- a/scm-webapp/src/main/webapp/resources/js/sonia.scm.js
+++ b/scm-webapp/src/main/webapp/resources/js/sonia.scm.js
@@ -50,6 +50,10 @@ Sonia.scm.Main = Ext.extend(Ext.util.Observable, {
   tabUsersText: 'Users',
   navGroupsText: 'Groups',
   tabGroupsText: 'Groups',
+  
+  // TODO i18n
+  navPermissionsText: 'Permissions',
+  tabPermissionsText: 'Permissions',
 
   sectionLoginText: 'Login',
   navLoginText: 'Login',
@@ -161,6 +165,12 @@ Sonia.scm.Main = Ext.extend(Ext.util.Observable, {
       this.addTabPanel('groups', 'groupPanel', this.tabGroupsText);
     }
   },
+          
+  addPermissionsTabPanel: function(){
+    if (admin){
+      this.addTabPanel('permissions', 'permissionsPanel', this.tabPermissionsText);
+    }
+  },
 
   createMainMenu: function(){
     if ( debug ){
@@ -236,11 +246,14 @@ Sonia.scm.Main = Ext.extend(Ext.util.Observable, {
         label: this.navUsersText,
         fn: this.addUsersTabPanel,
         scope: this
-      });
-      securitySection.links.push({
+      },{
         label: this.navGroupsText,
         fn: this.addGroupsTabPanel,
         scope: this
+      },{
+        label: this.navPermissionsText,
+        fn: this.addPermissionsTabPanel,
+        scope: this
       });
     }