add: add permission view

author INOPIAE <m.maengel@inopiae.de>

Wed, 17 Aug 2016 10:14:03 +0000 (12:14 +0200)

committer INOPIAE <m.maengel@inopiae.de>

Sun, 21 Aug 2016 11:19:37 +0000 (13:19 +0200)
author INOPIAE <m.maengel@inopiae.de>
Wed, 17 Aug 2016 10:14:03 +0000 (12:14 +0200)
committer INOPIAE <m.maengel@inopiae.de>
Sun, 21 Aug 2016 11:19:37 +0000 (13:19 +0200)
diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java

index 7740f803fc947cf6bd0c8f6c75d91122d158e4cf..afe6bcb72e86f787f37c89cb1cbc00294a08574b 100644 (file)
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -68,6 +68,7 @@ import org.cacert.gigi.pages.error.PageNotFound;
  import org.cacert.gigi.pages.main.RegisterPage;
  import org.cacert.gigi.pages.orga.CreateOrgPage;
  import org.cacert.gigi.pages.orga.ViewOrgPage;
+import org.cacert.gigi.pages.statistics.StatisticsRoles;
  import org.cacert.gigi.pages.wot.AssurePage;
  import org.cacert.gigi.pages.wot.Points;
  import org.cacert.gigi.pages.wot.RequestTTPPage;
@@ -135,6 +136,7 @@ public final class Gigi extends HttpServlet {
              });
              putPage("/", new MainPage(), null);
              putPage("/roots", new RootCertPage(truststore), "SomeCA.org");
+            putPage(StatisticsRoles.PATH, new StatisticsRoles(), "SomeCA.org");
              putPage("/about", new AboutPage(), "SomeCA.org");
  
              putPage("/secure", new TestSecure(), null);
diff --git a/src/org/cacert/gigi/dbObjects/Group.java b/src/org/cacert/gigi/dbObjects/Group.java

index 6e250794274ae607a0dd86d6c91d4b046736de45..13080efb208490a4ae7fc489cd57b5fb462a4001 100644 (file)
--- a/src/org/cacert/gigi/dbObjects/Group.java
+++ b/src/org/cacert/gigi/dbObjects/Group.java
@@ -6,24 +6,45 @@ import org.cacert.gigi.output.template.Outputable;
  import org.cacert.gigi.output.template.TranslateCommand;
  
  public enum Group {
-    SUPPORTER("supporter", "supporter", true), ARBITRATOR("arbitrator", "arbitrator", true), //
-    BLOCKEDASSURER("blockedassurer", "may not verify", true), BLOCKEDASSUREE("blockedassuree", "may not be verified", true), //
-    BLOCKEDLOGIN("blockedlogin", "may not login", true), BLOCKEDCERT("blockedcert", "may not issue certificates", true), //
-    TTP_ASSURER("ttp-assurer", "may verify via TTP", true), TTP_APPLICANT("ttp-applicant", "requests to be verified via ttp", true), //
-    CODESIGNING("codesigning", "may issue codesigning certificates", true), ORGASSURER("orgassurer", "may verify organisations", true), //
-    NUCLEUS_ASSURER("nucleus-assurer", "may enter nucleus verifications", true), LOCATE_AGENT("locate-agent", "wants access to the locate agent system", false);
+    SUPPORTER("supporter", "supporter", true, true), //
+    ARBITRATOR("arbitrator", "arbitrator", true, true), //
+    BLOCKEDASSURER("blockedassurer", "may not verify", true, false), //
+    BLOCKEDASSUREE("blockedassuree", "may not be verified", true, false), //
+    BLOCKEDLOGIN("blockedlogin", "may not login", true, false), //
+    BLOCKEDCERT("blockedcert", "may not issue certificates", true, false), //
+    TTP_ASSURER("ttp-assurer", "may verify via TTP", true, true), //
+    TTP_APPLICANT("ttp-applicant", "requests to be verified via ttp", true, false), //
+    CODESIGNING("codesigning", "may issue codesigning certificates", true, false), //
+    ORGASSURER("orgassurer", "may verify organisations", true, true), //
+    NUCLEUS_ASSURER("nucleus-assurer", "may enter nucleus verifications", true, true), //
+    LOCATE_AGENT("locate-agent", "wants access to the locate agent system", false, false);
  
      private final String dbName;
  
      private final TranslateCommand tc;
  
-    private final boolean managedBySupport; // true if flag is handled by
-                                            // support, false if handled by user
+    private final boolean managedBySupport;
  
-    private Group(String name, String display, boolean managedBySupport) {
+    private final boolean isSelfViewable;
+
+    /**
+     * Creates a new group. Users can join this group or be put into it
+     * (depending on the value of <code>managedBySupport</code>).
+     * 
+     * @param name
+     *            name of the group, used in database
+     * @param display
+     *            text displayed to user
+     * @param managedBySupport
+     *            true if flag is handled by support, false if handled by user
+     * @param isSelfViewable
+     *            true iff user should be able to see others in the same group
+     */
+    private Group(String name, String display, boolean managedBySupport, boolean isSelfViewable) {
          dbName = name;
          tc = new TranslateCommand(display);
          this.managedBySupport = managedBySupport;
+        this.isSelfViewable = isSelfViewable;
      }
  
      public static Group getByString(String name) {
@@ -34,6 +55,10 @@ public enum Group {
          return managedBySupport;
      }
  
+    public boolean isSelfViewable() {
+        return isSelfViewable;
+    }
+
      public String getDatabaseName() {
          return dbName;
      }
@@ -55,6 +80,17 @@ public enum Group {
          }
      }
  
+    public int getMemberCount() {
+        try (GigiPreparedStatement gps = new GigiPreparedStatement("SELECT COUNT(`user`) FROM `user_groups` WHERE `permission`=?::`userGroup` AND `deleted` IS NULL", true)) {
+            gps.setString(1, dbName);
+            GigiResultSet grs = gps.executeQuery();
+            if ( !grs.next()) {
+                return 0;
+            }
+            return grs.getInt(1);
+        }
+    }
+
      public Outputable getName() {
          return tc;
      }
diff --git a/src/org/cacert/gigi/pages/statistics/StatisticsRoles.java b/src/org/cacert/gigi/pages/statistics/StatisticsRoles.java

new file mode 100644 (file)

index 0000000..c1b10e2
--- /dev/null
+++ b/src/org/cacert/gigi/pages/statistics/StatisticsRoles.java
@@ -0,0 +1,59 @@
+package org.cacert.gigi.pages.statistics;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.cacert.gigi.dbObjects.Group;
+import org.cacert.gigi.dbObjects.User;
+import org.cacert.gigi.localisation.Language;
+import org.cacert.gigi.output.ArrayIterable;
+import org.cacert.gigi.pages.LoginPage;
+import org.cacert.gigi.pages.Page;
+
+public class StatisticsRoles extends Page {
+
+    public static final String PATH = "/statistics/roles";
+
+    public StatisticsRoles() {
+        super("Statistics Roles");
+    }
+
+    @Override
+    public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        final User u = getUser(req);
+        final boolean supporter = LoginPage.getAuthorizationContext(req).canSupport();
+
+        HashMap<String, Object> vars = new HashMap<String, Object>();
+
+        vars.put("groups", new ArrayIterable<Group>(Group.values()) {
+
+            @Override
+            public void apply(Group g, Language l, Map<String, Object> vars) {
+                int membersCount = g.getMemberCount();
+                vars.put("group_name", g.getName());
+                vars.put("count", membersCount);
+                if ((supporter || u.isInGroup(g) && g.isSelfViewable()) && g.isManagedBySupport()) {
+                    final User[] userg = g.getMembers(0, membersCount);
+                    vars.put("memberlist", new ArrayIterable<User>(userg) {
+
+                        @Override
+                        public void apply(User userg, Language l, Map<String, Object> vars) {
+                            vars.put("name", userg.getPreferredName());
+                            vars.put("email", userg.getEmail());
+                        }
+                    });
+                } else {
+                    vars.remove("memberlist");
+                }
+            }
+
+        });
+
+        getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
+    }
+
+}
diff --git a/src/org/cacert/gigi/pages/statistics/StatisticsRoles.templ b/src/org/cacert/gigi/pages/statistics/StatisticsRoles.templ

new file mode 100644 (file)

index 0000000..af8ad32
--- /dev/null
+++ b/src/org/cacert/gigi/pages/statistics/StatisticsRoles.templ
@@ -0,0 +1,26 @@
+<table class="table">
+    <tr>
+        <th>
+            <?=_Role?>
+        </th>
+        <th>
+            <?=_User Name?>
+        </th>
+        <th>
+            <?=_Email Address?>
+        </th>
+    </tr>
+<? foreach($groups) {?>
+    <tr>
+        <th><?=$group_name?></th>
+        <th colspan="2"><?=_Total?>: <?=$count?></th>
+    </tr>
+    <? foreach($memberlist) {?>
+    <tr>
+        <td></td>
+        <td><?=$name?></td>
+        <td><?=$email?></td>
+    </tr>
+    <? } ?>
+<? } ?>
+</table>
author	INOPIAE <m.maengel@inopiae.de>
	Wed, 17 Aug 2016 10:14:03 +0000 (12:14 +0200)
committer	INOPIAE <m.maengel@inopiae.de>
	Sun, 21 Aug 2016 11:19:37 +0000 (13:19 +0200)
src/org/cacert/gigi/Gigi.java		patch \| blob \| history
src/org/cacert/gigi/dbObjects/Group.java		patch \| blob \| history
src/org/cacert/gigi/pages/statistics/StatisticsRoles.java	[new file with mode: 0644]	patch \| blob
src/org/cacert/gigi/pages/statistics/StatisticsRoles.templ	[new file with mode: 0644]	patch \| blob