[Bedework-commit] bedework r2079 - in trunk/deployment:
resources/javascript/bedework resources/xsl/default/default
webuser/webapp/resources/demoskins/default/default
webuser/webapp/resources/demoskins/resources
svnadmin at bedework.org
svnadmin at bedework.org
Thu Feb 26 22:59:07 EST 2009
Author: johnsa
Date: 2009-02-26 22:58:56 -0500 (Thu, 26 Feb 2009)
New Revision: 2079
Added:
trunk/deployment/resources/xsl/default/default/entityAccessForm.xsl
Removed:
trunk/deployment/webuser/webapp/resources/demoskins/resources/bedeworkAccess.js
Modified:
trunk/deployment/resources/javascript/bedework/bedeworkAccess.js
trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.css
trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.xsl
Log:
access form refactored, moved to common resources
Modified: trunk/deployment/resources/javascript/bedework/bedeworkAccess.js
===================================================================
--- trunk/deployment/resources/javascript/bedework/bedeworkAccess.js 2009-02-27 03:30:03 UTC (rev 2078)
+++ trunk/deployment/resources/javascript/bedework/bedeworkAccess.js 2009-02-27 03:58:56 UTC (rev 2079)
@@ -1,646 +1,704 @@
-/* Bedework Access control form functions
-
- Bedework uses to methods to set access control. The first and older method
- is to send a single access control string per principal in one
- request/response cycle. The second and more current method (which is
- required in the event form) is to build a javascript object representing
- the acls on an item (e.g. an event), manipulate the object with the GUI, and send
- all the acls in a single request parameter. Both methods are currently used.
- Method one is used for calendar access, method two for event access. In time
- we will probably move all access control to use method two.
-
-/* **********************************************************************
- Copyright 2007 Rensselaer Polytechnic Institute. All worldwide rights reserved.
-
- Redistribution and use of this distribution in source and binary forms,
- with or without modification, are permitted provided that:
- The above copyright notice and this permission notice appear in all
- copies and supporting documentation;
-
- The name, identifiers, and trademarks of Rensselaer Polytechnic
- Institute are not used in advertising or publicity without the
- express prior written permission of Rensselaer Polytechnic Institute;
-
- DISCLAIMER: The software is distributed" AS IS" without any express or
- implied warranty, including but not limited to, any implied warranties
- of merchantability or fitness for a particular purpose or any warrant)'
- of non-infringement of any current or pending patent rights. The authors
- of the software make no representations about the suitability of this
- software for any particular purpose. The entire risk as to the quality
- and performance of the software is with the user. Should the software
- prove defective, the user assumes the cost of all necessary servicing,
- repair or correction. In particular, neither Rensselaer Polytechnic
- Institute, nor the authors of the software are liable for any indirect,
- special, consequential, or incidental damages related to the software,
- to the maximum extent the law permits. */
-
-// This toggles various elements in the access control form when
-// a checkbox for All, Read, Write, Bind, Schedule, or None is clicked.
-// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
-// named after the howItem's value (e.g. "A","R","F","N", etc). We enable
-// and disable the corresponding radio buttons as well.
-
-// ========================================================================
-// ========================================================================
-// Language and customization
-// These should come from values in the header or included as a separate cutomization
-// file.
-
-var authenticatedStr = "authenticated";
-var unauthenticatedStr = "unauthenticated";
-var ownerStr = "owner";
-var otherStr = "other";
-var grantStr = "grant";
-var allStr = "all";
-
-var deleteStr = "remove";
-
-// How granted accesses appear
-var howAllVal = "all";
-
-var howReadVal = "read";
-var howReadAclVal = "read-acl";
-var howReadCurPrivSetVal = "read-curprivset";
-var howReadFreebusyVal = "read-freebusy ";
-
-var howWriteVal = "write";
-var howWriteAclVal = "write-acl";
-var howWritePropertiesVal = "write-properties";
-var howWriteContentVal = "write-content";
-
-var howBindVal = "create";
-var howScheduleVal = "schedule";
-var howScheduleRequestVal = "schedule-request";
-var howScheduleReplyVal = "schedule-reply";
-var howScheduleFreebusyVal = "schedule-freebusy";
-
-var howUnbindVal = "delete";
-
-var howUnlockVal = "unlock";
-
-// How denied accesses appear
-var howDenyAllVal = "none";
-
-var howDenyReadVal = "not-read";
-var howDenyReadAclVal = "not-read-acl";
-var howDenyReadCurPrivSetVal = "not-read-curprivset";
-var howDenyReadFreebusyVal = "not-read-freebusy ";
-
-var howDenyWriteVal = "not-write";
-var howDenyWriteAclVal = "not-write-acl";
-var howDenyWritePropertiesVal = "not-write-properties";
-var howDenyWriteContentVal = "not-write-content";
-
-var howDenyBindVal = "not-create";
-var howDenyScheduleVal = "not-schedule";
-var howDenyScheduleRequestVal = "not-schedule-request";
-var howDenyScheduleReplyVal = "not-schedule-reply";
-var howDenyScheduleFreebusyVal = "not-schedule-freebusy";
-
-var howDenyUnbindVal = "not-delete";
-
-var howDenyUnlockVal = "not-unlock";
-
-//var howNoneVal = "none";
-
-/* We shouldn't use the word local - it probably doesn't mean too much and it might actually be
- inherited from something called /local for example */
-var inheritedStr = "Not inherited";
-
-// **************************
-// The prefixes come from the directory code so should be emitted by the jsp.
-// We may have problems here as convertng from a user id to a principal might be
-// awkward
-
-var principalPrefix = "/principals/";
-var userPrincipalPrefix = "/principals/users/";
-var groupPrincipalPrefix = "/principals/groups/";
-var resourcePrincipalPrefix = "/principals/resources/";
-
-// ========================================================================
-// ========================================================================
-
-// .......................................................
-// Some constants
-// .......................................................
-
-var xmlHeader = "<?xml version='1.0' encoding='utf-8' ?>";
-var nameSpaces = "xmlns:D='DAV:' " +
- "xmlns:C='urn:ietf:params:xml:ns:caldav'";
-
-var davNS = "D:";
-var caldavNS = "C:";
-
-/* Define how values,
- par: how,
- par: the contained hows
- par: dav element name
- par: display name */
-function howVals(h, cont, davEl, dv, ddv) {
- var how;
- var contains;
- var davEl;
- var dispVal;
- var denyDispVal;
-
- this.how = h;
- this.contains = cont;
- this.davEl = davEl;
- this.dispVal = dv;
- this.denyDispVal = ddv;
-
- /* return true if ch is contained in this access */
- this.doesContain = function(ch) {
- return this.contains.match(ch) != null;
- }
-
- this.getDispVal = function(negated) {
- if (negated) {
- return this.denyDispVal;
- }
-
- return this.dispVal;
- }
-}
-
-var hows = new function() {
- var hv = new Array();
-
- hv.push(new howVals("A", "RrPFWapcbStysuN", "<D:all/>", howAllVal, howDenyAllVal));
-
- hv.push(new howVals("R", "rPF", "<D:read/>", howReadVal, howDenyReadVal));
- hv.push(new howVals("r", "", "<D:read-acl/>", howReadAclVal, howDenyReadAclVal));
- hv.push(new howVals("P", "", "<D:read-current-user-privilege-set/>", howReadCurPrivSetVal, howDenyReadCurPrivSetVal));
- hv.push(new howVals("F", "", "<C:read-free-busy/>", howReadFreebusyVal, howDenyReadFreebusyVal));
-
- hv.push(new howVals("W", "apcbStysuN", "<D:write/>", howWriteVal, howDenyWriteVal));
- hv.push(new howVals("a", "", "<D:write-acl/>", howWriteAclVal, howDenyWriteAclVal));
- hv.push(new howVals("p", "", "<D: write-properties/>", howWritePropertiesVal, howDenyWritePropertiesVal));
- hv.push(new howVals("c", "", "<D:write-content/>", howWriteContentVal, howDenyWriteContentVal));
-
- hv.push(new howVals("b", "Stys", "<D:bind/>", howBindVal, howDenyBindVal));
- hv.push(new howVals("S", "tys", "<C:schedule/>", howScheduleVal, howDenyScheduleVal));
- hv.push(new howVals("t", "", "<C:schedule-request/>", howScheduleRequestVal, howDenyScheduleRequestVal));
- hv.push(new howVals("y", "", "<C:schedule-reply/>", howScheduleReplyVal, howDenyScheduleReplyVal));
- hv.push(new howVals("s", "", "<C:schedule-free-busy/>", howScheduleFreebusyVal, howDenyScheduleFreebusyVal));
-
- hv.push(new howVals("u", "", "<D:unbind/>", howUnbindVal, howDenyUnbindVal));
-
- hv.push(new howVals("U", "", "<D:unlock/>", howUnlockVal, howDenyUnlockVal));
-
- //hv.push(new howVals("N", "rPFapcbStysu", "", howNoneVal)); // None is -A
-
- this. getHows = function(ch) {
- for (var i = 0; i < hv.length; i++) {
- if (hv[i].how == ch) {
- return hv[i];
- }
- }
-
- alert("No how values for how=" + ch);
-
- return null;
- }
-}
-
-function setupAccessForm(chkBoxObj, formObj) {
- var hvs; // howVals
-
- /* If we checked/unchecked a value that contains other values we need
- to uncheck and disable the contained boxes. */
-
- hvs = hows.getHows(chkBoxObj.value);
-
- if (hvs.contains == "") {
- // Doesn't contain anything
- return;
- }
-
- for (i = 0; i < formObj.howItem.length; i++) {
- if (hvs.doesContain(formObj.howItem[i].value)) {
- if (chkBoxObj.checked == true) {
- formObj.howItem[i].checked = false;
- formObj.howItem[i].disabled = true;
- // now iterate over corresponding radio buttons for each howItem
- for (j = 0; j < formObj[formObj.howItem[i].value].length; j++) {
- formObj[formObj.howItem[i].value][j].disabled = true;
- }
- } else {
- formObj.howItem[i].disabled = false;
- }
- }
- }
-}
-
-// enable and disable corresponding allow/deny flags when a howItem checkbox is
-// clicked
-function toggleAllowDenyFlag(chkBoxObj,formObj) {
- if (chkBoxObj.checked == true) {
- activateAllowDenyFlag(chkBoxObj.value, formObj, false);
- } else {
- activateAllowDenyFlag(chkBoxObj.value, formObj, true);
- }
-}
-
-// iterate over the allow/deny radio buttons and set them to true or false
-function activateAllowDenyFlag(val,formObj,disabledFlag) {
- for (i = 0; i < formObj[val].length; i++) {
- formObj[val][i].disabled = disabledFlag;
- }
-}
-
-// Gather up the how values on access form submission and set the how field
-// (method 1) or return the value (method 2).
-// If in "basic" mode:
-// Set the value of how to the value of the basicHowItem radio button.
-// If in "advanced" mode:
-// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
-// named after the howItem's value (e.g. "A","R","F","N", etc).
-// The allow/deny flag contains the final values to be returned with
-// the "-" switch if we set the value to deny (e.g. "A" or "-A", "R" or "-R").
-// Method: there are two methods used with this function; method one sets
-// the "how" field in the form used to update a single principal. Method
-// two returns the assembled how string to the calling function.
-function setAccessHow(formObj,method) {
- var howString = "";
- if (formObj.setappvar[0].checked == true) { // "basic" mode is selected
- for (i = 0; i < formObj.basicHowItem.length; i++) {
- if (formObj.basicHowItem[i].checked == true) {
- howString = formObj.basicHowItem[i].value;
- }
- }
- } else { // "advanced" mode is selected
- for (i = 0; i < formObj.howItem.length; i++) {
- if (formObj.howItem[i].checked == true) {
- var howItemVal = formObj.howItem[i].value; // get the howItem value and
- for (j = 0; j < formObj[howItemVal].length; j++) { // look up the value from the corresponding allow/deny flag
- if (formObj[howItemVal][j].checked == true) {
- howString += formObj[howItemVal][j].value;
- }
- }
- }
- }
- }
- if (method == 2) {
- return howString;
- } else {
- formObj.how.value = howString;
- }
-}
-
-/* Information about a principal
- */
-function bwPrincipal(who, whoType) {
- this.whoType = whoType;
-
- if ((whoType == "auth") ||
- (whoType == "unauth") ||
- (whoType == "owner") ||
- (whoType == "all") ||
- (whoType == "other")) {
- // Don't set who
- } else {
- this.who = who;
-
- // Don't touch email like addresses
- if (who.indexOf("@") < 0) {
- // Normalize the who
- if (whoType == "user") {
- if (who.indexOf(principalPrefix) != "0") {
- who = userPrincipalPrefix + who;
- }
- } else if (whoType == "group") {
- if (who.indexOf(principalPrefix) != "0") {
- who = groupPrincipalPrefix + who;
- }
- } else if (whoType == "resource") {
- if (who.indexOf(principalPrefix) != "0") {
- who = resourcePrincipalPrefix + who;
- }
- }
- }
- }
-
- // format the who string for on-screen display
- this.format = function() {
- if (whoType == "user") {
- return who;
- }
-
- if (whoType == "group") {
- return who;
- }
-
- if (whoType == "resource") {
- return who;
- }
-
- if (whoType == "auth") {
- return authenticatedStr;
- }
-
- if (whoType == "unauth") {
- return unauthenticatedStr;
- }
-
- if (whoType == "owner") {
- return ownerStr;
- }
-
- if (whoType == "other") {
- return otherStr;
- }
-
- if (whoType == "all") {
- return allStr;
- }
-
- return "***************" + whoType;
- }
-
- this.toXml = function() {
- var w = this.format();
-
- if (whoType == "other") {
- return " <D:invert>\n <D:principal><D:owner/></D:principal>\n </D:invert>";
- }
-
- var res = " <D:principal>\n";
-
- if (w.indexOf(principalPrefix) == "0") {
- res += " <D:href>" + w + "</D:href>\n";
- } else if (whoType == "auth") {
- res += " <D:authenticated/>\n";
- } else if (whoType == "unauth") {
- res += " <D:unauthenticated/>\n";
- } else if (whoType == "all") {
- res += " <D:all/>\n";
- } else if (whoType == "owner") {
- res += " <D:property><D:owner/></D:property>\n";
- } else {
- res += "************??????" + whoType;
- }
-
- return res + " </D:principal>\n";
- }
-
- this.toString = function() {
- return "bwPrincipal[who=" + this.who + ", whoType=" + this.whoType + "]";
- }
-
- this.equals = function(pr) {
- //alert("this=" + this.toString() + " pr=" + pr.toString());
-
- if (this.whoType != pr.whoType) {
- return false;
- }
-
- return this.who == pr.who;
- }
-}
-
-/* METHOD TWO FUNCTIONS*/
-// Access Control Entry (ACE) object
-
-function bwAce(who, whoType, how, inherited, invert) {
- this.principal = new bwPrincipal(who, whoType);
- this.how = how;
- this.inherited = inherited;
- this.invert = invert; // boolean
-
- this.equals = function(ace) {
- return this.principal.equals(ace.principal);
- }
-
- // format the who string for on-screen display
- this.formatWho = function() {
- return this.principal.format();
- }
-
- // format the how string for on-screen display
- this.formatHow = function() {
- var formattedHow = "";
-
- for (var i = 0; i < how.length; i++) {
- var h = how[i];
- var negated = false;
- if (h == "-") {
- negated = true;
- i++;
- h = how[i];
- }
-
- formattedHow += hows.getHows(h).getDispVal(negated) + " ";
- }
-
- return formattedHow;
- }
-
- this.formatInherited = function() {
- if (inherited != "") {
- return inherited;
- }
-
- return inheritedStr;
- }
-
- this.howsToXml = function(doGrants) {
- var open = false;
- var res = "";
-
- for (var hi = 0; hi < how.length; hi++) {
- var h = how[hi];
-
- if (doGrants && (h == "-")) {
- // skip
- hi++;
- } else if (!doGrants && (h != "-")) {
- // skip
- } else {
- if (h == "-") {
- hi++;
- h = how[hi];
- }
-
- var hvs = hows.getHows(h);
-
- if (!open) {
- if (doGrants) {
- res += " <D:grant>\n";
- } else {
- res += " <D:deny>\n";
- }
-
- open = true;
- }
-
- res += " <D:privilege>" + hvs.davEl + "</D:privilege>\n";
- }
- }
-
- if (open) {
- if (doGrants) {
- res += " </D:grant>\n";
- } else {
- res += " </D:deny>\n";
- }
- }
-
- return res;
- }
-
- this.toXml = function() {
- var res = " <D:ace>\n" + this.principal.toXml();
-
- res += this.howsToXml(true);
- res += this.howsToXml(false);
-
- if (this.inherited != "") {
- res += " <D:inherited><D:href>" + this.inherited + "</D:href></D:inherited>";
- }
-
- return res + " </D:ace>\n";
- }
-
- // row: current row in table
- // aceI: index of the ace
- this.toFormRow = function(row, aceI) {
- row.insertCell(0).appendChild(document.createTextNode(this.principal.format()));
- row.insertCell(1).appendChild(document.createTextNode(this.formatHow()));
- row.insertCell(2).appendChild(document.createTextNode(this.formatInherited()));
- var td_3 = row.insertCell(3);
- if (this.inherited == "") {
- td_3.innerHTML = "<a href=\"javascript:bwAcl.deleteAce('" + aceI + "')\">" + deleteStr + "</a>";
- }
- }
-}
-
-// Access Control List (ACL) object - an array of ACEs
-// The bwAcl object is initialized during the XSLT transform.
-var bwAcl = new function() {
- var aces = new Array();
-
- /* If we delete an ace we need to reinstate any inherited access for the same principal
- */
- var savedInherited = new Array();
-
- // Initialize the list.
- // The function expects a comma-separated list of arguments grouped
- // into the five ACE properties.
- this.init = function(who, whoType, how, inherited, invert) {
- var newAce = new bwAce(who, whoType, how, inherited, invert);
- aces.push(newAce);
- if (inherited != "") {
- savedInherited.push(newAce);
- }
- }
-
- // Add or update an ace
- this.addAce = function(newAce) {
- // expects a bwAce object as parameter
- for (var i = 0; i < aces.length; i++) {
- if (aces[i].equals(newAce)) {
- // replace an existing ace
- aces[i] = newAce;
- return;
- }
- }
- // not found: add ace to end of array
- aces.push(newAce);
- }
-
- // Update the list - expects the browser form object
- this.update = function(formObj) {
- // get the type of ace being set
- var type;
- for (i = 0; i < formObj.whoType.length; i++) {
- if (formObj.whoType[i].checked == true) {
- type = formObj.whoType[i].value;
- }
- }
-
- // validate for user or group
- if ((type == 'user' || type == 'group') && formObj.who.value == '') {
- alert("you must enter a user or group name");
- formObj.who.focus();
- return;
- }
-
- // get the how string from the form
- var how = setAccessHow(formObj, 2);
-
- //alert("About to update who=" + formObj.who.value +
- // "\ntype= " + type + "\nhow=" + how);
-
- this.addAce(new bwAce(formObj.who.value, type, how, "" , false));
- formObj.who.value = "";
-
- // update the acl form field
- var formAcl = document.getElementById("bwCurrentAcl");
- formAcl.value = this.toXml();
-
- // redraw the display
- this.display();
- }
-
- this.deleteAce = function(index) {
- var ace = aces[index];
- var replace = false;
-
- for (var si = 0; si < savedInherited.length; si++) {
- if (savedInherited[si].equals(ace)) {
- ace = savedInherited[si];
- replace = true;
- break;
- }
- }
-
- if (replace) {
- aces[index] = ace;
- } else {
- aces.splice(index, 1);
- }
-
- // update the acl form field
- var formAcl = document.getElementById("bwCurrentAcl");
- formAcl.value = this.toXml();
-
- // redraw the display
- this.display();
- }
-
- // update the ACL table displayed on screen
- this.display = function() {
- try {
- // get the table body
- var aclTableBody = document.getElementById("bwCurrentAccess").tBodies[0];
-
- // remove existing rows
- for (i = aclTableBody.rows.length - 1; i >= 0; i--) {
- aclTableBody.deleteRow(i);
- }
-
- // recreate the table rows
- for (var j = 0; j < aces.length; j++) {
- var curAce = aces[j];
- var tr = aclTableBody.insertRow(j);
-
- curAce.toFormRow(tr, j);
- }
- } catch (e) {
- alert(e);
- }
- }
-
- // generate webDAV ACl XML output
- this.toXml = function() {
- var res = xmlHeader + "\n<D:acl " + nameSpaces + " >\n";
-
- for (var j = 0; j < aces.length; j++) {
- res += aces[j].toXml();
- }
-
- return res + "</D:acl>";
- }
-}
-
+/* Bedework Access control form functions
+
+ Bedework sets access control by building a javascript object representing
+ the acls on an item (e.g. an event), manipulating the object with the GUI, and
+ sending all the acls in a single request parameter. We would like to replace
+ this approach with wizards that ask the user what they want to do (and hide
+ the acls).
+
+/* **********************************************************************
+ Copyright 2007 Rensselaer Polytechnic Institute. All worldwide rights reserved.
+
+ Redistribution and use of this distribution in source and binary forms,
+ with or without modification, are permitted provided that:
+ The above copyright notice and this permission notice appear in all
+ copies and supporting documentation;
+
+ The name, identifiers, and trademarks of Rensselaer Polytechnic
+ Institute are not used in advertising or publicity without the
+ express prior written permission of Rensselaer Polytechnic Institute;
+
+ DISCLAIMER: The software is distributed" AS IS" without any express or
+ implied warranty, including but not limited to, any implied warranties
+ of merchantability or fitness for a particular purpose or any warrant)'
+ of non-infringement of any current or pending patent rights. The authors
+ of the software make no representations about the suitability of this
+ software for any particular purpose. The entire risk as to the quality
+ and performance of the software is with the user. Should the software
+ prove defective, the user assumes the cost of all necessary servicing,
+ repair or correction. In particular, neither Rensselaer Polytechnic
+ Institute, nor the authors of the software are liable for any indirect,
+ special, consequential, or incidental damages related to the software,
+ to the maximum extent the law permits. */
+
+// This toggles various elements in the access control form when
+// a checkbox for All, Read, Write, Bind, Schedule, or None is clicked.
+// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
+// named after the howItem's value (e.g. "A","R","F","N", etc). We enable
+// and disable the corresponding radio buttons as well.
+
+// ========================================================================
+// ========================================================================
+// Language and customization
+// These should come from values in the header or included as a separate cutomization
+// file.
+
+var authenticatedStr = "authenticated";
+var unauthenticatedStr = "unauthenticated";
+var ownerStr = "owner";
+var otherStr = "other";
+var grantStr = "grant";
+var denyStr = "deny"
+var allStr = "all";
+
+var bwAclWidgetDeleteStr = "remove";
+var bwAclWidgetEntryStr = "Entry";
+var bwAclWidgetAccessStr = "Access";
+var bwAclWidgetInheritedStr = "Inherited from";
+
+// note that resourcesRoot is passed in from the html head section defined in the xslt
+var trashIcon = '<img src="' + resourcesRoot + '/resources/trashIcon.gif" width="13" height="13" border="0" alt="remove"/>';
+var userIcon = '<img src="' + resourcesRoot + '/resources/userIcon.gif" width="13" height="13" border="0" alt="user"/>';
+var groupIcon = '<img src="' + resourcesRoot + '/resources/groupIcon.gif" width="13" height="13" border="0" alt="group"/>';
+
+// How granted accesses appear
+var howAllVal = "all";
+
+var howReadVal = "read";
+var howReadAclVal = "read-acl";
+var howReadCurPrivSetVal = "read-curprivset";
+var howReadFreebusyVal = "read-freebusy ";
+
+var howWriteVal = "write";
+var howWriteAclVal = "write-acl";
+var howWritePropertiesVal = "write-properties";
+var howWriteContentVal = "write-content";
+
+var howBindVal = "create";
+var howScheduleVal = "schedule";
+var howScheduleRequestVal = "schedule-request";
+var howScheduleReplyVal = "schedule-reply";
+var howScheduleFreebusyVal = "schedule-freebusy";
+
+var howUnbindVal = "delete";
+
+var howUnlockVal = "unlock";
+
+// How denied accesses appear
+var howDenyAllVal = "none";
+
+var howDenyReadVal = "not-read";
+var howDenyReadAclVal = "not-read-acl";
+var howDenyReadCurPrivSetVal = "not-read-curprivset";
+var howDenyReadFreebusyVal = "not-read-freebusy ";
+
+var howDenyWriteVal = "not-write";
+var howDenyWriteAclVal = "not-write-acl";
+var howDenyWritePropertiesVal = "not-write-properties";
+var howDenyWriteContentVal = "not-write-content";
+
+var howDenyBindVal = "not-create";
+var howDenyScheduleVal = "not-schedule";
+var howDenyScheduleRequestVal = "not-schedule-request";
+var howDenyScheduleReplyVal = "not-schedule-reply";
+var howDenyScheduleFreebusyVal = "not-schedule-freebusy";
+
+var howDenyUnbindVal = "not-delete";
+
+var howDenyUnlockVal = "not-unlock";
+
+//var howNoneVal = "none";
+
+/* We shouldn't use the word local - it probably doesn't mean too much and it might actually be
+ inherited from something called /local for example */
+var inheritedStr = "not inherited";
+
+// **************************
+// The prefixes come from the directory code so should be emitted by the jsp.
+// We may have problems here as convertng from a user id to a principal might be
+// awkward
+
+var principalPrefix = "/principals/";
+var userPrincipalPrefix = "/principals/users/";
+var groupPrincipalPrefix = "/principals/groups/";
+var resourcePrincipalPrefix = "/principals/resources/";
+
+// ========================================================================
+// ========================================================================
+
+// .......................................................
+// Some constants
+// .......................................................
+
+var xmlHeader = "<?xml version='1.0' encoding='utf-8' ?>";
+var nameSpaces = "xmlns:D='DAV:' " +
+ "xmlns:C='urn:ietf:params:xml:ns:caldav'";
+
+var davNS = "D:";
+var caldavNS = "C:";
+
+/* Define how values,
+ par: how,
+ par: the contained hows
+ par: dav element name
+ par: display name */
+function howVals(h, cont, davEl, dv, ddv) {
+ var how;
+ var contains;
+ var davEl;
+ var dispVal;
+ var denyDispVal;
+
+ this.how = h;
+ this.contains = cont;
+ this.davEl = davEl;
+ this.dispVal = dv;
+ this.denyDispVal = ddv;
+
+ /* return true if ch is contained in this access */
+ this.doesContain = function(ch) {
+ return this.contains.match(ch) != null;
+ }
+
+ this.getDispVal = function(negated) {
+ if (negated) {
+ return this.denyDispVal;
+ }
+
+ return this.dispVal;
+ }
+}
+
+var hows = new function() {
+ var hv = new Array();
+
+ hv.push(new howVals("A", "RrPFWapcbStysuN", "<D:all/>", howAllVal, howDenyAllVal));
+
+ hv.push(new howVals("R", "rPF", "<D:read/>", howReadVal, howDenyReadVal));
+ hv.push(new howVals("r", "", "<D:read-acl/>", howReadAclVal, howDenyReadAclVal));
+ hv.push(new howVals("P", "", "<D:read-current-user-privilege-set/>", howReadCurPrivSetVal, howDenyReadCurPrivSetVal));
+ hv.push(new howVals("F", "", "<C:read-free-busy/>", howReadFreebusyVal, howDenyReadFreebusyVal));
+
+ hv.push(new howVals("W", "apcbStysuN", "<D:write/>", howWriteVal, howDenyWriteVal));
+ hv.push(new howVals("a", "", "<D:write-acl/>", howWriteAclVal, howDenyWriteAclVal));
+ hv.push(new howVals("p", "", "<D:write-properties/>", howWritePropertiesVal, howDenyWritePropertiesVal));
+ hv.push(new howVals("c", "", "<D:write-content/>", howWriteContentVal, howDenyWriteContentVal));
+
+ hv.push(new howVals("b", "Stys", "<D:bind/>", howBindVal, howDenyBindVal));
+ hv.push(new howVals("S", "tys", "<C:schedule/>", howScheduleVal, howDenyScheduleVal));
+ hv.push(new howVals("t", "", "<C:schedule-request/>", howScheduleRequestVal, howDenyScheduleRequestVal));
+ hv.push(new howVals("y", "", "<C:schedule-reply/>", howScheduleReplyVal, howDenyScheduleReplyVal));
+ hv.push(new howVals("s", "", "<C:schedule-free-busy/>", howScheduleFreebusyVal, howDenyScheduleFreebusyVal));
+
+ hv.push(new howVals("u", "", "<D:unbind/>", howUnbindVal, howDenyUnbindVal));
+
+ hv.push(new howVals("U", "", "<D:unlock/>", howUnlockVal, howDenyUnlockVal));
+
+ //hv.push(new howVals("N", "rPFapcbStysu", "", howNoneVal)); // None is -A
+
+ this. getHows = function(ch) {
+ for (var i = 0; i < hv.length; i++) {
+ if (hv[i].how == ch) {
+ return hv[i];
+ }
+ }
+
+ alert("No how values for how=" + ch);
+
+ return null;
+ }
+}
+
+function setupAccessForm(chkBoxObj, formObj) {
+ var hvs; // howVals
+
+ /* If we checked/unchecked a value that contains other values we need
+ to uncheck and disable the contained boxes. */
+
+ hvs = hows.getHows(chkBoxObj.value);
+
+ if (hvs.contains == "") {
+ // Doesn't contain anything
+ return;
+ }
+
+ for (i = 0; i < formObj.howItem.length; i++) {
+ if (hvs.doesContain(formObj.howItem[i].value)) {
+ if (chkBoxObj.checked == true) {
+ formObj.howItem[i].checked = false;
+ formObj.howItem[i].disabled = true;
+ // now iterate over corresponding radio buttons for each howItem
+ for (j = 0; j < formObj[formObj.howItem[i].id].length; j++) {
+ formObj[formObj.howItem[i].id][j].disabled = true;
+ }
+ } else {
+ formObj.howItem[i].disabled = false;
+ }
+ }
+ }
+}
+
+// enable and disable corresponding allow/deny flags when a howItem checkbox is
+// clicked
+function toggleAllowDenyFlag(chkBoxObj,formObj) {
+ if (chkBoxObj.checked == true) {
+ activateAllowDenyFlag(chkBoxObj.id, formObj, false);
+ } else {
+ activateAllowDenyFlag(chkBoxObj.id, formObj, true);
+ }
+}
+
+// iterate over the allow/deny radio buttons and set them to true or false
+function activateAllowDenyFlag(val,formObj,disabledFlag) {
+ for (i = 0; i < formObj[val].length; i++) {
+ if (formObj[val][i].type == "radio") { //skip the checkbox with matching id
+ formObj[val][i].disabled = disabledFlag;
+ }
+ }
+}
+
+// Gather up the how values on access form submission and return the value.
+// If in "basic" mode:
+// Set the value of how to the value of the basicHowItem radio button.
+// If in "advanced" mode:
+// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
+// named after the howItem's value (e.g. "A","R","F","N", etc).
+// The allow/deny flag contains the final values to be returned with
+// the "-" switch if we set the value to deny (e.g. "A" or "-A", "R" or "-R").
+function setAccessHow(formObj) {
+ var howString = "";
+ if (formObj.setappvar[0].checked == true) { // "basic" mode is selected
+ for (i = 0; i < formObj.basicHowItem.length; i++) {
+ if (formObj.basicHowItem[i].checked == true) {
+ howString = formObj.basicHowItem[i].value;
+ }
+ }
+ } else { // "advanced" mode is selected
+ for (i = 0; i < formObj.howItem.length; i++) {
+ if (formObj.howItem[i].checked == true) {
+ var howItemId = formObj.howItem[i].id; // get the howItem id and
+ for (j = 0; j < formObj[howItemId].length; j++) { // look up the value from the corresponding allow/deny flag
+ if ((formObj[howItemId][j].checked == true) && (formObj[howItemId][j].type == "radio")) {
+ howString += formObj[howItemId][j].value;
+ }
+ }
+ }
+ }
+ }
+ return howString;
+}
+
+/* Information about a principal
+ */
+function bwPrincipal(who, whoType) {
+ this.whoType = whoType;
+
+ if ((whoType == "auth") ||
+ (whoType == "unauth") ||
+ (whoType == "owner") ||
+ (whoType == "all") ||
+ (whoType == "other")) {
+ // Don't set who
+ } else {
+ this.who = who;
+
+ // Don't touch email like addresses
+ if (who.indexOf("@") < 0) {
+ // Normalize the who
+ if (whoType == "user") {
+ if (who.indexOf(principalPrefix) != "0") {
+ who = userPrincipalPrefix + who;
+ }
+ } else if (whoType == "group") {
+ if (who.indexOf(principalPrefix) != "0") {
+ who = groupPrincipalPrefix + who;
+ }
+ } else if (whoType == "resource") {
+ if (who.indexOf(principalPrefix) != "0") {
+ who = resourcePrincipalPrefix + who;
+ }
+ }
+ }
+ }
+
+ // format the who string for on-screen display
+ this.format = function() {
+ if (whoType == "user") {
+ return userIcon + " " + who;
+ }
+
+ if (whoType == "group") {
+ return groupIcon + " " + who;
+ }
+
+ if (whoType == "resource") {
+ return who;
+ }
+
+ if (whoType == "auth") {
+ return groupIcon + " " + authenticatedStr;
+ }
+
+ if (whoType == "unauth") {
+ return groupIcon + " " + unauthenticatedStr;
+ }
+
+ if (whoType == "owner") {
+ return userIcon + " " + ownerStr;
+ }
+
+ if (whoType == "other") {
+ return groupIcon + " " + otherStr;
+ }
+
+ if (whoType == "all") {
+ return groupIcon + " " + allStr;
+ }
+
+ return "***************" + whoType;
+ }
+
+ // format the who string for xml representation
+ this.formatXml = function() {
+ if (whoType == "user") {
+ return who;
+ }
+
+ if (whoType == "group") {
+ return who;
+ }
+
+ if (whoType == "resource") {
+ return who;
+ }
+
+ if (whoType == "auth") {
+ return authenticatedStr;
+ }
+
+ if (whoType == "unauth") {
+ return unauthenticatedStr;
+ }
+
+ if (whoType == "owner") {
+ return ownerStr;
+ }
+
+ if (whoType == "other") {
+ return otherStr;
+ }
+
+ if (whoType == "all") {
+ return allStr;
+ }
+
+ return "***************" + whoType;
+ }
+
+ this.toXml = function() {
+ var w = this.formatXml();
+
+ if (whoType == "other") {
+ return " <D:invert>\n <D:principal><D:owner/></D:principal>\n </D:invert>";
+ }
+
+ var res = " <D:principal>\n";
+
+ if (w.indexOf(principalPrefix) == "0") {
+ res += " <D:href>" + w + "</D:href>\n";
+ } else if (whoType == "auth") {
+ res += " <D:authenticated/>\n";
+ } else if (whoType == "unauth") {
+ res += " <D:unauthenticated/>\n";
+ } else if (whoType == "all") {
+ res += " <D:all/>\n";
+ } else if (whoType == "owner") {
+ res += " <D:property><D:owner/></D:property>\n";
+ } else {
+ res += "************??????" + whoType;
+ }
+
+ return res + " </D:principal>\n";
+ }
+
+ this.toString = function() {
+ return "bwPrincipal[who=" + this.who + ", whoType=" + this.whoType + "]";
+ }
+
+ this.equals = function(pr) {
+ if (this.whoType != pr.whoType) {
+ return false;
+ }
+ return this.who == pr.who;
+ }
+}
+
+/* Access Control Entry (ACE) object
+ */
+function bwAce(who, whoType, how, inherited, invert) {
+ this.principal = new bwPrincipal(who, whoType);
+ this.how = how;
+ this.inherited = inherited;
+ this.invert = invert; // boolean
+
+ this.equals = function(ace) {
+ return this.principal.equals(ace.principal);
+ }
+
+ // format the who string for on-screen display
+ this.formatWho = function() {
+ return this.principal.format();
+ }
+
+ // format the how string for on-screen display
+ this.formatHow = function() {
+ var formattedHow = "";
+
+ for (var i = 0; i < how.length; i++) {
+ var h = how[i];
+ var negated = false;
+ var grantDenyStr = grantStr;
+ if (h == "-") {
+ negated = true;
+ grantDenyStr = denyStr;
+ i++;
+ h = how[i];
+ }
+
+ formattedHow += '<span class="' + grantDenyStr + '">' + hows.getHows(h).getDispVal(negated) + '</span>';
+ if (i != how.length-1) {
+ formattedHow += ', ';
+ }
+ }
+
+ return formattedHow;
+ }
+
+ this.formatInherited = function() {
+ if (inherited != "") {
+ return inherited;
+ }
+
+ return inheritedStr;
+ }
+
+ this.howsToXml = function(doGrants) {
+ var open = false;
+ var res = "";
+
+ for (var hi = 0; hi < how.length; hi++) {
+ var h = how[hi];
+
+ if (doGrants && (h == "-")) {
+ // skip
+ hi++;
+ } else if (!doGrants && (h != "-")) {
+ // skip
+ } else {
+ if (h == "-") {
+ hi++;
+ h = how[hi];
+ }
+
+ var hvs = hows.getHows(h);
+
+ if (!open) {
+ if (doGrants) {
+ res += " <D:grant>\n";
+ } else {
+ res += " <D:deny>\n";
+ }
+
+ open = true;
+ }
+
+ res += " <D:privilege>" + hvs.davEl + "</D:privilege>\n";
+ }
+ }
+
+ if (open) {
+ if (doGrants) {
+ res += " </D:grant>\n";
+ } else {
+ res += " </D:deny>\n";
+ }
+ }
+
+ return res;
+ }
+
+ this.toXml = function() {
+ var res = " <D:ace>\n" + this.principal.toXml();
+
+ res += this.howsToXml(true);
+ res += this.howsToXml(false);
+
+ if (this.inherited != "") {
+ res += " <D:inherited><D:href>" + this.inherited + "</D:href></D:inherited>";
+ }
+
+ return res + " </D:ace>\n";
+ }
+
+ // row: current row in table
+ // aceI: index of the ace
+ // id: id of widget output block in the html
+ this.toFormRow = function(row, aceI, id) {
+ var td_0 = row.insertCell(0);
+ td_0.innerHTML = this.principal.format();
+ var td_1 = row.insertCell(1);
+ td_1.innerHTML = this.formatHow();
+ row.insertCell(2).appendChild(document.createTextNode(this.formatInherited()));
+ var td_3 = row.insertCell(3);
+ if (this.inherited == "") {
+ td_3.innerHTML = "<a href=\"javascript:bwAcl.deleteAce('" + aceI + "','" + id + "')\">" + trashIcon + " " + bwAclWidgetDeleteStr + "</a>";
+ }
+ }
+}
+
+// Access Control List (ACL) object - an array of ACEs
+// The bwAcl object is initialized during the XSLT transform.
+var bwAcl = new function() {
+ var aces = new Array();
+
+ /* If we delete an ace we need to reinstate any inherited access for the same principal
+ */
+ var savedInherited = new Array();
+
+ // Initialize the list.
+ // The function expects a comma-separated list of arguments grouped
+ // into the five ACE properties.
+ this.init = function(who, whoType, how, inherited, invert) {
+ var newAce = new bwAce(who, whoType, how, inherited, invert);
+ aces.push(newAce);
+ if (inherited != "") {
+ savedInherited.push(newAce);
+ }
+ }
+
+ // Add or update an ace
+ this.addAce = function(newAce) {
+ // expects a bwAce object as parameter
+ for (var i = 0; i < aces.length; i++) {
+ if (aces[i].equals(newAce)) {
+ // replace an existing ace
+ aces[i] = newAce;
+ return;
+ }
+ }
+ // not found: add ace to end of array
+ aces.push(newAce);
+ }
+
+ // Update the list - expects the browser form object
+ this.update = function(formObj,id) {
+ // get the type of ace being set
+ var type;
+ for (i = 0; i < formObj.whoType.length; i++) {
+ if (formObj.whoType[i].checked == true) {
+ type = formObj.whoType[i].value;
+ }
+ }
+
+ // validate for user or group
+ if ((type == 'user' || type == 'group') && formObj.who.value == '') {
+ alert("you must enter a user or group name");
+ formObj.who.focus();
+ return;
+ }
+
+ // get the how string from the form
+ var how = setAccessHow(formObj);
+
+ //alert("About to update who=" + formObj.who.value +
+ // "\ntype= " + type + "\nhow=" + how);
+
+ this.addAce(new bwAce(formObj.who.value, type, how, "" , false));
+ formObj.who.value = "";
+
+ // update the acl form field
+ var formAcl = document.getElementById("bwCurrentAcl");
+ formAcl.value = this.toXml();
+
+ // redraw the display
+ this.display(id);
+ }
+
+ this.deleteAce = function(index,id) {
+ var ace = aces[index];
+ var replace = false;
+
+ for (var si = 0; si < savedInherited.length; si++) {
+ if (savedInherited[si].equals(ace)) {
+ ace = savedInherited[si];
+ replace = true;
+ break;
+ }
+ }
+
+ if (replace) {
+ aces[index] = ace;
+ } else {
+ aces.splice(index, 1);
+ }
+
+ // update the acl form field
+ var formAcl = document.getElementById("bwCurrentAcl");
+ formAcl.value = this.toXml();
+
+ // redraw the display
+ this.display(id);
+ }
+
+ // build the ACL widget displayed on screen in the given id
+ this.display = function(id) {
+ try {
+
+ var aclWidget = document.getElementById(id);
+ aclWidget.innerHTML = "";
+
+ var bwCurrentAccess = document.createElement("table");
+ bwCurrentAccess.className = "common scheduling";
+ bwCurrentAccess.id = "bwCurrentAccess";
+ bwCurrentAccess.createTHead();
+ bwCurrAccessHead = bwCurrentAccess.tHead.insertRow(0);
+ bwCurrAccessHead.innerHTML = '<th>' + bwAclWidgetEntryStr + '</th>' + '<th>' + bwAclWidgetAccessStr + '</th>' + '<th>' + bwAclWidgetInheritedStr + '</th><th></th>';
+ var bwCurrAccessTBody = document.createElement("tbody");
+ bwCurrentAccess.appendChild(bwCurrAccessTBody);
+
+ // finally, write the table back to the display
+ aclWidget.appendChild(bwCurrentAccess);
+
+ // get the table body
+ var aclTableBody = document.getElementById("bwCurrentAccess").tBodies[0];
+
+ // remove existing rows
+ //for (i = aclTableBody.rows.length - 1; i >= 0; i--) {
+ // aclTableBody.deleteRow(i);
+ //}
+
+ // create the table rows
+ for (var j = 0; j < aces.length; j++) {
+ var curAce = aces[j];
+ var tr = aclTableBody.insertRow(j);
+
+ curAce.toFormRow(tr, j, id);
+ }
+
+ } catch (e) {
+ alert(e);
+ }
+ }
+
+ // generate webDAV ACl XML output
+ this.toXml = function() {
+ var res = xmlHeader + "\n<D:acl " + nameSpaces + " >\n";
+
+ for (var j = 0; j < aces.length; j++) {
+ res += aces[j].toXml();
+ }
+
+ return res + "</D:acl>";
+ }
+}
+
Added: trunk/deployment/resources/xsl/default/default/entityAccessForm.xsl
===================================================================
--- trunk/deployment/resources/xsl/default/default/entityAccessForm.xsl (rev 0)
+++ trunk/deployment/resources/xsl/default/default/entityAccessForm.xsl 2009-02-27 03:58:56 UTC (rev 2079)
@@ -0,0 +1,254 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template name="entityAccessForm">
+ <xsl:param name="type"/><!-- optional: currently used for inbox and outbox to conditionally display scheduling access -->
+ <xsl:param name="acl"/><!-- required: nodeset of entity acls used to initialize javascript object. -->
+ <xsl:param name="outputId"/><!-- required: id of the current access block display to update -->
+
+ <table cellpadding="0" id="accessFormTable" class="common">
+ <tr>
+ <th colspan="2" class="commonHeader">Add:</th>
+ </tr>
+ <tr>
+ <td>
+ <h5>Who:</h5>
+ <div class="whoTypes">
+ <input type="text" name="who" size="20"/><br/>
+ <input type="radio" value="user" name="whoType" checked="checked"/> user
+ <input type="radio" value="group" name="whoType"/> group
+ <p>OR</p>
+ <p>
+ <input type="radio" value="owner" name="whoType"/> owner<br/>
+ <input type="radio" value="auth" name="whoType"/> authenticated<br/>
+ <input type="radio" value="unauth" name="whoType"/> unauthenticated<br/>
+ <input type="radio" value="all" name="whoType"/> all users
+ </p>
+ <input type="button" name="updateACLs" value="add entry" onclick="bwAcl.update(this.form,'{$outputId}')"/>
+ </div>
+ </td>
+ <td>
+ <h5>
+ <span id="accessRightsToggle">
+ <xsl:choose>
+ <xsl:when test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
+ <input type="radio" name="setappvar" value="accessRightsToggle(basic)" onclick="changeClass('howList','visible');changeClass('howTable','invisible');"/>basic
+ <input type="radio" name="setappvar" value="accessRightsToggle(advanced)" checked="checked" onclick="changeClass('howList','invisible');changeClass('howTable','visible');"/>advanced
+ </xsl:when>
+ <xsl:otherwise>
+ <input type="radio" name="setappvar" value="accessRightsToggle(basic)" checked="checked" onclick="changeClass('howList','visible');changeClass('howTable','invisible');"/>basic
+ <input type="radio" name="setappvar" value="accessRightsToggle(advanced)" onclick="changeClass('howList','invisible');changeClass('howTable','visible');"/>advanced
+ </xsl:otherwise>
+ </xsl:choose>
+ </span>
+ Rights:
+ </h5>
+ <input type="hidden" name="how" value="" id="bwCurrentHow"/>
+ <!-- field 'acl' will receive xml for method 2 -->
+ <input type="hidden" name="acl" value="" id="bwCurrentAcl" />
+ <!-- Advanced Access Rights: -->
+ <!-- the "how" field is set by iterating over the howItems below -->
+ <table id="howTable" class="invisible" cellspacing="0">
+ <xsl:if test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
+ <xsl:attribute name="class">visible</xsl:attribute>
+ </xsl:if>
+ <tr>
+ <th>access type</th>
+ <th>allow</th>
+ <th>deny</th>
+ </tr>
+ <tr>
+ <td class="level1">
+ <input type="checkbox" value="A" id="accessAll" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/>All
+ </td>
+ <td>
+ <input type="radio" value="A" name="accessAll" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-A" name="accessAll" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level2">
+ <input type="checkbox" value="R" id="accessRead" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)" checked="checked"/> Read
+ </td>
+ <td>
+ <input type="radio" value="R" name="accessRead" checked="checked"/>
+ </td>
+ <td>
+ <input type="radio" value="-R" name="accessRead"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="r" id="r" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read ACL
+ </td>
+ <td>
+ <input type="radio" value="r" name="r" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-r" name="r" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="P" id="accessPriv" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read current user privilege set
+ </td>
+ <td>
+ <input type="radio" value="P" name="accessPriv" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-P" name="accessPriv" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="F" id="F" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read freebusy
+ </td>
+ <td>
+ <input type="radio" value="F" name="F" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-F" name="F" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level2">
+ <input type="checkbox" value="W" id="W" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> Write
+ </td>
+ <td>
+ <input type="radio" value="W" name="W" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-W" name="W" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="a" id="a" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write ACL
+ </td>
+ <td>
+ <input type="radio" value="a" name="a" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-a" name="a" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="p" id="p" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write properties
+ </td>
+ <td>
+ <input type="radio" value="p" name="p" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-p" name="p" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="c" id="c" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write content
+ </td>
+ <td>
+ <input type="radio" value="c" name="c" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-c" name="c" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="b" id="b" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> create (bind)
+ </td>
+ <td>
+ <input type="radio" value="b" name="b" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-b" name="b" disabled="disabled"/>
+ </td>
+ </tr>
+ <xsl:if test="$type = 'inbox' or $type = 'outbox'">
+ <tr>
+ <td class="level4">
+ <input type="checkbox" value="S" id="accessSchedule" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> schedule
+ </td>
+ <td>
+ <input type="radio" value="S" name="accessSchedule" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-S" name="accessSchedule" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level5">
+ <input type="checkbox" value="t" id="t" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule request
+ </td>
+ <td>
+ <input type="radio" value="t" name="t" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-t" name="t" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level5">
+ <input type="checkbox" value="y" id="y" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule reply
+ </td>
+ <td>
+ <input type="radio" value="y" name="y" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-y" name="y" disabled="disabled"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="level5">
+ <input type="checkbox" value="s" id="s" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule free-busy
+ </td>
+ <td>
+ <input type="radio" value="s" name="s" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-s" name="s" disabled="disabled"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <tr>
+ <td class="level3">
+ <input type="checkbox" value="u" id="u" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> delete (unbind)
+ </td>
+ <td>
+ <input type="radio" value="u" name="u" checked="checked" disabled="disabled"/>
+ </td>
+ <td>
+ <input type="radio" value="-u" name="u" disabled="disabled"/>
+ </td>
+ </tr>
+ <!--<tr>
+ <td class="level1">
+ <input type="checkbox" value="N" name="howItem" onclick="setupAccessForm(this, this.form)"/> None
+ </td>
+ <td>
+ </td>
+ <td>
+ </td>
+ </tr>-->
+ </table>
+ <!-- Simple Access Rights: -->
+ <!-- the "how" field is set by getting the selected basicHowItem -->
+ <ul id="howList">
+ <xsl:if test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
+ <xsl:attribute name="class">invisible</xsl:attribute>
+ </xsl:if>
+ <li>
+ <input type="radio" value="A" name="basicHowItem"/>All
+ </li>
+ <li>
+ <input type="radio" value="R" name="basicHowItem" checked="checked"/>Read only
+ </li>
+ </ul>
+ </td>
+ </tr>
+ </table>
+ </xsl:template>
+
+</xsl:stylesheet>
Modified: trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.css
===================================================================
--- trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.css 2009-02-27 03:30:03 UTC (rev 2078)
+++ trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.css 2009-02-27 03:58:56 UTC (rev 2079)
@@ -1788,22 +1788,22 @@
margin: 1em 0;
padding: 0;
}
-#bedework #shareFormTable td {
+#bedework #accessFormTable td {
border: 1px solid #666;
padding: 0 0 0.5em 0;
}
-#bedework #shareFormTable h5 {
+#bedework #accessFormTable h5 {
background: #e5e5e5;
color: black;
margin: 0;
padding: 4px;
}
-#bedework #shareFormTable #accessRightsToggle {
+#bedework #accessFormTable #accessRightsToggle {
float: right;
font-weight: normal;
font-size: 0.8em;
}
-#bedework #shareFormTable .whoTypes {
+#bedework #accessFormTable .whoTypes {
margin: 1em;
}
#bedework #howTable {
Modified: trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.xsl
===================================================================
--- trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.xsl 2009-02-27 03:30:03 UTC (rev 2078)
+++ trunk/deployment/webuser/webapp/resources/demoskins/default/default/default.xsl 2009-02-27 03:58:56 UTC (rev 2079)
@@ -52,6 +52,7 @@
<xsl:include href="../../../bedework-common/default/default/errors.xsl"/>
<xsl:include href="../../../bedework-common/default/default/messages.xsl"/>
<xsl:include href="../../../bedework-common/default/default/util.xsl"/>
+ <xsl:include href="../../../bedework-common/default/default/entityAccessForm.xsl"/>
<!-- DEFINE GLOBAL CONSTANTS -->
<!-- URL of html resources (images, css, other html); by default this is
@@ -403,7 +404,7 @@
</xsl:if>
<xsl:if test="/bedework/page='modCalendar' or
/bedework/page='modSchedulingPrefs'">
- <script type="text/javascript" src="{$resourcesRoot}/resources/bedeworkAccess.js"> </script>
+ <script type="text/javascript" src="/bedework-common/javascript/bedework/bedeworkAccess.js"> </script>
<!-- initialize calendar acls, if present -->
<xsl:if test="/bedework/currentCalendar/acl/ace">
<script type="text/javascript">
@@ -448,7 +449,7 @@
<link rel="stylesheet" href="{$resourcesRoot}/resources/bwClock.css"/>
<script type="text/javascript" src="{$resourcesRoot}/resources/bedeworkEventForm.js"> </script>
<script type="text/javascript" src="{$resourcesRoot}/resources/bedeworkXProperties.js"> </script>
- <script type="text/javascript" src="{$resourcesRoot}/resources/bedeworkAccess.js"> </script>
+ <script type="text/javascript" src="/bedework-common/javascript/bedework/bedeworkAccess.js"> </script>
<!-- initialize event acls, if present -->
<xsl:if test="/bedework/editableAccess/access/acl/ace">
<script type="text/javascript">
@@ -4914,6 +4915,7 @@
</table>
<div id="sharingBox">
+ <h3>Current Access:</h3>
<div id="bwCurrentAccessWidget"> </div>
<script type="text/javascript">
bwAcl.display("bwCurrentAccessWidget");
@@ -7718,257 +7720,6 @@
<input type="submit" name="cancelled" value="cancel"/>
</xsl:template>
- <xsl:template name="entityAccessForm">
- <xsl:param name="type"/><!-- optional: currently used for inbox and outbox to conditionally display scheduling access -->
- <xsl:param name="acl"/><!-- required: nodeset of entity acls used to initialize javascript object. -->
- <xsl:param name="outputId"/><!-- required: id of the current access block display to update -->
-
- <table cellpadding="0" id="shareFormTable" class="common">
- <tr>
- <th colspan="2" class="commonHeader">Add:</th>
- </tr>
- <tr>
- <td>
- <h5>Who:</h5>
- <div class="whoTypes">
- <input type="text" name="who" size="20"/><br/>
- <input type="radio" value="user" name="whoType" checked="checked"/> user
- <input type="radio" value="group" name="whoType"/> group
- <p>OR</p>
- <p>
- <input type="radio" value="owner" name="whoType"/> owner<br/>
- <input type="radio" value="auth" name="whoType"/> authenticated<br/>
- <input type="radio" value="unauth" name="whoType"/> unauthenticated<br/>
- <input type="radio" value="all" name="whoType"/> all users
- </p>
- <input type="button" name="updateACLs" value="add entry" onclick="bwAcl.update(this.form,'{$outputId}')"/>
- </div>
- </td>
- <td>
- <h5>
- <span id="accessRightsToggle">
- <xsl:choose>
- <xsl:when test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
- <input type="radio" name="setappvar" value="accessRightsToggle(basic)" onclick="changeClass('howList','visible');changeClass('howTable','invisible');"/>basic
- <input type="radio" name="setappvar" value="accessRightsToggle(advanced)" checked="checked" onclick="changeClass('howList','invisible');changeClass('howTable','visible');"/>advanced
- </xsl:when>
- <xsl:otherwise>
- <input type="radio" name="setappvar" value="accessRightsToggle(basic)" checked="checked" onclick="changeClass('howList','visible');changeClass('howTable','invisible');"/>basic
- <input type="radio" name="setappvar" value="accessRightsToggle(advanced)" onclick="changeClass('howList','invisible');changeClass('howTable','visible');"/>advanced
- </xsl:otherwise>
- </xsl:choose>
- </span>
- Rights:
- </h5>
- <input type="hidden" name="how" value="" id="bwCurrentHow"/>
- <!-- field 'acl' will receive xml for method 2 -->
- <input type="hidden" name="acl" value="" id="bwCurrentAcl" />
- <!-- Advanced Access Rights: -->
- <!-- the "how" field is set by iterating over the howItems below -->
- <table id="howTable" class="invisible" cellspacing="0">
- <xsl:if test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
- <xsl:attribute name="class">visible</xsl:attribute>
- </xsl:if>
- <tr>
- <th>access type</th>
- <th>allow</th>
- <th>deny</th>
- </tr>
- <tr>
- <td class="level1">
- <input type="checkbox" value="A" id="accessAll" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/>All
- </td>
- <td>
- <input type="radio" value="A" name="accessAll" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-A" name="accessAll" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level2">
- <input type="checkbox" value="R" id="accessRead" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)" checked="checked"/> Read
- </td>
- <td>
- <input type="radio" value="R" name="accessRead" checked="checked"/>
- </td>
- <td>
- <input type="radio" value="-R" name="accessRead"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="r" id="r" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read ACL
- </td>
- <td>
- <input type="radio" value="r" name="r" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-r" name="r" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="P" id="accessPriv" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read current user privilege set
- </td>
- <td>
- <input type="radio" value="P" name="accessPriv" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-P" name="accessPriv" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="F" id="F" name="howItem" disabled="disabled" onclick="toggleAllowDenyFlag(this, this.form)"/> read freebusy
- </td>
- <td>
- <input type="radio" value="F" name="F" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-F" name="F" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level2">
- <input type="checkbox" value="W" id="W" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> Write
- </td>
- <td>
- <input type="radio" value="W" name="W" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-W" name="W" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="a" id="a" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write ACL
- </td>
- <td>
- <input type="radio" value="a" name="a" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-a" name="a" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="p" id="p" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write properties
- </td>
- <td>
- <input type="radio" value="p" name="p" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-p" name="p" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="c" id="c" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> write content
- </td>
- <td>
- <input type="radio" value="c" name="c" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-c" name="c" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level3">
- <input type="checkbox" value="b" id="b" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> create (bind)
- </td>
- <td>
- <input type="radio" value="b" name="b" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-b" name="b" disabled="disabled"/>
- </td>
- </tr>
- <xsl:if test="$type = 'inbox' or $type = 'outbox'">
- <tr>
- <td class="level4">
- <input type="checkbox" value="S" id="accessSchedule" name="howItem" onclick="setupAccessForm(this, this.form); toggleAllowDenyFlag(this, this.form)"/> schedule
- </td>
- <td>
- <input type="radio" value="S" name="accessSchedule" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-S" name="accessSchedule" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level5">
- <input type="checkbox" value="t" id="t" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule request
- </td>
- <td>
- <input type="radio" value="t" name="t" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-t" name="t" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level5">
- <input type="checkbox" value="y" id="y" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule reply
- </td>
- <td>
- <input type="radio" value="y" name="y" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-y" name="y" disabled="disabled"/>
- </td>
- </tr>
- <tr>
- <td class="level5">
- <input type="checkbox" value="s" id="s" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> schedule free-busy
- </td>
- <td>
- <input type="radio" value="s" name="s" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-s" name="s" disabled="disabled"/>
- </td>
- </tr>
- </xsl:if>
- <tr>
- <td class="level3">
- <input type="checkbox" value="u" id="u" name="howItem" onclick="toggleAllowDenyFlag(this, this.form)"/> delete (unbind)
- </td>
- <td>
- <input type="radio" value="u" name="u" checked="checked" disabled="disabled"/>
- </td>
- <td>
- <input type="radio" value="-u" name="u" disabled="disabled"/>
- </td>
- </tr>
- <!--<tr>
- <td class="level1">
- <input type="checkbox" value="N" name="howItem" onclick="setupAccessForm(this, this.form)"/> None
- </td>
- <td>
- </td>
- <td>
- </td>
- </tr>-->
- </table>
- <!-- Simple Access Rights: -->
- <!-- the "how" field is set by getting the selected basicHowItem -->
- <ul id="howList">
- <xsl:if test="/bedework/appvar[key='accessRightsToggle']/value='advanced'">
- <xsl:attribute name="class">invisible</xsl:attribute>
- </xsl:if>
- <li>
- <input type="radio" value="A" name="basicHowItem"/>All
- </li>
- <li>
- <input type="radio" value="R" name="basicHowItem" checked="checked"/>Read only
- </li>
- </ul>
- </td>
- </tr>
- </table>
- </xsl:template>
-
<xsl:template match="acl" mode="currentAccess">
<h3>Current Access:</h3>
<div id="bwCurrentAccessWidget"> </div>
Deleted: trunk/deployment/webuser/webapp/resources/demoskins/resources/bedeworkAccess.js
===================================================================
--- trunk/deployment/webuser/webapp/resources/demoskins/resources/bedeworkAccess.js 2009-02-27 03:30:03 UTC (rev 2078)
+++ trunk/deployment/webuser/webapp/resources/demoskins/resources/bedeworkAccess.js 2009-02-27 03:58:56 UTC (rev 2079)
@@ -1,707 +0,0 @@
-/* Bedework Access control form functions
-
- Bedework uses to methods to set access control. The first and older method
- is to send a single access control string per principal in one
- request/response cycle. The second and more current method (which is
- required in the event form) is to build a javascript object representing
- the acls on an item (e.g. an event), manipulate the object with the GUI, and send
- all the acls in a single request parameter. Both methods are currently used.
- Method one is used for calendar access, method two for event access. In time
- we will probably move all access control to use method two.
-
-/* **********************************************************************
- Copyright 2007 Rensselaer Polytechnic Institute. All worldwide rights reserved.
-
- Redistribution and use of this distribution in source and binary forms,
- with or without modification, are permitted provided that:
- The above copyright notice and this permission notice appear in all
- copies and supporting documentation;
-
- The name, identifiers, and trademarks of Rensselaer Polytechnic
- Institute are not used in advertising or publicity without the
- express prior written permission of Rensselaer Polytechnic Institute;
-
- DISCLAIMER: The software is distributed" AS IS" without any express or
- implied warranty, including but not limited to, any implied warranties
- of merchantability or fitness for a particular purpose or any warrant)'
- of non-infringement of any current or pending patent rights. The authors
- of the software make no representations about the suitability of this
- software for any particular purpose. The entire risk as to the quality
- and performance of the software is with the user. Should the software
- prove defective, the user assumes the cost of all necessary servicing,
- repair or correction. In particular, neither Rensselaer Polytechnic
- Institute, nor the authors of the software are liable for any indirect,
- special, consequential, or incidental damages related to the software,
- to the maximum extent the law permits. */
-
-// This toggles various elements in the access control form when
-// a checkbox for All, Read, Write, Bind, Schedule, or None is clicked.
-// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
-// named after the howItem's value (e.g. "A","R","F","N", etc). We enable
-// and disable the corresponding radio buttons as well.
-
-// ========================================================================
-// ========================================================================
-// Language and customization
-// These should come from values in the header or included as a separate cutomization
-// file.
-
-var authenticatedStr = "authenticated";
-var unauthenticatedStr = "unauthenticated";
-var ownerStr = "owner";
-var otherStr = "other";
-var grantStr = "grant";
-var denyStr = "deny"
-var allStr = "all";
-
-var bwAclWidgetDeleteStr = "remove";
-var bwAclWidgetEntryStr = "Entry";
-var bwAclWidgetAccessStr = "Access";
-var bwAclWidgetInheritedStr = "Inherited from";
-
-// note that resourcesRoot is passed in from the html head section defined in the xslt
-var trashIcon = '<img src="' + resourcesRoot + '/resources/trashIcon.gif" width="13" height="13" border="0" alt="remove"/>';
-var userIcon = '<img src="' + resourcesRoot + '/resources/userIcon.gif" width="13" height="13" border="0" alt="user"/>';
-var groupIcon = '<img src="' + resourcesRoot + '/resources/groupIcon.gif" width="13" height="13" border="0" alt="group"/>';
-
-// How granted accesses appear
-var howAllVal = "all";
-
-var howReadVal = "read";
-var howReadAclVal = "read-acl";
-var howReadCurPrivSetVal = "read-curprivset";
-var howReadFreebusyVal = "read-freebusy ";
-
-var howWriteVal = "write";
-var howWriteAclVal = "write-acl";
-var howWritePropertiesVal = "write-properties";
-var howWriteContentVal = "write-content";
-
-var howBindVal = "create";
-var howScheduleVal = "schedule";
-var howScheduleRequestVal = "schedule-request";
-var howScheduleReplyVal = "schedule-reply";
-var howScheduleFreebusyVal = "schedule-freebusy";
-
-var howUnbindVal = "delete";
-
-var howUnlockVal = "unlock";
-
-// How denied accesses appear
-var howDenyAllVal = "none";
-
-var howDenyReadVal = "not-read";
-var howDenyReadAclVal = "not-read-acl";
-var howDenyReadCurPrivSetVal = "not-read-curprivset";
-var howDenyReadFreebusyVal = "not-read-freebusy ";
-
-var howDenyWriteVal = "not-write";
-var howDenyWriteAclVal = "not-write-acl";
-var howDenyWritePropertiesVal = "not-write-properties";
-var howDenyWriteContentVal = "not-write-content";
-
-var howDenyBindVal = "not-create";
-var howDenyScheduleVal = "not-schedule";
-var howDenyScheduleRequestVal = "not-schedule-request";
-var howDenyScheduleReplyVal = "not-schedule-reply";
-var howDenyScheduleFreebusyVal = "not-schedule-freebusy";
-
-var howDenyUnbindVal = "not-delete";
-
-var howDenyUnlockVal = "not-unlock";
-
-//var howNoneVal = "none";
-
-/* We shouldn't use the word local - it probably doesn't mean too much and it might actually be
- inherited from something called /local for example */
-var inheritedStr = "not inherited";
-
-// **************************
-// The prefixes come from the directory code so should be emitted by the jsp.
-// We may have problems here as convertng from a user id to a principal might be
-// awkward
-
-var principalPrefix = "/principals/";
-var userPrincipalPrefix = "/principals/users/";
-var groupPrincipalPrefix = "/principals/groups/";
-var resourcePrincipalPrefix = "/principals/resources/";
-
-// ========================================================================
-// ========================================================================
-
-// .......................................................
-// Some constants
-// .......................................................
-
-var xmlHeader = "<?xml version='1.0' encoding='utf-8' ?>";
-var nameSpaces = "xmlns:D='DAV:' " +
- "xmlns:C='urn:ietf:params:xml:ns:caldav'";
-
-var davNS = "D:";
-var caldavNS = "C:";
-
-/* Define how values,
- par: how,
- par: the contained hows
- par: dav element name
- par: display name */
-function howVals(h, cont, davEl, dv, ddv) {
- var how;
- var contains;
- var davEl;
- var dispVal;
- var denyDispVal;
-
- this.how = h;
- this.contains = cont;
- this.davEl = davEl;
- this.dispVal = dv;
- this.denyDispVal = ddv;
-
- /* return true if ch is contained in this access */
- this.doesContain = function(ch) {
- return this.contains.match(ch) != null;
- }
-
- this.getDispVal = function(negated) {
- if (negated) {
- return this.denyDispVal;
- }
-
- return this.dispVal;
- }
-}
-
-var hows = new function() {
- var hv = new Array();
-
- hv.push(new howVals("A", "RrPFWapcbStysuN", "<D:all/>", howAllVal, howDenyAllVal));
-
- hv.push(new howVals("R", "rPF", "<D:read/>", howReadVal, howDenyReadVal));
- hv.push(new howVals("r", "", "<D:read-acl/>", howReadAclVal, howDenyReadAclVal));
- hv.push(new howVals("P", "", "<D:read-current-user-privilege-set/>", howReadCurPrivSetVal, howDenyReadCurPrivSetVal));
- hv.push(new howVals("F", "", "<C:read-free-busy/>", howReadFreebusyVal, howDenyReadFreebusyVal));
-
- hv.push(new howVals("W", "apcbStysuN", "<D:write/>", howWriteVal, howDenyWriteVal));
- hv.push(new howVals("a", "", "<D:write-acl/>", howWriteAclVal, howDenyWriteAclVal));
- hv.push(new howVals("p", "", "<D:write-properties/>", howWritePropertiesVal, howDenyWritePropertiesVal));
- hv.push(new howVals("c", "", "<D:write-content/>", howWriteContentVal, howDenyWriteContentVal));
-
- hv.push(new howVals("b", "Stys", "<D:bind/>", howBindVal, howDenyBindVal));
- hv.push(new howVals("S", "tys", "<C:schedule/>", howScheduleVal, howDenyScheduleVal));
- hv.push(new howVals("t", "", "<C:schedule-request/>", howScheduleRequestVal, howDenyScheduleRequestVal));
- hv.push(new howVals("y", "", "<C:schedule-reply/>", howScheduleReplyVal, howDenyScheduleReplyVal));
- hv.push(new howVals("s", "", "<C:schedule-free-busy/>", howScheduleFreebusyVal, howDenyScheduleFreebusyVal));
-
- hv.push(new howVals("u", "", "<D:unbind/>", howUnbindVal, howDenyUnbindVal));
-
- hv.push(new howVals("U", "", "<D:unlock/>", howUnlockVal, howDenyUnlockVal));
-
- //hv.push(new howVals("N", "rPFapcbStysu", "", howNoneVal)); // None is -A
-
- this. getHows = function(ch) {
- for (var i = 0; i < hv.length; i++) {
- if (hv[i].how == ch) {
- return hv[i];
- }
- }
-
- alert("No how values for how=" + ch);
-
- return null;
- }
-}
-
-function setupAccessForm(chkBoxObj, formObj) {
- var hvs; // howVals
-
- /* If we checked/unchecked a value that contains other values we need
- to uncheck and disable the contained boxes. */
-
- hvs = hows.getHows(chkBoxObj.value);
-
- if (hvs.contains == "") {
- // Doesn't contain anything
- return;
- }
-
- for (i = 0; i < formObj.howItem.length; i++) {
- if (hvs.doesContain(formObj.howItem[i].value)) {
- if (chkBoxObj.checked == true) {
- formObj.howItem[i].checked = false;
- formObj.howItem[i].disabled = true;
- // now iterate over corresponding radio buttons for each howItem
- for (j = 0; j < formObj[formObj.howItem[i].id].length; j++) {
- formObj[formObj.howItem[i].id][j].disabled = true;
- }
- } else {
- formObj.howItem[i].disabled = false;
- }
- }
- }
-}
-
-// enable and disable corresponding allow/deny flags when a howItem checkbox is
-// clicked
-function toggleAllowDenyFlag(chkBoxObj,formObj) {
- if (chkBoxObj.checked == true) {
- activateAllowDenyFlag(chkBoxObj.id, formObj, false);
- } else {
- activateAllowDenyFlag(chkBoxObj.id, formObj, true);
- }
-}
-
-// iterate over the allow/deny radio buttons and set them to true or false
-function activateAllowDenyFlag(val,formObj,disabledFlag) {
- for (i = 0; i < formObj[val].length; i++) {
- if (formObj[val][i].type == "radio") { //skip the checkbox with matching id
- formObj[val][i].disabled = disabledFlag;
- }
- }
-}
-
-// Gather up the how values on access form submission and return the value.
-// If in "basic" mode:
-// Set the value of how to the value of the basicHowItem radio button.
-// If in "advanced" mode:
-// Each howItem (checkbox) has a corresponding allow/deny flag (radio button)
-// named after the howItem's value (e.g. "A","R","F","N", etc).
-// The allow/deny flag contains the final values to be returned with
-// the "-" switch if we set the value to deny (e.g. "A" or "-A", "R" or "-R").
-function setAccessHow(formObj) {
- var howString = "";
- if (formObj.setappvar[0].checked == true) { // "basic" mode is selected
- for (i = 0; i < formObj.basicHowItem.length; i++) {
- if (formObj.basicHowItem[i].checked == true) {
- howString = formObj.basicHowItem[i].value;
- }
- }
- } else { // "advanced" mode is selected
- for (i = 0; i < formObj.howItem.length; i++) {
- if (formObj.howItem[i].checked == true) {
- var howItemId = formObj.howItem[i].id; // get the howItem id and
- for (j = 0; j < formObj[howItemId].length; j++) { // look up the value from the corresponding allow/deny flag
- if ((formObj[howItemId][j].checked == true) && (formObj[howItemId][j].type == "radio")) {
- howString += formObj[howItemId][j].value;
- }
- }
- }
- }
- }
- return howString;
-}
-
-/* Information about a principal
- */
-function bwPrincipal(who, whoType) {
- this.whoType = whoType;
-
- if ((whoType == "auth") ||
- (whoType == "unauth") ||
- (whoType == "owner") ||
- (whoType == "all") ||
- (whoType == "other")) {
- // Don't set who
- } else {
- this.who = who;
-
- // Don't touch email like addresses
- if (who.indexOf("@") < 0) {
- // Normalize the who
- if (whoType == "user") {
- if (who.indexOf(principalPrefix) != "0") {
- who = userPrincipalPrefix + who;
- }
- } else if (whoType == "group") {
- if (who.indexOf(principalPrefix) != "0") {
- who = groupPrincipalPrefix + who;
- }
- } else if (whoType == "resource") {
- if (who.indexOf(principalPrefix) != "0") {
- who = resourcePrincipalPrefix + who;
- }
- }
- }
- }
-
- // format the who string for on-screen display
- this.format = function() {
- if (whoType == "user") {
- return userIcon + " " + who;
- }
-
- if (whoType == "group") {
- return groupIcon + " " + who;
- }
-
- if (whoType == "resource") {
- return who;
- }
-
- if (whoType == "auth") {
- return groupIcon + " " + authenticatedStr;
- }
-
- if (whoType == "unauth") {
- return groupIcon + " " + unauthenticatedStr;
- }
-
- if (whoType == "owner") {
- return userIcon + " " + ownerStr;
- }
-
- if (whoType == "other") {
- return groupIcon + " " + otherStr;
- }
-
- if (whoType == "all") {
- return groupIcon + " " + allStr;
- }
-
- return "***************" + whoType;
- }
-
- // format the who string for xml representation
- this.formatXml = function() {
- if (whoType == "user") {
- return who;
- }
-
- if (whoType == "group") {
- return who;
- }
-
- if (whoType == "resource") {
- return who;
- }
-
- if (whoType == "auth") {
- return authenticatedStr;
- }
-
- if (whoType == "unauth") {
- return unauthenticatedStr;
- }
-
- if (whoType == "owner") {
- return ownerStr;
- }
-
- if (whoType == "other") {
- return otherStr;
- }
-
- if (whoType == "all") {
- return allStr;
- }
-
- return "***************" + whoType;
- }
-
- this.toXml = function() {
- var w = this.formatXml();
-
- if (whoType == "other") {
- return " <D:invert>\n <D:principal><D:owner/></D:principal>\n </D:invert>";
- }
-
- var res = " <D:principal>\n";
-
- if (w.indexOf(principalPrefix) == "0") {
- res += " <D:href>" + w + "</D:href>\n";
- } else if (whoType == "auth") {
- res += " <D:authenticated/>\n";
- } else if (whoType == "unauth") {
- res += " <D:unauthenticated/>\n";
- } else if (whoType == "all") {
- res += " <D:all/>\n";
- } else if (whoType == "owner") {
- res += " <D:property><D:owner/></D:property>\n";
- } else {
- res += "************??????" + whoType;
- }
-
- return res + " </D:principal>\n";
- }
-
- this.toString = function() {
- return "bwPrincipal[who=" + this.who + ", whoType=" + this.whoType + "]";
- }
-
- this.equals = function(pr) {
- if (this.whoType != pr.whoType) {
- return false;
- }
- return this.who == pr.who;
- }
-}
-
-/* Access Control Entry (ACE) object
- */
-function bwAce(who, whoType, how, inherited, invert) {
- this.principal = new bwPrincipal(who, whoType);
- this.how = how;
- this.inherited = inherited;
- this.invert = invert; // boolean
-
- this.equals = function(ace) {
- return this.principal.equals(ace.principal);
- }
-
- // format the who string for on-screen display
- this.formatWho = function() {
- return this.principal.format();
- }
-
- // format the how string for on-screen display
- this.formatHow = function() {
- var formattedHow = "";
-
- for (var i = 0; i < how.length; i++) {
- var h = how[i];
- var negated = false;
- var grantDenyStr = grantStr;
- if (h == "-") {
- negated = true;
- grantDenyStr = denyStr;
- i++;
- h = how[i];
- }
-
- formattedHow += '<span class="' + grantDenyStr + '">' + hows.getHows(h).getDispVal(negated) + '</span>';
- if (i != how.length-1) {
- formattedHow += ', ';
- }
- }
-
- return formattedHow;
- }
-
- this.formatInherited = function() {
- if (inherited != "") {
- return inherited;
- }
-
- return inheritedStr;
- }
-
- this.howsToXml = function(doGrants) {
- var open = false;
- var res = "";
-
- for (var hi = 0; hi < how.length; hi++) {
- var h = how[hi];
-
- if (doGrants && (h == "-")) {
- // skip
- hi++;
- } else if (!doGrants && (h != "-")) {
- // skip
- } else {
- if (h == "-") {
- hi++;
- h = how[hi];
- }
-
- var hvs = hows.getHows(h);
-
- if (!open) {
- if (doGrants) {
- res += " <D:grant>\n";
- } else {
- res += " <D:deny>\n";
- }
-
- open = true;
- }
-
- res += " <D:privilege>" + hvs.davEl + "</D:privilege>\n";
- }
- }
-
- if (open) {
- if (doGrants) {
- res += " </D:grant>\n";
- } else {
- res += " </D:deny>\n";
- }
- }
-
- return res;
- }
-
- this.toXml = function() {
- var res = " <D:ace>\n" + this.principal.toXml();
-
- res += this.howsToXml(true);
- res += this.howsToXml(false);
-
- if (this.inherited != "") {
- res += " <D:inherited><D:href>" + this.inherited + "</D:href></D:inherited>";
- }
-
- return res + " </D:ace>\n";
- }
-
- // row: current row in table
- // aceI: index of the ace
- // id: id of widget output block in the html
- this.toFormRow = function(row, aceI, id) {
- var td_0 = row.insertCell(0);
- td_0.innerHTML = this.principal.format();
- var td_1 = row.insertCell(1);
- td_1.innerHTML = this.formatHow();
- row.insertCell(2).appendChild(document.createTextNode(this.formatInherited()));
- var td_3 = row.insertCell(3);
- if (this.inherited == "") {
- td_3.innerHTML = "<a href=\"javascript:bwAcl.deleteAce('" + aceI + "','" + id + "')\">" + trashIcon + " " + bwAclWidgetDeleteStr + "</a>";
- }
- }
-}
-
-// Access Control List (ACL) object - an array of ACEs
-// The bwAcl object is initialized during the XSLT transform.
-var bwAcl = new function() {
- var aces = new Array();
-
- /* If we delete an ace we need to reinstate any inherited access for the same principal
- */
- var savedInherited = new Array();
-
- // Initialize the list.
- // The function expects a comma-separated list of arguments grouped
- // into the five ACE properties.
- this.init = function(who, whoType, how, inherited, invert) {
- var newAce = new bwAce(who, whoType, how, inherited, invert);
- aces.push(newAce);
- if (inherited != "") {
- savedInherited.push(newAce);
- }
- }
-
- // Add or update an ace
- this.addAce = function(newAce) {
- // expects a bwAce object as parameter
- for (var i = 0; i < aces.length; i++) {
- if (aces[i].equals(newAce)) {
- // replace an existing ace
- aces[i] = newAce;
- return;
- }
- }
- // not found: add ace to end of array
- aces.push(newAce);
- }
-
- // Update the list - expects the browser form object
- this.update = function(formObj,id) {
- // get the type of ace being set
- var type;
- for (i = 0; i < formObj.whoType.length; i++) {
- if (formObj.whoType[i].checked == true) {
- type = formObj.whoType[i].value;
- }
- }
-
- // validate for user or group
- if ((type == 'user' || type == 'group') && formObj.who.value == '') {
- alert("you must enter a user or group name");
- formObj.who.focus();
- return;
- }
-
- // get the how string from the form
- var how = setAccessHow(formObj);
-
- //alert("About to update who=" + formObj.who.value +
- // "\ntype= " + type + "\nhow=" + how);
-
- this.addAce(new bwAce(formObj.who.value, type, how, "" , false));
- formObj.who.value = "";
-
- // update the acl form field
- var formAcl = document.getElementById("bwCurrentAcl");
- formAcl.value = this.toXml();
-
- // redraw the display
- this.display(id);
- }
-
- this.deleteAce = function(index,id) {
- var ace = aces[index];
- var replace = false;
-
- for (var si = 0; si < savedInherited.length; si++) {
- if (savedInherited[si].equals(ace)) {
- ace = savedInherited[si];
- replace = true;
- break;
- }
- }
-
- if (replace) {
- aces[index] = ace;
- } else {
- aces.splice(index, 1);
- }
-
- // update the acl form field
- var formAcl = document.getElementById("bwCurrentAcl");
- formAcl.value = this.toXml();
-
- // redraw the display
- this.display(id);
- }
-
- // build the ACL widget displayed on screen in the given id
- this.display = function(id) {
- try {
-
- var aclWidget = document.getElementById(id);
- aclWidget.innerHTML = "";
-
- var bwCurrentAccess = document.createElement("table");
- bwCurrentAccess.className = "common scheduling";
- bwCurrentAccess.id = "bwCurrentAccess";
- bwCurrentAccess.createTHead();
- bwCurrAccessHead = bwCurrentAccess.tHead.insertRow(0);
- bwCurrAccessHead.innerHTML = '<th>' + bwAclWidgetEntryStr + '</th>' + '<th>' + bwAclWidgetAccessStr + '</th>' + '<th>' + bwAclWidgetInheritedStr + '</th><th></th>';
- var bwCurrAccessTBody = document.createElement("tbody");
- bwCurrentAccess.appendChild(bwCurrAccessTBody);
-
- // finally, write the table back to the display
- aclWidget.appendChild(bwCurrentAccess);
-
- // get the table body
- var aclTableBody = document.getElementById("bwCurrentAccess").tBodies[0];
-
- // remove existing rows
- //for (i = aclTableBody.rows.length - 1; i >= 0; i--) {
- // aclTableBody.deleteRow(i);
- //}
-
- // create the table rows
- for (var j = 0; j < aces.length; j++) {
- var curAce = aces[j];
- var tr = aclTableBody.insertRow(j);
-
- curAce.toFormRow(tr, j, id);
- }
-
- } catch (e) {
- alert(e);
- }
- }
-
- // generate webDAV ACl XML output
- this.toXml = function() {
- var res = xmlHeader + "\n<D:acl " + nameSpaces + " >\n";
-
- for (var j = 0; j < aces.length; j++) {
- res += aces[j].toXml();
- }
-
- return res + "</D:acl>";
- }
-}
-
More information about the Bedework-commit
mailing list