Return-Path: X-Original-To: apmail-clerezza-commits-archive@www.apache.org Delivered-To: apmail-clerezza-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E04ED17966 for ; Tue, 14 Apr 2015 13:12:36 +0000 (UTC) Received: (qmail 71933 invoked by uid 500); 14 Apr 2015 13:12:36 -0000 Delivered-To: apmail-clerezza-commits-archive@clerezza.apache.org Received: (qmail 71888 invoked by uid 500); 14 Apr 2015 13:12:36 -0000 Mailing-List: contact commits-help@clerezza.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@clerezza.apache.org Delivered-To: mailing list commits@clerezza.apache.org Received: (qmail 71697 invoked by uid 99); 14 Apr 2015 13:12:36 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Apr 2015 13:12:36 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 9B147E03C0; Tue, 14 Apr 2015 13:12:36 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: reto@apache.org To: commits@clerezza.apache.org Date: Tue, 14 Apr 2015 13:12:46 -0000 Message-Id: <17642794c66e40d8b03a2cf7788f50f8@git.apache.org> In-Reply-To: <79f2aa157d6c416d8d4f2d2b5548c555@git.apache.org> References: <79f2aa157d6c416d8d4f2d2b5548c555@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [11/87] [abbrv] [partial] clerezza git commit: CLEREZZA-966: removed platform. prefix of folder names http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/pom.xml ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/pom.xml b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/pom.xml deleted file mode 100644 index 7a7b7f9..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/pom.xml +++ /dev/null @@ -1,198 +0,0 @@ - - 4.0.0 - - org.apache.clerezza - platform.accountcontrolpanel - 0.10 - - org.apache.clerezza - platform.accountcontrolpanel.core - 1.0.0-SNAPSHOT - bundle - Clerezza - Platform Account Control Panel Core - - - - org.scala-tools - maven-scala-plugin - - - - compile - testCompile - - - - - - - - - - maven-compiler-plugin - - 1.6 - 1.6 - - - - org.apache.felix - maven-bundle-plugin - - - OSGI-INF/serviceComponents.xml - org.apache.clerezza.platform.accountcontrolpanel.* - ${project.groupId}.${project.artifactId} - - - - - org.codehaus.xsite - xsite-maven-plugin - - ${basedir}/src/site/xsite - content/sitemap.xml - templates/skin.html - ${basedir}/target/site/documentation - - - - pre-site - - run - - - - - - - - - javax.ws.rs - jsr311-api - - - org.osgi - org.osgi.core - - - org.osgi - org.osgi.compendium - - - org.apache.clerezza - rdf.core - 0.14 - - - org.apache.clerezza - rdf.scala.utils - 0.4 - - - org.apache.clerezza - rdf.ontologies - 0.12 - - - org.apache.clerezza - jaxrs.utils - 0.9 - - - org.apache.clerezza - platform.typerendering.seedsnipe - 0.7 - - - org.apache.clerezza - platform.typerendering.scalaserverpages - 0.4 - - - org.apache.clerezza - platform.users.core - 0.2 - - - org.apache.clerezza - platform.config - 0.4 - - - org.scala-lang - scala-library - - - org.apache.clerezza - platform.typerendering.scala - 0.2 - - - org.apache.clerezza - platform.globalmenu.api - 0.3 - - - org.apache.clerezza - platform.accountcontrolpanel.ontologies - 0.3 - - - org.apache.clerezza - platform.usermanager - 0.14 - - - org.apache.clerezza - web.fileserver - 0.10 - - - org.apache.clerezza - permissiondescriptions - 0.2 - - - org.apache.clerezza - ssl.keygen.base - 0.6 - - - org.apache.clerezza - platform.security.foafssl.ontologies - 0.2 - - - org.apache.clerezza.ext - slf4j-scala-api - 1.6.3 - - - org.apache.stanbol - org.apache.stanbol.commons.security.core - 0.11.0 - - - \ No newline at end of file http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/IEKeygen.js ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/IEKeygen.js b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/IEKeygen.js deleted file mode 100644 index 6d0803d..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/IEKeygen.js +++ /dev/null @@ -1,287 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * -*/ - -/** - * - * Copyright (c) 2008-2010, The University of Manchester, United Kingdom. All - * rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this - * list of conditions and the following disclaimer. Redistributions in binary - * form must reproduce the above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or other materials provided - * with the distribution. Neither the name of the The University of Manchester - * nor the names of its contributors may be used to endorse or promote products - * derived from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - * - * Author........: Bruno Harbulot - * - */ - - - -function createCsrCertEnroll(enrollFactObj, keylength) { - /* - * Creates a CX509EnrollmentWebClassFactory (used to create all the other - * objects). - */ - if (enrollFactObj == null) { - enrollFactObj = new ActiveXObject( - "X509Enrollment.CX509EnrollmentWebClassFactory"); - } - - /* - * Load the information about the providers. - */ - var providerInfosObj = enrollFactObj - .CreateObject("X509Enrollment.CCspInformations"); - providerInfosObj.AddAvailableCsps(); - - /* - * Find the provider of RSA type (sufficient for this example). The type - * numbers for this are 1, 2 and 24. - * http://msdn.microsoft.com/en-us/library/aa379427%28VS.85%29.aspx - */ - var providerType = -1; - var providerName = null; - for ( var i = 0; i < providerInfosObj.Count; i++) { - var providerInfoObj = providerInfosObj.ItemByIndex(i); - switch (providerInfoObj.Type) { - case 1: - case 2: - case 24: - providerType = providerInfoObj.Type; - providerName = providerInfoObj.Name; - break; - default: - } - } - - /* - * Creates a 2048-bit key with this provider. - */ - var privKeyObj = enrollFactObj - .CreateObject("X509Enrollment.CX509PrivateKey"); - privKeyObj.ProviderType = providerInfoObj.Type; - privKeyObj.KeySpec = 1; - privKeyObj.Length = keylength; - // http://msdn.microsoft.com/en-us/library/aa379024%28VS.85%29.aspx - privKeyObj.MachineContext = false; - // http://msdn.microsoft.com/en-us/library/aa379414%28VS.85%29.aspx - privKeyObj.KeyProtection = 2; - // http://msdn.microsoft.com/en-us/library/aa379002%28VS.85%29.aspx - privKeyObj.ExportPolicy = 1; - - /* - * Creates the PKCS#10 object and initialise as a user context. - */ - var pkcs10CsrObj = enrollFactObj - .CreateObject("X509Enrollment.CX509CertificateRequestPkcs10"); - pkcs10CsrObj.InitializeFromPrivateKey(1, privKeyObj, ""); - - /* - * Creates the enrolment object and exports the CSR. - */ - var enrollObj = enrollFactObj - .CreateObject("X509Enrollment.CX509Enrollment"); - enrollObj.InitializeFromRequest(pkcs10CsrObj); - var csr = enrollObj.CreateRequest(1); - csr = "-----BEGIN CERTIFICATE REQUEST-----\r\n" + csr - + "-----END CERTIFICATE REQUEST-----"; - - /* - * Makes the request to the server. - */ - xmlHttpRequest = createRequest(csr); - - /** - * What to do on response - */ - xmlHttpRequest.onreadystatechange = function() { - if (xmlHttpRequest.readyState == 4) { - if (xmlHttpRequest.status == 200) { - /* - * Installs the certificate. - */ - try { - enrollObj.InstallResponse(4, xmlHttpRequest.responseText, - 0, ""); - window.alert("A certificate has been installed."); - } catch (e1) { - try { - enrollObj.InstallResponse(0, - xmlHttpRequest.responseText, 0, ""); - window.alert("A certificate has been installed."); - } catch (e2) { - window - .alert("You're probably using Vista without SP1 or above, in which case you need to add the certificate of this authority as a trusted root certificate (not recommended in general)."); - } - } - } else { - window.alert("The server returned an error status: " - + xmlHttpRequest.status); - } - } - } -} - - -function createRequest(csrString) { - var xmlHttpRequest = new XMLHttpRequest(); - - xmlHttpRequest.open("POST", kgnFloctn, true); - - var params = "webId=" + encodeURIComponent(document.getElementById("webId").value); - params += "&cn=" + encodeURIComponent(document.getElementById("cn").value); - params += "&csr=" + encodeURIComponent(csrString); - params += "&days="+encodeURIComponent(document.getElementById("days").value); - params += "&hours="+encodeURIComponent(document.getElementById("hours").value); - - xmlHttpRequest.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); - xmlHttpRequest.setRequestHeader("Content-length", params.length); - xmlHttpRequest.setRequestHeader("Connection", "close"); - - xmlHttpRequest.send(params); - - return xmlHttpRequest; - -} - - -function createCsrXenroll(enrollObj, keylength) { - if (enrollObj == null) { - enrollObj = new ActiveXObject("CEnroll.CEnroll"); - } - - // http://msdn.microsoft.com/en-us/library/aa379941%28VS.85%29.aspx - // CRYPT_EXPORTABLE: 1? - enrollObj.GenKeyFlags = (keylength * 256 * 256) + 1; - enrollObj.KeySpec = 2; - - var csr = enrollObj.createPKCS10("", ""); - csr = "-----BEGIN CERTIFICATE REQUEST-----\r\n" + csr - + "-----END CERTIFICATE REQUEST-----"; - - xmlHttpRequest = createRequest(csr); - - xmlHttpRequest.onreadystatechange = function() { - if (xmlHttpRequest.readyState == 4) { - if (xmlHttpRequest.status == 200) { - enrollObj.acceptPKCS7(xmlHttpRequest.responseText); - window.alert("A certificate has been installed."); - } else { - window.alert("The server returned an error status: " - + xmlHttpRequest.status); - } - } - } -} - -function createCsr() { - var keystrengthSelectElem = document.getElementById("keylength"); - var keylength = keystrengthSelectElem.value; - - var enrollFactObj = null; - try { - enrollFactObj = new ActiveXObject( - "X509Enrollment.CX509EnrollmentWebClassFactory"); - } catch (e) { - } - - if (enrollFactObj != null) { - createCsrCertEnroll(enrollFactObj, keylength); - } else { - var enrollObj = null; - try { - enrollObj = new ActiveXObject("CEnroll.CEnroll"); - } catch (e) { - } - if (enrollObj != null) { - createCsrXenroll(enrollObj, keylength); - } else { - window.alert("ActiveX certificate creation not supported or not enabled."); - } - } -} -// kgnFloctn needs to be calculated first -var kgnFloctn = "errorKeyGenLoctn"; -function configurePage() { - kgnFloctn = document.getElementById("keygenform").getAttribute("action"); - - var keygenElem = document.getElementById("spkac"); - - if (navigator.appName == "Microsoft Internet Explorer") { - var keygenFormElem = document.getElementById("keygenform"); - keygenFormElem.removeAttribute("action"); - keygenFormElem.removeAttribute("method"); - - /* - * Try the ActiveX approach, assume Internet Explorer. - */ - - var iehelptextElem = document.getElementById("iehelptext"); - iehelptextElem.style.display = "block"; - - var submitButtonElem = document.getElementById("keygensubmit"); - var newSumbitButtonElem = document.createElement("input"); - newSumbitButtonElem.setAttribute("type", "button"); - newSumbitButtonElem.setAttribute("value", "Submit"); - submitButtonElem.parentNode.replaceChild(newSumbitButtonElem, - submitButtonElem); - submitButtonElem = newSumbitButtonElem; - - if (submitButtonElem.attachEvent) { - submitButtonElem.attachEvent("onclick", createCsr); - } else { - submitButtonElem.setAttribute("onclick", "createCsr()"); - } - - var keystrengthSelectElem = document.createElement("select"); - keystrengthSelectElem.setAttribute("id", "keylength"); - keystrengthSelectElem.setAttribute("name", "keylength"); - var optionElem; - optionElem = document.createElement("option"); - optionElem.setAttribute("value", "1024"); - optionElem.appendChild(document.createTextNode("1024")); - keystrengthSelectElem.appendChild(optionElem); - optionElem = document.createElement("option"); - optionElem.setAttribute("value", "2048"); - optionElem.appendChild(document.createTextNode("2048")); - keystrengthSelectElem.appendChild(optionElem); - var keystrengthTdElem = document.getElementById("keystrenghtd"); - keystrengthTdElem.appendChild(keystrengthSelectElem); - } -} http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/profile.js ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/profile.js b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/profile.js deleted file mode 100644 index 6ad1db2..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/scripts/profile.js +++ /dev/null @@ -1,64 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * -*/ - -$(document).ready(function() { - $('#newWebIdButton').click(function() { - $("#newOrExistingSelection").css({display: "none"}) - $("#createNewWebId").css({display: "block"}) - }); - $("#existingWebIdButton").click(function() { - $("#newOrExistingSelection").css({display: "none"}) - $("#setExistingWebId").css({display: "block"}) - }); - $("#keygenform").submit(function() { - return spkacFix(); - }); -}); - -var crmfObject; -function setCRMFRequest() { - var hiddenField = $(""); - $("#keygenform").append(hiddenField) - //var formContents = $("#keygenform").serialize(); - //var newContents = jQuery.extend({}, formContents); - hiddenField.val(crmfObject.request) - $("#keygenform").submit() -} - -function spkacFix() { - - if ($("#spkac").val()) { - return true; - } else { - if ($("#crmf").val()) { - return true; - } - //alert("fix needed by firefox in xhtml mode") - crmfObject = crypto.generateCRMFRequest( - 'CN=Ignored', - "regToken", "authenticator", // not sure - null, // base-64 cert for key - // escrow. set this to null - "setCRMFRequest();", // callback - 2048, null, "rsa-dual-use"); // key parameters - return false; - } -} http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/style/profile.css ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/style/profile.css b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/style/profile.css deleted file mode 100644 index 64e52c4..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/CLEREZZA-INF/web-resources/account-control-panel/style/profile.css +++ /dev/null @@ -1,51 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * -*/ - -#associateSelection { - width: 80% -} -#createNewWebId { - display: none -} -#setExistingWebId { - display: none -} -/* we need to override a table td:first-child in /style/table.css */ -td.propvalue:first-child { - text-align: right; -} - -td.formlabel:first-child { - width: 10em; - text-align: right; -} - -td.multiline:first-child { - vertical-align: text-top; -} - -img.mugshot { - width: 80px; -} - -td.personInABox { - width: 100px; -} http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/OSGI-INF/serviceComponents.xml ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/OSGI-INF/serviceComponents.xml b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/OSGI-INF/serviceComponents.xml deleted file mode 100644 index 8e50481..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/resources/OSGI-INF/serviceComponents.xml +++ /dev/null @@ -1,101 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.scala ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.scala b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.scala deleted file mode 100644 index 5d41410..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.scala +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.clerezza.platform.accountcontrolpanel - -import java.util.HashSet -import java.util.Set -import org.apache.clerezza.permissiondescriptions.PermissionDescriptionsProvider -import org.apache.clerezza.permissiondescriptions.PermissionDescripton -import org.apache.felix.scr.annotations.Component -import org.apache.felix.scr.annotations.Service - -/** - * PermissionDescriptionsProvider implementation that provides - * PermissionDescriptons of Account Control Panel permissions. - * The following permissions are described: - *

org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission
org.apache.clerezza.platform.accountcontrolpanel.ChangePasswordPermission
org.apache.clerezza.platform.accountcontrolpanel.UserBundlePermission

- * - * @author mir - */ -object AcpPermissionDescriptionsProvider { - private val ACP_PERMISSION_DESCRIPTIONS: Set[PermissionDescripton] = new HashSet[PermissionDescripton] - ACP_PERMISSION_DESCRIPTIONS.add( - new PermissionDescripton("Change Own Password Permission", - "Grants permission to the user to change its own password", - null, classOf[ChangePasswordPermission], - "(org.apache.clerezza.platform.accountcontrolpanel.ChangePasswordPermission \"{username}\" \"\")" - ) - ) - - ACP_PERMISSION_DESCRIPTIONS.add( - new PermissionDescripton("Access Own Account Control Panel Permission", - "Grants permission to the user to access its own Account Control Panel", - null, classOf[AccountControlPanelAppPermission], - "(org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission \"{username}\" \"\")" - ) - ) - - ACP_PERMISSION_DESCRIPTIONS.add( - new PermissionDescripton("Bundle Upload Permission", - "Grants permission to the user to upload a bundle", - null, classOf[AccountControlPanelAppPermission], - "(org.apache.clerezza.platform.accountcontrolpanel.UserBundlePermission \"{username}\" \"\")" - ) - ) - -} - -class AcpPermissionDescriptionsProvider extends PermissionDescriptionsProvider { - - import AcpPermissionDescriptionsProvider._ - - def getPermissionDescriptors: Set[PermissionDescripton] = { - return ACP_PERMISSION_DESCRIPTIONS - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/MenuItemProvider.scala ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/MenuItemProvider.scala b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/MenuItemProvider.scala deleted file mode 100644 index ce09780..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/MenuItemProvider.scala +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.clerezza.platform.accountcontrolpanel - -import java.io.UnsupportedEncodingException -import java.net.URLEncoder -import java.security.AccessControlContext -import java.security.AccessControlException -import java.security.AccessController -import java.security.Principal -import java.security.PrivilegedActionException -import java.security.PrivilegedExceptionAction -import java.util.HashSet -import java.util.Iterator -import java.util.Set -import javax.security.auth.Subject -import org.apache.felix.scr.annotations.Component -import org.apache.felix.scr.annotations.Service -import org.apache.clerezza.platform.globalmenu.GlobalMenuItem -import org.apache.clerezza.platform.globalmenu.GlobalMenuItemsProvider -import org.apache.stanbol.commons.security.UserUtil - -/** - * - * Provides menu-item to profile or settings-panel or none depending on user - * permissions. - * - * @author reto - */ -class MenuItemProvider extends GlobalMenuItemsProvider { - def getMenuItems: Set[GlobalMenuItem] = { - var items: Set[GlobalMenuItem] = new HashSet[GlobalMenuItem] - var userName: String = UserUtil.getCurrentUserName - if (userName != null) { - try { - AccessController.checkPermission(new AccountControlPanelAppPermission(userName, "")) - } - catch { - case e: AccessControlException => { - return items - } - } - try { - var path: String = "/user/" + URLEncoder.encode(userName, "utf-8") + "/control-panel" - items.add(new GlobalMenuItem(path, "ACP", "Account Control Panel", 5, "Administration")) - } - catch { - case e: UnsupportedEncodingException => { - throw new RuntimeException(e) - } - } - } - return items - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/ProfilePanel.scala ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/ProfilePanel.scala b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/ProfilePanel.scala deleted file mode 100644 index d46f9f1..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/ProfilePanel.scala +++ /dev/null @@ -1,466 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.clerezza.platform.accountcontrolpanel - -import java.util.List -import java.util.Arrays -import java.util.Collections -import java.util.Iterator -import ontologies.CONTROLPANEL -import org.apache.clerezza.rdf.utils.graphnodeprovider.GraphNodeProvider -import org.apache.clerezza.ssl.keygen.CertSerialisation -import org.apache.clerezza.ssl.keygen.Certificate -import org.apache.clerezza.foafssl.ontologies.CERT -import org.apache.clerezza.foafssl.ontologies.RSA -import org.apache.clerezza.jaxrs.utils.RedirectUtil -import org.apache.clerezza.jaxrs.utils.TrailingSlash -import org.apache.clerezza.platform.config.PlatformConfig -import org.apache.clerezza.platform.usermanager.UserManager -import org.apache.clerezza.rdf.core._ -import org.apache.clerezza.platform.Constants -import access.TcManager -import impl.{SimpleMGraph, TripleImpl} -import org.apache.clerezza.rdf.utils.GraphNode -import org.apache.clerezza.rdf.utils.UnionMGraph -import org.osgi.service.component.ComponentContext -import javax.ws.rs._ -import javax.ws.rs.core.Context -import javax.ws.rs.core.MediaType -import javax.ws.rs.core.Response -import javax.ws.rs.core.UriInfo -import java.math.BigInteger -import java.security.AccessController -import java.security.PrivilegedAction -import java.security.interfaces.RSAPublicKey -import org.apache.clerezza.ssl.keygen.KeygenService -import java.net.URI -import org.apache.clerezza.rdf.core.access.security.TcPermission -import org.apache.clerezza.rdf.ontologies._ -import org.slf4j.scala.Logging -import org.apache.clerezza.platform.users.{WebIdInfo, WebIdGraphsService} -import org.apache.clerezza.rdf.scala.utils._ - -/** - * Presents a panel where the user can create a webid and edit her profile. - * - * @author reto - */ - -@Path("/user/{id}/profile") -class ProfilePanel extends Logging { - - import collection.JavaConversions._ - import Preamble._ - - /** - * Returns a GraphNode describing a ProfilePage for the user identified by - * the specified UserName. A ProfilePage resourcve is retuned for any user - * disregarding if they have a WebId and if this is local. The renderlet - * may provide instrcutions on how a WebId is created for users that do - * not have a WebId and redirect them to their WebId provider if they have - * a remote WebId. - */ - @GET - def getPersonalProfilePage(@Context uriInfo: UriInfo, - @PathParam(value = "id") userName: String): GraphNode = { - TrailingSlash.enforceNotPresent(uriInfo) - //not checking as public profile must be public, more selective access control TBD - //AccessController.checkPermission(new AccountControlPanelAppPermission(userName, "")) - val resultNode= getPersonalProfile(userName, uriInfo) - return resultNode - } - - private def getPersonalProfile(userName: String, info: UriInfo): GraphNode = { - lazy val suggestedPPDUri = getSuggestedPPDUri(userName) - - val profile = AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run: GraphNode = { - val userInSysGraph = userManager.getUserInSystemGraph(userName) - val userResource = userInSysGraph.getNode - val profile: GraphNode = userResource match { - case blank: BNode => { - //user does not have a webId yet - val g = new EzMGraph() - import g._ - val profile = bnode - (profile -- CONTROLPANEL.isLocalProfile --> bool2lit(true) - -- CONTROLPANEL.suggestedPPDUri --> suggestedPPDUri - -- FOAF.primaryTopic --> (bnode -- PLATFORM.userName --> userName)) - profile - } - case webid: UriRef => { - var webIDInfo = webIdGraphsService.getWebIdInfo(webid) - var res = new GraphNode(suggestedPPDUri, new UnionMGraph(new SimpleMGraph, webIDInfo.localPublicUserData)) - (res -- CONTROLPANEL.isLocalProfile --> bool2lit(webIDInfo.isLocal) - -- FOAF.primaryTopic --> webid) - res - } - } - /*val friendInfo:Iterator[TripleCollection] = for (kn: Triple <- profile.getGraph.filter(userResource.asInstanceOf[NonLiteral], FOAF.knows, null) - if kn.getObject.isInstanceOf[UriRef]; - friend = kn.getObject.asInstanceOf[UriRef] - if (friend != suggestedPPDUri) - ) yield { - try { - val friendGraph = tcManager.getGraph(FoafBrowser.removeHash(friend)) - new RichGraphNode(friend, friendGraph).getNodeContext - } catch { - case e => { - logger.warn("cought exception trying to fetch graph - these graphs should already be in store " + friend, e) - new EzMGraph() { - friend -- SKOS.note --> ("problem with fetching this node: " + e) - } - } - } - } - //vera bad: mixing data from different sources - for (g <- friendInfo) profile.getGraph.addAll(g) */ - profile - } - }) - - - (profile a PLATFORM.HeadedPage - a CONTROLPANEL.ProfilePage) - } - - /** - * @param userName - * @return the suggested Personal Profile Document URI - */ - def getSuggestedPPDUri(userName: String): UriRef = { - return new UriRef(platformConfig.getDefaultBaseUri.getUnicodeString + "user/" + userName + "/profile") - } - - @POST - @Path("set-existing-webid") - def setExistingWebId(@Context uriInfo: UriInfo, - @FormParam("webid") webId: UriRef, - @PathParam(value = "id") userName: String): Response = { - AccessController.checkPermission(new AccountControlPanelAppPermission(userName, "")) - return AccessController.doPrivileged(new PrivilegedAction[Response] { - def run: Response = { - var userInSystemGraph: GraphNode = userManager.getUserInSystemGraph(userName) - userInSystemGraph.replaceWith(webId) - return RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - }) - } - - @POST - @Path("create-new-web-id") - def createNewWebId(@Context uriInfo: UriInfo, - @PathParam(value = "id") userName: String): Response = { - val ppd: UriRef = getSuggestedPPDUri(userName) - val webId: UriRef = new UriRef(ppd.getUnicodeString + "#me") - AccessController.checkPermission(new AccountControlPanelAppPermission(userName, "")) - return AccessController.doPrivileged(new PrivilegedAction[Response] { - def run: Response = { - userManager.assignPermissionsToUser(userName, java.util.Collections.singletonList(new TcPermission( - webId.getUnicodeString, TcPermission.READWRITE).toString)) - tcManager.getTcAccessController.setRequiredReadPermissionStrings( - ppd, Collections.singleton(new TcPermission( - Constants.CONTENT_GRAPH_URI_STRING, TcPermission.READ).toString)) - tcManager.createMGraph(ppd) - val webIDInfo = webIdGraphsService.getWebIdInfo(webId) - webIDInfo.localPublicUserData.addAll( - Arrays.asList( - new TripleImpl(ppd, RDF.`type`, FOAF.PersonalProfileDocument), - new TripleImpl(ppd, FOAF.primaryTopic, webId)) - ) - var userInSystemGraph: GraphNode = userManager.getUserInSystemGraph(userName) - userInSystemGraph.replaceWith(webId) - return RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - }) - } - - /** - * Presents a confirmation form for adding a contact - */ - @GET - @Path("addContact") - def addContactConfirm(@PathParam(value = "id") userName: String, - @QueryParam("contactWebId") contactWebId: UriRef): GraphNode = { - AccessController.checkPermission(new AccountControlPanelAppPermission(userName, "")) - val contactNode = AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run = { - graphNodeProvider.get(contactWebId); - } - }) - val resultGraph = new EzMGraph(new UnionMGraph(new SimpleMGraph, contactNode.getGraph)) - import resultGraph._ - val result: GraphNode = bnode - result a CONTROLPANEL.ContactConfirmPage - result -- FOAF.primaryTopic --> contactNode - } - - @POST - @Path("addContact") - def addContact(@PathParam(value = "id") userName: String, @Context uriInfo: UriInfo, - @FormParam("webId") newContacts: java.util.List[UriRef]): Response = { - import collection.JavaConversions._ - if (newContacts.size > 0) { - var me: GraphNode = AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run: GraphNode = { - return userManager.getUserGraphNode(userName) - } - }) - for (contactWebID <- newContacts) { - val webIdGraphs = webIdGraphsService.getWebIdInfo(me.getNode.asInstanceOf[UriRef]) - var meGrph: GraphNode = new GraphNode(me.getNode, webIdGraphs.localPublicUserData) - meGrph.addProperty(FOAF.knows, contactWebID) - } //todo: one should catch errors here (bad uris sent for ex - } - return RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - - /** - * Removes a contact - */ - @POST - @Path("deleteContact") - def deleteContact(@PathParam(value = "id") userName: String, @Context uriInfo: UriInfo, - @FormParam("contactWebId") contactWebId: UriRef): Response = { - import collection.JavaConversions._ - var me: GraphNode = AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run: GraphNode = { - return userManager.getUserGraphNode(userName) - } - }) - val webIdGraphs = webIdGraphsService.getWebIdInfo(me.getNode.asInstanceOf[UriRef]) - var meGrph: GraphNode = new GraphNode(me.getNode, webIdGraphs.localPublicUserData) - meGrph.deleteProperty(FOAF.knows, contactWebId) - return RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - - /** - * @parm webId: A list of WebIDs to be added as Subject Alternative Names - * @param cn Common Name, the name that usually appears in the certificate selection box - * @param spkac key request in format generated by Netscape, Safari, Opera - * @param crmf hey request in format generated by M$ Explorer - * @param csr key request as generated by Javascript of Netscape - * @param hours the certificate should last (hours and days add up) - * @param days the certificate should last - * @param comment a comment to be attached to the public key in the database - */ - @POST - @Path("keygen") - def createCert(@FormParam("webId") webIds: java.util.List[URI], - @FormParam("cn") commonName: String, - @FormParam("spkac") spkac: String, - @FormParam("crmf") crmf: String, - @FormParam("csr") csr: String, - @FormParam("hours") hours: String, - @FormParam("days") days: String, - @FormParam("comment") comment: String): Response = { - import scala.collection.JavaConversions._ - var cert: Certificate = null - if (spkac != null && spkac.length > 0) { - cert = keygenSrvc.createFromSpkac(spkac) - if (cert == null) { - logger.warn("unable to create certificate from spkac request") - } - } - if (cert == null && crmf != null && crmf.length > 0) { - cert = keygenSrvc.createFromCRMF(crmf) - if (cert == null) { - logger.warn("unable to create certificate from crmf requrest :" + crmf) - } - } - if (cert == null && csr != null && csr.length > 0) { - cert = keygenSrvc.createFromPEM(csr) - if (cert == null) { - logger.warn("unable to create certificate from csr request :" + csr) - } - } - if (cert == null) { - throw new RuntimeException("The server was unable to create a certificate") - } - cert.setSubjectCommonName(commonName) - cert.addDurationInHours(hours) - cert.addDurationInDays(days) - cert.startEarlier("2") - for(san: URI<-webIds) { - cert.addSubjectAlternativeName(san.toString) - } - var ser: CertSerialisation = null - try { - ser = cert.getSerialisation - } - catch { - case ex: Exception => { - throw new RuntimeException(ex) - } - } - var pubKey: RSAPublicKey = cert.getSubjectPublicKey.getPublicKey.asInstanceOf[RSAPublicKey] - var publicExponent: BigInteger = pubKey.getPublicExponent - var modulus: BigInteger = pubKey.getModulus - - for (webid: URI<-webIds - if (webid.getScheme=="https"||webid.getScheme=="http"); - val webidRef = new UriRef(webid.toString); - val webIdInfo = webIdGraphsService.getWebIdInfo(webidRef); - if (webIdInfo.isLocal) - ) { - val certGraph = new EzMGraph(webIdInfo.localPublicUserData) - import certGraph._ - val certNode = certGraph.bnode - ( (certNode a RSA.RSAPublicKey) - -- CERT.identity --> webidRef - -- RSA.modulus --> modulus - -- RSA.public_exponent --> publicExponent - -- DC.date --> cert.getStartDate ) - if (comment != null && comment.length > 0) { - certNode -- RDFS.comment --> comment - } - } - var resBuild: Response.ResponseBuilder = Response.ok(ser.getContent, MediaType.valueOf(ser.getMimeType)) - return resBuild.build - } - - @POST - @Path("deletekey") - def deleteKey(@Context uriInfo: UriInfo, - @FormParam("webId") webId: UriRef, - @FormParam("keyhash") keys: List[String]): Response = { - val webIDInfo = webIdGraphsService.getWebIdInfo(webId) - val agent: GraphNode = new GraphNode(webId, webIDInfo.localPublicUserData) - var subjects: Iterator[GraphNode] = agent.getSubjectNodes(CERT.identity) - import scala.util.control.Breaks._ - breakable { - import scala.collection.JavaConversions._ - //to for loop through iterators - for (nl <- subjects) { - var modulusIt: Iterator[Resource] = nl.getObjects(RSA.modulus) - if (!modulusIt.hasNext) break - var modLit: Resource = modulusIt.next - if (modulusIt.hasNext) logger.warn("data error, a modulus too many in cert for " + webId) - if (!(modLit.isInstanceOf[TypedLiteral])) { - logger.warn("a public key has a modulus that is not a literal for " + webId) - break - } - var modulus: BigInteger = LiteralFactory.getInstance.createObject(classOf[BigInteger], modLit.asInstanceOf[TypedLiteral]) - for (key <- keys) { - if (modulus.hashCode == Integer.decode(key)) { - nl.deleteNodeContext - break - } - } - } - } - return RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - - @POST - @Path("modify") - def modifyProfile(@Context uriInfo: UriInfo, - @PathParam("id") userName: String, - @FormParam("webId") webId: UriRef, - @FormParam("name") name: String, - @FormParam("description") description: String): Response = { - val webIDInfo = AccessController.doPrivileged(new PrivilegedAction[WebIdInfo] { - def run = { - webIdGraphsService.getWebIdInfo(webId) - } - }) - val agent: GraphNode = new GraphNode(webId, webIDInfo.localPublicUserData) - agent.deleteProperties(FOAF.name) - agent.addPropertyValue(FOAF.name, name) - agent.deleteProperties(DC.description) - agent.addPropertyValue(DC.description, description) - logger.debug("local graph (uri: {}) is now of size {}".format(webIDInfo.webId, webIDInfo.localPublicUserData.size)) - RedirectUtil.createSeeOtherResponse("../profile", uriInfo) - } - - protected def bindUserManager(usermanager: UserManager): Unit = { - userManager = usermanager - } - - protected def unbindUserManager(usermanager: UserManager): Unit = { - if (userManager == usermanager) { - userManager = null - } - } - - protected def bindGraphNodeProvider(graphNodeProvider: GraphNodeProvider): Unit = { - this.graphNodeProvider = graphNodeProvider - } - - protected def unbindGraphNodeProvider(graphNodeProvider: GraphNodeProvider): Unit = { - this.graphNodeProvider = null - } - - protected def bindKeygenSrvc(keygenservice: KeygenService): Unit = { - keygenSrvc = keygenservice - } - - protected def unbindKeygenSrvc(keygenservice: KeygenService): Unit = { - if (keygenSrvc == keygenservice) { - keygenSrvc = null - } - } - - - protected def bindWebIdGraphsService(webidgraphsservice: WebIdGraphsService): Unit = { - webIdGraphsService = webidgraphsservice - } - - protected def unbindWebIdGraphsService(webidgraphsservice: WebIdGraphsService): Unit = { - webIdGraphsService = null - } - - protected def bindPlatformConfig(platformconfig: PlatformConfig): Unit = { - platformConfig = platformconfig - } - - protected def unbindPlatformConfig(platformconfig: PlatformConfig): Unit = { - if (platformConfig == platformconfig) { - platformConfig = null - } - } - - protected def bindTcManager(tcManager: TcManager) = { - this.tcManager = tcManager - } - - protected def unbindTcManager(tcManager: TcManager) = { - this.tcManager = null - } - - protected def activate(componentContext: ComponentContext): Unit = { - this.componentContext = componentContext - } - - - private var userManager: UserManager = null - - private var graphNodeProvider: GraphNodeProvider = null - - private var webIdGraphsService: WebIdGraphsService = null - - private var keygenSrvc: KeygenService = null - private var platformConfig: PlatformConfig = null - - - private var componentContext: ComponentContext = null - - private var tcManager: TcManager = null; - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/clerezza/blob/70220239/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/SettingsPanel.scala ---------------------------------------------------------------------- diff --git a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/SettingsPanel.scala b/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/SettingsPanel.scala deleted file mode 100644 index 3d8d929..0000000 --- a/platform/platform.accountcontrolpanel/platform.accountcontrolpanel.core/src/main/scala/org/apache/clerezza/platform/accountcontrolpanel/SettingsPanel.scala +++ /dev/null @@ -1,646 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.clerezza.platform.accountcontrolpanel - -import java.io.ByteArrayInputStream -import java.io.IOException -import java.io.InputStream -import java.io.UnsupportedEncodingException -import java.net.URL -import java.security.AccessControlException -import java.security.AccessController -import java.security.MessageDigest -import java.security.NoSuchAlgorithmException -import java.security.PrivilegedAction -import java.util.Dictionary -import java.util.HashMap -import java.util.HashSet -import java.util.Hashtable -import java.util.Iterator -import java.util.Map -import java.util.Set -import javax.ws.rs.Consumes -import javax.ws.rs.FormParam -import javax.ws.rs.GET -import javax.ws.rs.POST -import javax.ws.rs.Path -import javax.ws.rs.PathParam -import javax.ws.rs.QueryParam -import javax.ws.rs.WebApplicationException -import javax.ws.rs.core.Context -import javax.ws.rs.core.MediaType -import javax.ws.rs.core.Response -import javax.ws.rs.core.Response.ResponseBuilder -import javax.ws.rs.core.UriInfo -import org.apache.felix.scr.annotations.Component -import org.apache.felix.scr.annotations.Property -import org.apache.felix.scr.annotations.Reference -import org.apache.felix.scr.annotations.ReferenceCardinality -import org.apache.felix.scr.annotations.ReferencePolicy -import org.apache.felix.scr.annotations.Service -import org.osgi.framework.Bundle -import org.osgi.framework.BundleException -import org.osgi.service.cm.Configuration -import org.osgi.service.cm.ConfigurationAdmin -import org.osgi.service.component.ComponentContext -import org.slf4j.Logger -import org.slf4j.LoggerFactory -import org.apache.clerezza.jaxrs.utils.TrailingSlash -import org.apache.clerezza.jaxrs.utils.RedirectUtil -import org.apache.clerezza.jaxrs.utils.form.FormFile -import org.apache.clerezza.jaxrs.utils.form.MultiPartBody -import org.apache.clerezza.platform.accountcontrolpanel.ontologies.CONTROLPANEL -import org.apache.clerezza.platform.config.SystemConfig -import org.apache.clerezza.platform.graphprovider.content.ContentGraphProvider -import org.apache.clerezza.platform.typerendering.RenderletManager -import org.apache.clerezza.platform.typerendering.scala.PageRenderlet -import org.apache.clerezza.platform.typerendering.scalaserverpages.ScalaServerPagesRenderlet -import org.apache.clerezza.rdf.core.BNode -import org.apache.clerezza.rdf.core.Graph -import org.apache.clerezza.rdf.core.Literal -import org.apache.clerezza.rdf.core.LiteralFactory -import org.apache.clerezza.rdf.core.MGraph -import org.apache.clerezza.rdf.core.NonLiteral -import org.apache.clerezza.rdf.core.Triple -import org.apache.clerezza.rdf.core.TypedLiteral -import org.apache.clerezza.rdf.core.UriRef -import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl -import org.apache.clerezza.rdf.core.impl.SimpleLiteralFactory -import org.apache.clerezza.rdf.core.impl.SimpleMGraph -import org.apache.clerezza.rdf.core.impl.TripleImpl -import org.apache.clerezza.rdf.ontologies.OSGI -import org.apache.clerezza.rdf.ontologies.PERMISSION -import org.apache.clerezza.rdf.ontologies.PLATFORM -import org.apache.clerezza.rdf.ontologies.RDF -import org.apache.clerezza.rdf.utils.GraphNode -import org.apache.clerezza.rdf.utils.UnionMGraph - -object SettingPanel { - val logger: Logger = LoggerFactory.getLogger(classOf[SettingsPanel]) -} - -/** - * - * Account control panel - * - * @author mir, hasan - */ -@Path("/user/{id}/control-panel") -class SettingsPanel { - - import SettingPanel.logger - - /** - * Mainpage - * - * @param id is the username as given in the URL - * @return an array of installed {@link Bundle}s to be managed - * - */ - @GET - def settingsPage(@PathParam(value = "id") idP: String, - @QueryParam("changedPassword") changedPassword: String, - @Context uriInfo: UriInfo): GraphNode = { - TrailingSlash.enforceNotPresent(uriInfo) - val id: String = idP - var graphNode: GraphNode = null - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - try { - AccessController.checkPermission(new UserBundlePermission(id, "")) - graphNode = AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run: GraphNode = { - var bundles: Array[Bundle] = userBundles(getAgent(id)) - return asGraphNode(id, bundles) - } - }) - } - catch { - case e: AccessControlException => { - graphNode = new GraphNode(new BNode, new SimpleMGraph) - graphNode.addProperty(CONTROLPANEL.userBundlePermission, LiteralFactory.getInstance.createTypedLiteral(false)) - } - } - try { - AccessController.checkPermission(new ChangePasswordPermission(id, "")) - graphNode.addProperty(CONTROLPANEL.changePasswordPermission, LiteralFactory.getInstance.createTypedLiteral(true)) - } - catch { - case e: AccessControlException => { - graphNode.addProperty(CONTROLPANEL.changePasswordPermission, LiteralFactory.getInstance.createTypedLiteral(false)) - } - } - if (changedPassword != null && changedPassword.equals("false")) { - graphNode.addProperty(CONTROLPANEL.changedPassword, new PlainLiteralImpl("false")) - } - graphNode.addProperty(RDF.`type`, CONTROLPANEL.SettingsPage) - graphNode.addProperty(RDF.`type`, PLATFORM.HeadedPage) - return graphNode - } - - private def addBundleDescriptionToGraph(responseGraph: MGraph, bundle: Bundle): Unit = { - var status: TypedLiteral = LiteralFactory.getInstance.createTypedLiteral(bundle.getState) - var bundleUri: UriRef = new UriRef(bundle.getLocation) - var triple: Triple = new TripleImpl(bundleUri, OSGI.status, status) - responseGraph.add(triple) - var bundleId: TypedLiteral = LiteralFactory.getInstance.createTypedLiteral(bundle.getBundleId) - triple = new TripleImpl(bundleUri, OSGI.bundle_id, bundleId) - responseGraph.add(triple) - } - - private def asGraphNode(userId: String, bundles: Array[Bundle]): GraphNode = { - val responseGraph: MGraph = new SimpleMGraph - for (bundle <- bundles) { - addBundleDescriptionToGraph(responseGraph, bundle) - } - return AccessController.doPrivileged(new PrivilegedAction[GraphNode] { - def run: GraphNode = { - var userDescriptionGraph: Graph = new GraphNode(getAgent(userId), systemGraph).getNodeContext - var unionGraph: UnionMGraph = new UnionMGraph(responseGraph, userDescriptionGraph) - var graphNode: GraphNode = new GraphNode(getAgent(userId), unionGraph) - graphNode.addProperty(CONTROLPANEL.userBundlePermission, LiteralFactory.getInstance.createTypedLiteral(true)) - return graphNode - } - }) - } - - /** - * Retrieves all bundles owned by a user represented by agent - * - * @param agent represents the user who owns bundles to be returned - * @return an array of {@link Bundle}s owned by the user - * - */ - private def userBundles(agent: NonLiteral): Array[Bundle] = { - logger.debug("Retrieve all bundles from user: {}", agent) - var installedBundles: Array[Bundle] = componentContext.getBundleContext.getBundles - val locationMapper: Map[String, Long] = new HashMap[String, Long] - for (b <- installedBundles) { - locationMapper.put(b.getLocation, b.getBundleId) - } - return AccessController.doPrivileged(new PrivilegedAction[Array[Bundle]] { - def run: Array[Bundle] = { - var bundles: Set[Bundle] = new HashSet[Bundle] - var agentBundles: Iterator[Triple] = systemGraph.filter(null, OSGI.owner, agent) - while (agentBundles.hasNext) { - val location: String = (agentBundles.next.getSubject.asInstanceOf[UriRef]).getUnicodeString - try { - val id: Long = locationMapper.get(location) - bundles.add(componentContext.getBundleContext.getBundle(id)) - } catch { - case _:NumberFormatException => None - } - } - return bundles.toArray(new Array[Bundle](bundles.size)) - } - }) - } - - private def getAgent(id: String): NonLiteral = { - logger.debug("Get agent with id {}", id) - var agents: Iterator[Triple] = systemGraph.filter(null, PLATFORM.userName, new PlainLiteralImpl(id)) - if (agents.hasNext) { - return agents.next.getSubject - } - else { - logger.debug("System graph does not contain user: {}", id) - var responseBuilder: Response.ResponseBuilder = Response.ok("User does not exist") - throw new WebApplicationException(responseBuilder.build) - } - } - - private def getAgentPathPrefix(agent: NonLiteral): PlainLiteralImpl = { - return AccessController.doPrivileged(new PrivilegedAction[PlainLiteralImpl] { - def run: PlainLiteralImpl = { - var pathPrefixes: Iterator[Triple] = systemGraph.filter(agent, OSGI.agent_path_prefix, null) - if (pathPrefixes.hasNext) { - return pathPrefixes.next.getObject.asInstanceOf[PlainLiteralImpl] - } - return null - } - }) - } - - /** - * Installs a bundle from the specified location. - * - * @param id is the username as given in the URL - * @param location specifies the URL of the bundle to be installed - * @return an array of installed {@link Bundle}s to be managed - * - */ - @POST - @Path("install-bundle") - @Consumes def installBundle(@PathParam(value = "id") id: String, multiForm: MultiPartBody, @Context uriInfo: UriInfo): Response = { - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.checkPermission(new UserBundlePermission(id, "")) - var formFiles: Array[FormFile] = multiForm.getFormFileParameterValues("bundle") - var filename: String = formFiles(0).getFileName - var bundleBytes: Array[Byte] = formFiles(0).getContent - if (bundleBytes.length == 0) { - var message: String = null - if (filename.equals("")) { - message = "No bundle specified" - } - else { - message = "Bundle has length 0" - } - var responseBuilder: Response.ResponseBuilder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(message) - throw new WebApplicationException(responseBuilder.build) - } - val bundleInputStream: InputStream = new ByteArrayInputStream(bundleBytes) - val location: String = "userbundle:" + id + "/" + filename - logger.info("Install bundle {} to location {}", id, location) - AccessController.doPrivileged(new PrivilegedAction[AnyRef] { - def run: Array[Bundle] = { - val agent: NonLiteral = getAgent(id) - val triple: Triple = new TripleImpl(new UriRef(location), OSGI.owner, agent) - try { - systemGraph.add(triple) - var bundle: Bundle = componentContext.getBundleContext.installBundle(location, bundleInputStream) - var prefix: PlainLiteralImpl = getAgentPathPrefix(agent) - if (prefix != null) { - addBundlePrefix(bundle, prefix.getLexicalForm) - } - return null - } - catch { - case ex: BundleException => { - systemGraph.remove(triple) - logger.debug("Failed to install a bundle from: {}", location) - logger.error("Exception during install bundle: {}", ex) - var responseBuilder: Response.ResponseBuilder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(ex.getMessage) - throw new WebApplicationException(responseBuilder.build) - } - } - } - }) - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - - private def addBundlePrefix(bundle: Bundle, prefix: String): Unit = { - var symbolicName: String = bundle.getSymbolicName - /*if (configAdmin != null) { - try { - var configuration: Configuration = configAdmin.getConfiguration(classOf[TriaxrsPrefixManager].getName) - val properties = configuration.getProperties match { - case null => new Hashtable[String, AnyRef]() - case dict: Dictionary[String, AnyRef] => dict - } - var mappings = TriaxrsPrefixManager.parseMappings(properties.get(TriaxrsPrefixManager.TRIAXRS_MAPPINGS).asInstanceOf[Array[String]]) - logger.debug("Prefix {} added to bundle {}", prefix, symbolicName) - mappings.put(symbolicName, prefix) - var newMappings: Array[String] = TriaxrsPrefixManager.unparseMappings(mappings) - properties.put(TriaxrsPrefixManager.TRIAXRS_MAPPINGS, newMappings) - configuration.update(properties) - } - catch { - case e: IOException => { - logger.warn("Unable to update configuration: {}", e.toString) - } - } - } - else { - logger.warn("Cannot add prefix mapping. Configuration Admin is missing") - }*/ - } - - private[accountcontrolpanel] def removeBundlePrefix(bundle: Bundle): Unit = { - var symbolicName: String = bundle.getSymbolicName - /*if ((this.configAdmin != null) && (symbolicName != null)) { - try { - val configuration: Configuration = configAdmin.getConfiguration(classOf[TriaxrsPrefixManager].getName) - val properties = configuration.getProperties match { - case null => new Hashtable[String, AnyRef]() - case dict: Dictionary[String, AnyRef] => dict - } - val mappings = TriaxrsPrefixManager.parseMappings(properties.get(TriaxrsPrefixManager.TRIAXRS_MAPPINGS).asInstanceOf[Array[String]]) - mappings.remove(symbolicName) - val newMappings: Array[String] = TriaxrsPrefixManager.unparseMappings(mappings) - properties.put(TriaxrsPrefixManager.TRIAXRS_MAPPINGS, newMappings) - configuration.update(properties) - } - catch { - case e: IOException => { - logger.warn("Unable to update configuration: {}", e.toString) - } - } - } - else { - logger.warn("Cannot add prefix mapping. Configuration Admin is missing") - }*/ - } - - /** - * Starts the bundle with the specified bundle id. - * - * @param id is the username as given in the URL - * @param bundleIdString specifies the id of the bundle to be started - * @return an array of installed {@link Bundle}s to be managed - * - */ - @POST - @Path("start-bundle") - def startBundle(@PathParam(value = "id") idP: String, - @FormParam("bundleId") bundleIdStringP: String, - @Context uriInfo: UriInfo): Response = { - val id: String = idP - val bundleIdString: String = bundleIdStringP - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.checkPermission(new UserBundlePermission(id, "")) - logger.info("Start bundle {} ", id) - val bundleId: Long = bundleIdString.toLong - AccessController.doPrivileged(new PrivilegedAction[AnyRef] { - def run: Array[Bundle] = { - try { - val bundle: Bundle = componentContext.getBundleContext.getBundle(bundleId) - bundle.start - } - catch { - case e: BundleException => { - logger.debug("Failed to start bundle {}", bundleIdString) - logger.error("Exception during start bundle: {}", e) - var responseBuilder: Response.ResponseBuilder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage) - throw new WebApplicationException(responseBuilder.build) - } - } - return null - } - }) - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - - /** - * Stops the bundle with the specified bundle id. - * - * @param id is the username as given in the URL - * @param bundleIdString specifies the id of the bundle to be stopped - * @return an array of installed {@link Bundle}s to be managed - * - */ - @POST - @Path("stop-bundle") def stopBundle(@PathParam(value = "id") idP: String, - @FormParam("bundleId") bundleIdStringP: String, - @Context uriInfo: UriInfo): Response = { - val id: String = idP - val bundleIdString: String = bundleIdStringP - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.checkPermission(new UserBundlePermission(id, "")) - logger.info("Stop bundle {}", id) - val bundleId: Long = bundleIdString.toLong - AccessController.doPrivileged(new PrivilegedAction[AnyRef] { - def run: Array[Bundle] = { - try { - var bundle: Bundle = componentContext.getBundleContext.getBundle(bundleId) - bundle.stop - } - catch { - case e: BundleException => { - logger.debug("Failed to stop bundle ", bundleIdString) - logger.error("Exception during stop bundle: {}", e) - var responseBuilder: Response.ResponseBuilder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage) - throw new WebApplicationException(responseBuilder.build) - } - } - return null - } - }) - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - - /** - * Uninstalls the bundle with the specified bundle id. - * - * @param id is the username as given in the URL - * @param bundleIdString specifies the id of the bundle to be uninstalled - * @return an array of installed {@link Bundle}s to be managed - * - */ - @POST - @Path("uninstall-bundle") - def uninstallBundle(@PathParam(value = "id") idP: String, - @FormParam("bundleId") bundleIdStringP: String, - @Context uriInfo: UriInfo): Response = { - val id: String = idP - val bundleIdString: String = bundleIdStringP - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.checkPermission(new UserBundlePermission(id, "")) - logger.info("Uninstall bundle {}", id) - val bundleId: Long = bundleIdString.toLong - AccessController.doPrivileged(new PrivilegedAction[AnyRef] { - def run: Array[Bundle] = { - val agent: NonLiteral = getAgent(id) - try { - var bundle: Bundle = componentContext.getBundleContext.getBundle(bundleId) - bundle.uninstall - val triple: Triple = new TripleImpl(new UriRef(bundle.getLocation), OSGI.owner, agent) - systemGraph.remove(triple) - removeBundlePrefix(bundle) - } - catch { - case e: BundleException => { - logger.debug("Failed to uninstall bundle {}", bundleIdString) - logger.error("Exception during uninstall bundle: {}", e) - var responseBuilder: Response.ResponseBuilder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage) - throw new WebApplicationException(responseBuilder.build) - } - } - return null - } - }) - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - - /** - * changes the password of an user - * - * @param idP id is the username as given in the URL - * @param lang represents the user's new standard language. - * @return - */ - @POST - @Path("change-language") - def changeUserLanguage(@PathParam(value = "id") idP: String, - @FormParam("availablelanguages") lang: String, - @Context uriInfo: UriInfo): Response = { - val id: String = idP - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.doPrivileged(new PrivilegedAction[AnyRef] { - def run: AnyRef = { - var userNode: GraphNode = new GraphNode(getAgent(id), systemGraph) - userNode.deleteProperties(PLATFORM.preferredLangInISOCode) - userNode.addProperty(PLATFORM.preferredLangInISOCode, LiteralFactory.getInstance.createTypedLiteral(lang)) - return null - } - }) - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - - /** - * changes the password of an user - * - * @param idP id is the username as given in the URL - * @param oldPW the current user password - * @param newPW the new password - * @param confirmNewPW the new password - * @return - */ - @POST - @Path("change-password") - def changePassword(@PathParam(value = "id") idP: String, - @FormParam("oldPW") oldPW: String, - @FormParam("newPW") newPW: String, - @FormParam("confirmNewPW") confirmNewPW: String, - @Context uriInfo: UriInfo): Response = { - val id: String = idP - AccessController.checkPermission(new AccountControlPanelAppPermission(id, "")) - AccessController.checkPermission(new ChangePasswordPermission(id, "")) - var changedPassword: Boolean = false - if (newPW.trim.equals(confirmNewPW.trim) && checkPWStrings(oldPW, newPW)) { - changedPassword = AccessController.doPrivileged(new PrivilegedAction[Boolean] { - private def getCurrentPassword(agent: NonLiteral): String = { - var currentPassword: String = null - var oldPWTriple: Iterator[Triple] = systemGraph.filter(agent, PERMISSION.passwordSha1, null) - if (oldPWTriple.hasNext) { - var currentPWLiteral: Literal = oldPWTriple.next.getObject.asInstanceOf[Literal] - currentPassword = currentPWLiteral.getLexicalForm - } - return currentPassword - } - - def run: Boolean = { - val agent: NonLiteral = getAgent(id) - var encodedOlpPW: String = getEncodedPW(oldPW) - var currentPassword: String = getCurrentPassword(agent) - if ((currentPassword != null) && !currentPassword.equals(encodedOlpPW)) { - logger.info("Typed wrong current password!") - return false - } - else { - removeOldPwAndAddNewPW(agent, currentPassword, newPW) - return true - } - } - - private def removeOldPwAndAddNewPW(agent: NonLiteral, currentPassword: String, newPW: String): Unit = { - var newPWTriple: Triple = new TripleImpl(agent, PERMISSION.passwordSha1, new PlainLiteralImpl(getEncodedPW(newPW))) - if (currentPassword != null) { - var oldPWTriple: Triple = new TripleImpl(agent, PERMISSION.passwordSha1, new PlainLiteralImpl(currentPassword)) - systemGraph.remove(oldPWTriple) - logger.debug("removed old password from systemgraph") - } - systemGraph.add(newPWTriple) - logger.debug("user " + id + " changed password") - } - - private def getEncodedPW(password: String): String = { - if (password == null) { - return null - } - try { - return bytes2HexString(MessageDigest.getInstance("SHA1").digest(password.getBytes("UTF-8"))) - } - catch { - case e: NoSuchAlgorithmException => { - throw new RuntimeException(e) - } - case e: UnsupportedEncodingException => { - throw new RuntimeException(e) - } - } - } - - private def bytes2HexString(bytes: Array[Byte]): String = { - val HEXDIGITS: Array[Char] = "0123456789abcdef".toCharArray - val result = new Array[Char](bytes.length << 1) - var j: Int = 0 - for (i <- 0 to bytes.length - 1) { - result(j) = HEXDIGITS(bytes(i) >> 4 & 0xF) - result(j + 1) = HEXDIGITS(bytes(i) & 0xF) - j += 2 - } - return new String(result) - } - }) - } - else { - logger.info("Changing password failed!") - changedPassword = false - } - if (changedPassword) { - return RedirectUtil.createSeeOtherResponse("../control-panel", uriInfo) - } - else { - return RedirectUtil.createSeeOtherResponse("../control-panel?changedPassword=false", uriInfo) - } - } - - /** - * checks if the typed strings are valid - */ - private def checkPWStrings(oldPW: String, newPW: String): Boolean = { - if (newPW.length == 0) { - return false - } - return true - } - - /** - * The activate method is called when SCR activates the component configuration. - * - * @param componentContext - */ - protected def activate(componentContext: ComponentContext): Unit = { - this.componentContext = componentContext - } - - protected def bindConfigurationAdmin(configAdmin: ConfigurationAdmin): Unit = { - logger.debug("Binding configuration admin") - this.configAdmin = configAdmin - } - - protected def unbindConfigurationAdmin(configAdmin: ConfigurationAdmin): Unit = { - logger.debug("Unbinding configuration admin") - this.configAdmin = null - } - - protected def bindSystemGraph(mgraph: MGraph): Unit = { - systemGraph = mgraph - } - - protected def unbindSystemGraph(mgraph: MGraph): Unit = { - if (systemGraph == mgraph) { - systemGraph = null - } - } - - protected def bindCgProvider(contentgraphprovider: ContentGraphProvider): Unit = { - cgProvider = contentgraphprovider - } - - protected def unbindCgProvider(contentgraphprovider: ContentGraphProvider): Unit = { - if (cgProvider == contentgraphprovider) { - cgProvider = null - } - } - - private var componentContext: ComponentContext = null - private var systemGraph: MGraph = null - private var cgProvider: ContentGraphProvider = null - private var configAdmin: ConfigurationAdmin = null -} \ No newline at end of file