ACL editor

Former-commit-id: 10a0bbb0

plugins/org.jkiss.dbeaver.ext.postgresql/src/org/jkiss/dbeaver/ext/postgresql/model/PostgrePrivilegeType.java

@@ -23,7 +23,7 @@ import org.jkiss.dbeaver.model.access.DBAPrivilegeType;
  */
 public enum PostgrePrivilegeType implements DBAPrivilegeType {
     // ALL privs
-    ALL(' ', true, Object.class),
+    ALL(' ', false, Object.class),
     // TABLE privs
     SELECT('r', true, PostgreTableBase.class, PostgreTableColumn.class),
     INSERT('a', true, PostgreTableReal.class, PostgreTableColumn.class),

plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/access/DBAPrivilege.java

@@ -23,4 +23,7 @@ import org.jkiss.dbeaver.model.struct.DBSObject;
  * Privilege
  */
 public interface DBAPrivilege extends DBSObject {
+
+    //DBAPrivilegeType[] getTypes();
+
 }
\ No newline at end of file

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/ACLCommandChangePrivilege.java

+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2019 Serge Rider (serge@jkiss.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ui.editors.acl;
+
+import org.jkiss.dbeaver.model.access.DBAPrivilege;
+import org.jkiss.dbeaver.model.access.DBAPrivilegeOwner;
+import org.jkiss.dbeaver.model.access.DBAPrivilegeType;
+import org.jkiss.dbeaver.model.edit.DBECommand;
+import org.jkiss.dbeaver.model.edit.DBEPersistAction;
+import org.jkiss.dbeaver.model.impl.edit.DBECommandAbstract;
+import org.jkiss.dbeaver.model.impl.edit.SQLDatabasePersistAction;
+import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
+import org.jkiss.dbeaver.ui.editors.acl.internal.ACLMessages;
+
+import java.util.Map;
+
+/**
+ * Grant/Revoke privilege command
+ */
+public class ACLCommandChangePrivilege extends DBECommandAbstract<DBAPrivilegeOwner> {
+
+    private ObjectACLManager aclManager;
+    private boolean grant;
+    private DBAPrivilege privilege;
+    private DBAPrivilegeType[] privilegeTypes;
+
+    public ACLCommandChangePrivilege(ObjectACLManager aclManager, DBAPrivilegeOwner user, boolean grant, DBAPrivilege privilege, DBAPrivilegeType[] privilegeTypes)
+    {
+        super(user, grant ? ACLMessages.edit_command_grant_privilege_action_grant_privilege : ACLMessages.edit_command_grant_privilege_action_revoke_privilege);
+        this.aclManager = aclManager;
+        this.grant = grant;
+        this.privilege = privilege;
+        this.privilegeTypes = privilegeTypes;
+    }
+
+    @Override
+    public void updateModel()
+    {
+        //getObject().clearGrantsCache();
+    }
+
+    @Override
+    public DBEPersistAction[] getPersistActions(DBRProgressMonitor monitor, Map<String, Object> options)
+    {
+        DBAPrivilegeOwner object = getObject();
+
+        String grantScript = aclManager.generatePermissionChangeScript(monitor, object, grant, privilege, privilegeTypes, options);
+        return new DBEPersistAction[] {
+            new SQLDatabasePersistAction(
+                ACLMessages.edit_command_grant_privilege_action_grant_privilege,
+                grantScript)
+        };
+    }
+
+    @Override
+    public DBECommand<?> merge(DBECommand<?> prevCommand, Map<Object, Object> userParams)
+    {
+        if (prevCommand instanceof ACLCommandChangePrivilege) {
+            ACLCommandChangePrivilege prevGrant = (ACLCommandChangePrivilege) prevCommand;
+            if (prevGrant.privilege == privilege && prevGrant.privilegeTypes == privilegeTypes) {
+                if (prevGrant.grant == grant) {
+                    return prevCommand;
+                } else {
+                    return null;
+                }
+            }
+        }
+        return super.merge(prevCommand, userParams);
+    }
+
+}

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/BaseACLManager.java

+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2019 Serge Rider (serge@jkiss.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ui.editors.acl;
+
+import org.jkiss.dbeaver.model.DBPEvaluationContext;
+import org.jkiss.dbeaver.model.DBUtils;
+import org.jkiss.dbeaver.model.access.DBAPrivilege;
+import org.jkiss.dbeaver.model.access.DBAPrivilegeType;
+import org.jkiss.dbeaver.model.struct.DBSObject;
+
+/**
+ * PostgresRolePrivilegesEditor
+ */
+public abstract class BaseACLManager<PRIVILEGE extends DBAPrivilege, PRIVILEGE_TYPE extends DBAPrivilegeType> implements ObjectACLManager<PRIVILEGE, PRIVILEGE_TYPE> {
+
+    public String getObjectUniqueName(DBSObject object) {
+        return DBUtils.getObjectFullName(object, DBPEvaluationContext.DDL);
+    }
+
+}
\ No newline at end of file

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/ObjectACLEditor.java

@@ -22,6 +22,7 @@ import org.eclipse.jface.dialogs.ControlEnableState;
 import org.eclipse.jface.viewers.TreeViewer;
 import org.eclipse.jface.viewers.Viewer;
 import org.eclipse.jface.viewers.ViewerFilter;
+import org.eclipse.jgit.annotations.Nullable;
 import org.eclipse.swt.SWT;
 import org.eclipse.swt.custom.SashForm;
 import org.eclipse.swt.events.MouseAdapter;
@@ -41,7 +42,7 @@ import org.jkiss.dbeaver.DBException;
 import org.jkiss.dbeaver.model.DBPEvaluationContext;
 import org.jkiss.dbeaver.model.DBUtils;
 import org.jkiss.dbeaver.model.access.*;
-import org.jkiss.dbeaver.model.access.DBAPrivilege;
+import org.jkiss.dbeaver.model.edit.DBECommandReflector;
 import org.jkiss.dbeaver.model.navigator.*;
 import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
 import org.jkiss.dbeaver.model.runtime.VoidProgressMonitor;
@@ -53,6 +54,7 @@ import org.jkiss.dbeaver.runtime.DBWorkbench;
 import org.jkiss.dbeaver.ui.LoadingJob;
 import org.jkiss.dbeaver.ui.UIUtils;
 import org.jkiss.dbeaver.ui.controls.ProgressPageControl;
+import org.jkiss.dbeaver.ui.controls.ViewerColumnController;
 import org.jkiss.dbeaver.ui.editors.AbstractDatabaseObjectEditor;
 import org.jkiss.dbeaver.ui.editors.DatabaseEditorUtils;
 import org.jkiss.dbeaver.ui.navigator.NavigatorUtils;
@@ -63,12 +65,15 @@ import org.jkiss.utils.ArrayUtils;
 import org.jkiss.utils.CommonUtils;
 
 import java.lang.reflect.InvocationTargetException;
-import java.util.*;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
 
 /**
  * PostgresRolePrivilegesEditor
  */
-public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPrivilegeOwner>
+public abstract class ObjectACLEditor<PRIVILEGE extends DBAPrivilege, PRIVILEGE_TYPE extends DBAPrivilegeType> extends AbstractDatabaseObjectEditor<DBAPrivilegeOwner>
 {
     private PageControl pageControl;
 
@@ -83,13 +88,7 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
     private Map<String, DBAPrivilege> privilegeMap = new HashMap<>();
     private Text objectDescriptionText;
 
-    protected abstract DBAPrivilegeType[] getPrivilegeTypes();
-
-    protected abstract DBAPrivilege createNewPrivilege(DBAPrivilegeOwner owner, DBSObject object, DBAPrivilege privilege);
-
-    protected String getObjectUniqueName(DBSObject object) {
-        return DBUtils.getObjectFullName(object, DBPEvaluationContext.DDL);
-    }
+    protected abstract ObjectACLManager<PRIVILEGE, PRIVILEGE_TYPE> getACLManager();
 
     public void createPartControl(Composite parent) {
         this.pageControl = new PageControl(parent);
@@ -156,6 +155,8 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
             permissionTable.setLayoutData(new GridData(GridData.FILL_HORIZONTAL));
             permissionTable.setHeaderVisible(true);
             permissionTable.setLinesVisible(true);
+
+            //ViewerColumnController controller
             UIUtils.createTableColumn(permissionTable, SWT.LEFT, "Permission");
             UIUtils.createTableColumn(permissionTable, SWT.CENTER, "With GRANT");
             UIUtils.createTableColumn(permissionTable, SWT.CENTER, "With Hierarchy");
@@ -175,7 +176,7 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
             });
 
             if (!isRoleEditor()) {
-                for (DBAPrivilegeType pt : getPrivilegeTypes()) {
+                for (PRIVILEGE_TYPE pt : getACLManager().getPrivilegeTypes()) {
                     if (!pt.isValid() || !pt.supportsType(getDatabaseObject().getClass())) {
                         continue;
                     }
@@ -241,10 +242,10 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
             return privilegeMap.get(DBUtils.getObjectFullName(object, DBPEvaluationContext.DDL));
         }
 */
-        return privilegeMap.get(getObjectUniqueName(object));
+        return privilegeMap.get(getACLManager().getObjectUniqueName(object));
     }
 
-    private void updateCurrentPrivileges(boolean grant, DBAPrivilegeType privilegeType) {
+    private void updateCurrentPrivileges(boolean grant, @Nullable  DBAPrivilegeType privilegeType) {
 
         if (ArrayUtils.isEmpty(currentObjects)) {
             DBWorkbench.getPlatformUI().showError("Update privilege", "Can't update privilege - no current object");
@@ -259,38 +260,35 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
                     // No permission - nothing to revoke
                     continue;
                 }
-                privilege = createNewPrivilege(getDatabaseObject(), currentObject, privilege);
+                privilege = getACLManager().createNewPrivilege(getDatabaseObject(), currentObject, null);
                 // Add to map
                 privilegeMap.put(privilege.getName(), privilege);
-            } else if (privilegeType != null) {
+            }/* else if (privilegeType != null) {
                 // Check for privilege was already granted for this object
-/*
-                boolean hasPriv = privilege.getPermission(privilegeType) != PostgrePermission.NONE;
+                boolean hasPriv = ArrayUtils.contains(privilege.getTypes(), privilegeType);
                 if (grant == hasPriv) {
                     continue;
                 }
-*/
-            }
+            }*/
 
-/*
             // Add command
             addChangeCommand(
-                new PostgreCommandGrantPrivilege(
+                new ACLCommandChangePrivilege(
+                    getACLManager(),
                     getDatabaseObject(),
                     grant,
                     privilege,
                     privilegeType == null ? null : new DBAPrivilegeType[] { privilegeType }),
-                new DBECommandReflector<DBAPrivilegeOwner, PostgreCommandGrantPrivilege>() {
+                new DBECommandReflector<DBAPrivilegeOwner, ACLCommandChangePrivilege>() {
                     @Override
-                    public void redoCommand(PostgreCommandGrantPrivilege cmd)
+                    public void redoCommand(ACLCommandChangePrivilege cmd)
                     {
                     }
                     @Override
-                    public void undoCommand(PostgreCommandGrantPrivilege cmd)
+                    public void undoCommand(ACLCommandChangePrivilege cmd)
                     {
                     }
                 });
-*/
 
         }
     }
@@ -305,7 +303,7 @@ public abstract class ObjectACLEditor extends AbstractDatabaseObjectEditor<DBAPr
 
             if (!CommonUtils.isEmpty(objects)) {
                 Class<?> objectType = objects.get(0).getClass();
-                for (DBAPrivilegeType pt : getPrivilegeTypes()) {
+                for (PRIVILEGE_TYPE pt : getACLManager().getPrivilegeTypes()) {
                     if (!pt.isValid() || !pt.supportsType(objectType)) {
                         continue;
                     }

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/ObjectACLManager.java

+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2019 Serge Rider (serge@jkiss.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ui.editors.acl;
+
+import org.jkiss.dbeaver.model.DBPEvaluationContext;
+import org.jkiss.dbeaver.model.DBUtils;
+import org.jkiss.dbeaver.model.access.DBAPrivilege;
+import org.jkiss.dbeaver.model.access.DBAPrivilegeOwner;
+import org.jkiss.dbeaver.model.access.DBAPrivilegeType;
+import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
+import org.jkiss.dbeaver.model.struct.DBSObject;
+
+import java.util.Map;
+
+/**
+ * PostgresRolePrivilegesEditor
+ */
+public interface ObjectACLManager<PRIVILEGE extends DBAPrivilege, PRIVILEGE_TYPE extends DBAPrivilegeType> {
+
+    PRIVILEGE_TYPE[] getPrivilegeTypes();
+
+    PRIVILEGE createNewPrivilege(DBAPrivilegeOwner owner, DBSObject object, PRIVILEGE copyFrom);
+
+    String getObjectUniqueName(DBSObject object);
+
+    String generatePermissionChangeScript(
+        DBRProgressMonitor monitor,
+        DBAPrivilegeOwner object,
+        boolean grant,
+        PRIVILEGE privilege,
+        PRIVILEGE_TYPE[] privilegeTypes,
+        Map<String, Object> options);
+}
\ No newline at end of file

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/internal/ACLMessages.java

+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2019 Serge Rider (serge@jkiss.org)
+ * Copyright (C) 2017 Liu, Yuanyuan (liuyuanyuan@highgo.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ui.editors.acl.internal;
+
+import org.eclipse.osgi.util.NLS;
+
+public class ACLMessages extends NLS {
+	static final String BUNDLE_NAME = "org.jkiss.dbeaver.ui.editors.acl.internal.ACLMessages"; //$NON-NLS-1$
+		
+	/* Permissions */
+	public static String edit_command_grant_privilege_action_grant_privilege;
+	public static String edit_command_grant_privilege_action_revoke_privilege;
+
+	static {
+		// initialize resource bundle
+		NLS.initializeMessages(BUNDLE_NAME, ACLMessages.class);
+	}
+
+	private ACLMessages() {
+	}
+	
+}

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/internal/ACLMessages.properties

+# Permissions
+edit_command_grant_privilege_action_grant_privilege = Grant
+edit_command_grant_privilege_action_revoke_privilege = Revoke

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/internal/ACLMessages_de.properties

+edit_command_grant_privilege_action_grant_privilege = Bewilligung
+edit_command_grant_privilege_action_revoke_privilege = Widerrufen

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/internal/ACLMessages_ru.properties

+edit_command_grant_privilege_action_grant_privilege = \u0412\u044B\u0434\u0430\u0442\u044C \u043F\u0440\u0430\u0432\u0430
+edit_command_grant_privilege_action_revoke_privilege = \u041E\u0442\u043E\u0437\u0432\u0430\u0442\u044C \u043F\u0440\u0430\u0432\u0430

plugins/org.jkiss.dbeaver.ui.editors.acl/src/org/jkiss/dbeaver/ui/editors/acl/internal/ACLMessages_zh.properties

+# Permissions
+edit_command_grant_privilege_action_grant_privilege = \u6388\u4E88
+edit_command_grant_privilege_action_revoke_privilege = \u64A4\u56DE