louis
August 8, 2024, 6:28am
1
Hello everyone,
im currently working on an macro, which shows all the groups with their “managers” (eg. users with edit access on the group record).
I got into a weird behaviour, where the script shows me all users of the group and says that everyone has edit access, which is not true.
Also It only shows me 10 rows max.
Can please someone help me out?
Thanks yall!
{{groovy}}
import org.xwiki.security.authorization.ContextualAuthorizationManager
import org.xwiki.security.authorization.AuthorizationManager;
import org.xwiki.security.authorization.Right;
import org.xwiki.model.reference.DocumentReference
import org.xwiki.model.reference.SpaceReference
import com.xpn.xwiki.api.Document
import com.xpn.xwiki.api.Object
import com.xpn.xwiki.XWikiContext
def context = xcontext.getContext()
def currentUserReference = xcontext.getUserReference()
def authorizationManager = services.security.authorization
def groupsQuery = "from BaseObject as obj where obj.className = 'XWiki.XWikiGroups'"
def groups = xwiki.search(groupsQuery)
def groupNames = [:]
groups.each { groupObj ->
def doc = xwiki.getDocument(groupObj.name)
if (doc.fullName != 'XWiki.XWikiAllGroup') {
groupNames[doc.fullName] = doc.displayTitle
}
}
def html = """
{{html}}
<table class="wikitable">
<thead>
<tr>
<th>Gruppenname</th>
<th>Mitglied</th>
<th>E-Mail</th>
<th>Edit Zugriff</th>
</tr>
</thead>
<tbody>
"""
groupNames.each { groupFullName, groupTitle ->
def groupDoc = xwiki.getDocument(groupFullName)
def groupReference = new DocumentReference(groupDoc.getDocumentReference())
def memberObjects = groupDoc.getObjects("XWiki.XWikiGroups")
def members = memberObjects.findAll { it != null }
.collect { it.getProperty("member").value }
.findAll { it != null }
.collect { xwiki.getDocument(it.trim()) }
.findAll { userDoc ->
def userObj = userDoc.getObject("XWiki.XWikiUsers")
def email = userObj?.getProperty("email")?.value
email != null && !email.trim().isEmpty()
}
members.each { userDoc ->
def userObj = userDoc.getObject("XWiki.XWikiUsers")
def email = userObj?.getProperty("email")?.value
def firstName = userObj?.getProperty("first_name")?.value ?: ""
def lastName = userObj?.getProperty("last_name")?.value ?: ""
def hasEditAccess = authorizationManager.hasAccess(Right.EDIT, currentUserReference, groupReference)
html += """
<tr>
<td>${groupTitle}</td>
<td>${firstName} ${lastName}</td>
<td>${email}</td>
<td>${hasEditAccess}</td>
</tr>
"""
}
}
html += """
</tbody>
</table>
{{/html}}
"""
def renderedHtml = xwiki.parseContent(html)
print renderedHtml
{{/groovy}}
NorSch
August 11, 2024, 7:28pm
2
I think the line
def hasEditAccess = authorizationManager.hasAccess(Right.EDIT, currentUserReference, groupReference)
should be
def hasEditAccess = authorizationManager.hasAccess(Right.EDIT, userDoc.getDocumentReference(), groupReference)
Does this help?
NorSch
August 12, 2024, 8:29am
3
As I can also use the code myself, I have taken the liberty of making a few changes so that the table can be sorted and filtered:
{{groovy}}
import org.xwiki.security.authorization.ContextualAuthorizationManager
import org.xwiki.security.authorization.AuthorizationManager;
import org.xwiki.security.authorization.Right;
import org.xwiki.model.reference.DocumentReference
import org.xwiki.model.reference.SpaceReference
import com.xpn.xwiki.api.Document
import com.xpn.xwiki.api.Object
import com.xpn.xwiki.XWikiContext
// load javascript and css for table sort and filtering
xwiki.ssfx.use("js/xwiki/table/table.css")
xwiki.jsfx.use("js/xwiki/table/tablefilterNsort.js", true)
def context = xcontext.getContext()
def currentUserReference = xcontext.getUserReference()
def authorizationManager = services.security.authorization
def groupsQuery = "from BaseObject as obj where obj.className = 'XWiki.XWikiGroups'"
def groups = xwiki.search(groupsQuery)
def groupNames = [:]
groups.each { groupObj ->
def doc = xwiki.getDocument(groupObj.name)
if (doc.fullName != 'XWiki.XWikiAllGroup') {
groupNames[doc.fullName] = doc.displayTitle
}
}
theTable=[]
theTable << '(% style="width:auto" class="doOddEven filterable grid sortable" id="groupmembers1" %)'
theTable << '(% class="sortHeader" %)|=Gruppenname|=Mitglied|=E-Mail|=Edit Zugriff'
groupNames.each { groupFullName, groupTitle ->
def groupDoc = xwiki.getDocument(groupFullName)
def groupReference = new DocumentReference(groupDoc.getDocumentReference())
def memberObjects = groupDoc.getObjects("XWiki.XWikiGroups")
def members = memberObjects.findAll { it != null }
.collect { it.getProperty("member").value }
.findAll { it != null }
.collect { xwiki.getDocument(it.trim()) }
.findAll { userDoc ->
def userObj = userDoc.getObject("XWiki.XWikiUsers")
def email = userObj?.getProperty("email")?.value
email != null && !email.trim().isEmpty()
}
members.each { userDoc ->
def userObj = userDoc.getObject("XWiki.XWikiUsers")
def email = userObj?.getProperty("email")?.value
def firstName = userObj?.getProperty("first_name")?.value ?: ""
def lastName = userObj?.getProperty("last_name")?.value ?: ""
def hasEditAccess = authorizationManager.hasAccess(Right.EDIT, userDoc.getDocumentReference(), groupReference)
theTable << "|${groupTitle}|${firstName} ${lastName}|${email}|${hasEditAccess}"
}
}
print theTable.join("\n")
{{/groovy}}
One more remark:theTable << "some Text"html+= "some text"
louis
August 12, 2024, 8:41am
4
Thank you!
I have a question. What is “showThisPageCode”? Is this a macro or something i have to install?
NorSch
August 12, 2024, 8:45am
5
Sorry too much pasted. I have edited the post.
(showThisPageCode is a personal macro, which outputs the code of the current page.)
louis
August 12, 2024, 8:47am
6
Thank you.
NorSch
August 12, 2024, 8:52am
7
Does the head of your table looks like:
If - e.g. you enter a text (here “noc”) and hit “Filter”.
May be the extension:
https://extensions.xwiki.org/xwiki/bin/view/Extension/Make%20All%20Wiki%20Tables%20Sortable%20Macro
is missing.
1 Like
louis
August 12, 2024, 9:00am
8
Any idea how i can expand the script, to show all users which have access to edit a group without being a member of the same group? That will probably be a big hit in performace.
