Improve permissions list display, to be sorted.

Better permission names for "admin users" and "admin roles".
2015-08-04 16:42:06 +02:00
parent 62ef07c86b
commit bbf7456fa2
13 changed files with 124 additions and 47 deletions
--- a/cms-safe.ecf
+++ b/cms-safe.ecf
@@ -12,6 +12,7 @@
 		</option>
 		<mapping old_name="CMS_LAYOUT" new_name="CMS_ENVIRONMENT"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
 		<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension-safe.ecf"/>
 		<library name="cms_app_env" location=".\library\app_env\app_env-safe.ecf"/>
 		<library name="cms_model" location=".\library\model\cms_model-safe.ecf" readonly="false"/>
 		<library name="cms_config" location=".\library\configuration\config-safe.ecf"/>
--- a/cms.ecf
+++ b/cms.ecf
@@ -13,6 +13,7 @@
 		</option>
 		<mapping old_name="CMS_LAYOUT" new_name="CMS_ENVIRONMENT"/>
 		<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
 		<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
 		<library name="cms_app_env" location=".\library\app_env\app_env.ecf"/>
 		<library name="cms_model" location=".\library\model\cms_model.ecf" readonly="false"/>
 		<library name="cms_config" location=".\library\configuration\config.ecf"/>
--- a/modules/admin/cms_admin_module.e
+++ b/modules/admin/cms_admin_module.e
@@ -9,7 +9,8 @@ class
 inherit
 	CMS_MODULE
 		redefine
-			register_hooks
+			register_hooks,
 			permissions
 		end
 	CMS_HOOK_MENU_SYSTEM_ALTER
@@ -79,6 +80,18 @@ feature -- Access: router
 			a_router.handle ("/admin/role/{id}/delete", l_role_handler, a_router.methods_get_post)
 		end
 feature -- Security
 	permissions: LIST [READABLE_STRING_8]
 			-- List of permission ids, used by this module, and declared.
 		do
 			Result := Precursor
 			Result.force ("manage admin")
 			Result.force ("admin users")
 			Result.force ("admin roles")
 			Result.force ("admin modules")
 		end
 feature -- Hooks
 	register_hooks (a_response: CMS_RESPONSE)
--- a/modules/admin/handler/cms_admin_response.e
+++ b/modules/admin/handler/cms_admin_response.e
@@ -42,10 +42,12 @@ feature -- Process
 			set_title (translation ("Admin Page", Void))
 			b.append ("<ul id=%"content-types%">")
 			fixme ("Check how to make it configurable")
-			if has_permissions (<< "View any">>) then
+			if has_permissions (<< "admin users">>) then
 				b.append ("<li>" + link ("Users", "admin/users", Void))
 				b.append ("<div class=%"description%">View/Edit/Add Users</div>")
 				b.append ("</li>")
 			end
 			if has_permissions (<< "admin roles">>) then
 				b.append ("<li>" + link ("Roles", "admin/roles", Void))
 				b.append ("<div class=%"description%">View/Edit/Add Roles</div>")
 				b.append ("</li>")
--- a/modules/admin/handler/role/cms_admin_roles_handler.e
+++ b/modules/admin/handler/role/cms_admin_roles_handler.e
@@ -100,7 +100,7 @@ feature -- HTTP Methods
 				s.append ("</ul>%N")
 			end
-			if l_response.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if l_response.has_permission ("admin roles") then
 				s.append (l_response.link ("Add Role", "admin/add/role", Void))
 			end
--- a/modules/admin/handler/role/cms_role_form_response.e
+++ b/modules/admin/handler/role/cms_role_form_response.e
@@ -13,6 +13,8 @@ inherit
 			initialize
 		end
 	CMS_SHARED_SORTING_UTILITIES
 create
 	make
@@ -317,7 +319,10 @@ feature -- Form
 			cb: WSF_FORM_CHECKBOX_INPUT
 			ts: WSF_FORM_SUBMIT_INPUT
 --			tb: WSF_FORM_BUTTON_INPUT
 			lab: WSF_WIDGET_TEXT
 			l_role_permissions: detachable LIST [READABLE_STRING_8]
 			l_module_names: ARRAYED_LIST [READABLE_STRING_8]
 			l_mod_name: READABLE_STRING_8
 		do
 			if attached a_role as l_role then
 				create fs.make
@@ -330,20 +335,45 @@ feature -- Form
 				a_form.extend_html_text ("<br/>")
 				create fs.make
 				fs.set_legend ("Permissions")
 				if
-					attached api.user_api.role_permissions as l_permissions
+					attached api.user_api.role_permissions as l_permissions_by_module
 				then
 					l_role_permissions := l_role.permissions
 					l_role_permissions.compare_objects
-					across l_permissions as ic loop
+
-						create cb.make_with_value ("cms_permissions", ic.item)
+					create l_module_names.make (l_permissions_by_module.count)
-						cb.set_checked (l_role_permissions.has (ic.item))
+					across
-						cb.set_title (ic.item)
+						l_permissions_by_module as mod_ic
-						fs.extend (cb)
+					loop
 						l_module_names.force (mod_ic.key)
 					end
 					string_sorter.sort (l_module_names)
 					across
 						l_module_names as mod_ic
 					loop
 						l_mod_name := mod_ic.item
 						if
 							attached l_permissions_by_module.item (l_mod_name) as l_permissions and then
 							not l_permissions.is_empty
 						then
 							if l_mod_name.is_whitespace then
 								l_mod_name := "... "
 							end
 							create lab.make_with_text ("<strong>" + l_mod_name + " module</strong>")
 							fs.extend (lab)
 							string_sorter.sort (l_permissions)
 							across l_permissions as ic loop
 								create cb.make_with_value ("cms_permissions", ic.item)
 								cb.set_checked (across l_role_permissions as rp_ic some rp_ic.item.is_case_insensitive_equal (ic.item) end)
 								cb.set_title (ic.item)
 								fs.extend (cb)
 							end
 						end
 					end
 				end
 				create ti.make ("new_cms_permissions[]")
@@ -475,4 +505,5 @@ feature -- Generation
 			    })
 			});
 	]"
 end
--- a/modules/admin/handler/role/cms_role_handler.e
+++ b/modules/admin/handler/role/cms_role_handler.e
@@ -84,7 +84,7 @@ feature -- HTTP Methods
 			r: CMS_RESPONSE
 		do
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if r.has_permission ("admin roles") then
 				if req.percent_encoded_path_info.ends_with_general ("/edit") then
 					check valid_url: req.percent_encoded_path_info.starts_with_general ("/admin/role/") end
 					create edit_response.make (req, res, api)
@@ -122,7 +122,7 @@ feature -- HTTP Methods
 			r: CMS_RESPONSE
 		do
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if r.has_permission ("admin roles") then
 				if req.percent_encoded_path_info.ends_with_general ("/edit") then
 					create edit_response.make (req, res, api)
 					edit_response.execute
@@ -186,7 +186,7 @@ feature -- Error
 		end
-feature {NONE} -- New User
+feature {NONE} -- New role
 	create_new_role (req: WSF_REQUEST; res: WSF_RESPONSE)
 		local
--- a/modules/admin/handler/user/cms_admin_users_handler.e
+++ b/modules/admin/handler/user/cms_admin_users_handler.e
@@ -72,7 +72,7 @@ feature -- HTTP Methods
 				-- the setup class.
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
-			if l_response.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if l_response.has_permission ("admin users") then
 				user_api := api.user_api
 				l_count := user_api.users_count
--- a/modules/admin/handler/user/cms_user_handler.e
+++ b/modules/admin/handler/user/cms_user_handler.e
@@ -84,7 +84,7 @@ feature -- HTTP Methods
 			r: CMS_RESPONSE
 		do
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if r.has_permission ("admin users") then
 				if req.percent_encoded_path_info.ends_with_general ("/edit") then
 					check valid_url: req.percent_encoded_path_info.starts_with_general ("/admin/user/") end
 					create edit_response.make (req, res, api)
@@ -122,7 +122,7 @@ feature -- HTTP Methods
 			r: CMS_RESPONSE
 		do
 			create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
-			if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
+			if r.has_permission ("admin users") then
 				if req.percent_encoded_path_info.ends_with_general ("/edit") then
 					create edit_response.make (req, res, api)
 					edit_response.execute
--- a/modules/node/cms_node_api.e
+++ b/modules/node/cms_node_api.e
@@ -299,16 +299,6 @@ feature -- Permission Scope: Node
 					Result := cms_api.user_has_permission (a_user, a_action + " own " + l_type_name)
 				end
 			end
 			fixme ("when admin back end is ready, remove this, as too general.") -- FIXME
 			if not Result then
 				Result := cms_api.user_has_permission (a_user, a_action + " any node")
 				if not Result and a_user /= Void then
 					if is_author_of_node (a_user, a_node) then
 						Result := cms_api.user_has_permission (a_user, a_action + " own node")
 					end
 				end
 			end
 		end
 feature -- Change: Node
--- a/modules/node/cms_node_module.e
+++ b/modules/node/cms_node_module.e
@@ -140,26 +140,28 @@ feature -- Access
 	permissions: LIST [READABLE_STRING_8]
 			-- <Precursor>.
 		local
 			l_type_name: READABLE_STRING_8
 		do
 			Result := Precursor
-			Result.force ("create any")
+			Result.force ("create any node")
-			Result.force ("view any")
+
 			Result.force ("edit any")
 			Result.force ("delete any")
 			Result.force ("view own")
 			Result.force ("edit own")
 			Result.force ("delete own")
 			if attached node_api as l_node_api then
 				across
 					l_node_api.content_types as ic
 				loop
-					Result.force ("create " + ic.item.name)
+					l_type_name := ic.item.name
-					Result.force ("view " + ic.item.name)
+					if not l_type_name.is_whitespace then
-					Result.force ("edit " + ic.item.name)
+						Result.force ("create " + l_type_name)
-					Result.force ("delete " + ic.item.name)
+
-					Result.force ("view own " + ic.item.name)
+						Result.force ("view any " + l_type_name)
-					Result.force ("edit own " + ic.item.name)
+						Result.force ("edit any " + l_type_name)
-					Result.force ("delete own " + ic.item.name)
+						Result.force ("delete any " + l_type_name)
 						Result.force ("view own " + l_type_name)
 						Result.force ("edit own " + l_type_name)
 						Result.force ("delete own " + l_type_name)
 					end
 				end
 			end
 		end
--- a/src/service/misc/cms_shared_sorting_utilities.e
+++ b/src/service/misc/cms_shared_sorting_utilities.e
@@ -0,0 +1,20 @@
 note
 	description: "Collection of sorters to help CMS dev."
 	date: "$Date$"
 	revision: "$Revision$"
 deferred class
 	CMS_SHARED_SORTING_UTILITIES
 feature -- Helpers
 	string_sorter: QUICK_SORTER [READABLE_STRING_GENERAL]
 			-- New string sorter.
 		once
 			create Result.make (create {COMPARABLE_COMPARATOR [READABLE_STRING_GENERAL]})
 		end
 note
 	copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
 	license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
 end
--- a/src/service/user/cms_user_api.e
+++ b/src/service/user/cms_user_api.e
@@ -142,23 +142,40 @@ feature -- User roles.
 			Result := storage.user_role_by_name (a_name)
 		end
-	role_permissions: LIST [READABLE_STRING_8]
+	role_permissions: HASH_TABLE [LIST [READABLE_STRING_8], STRING_8]
-			-- Possible known permissions.
+			-- Possible known permissions indexed by modules.
 		local
 			perm: READABLE_STRING_8
 			lst, l_used_permissions: LIST [READABLE_STRING_8]
 			l_found: BOOLEAN
 		do
-			Result := storage.role_permissions
+			create Result.make (cms_api.enabled_modules.count + 1)
 			l_used_permissions := storage.role_permissions
 			across
 				cms_api.enabled_modules as ic
 			loop
 				lst := ic.item.permissions
 				Result.force (lst, ic.item.name)
 				across
-					ic.item.permissions as perms_ic
+					lst as p_ic
 				loop
-					perm := perms_ic.item
+					from
-					if not Result.has (perm) then
+						l_used_permissions.start
-						Result.force (perm)
+					until
 						l_used_permissions.after
 					loop
 						if l_used_permissions.item.is_case_insensitive_equal (p_ic.item) then
 							l_used_permissions.remove
 							l_used_permissions.finish
 						end
 						l_used_permissions.forth
 					end
 				end
 				if not l_used_permissions.is_empty then
 					Result.force (l_used_permissions, "")
 				end
 			end
 		end