Permissions UI: Merge strategy #8805

Author: ashklianko

modules/lib/src/main/resources/assets/js/app/dialog/permissions/AccessControlChangedItem.ts

@@ -0,0 +1,27 @@
+import {Principal} from '@enonic/lib-admin-ui/security/Principal';
+import {Permission} from '../../access/Permission';
+
+export interface AccessControlChangedPermissions {
+    persisted?: Permission[];
+    updated?: Permission[];
+}
+
+export class AccessControlChangedItem {
+
+    private readonly principal: Principal;
+
+    private readonly permissions: AccessControlChangedPermissions;
+
+    constructor(principal: Principal, permissions: AccessControlChangedPermissions) {
+        this.principal = principal;
+        this.permissions = permissions;
+    }
+
+    getPrincipal(): Principal {
+        return this.principal;
+    }
+
+    getPermissions(): AccessControlChangedPermissions {
+        return this.permissions;
+    }
+}

modules/lib/src/main/resources/assets/js/app/dialog/permissions/AccessControlChangedItemView.ts

@@ -0,0 +1,95 @@
+import {DivEl} from '@enonic/lib-admin-ui/dom/DivEl';
+import {AccessControlChangedItem} from './AccessControlChangedItem';
+import {ApplyPermissionsScope} from './PermissionsData';
+import {i18n} from '@enonic/lib-admin-ui/util/Messages';
+import {Permission} from '../../access/Permission';
+import * as Q from 'q';
+import {PrincipalViewer} from '@enonic/lib-admin-ui/ui/security/PrincipalViewer';
+import {SpanEl} from '@enonic/lib-admin-ui/dom/SpanEl';
+import {PermissionsHelper} from '../../access/PermissionsHelper';
+import {PermissionStateView} from './PermissionStateView';
+import {EditPermissionState} from './EditPermissionState';
+
+export class AccessControlChangedItemView
+    extends DivEl {
+
+    private readonly item: AccessControlChangedItem;
+
+    private readonly applyTo: ApplyPermissionsScope;
+
+    private readonly resetChildPermissions: boolean;
+
+    constructor(item: AccessControlChangedItem, applyTo: ApplyPermissionsScope, resetChildPermissions: boolean) {
+        super('access-control-changed-item-view');
+
+        this.item = item;
+        this.applyTo = applyTo;
+        this.resetChildPermissions = resetChildPermissions;
+    }
+
+    private getAccessValue(): string {
+        if (this.isEntryRemoved()) {
+            return i18n('dialog.permissions.step.strategy.item.removed');
+        }
+
+        if (this.isEntryAdded()) {
+            return i18n('dialog.permissions.step.strategy.item.added');
+        }
+
+        return i18n('dialog.permissions.step.strategy.item.modified');
+    }
+
+    private isEntryRemoved(): boolean {
+        return !this.item.getPermissions().updated || this.item.getPermissions().updated?.length === 0;
+    }
+
+    private isEntryAdded(): boolean {
+        return !this.item.getPermissions().persisted && !!this.item.getPermissions().updated;
+    }
+
+    private getPermissionState(permission: Permission): EditPermissionState {
+        const isPermInPersisted = this.item.getPermissions().persisted && this.item.getPermissions().persisted?.indexOf(permission) !== -1;
+        const isPermInUpdated = this.item.getPermissions().updated && this.item.getPermissions().updated?.indexOf(permission) !== -1;
+
+        if (!isPermInPersisted) { // permission was not present before
+            return isPermInUpdated ? EditPermissionState.ADDED : EditPermissionState.UNSET;
+        }
+
+        // permission was present before
+
+        if (isPermInUpdated) {
+            return EditPermissionState.UNCHANGED;
+        }
+
+        return EditPermissionState.REMOVED;
+    }
+
+    doRender(): Q.Promise<boolean> {
+        return super.doRender().then((rendered: boolean) => {
+            this.addClass(this.applyTo);
+            this.addClass(this.resetChildPermissions ? 'reset' : 'merge');
+            this.toggleClass('removed', this.isEntryRemoved());
+            const principalViewer = new PrincipalViewer();
+            principalViewer.setObject(this.item.getPrincipal());
+
+            const accessEl = new SpanEl('access-control-changed-item-access');
+            accessEl.setHtml(this.getAccessValue());
+
+            const principalAndStatusEl = new DivEl('access-control-changed-item-principal-with-status');
+            principalAndStatusEl.appendChildren(principalViewer, accessEl);
+            this.appendChild(principalAndStatusEl);
+
+            if (!this.isEntryRemoved()) {
+                const permissionsEl = new DivEl('access-control-changed-item-permissions');
+
+                PermissionsHelper.getAllPermissions().forEach(permission => {
+                    permissionsEl.appendChild(new PermissionStateView(permission, this.getPermissionState(permission)));
+                });
+
+                this.appendChild(permissionsEl);
+            }
+
+            return rendered;
+        });
+    }
+}

modules/lib/src/main/resources/assets/js/app/dialog/permissions/AccessControlChangedItemsList.ts

@@ -1,162 +1,79 @@
 import {ListBox} from '@enonic/lib-admin-ui/ui/selector/list/ListBox';
-import {DivEl} from '@enonic/lib-admin-ui/dom/DivEl';
-import * as Q from 'q';
-import {PrincipalViewer} from '@enonic/lib-admin-ui/ui/security/PrincipalViewer';
-import {SpanEl} from '@enonic/lib-admin-ui/dom/SpanEl';
-import {Principal} from '@enonic/lib-admin-ui/security/Principal';
-import {Permission} from '../../access/Permission';
-import {i18n} from '@enonic/lib-admin-ui/util/Messages';
-import {AccessControlEntryView} from '../../view/AccessControlEntryView';
-import {Access} from '../../security/Access';
-import {PermissionsHelper} from '../../access/PermissionsHelper';
-
-export interface AccessControlChangedPermissions {
-    persisted?: Permission[];
-    updated?: Permission[];
-}
-
-export class AccessControlChangedItem {
+import {ApplyPermissionsScope} from './PermissionsData';
+import {RoleKeys} from '@enonic/lib-admin-ui/security/RoleKeys';
+import {AccessControlEntry} from '../../access/AccessControlEntry';
+import {AccessControlChangedItem} from './AccessControlChangedItem';
+import {AccessControlChangedItemView} from './AccessControlChangedItemView';
 
-    private readonly principal: Principal;
+export class AccessControlChangedItemsList
+    extends ListBox<AccessControlChangedItem> {
 
-    private readonly permissions: AccessControlChangedPermissions;
+    private applyTo: ApplyPermissionsScope;
 
-    constructor(principal: Principal, permissions: AccessControlChangedPermissions) {
-        this.principal = principal;
-        this.permissions = permissions;
-    }
+    private resetChildPermissions: boolean;
 
-    getPrincipal(): Principal {
-        return this.principal;
-    }
+    private originalValues: AccessControlEntry[] = [];
 
-    getPermissions(): AccessControlChangedPermissions {
-        return this.permissions;
-    }
-}
-
-export class AccessControlChangedItemsList
-    extends ListBox<AccessControlChangedItem> {
+    private currentValues: AccessControlEntry[] = [];
 
     constructor() {
         super('access-control-changed-items-list');
     }
 
     protected createItemView(item: AccessControlChangedItem, readOnly: boolean): AccessControlChangedItemView {
-        return new AccessControlChangedItemView(item);
+        return new AccessControlChangedItemView(item, this.applyTo, this.resetChildPermissions);
     }
 
     protected getItemId(item: AccessControlChangedItem): string {
         return item.getPrincipal().getKey().toString();
     }
 
-}
-
-export class AccessControlChangedItemView
-    extends DivEl {
-
-    private readonly item: AccessControlChangedItem;
-
-    constructor(item: AccessControlChangedItem) {
-        super('access-control-changed-item-view');
-
-        this.item = item;
+    setApplyTo(applyTo: ApplyPermissionsScope): void {
+        this.applyTo = applyTo;
     }
 
-    private getAccessValue(): string {
-        if (!this.item.getPermissions().updated || this.item.getPermissions().updated?.length === 0) {
-            return i18n('dialog.permissions.step.strategy.item.removed');
-        }
-
-        if (!this.item.getPermissions().persisted && this.item.getPermissions().updated) {
-            return i18n('dialog.permissions.step.strategy.item.added');
-        }
-
-        const access = AccessControlEntryView.getAccessValueFromPermissions(this.item.getPermissions().updated);
-        return i18n(`security.access.${Access[access].toLowerCase()}`);
+    setResetChildPermissions(resetChildPermissions: boolean): void {
+        this.resetChildPermissions = resetChildPermissions;
     }
 
-    private isRemoved(): boolean {
-        return !this.item.getPermissions().updated || this.item.getPermissions().updated?.length === 0;
+    setOriginalValues(originalValues: AccessControlEntry[]): void {
+        this.originalValues = originalValues;
     }
 
-    private getPermissionState(permission: Permission): PermissionState {
-        const isPermInPersisted = this.item.getPermissions().persisted && this.item.getPermissions().persisted?.indexOf(permission) !== -1;
-        const isPermInUpdated = this.item.getPermissions().updated && this.item.getPermissions().updated?.indexOf(permission) !== -1;
-
-        if (!isPermInPersisted) { // permission was not present before
-            return isPermInUpdated ? PermissionState.ADDED : PermissionState.UNSET;
-        }
-
-        // permission was present before
-
-        if (isPermInUpdated) {
-            return PermissionState.UNCHANGED;
-        }
-
-        return PermissionState.REMOVED;
+    setCurrentValues(currentValues: AccessControlEntry[]): void {
+        this.currentValues = currentValues;
+        this.setItems(this.getChangedItems());
     }
 
-    doRender(): Q.Promise<boolean> {
-        return super.doRender().then((rendered: boolean) => {
-            this.toggleClass('removed', this.isRemoved());
-            const principalViewer = new PrincipalViewer();
-            principalViewer.setObject(this.item.getPrincipal());
-
-            const accessEl = new SpanEl('access-control-changed-item-access');
-            accessEl.setHtml(this.getAccessValue());
-
-            const principalAndStatusEl = new DivEl('access-control-changed-item-principal-with-status');
-            principalAndStatusEl.appendChildren(principalViewer, accessEl);
-            this.appendChild(principalAndStatusEl);
-
-            if (!this.isRemoved()) {
-                const permissionsEl = new DivEl('access-control-changed-item-permissions');
-
-                PermissionsHelper.getAllPermissions().forEach(permission => {
-                   permissionsEl.appendChild(new PermissionStateView(permission, this.getPermissionState(permission)));
-                });
-
-                this.appendChild(permissionsEl);
+    private getChangedItems(): AccessControlChangedItem[] {
+        const result: AccessControlChangedItem[] = [];
+
+        this.originalValues.forEach((originalVal) => {
+            const found = this.currentValues.find((currentVal) => originalVal.getPrincipalKey().equals(currentVal.getPrincipalKey()));
+            if (found) { // item was present before and remains
+                if (!originalVal.equals(found) || this.isOverwriteForChildren()) { // item's permissions were changed or children to be reset
+                    result.push(new AccessControlChangedItem(originalVal.getPrincipal(),
+                        {persisted: originalVal.getAllowedPermissions(), updated: found.getAllowedPermissions()}));
+                }
+            } else { // item was removed
+                if (!RoleKeys.isEveryone(originalVal.getPrincipalKey())) {
+                    result.push(new AccessControlChangedItem(originalVal.getPrincipal(), {persisted: originalVal.getAllowedPermissions()}));
+                }
             }
-
-            return rendered;
         });
-    }
-
-}
-
-enum PermissionState {
-    ADDED = 'added',
-    REMOVED = 'removed',
-    UNCHANGED = 'unchanged',
-    UNSET = 'unset'
-}
 
-class PermissionStateView extends SpanEl {
-
-    private readonly permission: Permission;
-
-    private readonly state: PermissionState;
-
-    constructor(permission: Permission, state: PermissionState) {
-        super('permission-state-view');
-
-        this.permission = permission;
-        this.state = state;
-    }
+        // check for newly added items
+        this.currentValues.forEach((currentValue) => {
+            const found = this.originalValues.find((originalVal) => originalVal.getPrincipalKey().equals(currentValue.getPrincipalKey()));
+            if (!found && !RoleKeys.isEveryone(currentValue.getPrincipalKey())) { // item was added
+                result.push(new AccessControlChangedItem(currentValue.getPrincipal(), {updated: currentValue.getAllowedPermissions()}));
+            }
+        });
 
-    private permissionToString(permission: Permission): string {
-        return Permission[permission]?.toLowerCase().replace('_', '') ?? '';
+        return result;
     }
 
-    doRender(): Q.Promise<boolean> {
-        return super.doRender().then((rendered: boolean) => {
-            this.addClass(this.state);
-            this.setHtml(i18n(`security.permission.${this.permissionToString(this.permission)}`));
-
-            return rendered;
-        });
+    private isOverwriteForChildren(): boolean {
+        return this.applyTo !== 'single' && this.resetChildPermissions;
     }
-
 }

modules/lib/src/main/resources/assets/js/app/dialog/permissions/EditPermissionState.ts

@@ -0,0 +1,6 @@
+export enum EditPermissionState {
+    ADDED = 'added',
+    REMOVED = 'removed',
+    UNCHANGED = 'unchanged',
+    UNSET = 'unset'
+}

modules/lib/src/main/resources/assets/js/app/dialog/permissions/EditPermissionsDialog.ts

@@ -122,12 +122,12 @@ export class EditPermissionsDialog
 
         const req = new ApplyContentPermissionsRequest().setId(this.contentId).setScope(data.applyTo);
 
-        if (data.strategy === 'merge') {
+        if (data.reset) {
+            req.setPermissions(permissions);
+        } else {
             const {added, removed} = AccessControlHelper.calcMergePermissions(this.originalValues, data.permissions);
             req.setAddPermissions(added);
             req.setRemovePermissions(removed);
-        } else {
-            req.setPermissions(permissions);
         }
 
         req.sendAndParse().then((taskId) => {
@@ -141,7 +141,7 @@ export class EditPermissionsDialog
         return {
             permissions: this.mainStep.getData(),
             applyTo: strategyData.applyTo,
-            strategy: strategyData.strategy,
+            reset: strategyData.reset,
         }
     }
 

modules/lib/src/main/resources/assets/js/app/dialog/permissions/PermissionStateView.ts

@@ -0,0 +1,33 @@
+import {SpanEl} from '@enonic/lib-admin-ui/dom/SpanEl';
+import {Permission} from '../../access/Permission';
+import * as Q from 'q';
+import {i18n} from '@enonic/lib-admin-ui/util/Messages';
+import {EditPermissionState} from './EditPermissionState';
+
+export class PermissionStateView extends SpanEl {
+
+    private readonly permission: Permission;
+
+    private readonly state: EditPermissionState;
+
+    constructor(permission: Permission, state: EditPermissionState) {
+        super('permission-state-view');
+
+        this.permission = permission;
+        this.state = state;
+    }
+
+    private permissionToString(permission: Permission): string {
+        return Permission[permission]?.toLowerCase().replace('_', '') ?? '';
+    }
+
+    doRender(): Q.Promise<boolean> {
+        return super.doRender().then((rendered: boolean) => {
+            this.addClass(this.state);
+            this.setHtml(i18n(`security.permission.${this.permissionToString(this.permission)}`));
+
+            return rendered;
+        });
+    }
+
+}