OFBiz OFBiz - Commits

svn commit: r1823397 - in /ofbiz/ofbiz-framework/trunk/framework/common: groovyScripts/permission/ groovyScripts/permission/CommonPermissionServices.groovy minilang/permission/CommonPermissionServices.xml servicedef/services.xml

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
nmalin
Reply | Threaded
Open this post in threaded view
|

svn commit: r1823397 - in /ofbiz/ofbiz-framework/trunk/framework/common: groovyScripts/permission/ groovyScripts/permission/CommonPermissionServices.groovy minilang/permission/CommonPermissionServices.xml servicedef/services.xml

nmalin
Author: nmalin
Date: Tue Feb  6 22:01:52 2018
New Revision: 1823397

URL: http://svn.apache.org/viewvc?rev=1823397&view=rev
Log:
Improved: Convert CommonPermissionServices.xml mini lang to groovy (OFBIZ-9993)
convert services genericBasePermissionCheck, commonGetAllCrudPermissions and visualThemePermissionCheck from minilang to groovy.
The simple method genericBasePermissionCheck is maintain but indicate as deprecated in log to don't break direct call from other mini-lang script.

Thanks to Dennis Balkir for this patch

Added:
    ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/
    ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy   (with props)
Modified:
    ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
    ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml

Added: ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy?rev=1823397&view=auto
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy (added)
+++ ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy Tue Feb  6 22:01:52 2018
@@ -0,0 +1,115 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.ofbiz.base.util.UtilProperties
+
+
+def genericBasePermissionCheck() {
+    Map result = success()
+    // allow mainAction to be set from outside methods or direct to the service
+    String mainAction = parameters.mainAction
+    if (!mainAction) {
+        return error(UtilProperties.getMessage("CommonUiLabels","CommonPermissionMainActionAttributeMissing", parameters.locale))
+    }
+
+    // allow primary permission to be set from outside methods or direct to the service
+    String primaryPermission = parameters.primaryPermission
+    if (!primaryPermission) {
+        return error(UtilProperties.getMessage("CommonUiLabels","CommonPermissionPrimaryPermissionMissing", parameters.locale))
+    }
+    logVerbose("Checking for primary permission ${primaryPermission}_${mainAction}")
+
+    // allow alt permission to be set from outside methods or direct to the service
+    String altPermission = parameters.altPermission
+    String altPermissionList = ""
+    if (altPermission) {
+        logInfo("Checking for alternate permission ${altPermission}_${mainAction}")
+        altPermissionList = ", ${altPermission}_${mainAction}, ${altPermission}_ADMIN"
+    }
+    // altPermission is not a required field; no need to add Error
+
+    // set up called service name
+    String resourceDescription = parameters.resourceDescription
+    if (!resourceDescription) {
+        resourceDescription = UtilProperties.getMessage("CommonUiLabels", "CommonPermissionThisOperation", parameters.locale)
+    }
+
+    // check permission, permission checks include _ADMIN
+    if (security.hasEntityPermission(primaryPermission, "_${mainAction}", parameters.userLogin)
+        || security.hasEntityPermission(altPermission, "_${mainAction}", parameters.userLogin)) {
+        result.hasPermission = true
+    } else {
+        result.hasPermission = false
+        messageContext = [resourceDescription: resourceDescription,
+                          primaryPermission: primaryPermission,
+                          mainAction: mainAction,
+                          altPermissionList: altPermissionList]
+        result.failMessage = UtilProperties.getMessage("CommonUiLabels", "CommonGenericPermissionError", messageContext, parameters.locale)
+    }
+    return result
+}
+
+/**
+ * Get all CRUD and View Permissions
+ */
+def getAllCrudPermissions() {
+    Map result = success()
+    result.hasCreatePermission = false
+    result.hasUpdatePermission = false
+    result.hasDeletePermission = false
+    result.hasViewPermission = false
+    def primaryPermission = parameters.primaryPermission
+    if (!primaryPermission) {
+        return error(UtilProperties.getMessage("CommonUiLabels", "CommonPermissionPrimaryPermissionMissing", parameters.locale))
+    }
+    logInfo("Getting all CRUD permissions for ${primaryPermission}")
+    result = hasCrudPermission(primaryPermission, result)
+
+    def altPermission = parameters.altPermission
+    if (altPermission) {
+        logInfo("Getting all CRUD permissions for ${altPermission}")
+        result = hasCrudPermission(altPermission, result)
+    }
+    return result
+}
+
+def hasCrudPermission(String perm, Map resultMap) {
+    if (security.hasEntityPermission(perm, "_CREATE", parameters.userLogin)) {
+        resultMap.hasCreatePermission = true
+    }
+    if (security.hasEntityPermission(perm, "_UPDATE", parameters.userLogin)) {
+        resultMap.hasUpdatePermission = true
+    }
+    if (security.hasEntityPermission(perm, "_DELETE", parameters.userLogin)) {
+        resultMap.hasDeletePermission = true
+    }
+    if (security.hasEntityPermission(perm, "_VIEW", parameters.userLogin)) {
+        resultMap.hasViewPermission = true
+    }
+    return resultMap
+}
+
+/**
+ * Visual Theme permission logic
+ */
+def visualThemePermissionCheck() {
+    parameters.primaryPermission = "VISUAL_THEME"
+    Map result = run service: "genericBasePermissionCheck", with: parameters
+    return result
+}

Propchange: ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
    svn:keywords = Date Rev Author URL Id

Propchange: ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml?rev=1823397&r1=1823396&r2=1823397&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml Tue Feb  6 22:01:52 2018
@@ -56,80 +56,15 @@ under the License.
             <property-to-field resource="CommonUiLabels" property="CommonPermissionThisOperation" field="resourceDescription"/>
         </if-empty>
 
-        <!-- check permission -->
-        <if>
-            <condition>
-                <or>
-                    <!-- Permission checks include _ADMIN -->
-                    <if-has-permission permission="${primaryPermission}" action="_${mainAction}"/>
-                    <if-has-permission permission="${altPermission}" action="_${mainAction}"/>
-                </or>
-            </condition>
-            <then>
-                <set field="hasPermission" type="Boolean" value="true"/>
-                <field-to-result field="hasPermission"/>
-            </then>
-            <else>
-                <property-to-field resource="CommonUiLabels" property="CommonGenericPermissionError" field="failMessage"/>
-                <set field="hasPermission" type="Boolean" value="false"/>
-                <field-to-result field="hasPermission"/>
-                <field-to-result field="failMessage"/>
-            </else>
-        </if>
-    </simple-method>
-
-    <simple-method method-name="getAllCrudPermissions" short-description="Get All CRUD and View Permissions">
-        <if-empty field="primaryPermission">
-            <set field="primaryPermission" from-field="parameters.primaryPermission"/>
-            <if-empty field="primaryPermission">
-                <add-error><fail-property resource="CommonUiLabels" property="CommonPermissionPrimaryPermissionMissing"/></add-error>
-            </if-empty>
-        </if-empty>
-        <check-errors/>
-        <set field="hasCreatePermission" value="false" type="Boolean"/>
-        <set field="hasUpdatePermission" value="false" type="Boolean"/>
-        <set field="hasDeletePermission" value="false" type="Boolean"/>
-        <set field="hasViewPermission" value="false" type="Boolean"/>
-        <log level="info" message="Getting all CRUD permissions for ${primaryPermission}"/>
-        <if-has-permission permission="${primaryPermission}" action="_CREATE">
-            <set field="hasCreatePermission" value="true" type="Boolean"/>
-        </if-has-permission>
-        <if-has-permission permission="${primaryPermission}" action="_UPDATE">
-            <set field="hasUpdatePermission" value="true" type="Boolean"/>
-        </if-has-permission>
-        <if-has-permission permission="${primaryPermission}" action="_DELETE">
-            <set field="hasDeletePermission" value="true" type="Boolean"/>
-        </if-has-permission>
-        <if-has-permission permission="${primaryPermission}" action="_VIEW">
-            <set field="hasViewPermission" value="true" type="Boolean"/>
-        </if-has-permission>
-        <if-empty field="altPermission">
-            <set field="altPermission" from-field="parameters.altPermission"/>
-        </if-empty>
-        <if-not-empty field="altPermission">
-            <log level="info" message="Getting all CRUD permissions for ${altPermission}"/>
-            <if-has-permission permission="${altPermission}" action="_CREATE">
-                <set field="hasCreatePermission" value="true" type="Boolean"/>
-            </if-has-permission>
-            <if-has-permission permission="${altPermission}" action="_UPDATE">
-                <set field="hasUpdatePermission" value="true" type="Boolean"/>
-            </if-has-permission>
-            <if-has-permission permission="${altPermission}" action="_DELETE">
-                <set field="hasDeletePermission" value="true" type="Boolean"/>
-            </if-has-permission>
-            <if-has-permission permission="${altPermission}" action="_VIEW">
-                <set field="hasViewPermission" value="true" type="Boolean"/>
-            </if-has-permission>
-        </if-not-empty>
-        <field-to-result field="hasCreatePermission"/>
-        <field-to-result field="hasUpdatePermission"/>
-        <field-to-result field="hasDeletePermission"/>
-        <field-to-result field="hasViewPermission"/>
-    </simple-method>
+        <log level="warning" message="This simple-method-call is deprecated! Please use a service-call of genericBasePermissionCheck instead."/>
+        <set field="inParams.altPermission" from-field="altPermission"/>
+        <set field="inParams.mainAction" from-field="parameters.mainAction"/>
+        <set field="inParams.primaryPermission" from-field="primaryPermission"/>
+        <set field="inParams.resourceDescription" from-field="parameters.resourceDescription"/>
+        <call-service service-name="genericBasePermissionCheck" in-map-name="inParams">
+            <result-to-field result-name="hasPermission"/>
+        </call-service>
+        <field-to-result field="hasPermission"/>
 
-    <simple-method method-name="visualThemePermissionCheck" short-description="Visual Theme permission logic">
-        <set field="primaryPermission" value="VISUALTHEME"/>
-        <call-simple-method method-name="genericBasePermissionCheck"/>
     </simple-method>
-
 </simple-methods>

Modified: ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml?rev=1823397&r1=1823396&r2=1823397&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml Tue Feb  6 22:01:52 2018
@@ -30,8 +30,8 @@ under the License.
         <implements service="permissionInterface"/>
     </service>
 
-    <service name="commonGetAllCrudPermissions" engine="simple"
-        location="component://common/minilang/permission/CommonPermissionServices.xml" invoke="getAllCrudPermissions" auth="false">
+    <service name="commonGetAllCrudPermissions" engine="groovy"
+        location="component://common/groovyScripts/permission/CommonPermissionServices.groovy" invoke="getAllCrudPermissions" auth="false">
         <description>Returns all CRUD and View Permissions</description>
         <attribute name="primaryPermission" type="String" mode="IN" optional="false"/>
         <attribute name="altPermission" type="String" mode="IN" optional="true"/>
@@ -424,8 +424,8 @@ under the License.
     </service>
 
     <!-- common permission services -->
-    <service name="genericBasePermissionCheck" engine="simple"
-             location="component://common/minilang/permission/CommonPermissionServices.xml" invoke="genericBasePermissionCheck">
+    <service name="genericBasePermissionCheck" engine="groovy"
+             location="component://common/groovyScripts/permission/CommonPermissionServices.groovy" invoke="genericBasePermissionCheck">
         <implements service="permissionInterface"/>
         <attribute name="primaryPermission" type="String" mode="IN" optional="false"/>
         <attribute name="altPermission" type="String" mode="IN" optional="true"/>
@@ -569,8 +569,8 @@ under the License.
     </service>
 
     <!-- ==============Permission Checking Service============= -->
-    <service name="visualThemePermissionCheck" engine="simple"
-        location="component://common/minilang/permission/CommonPermissionServices.xml" invoke="visualThemePermissionCheck">
+    <service name="visualThemePermissionCheck" engine="groovy"
+        location="component://common/groovyScripts/permission/CommonPermissionServices.groovy" invoke="visualThemePermissionCheck">
         <description>Visual Theme Permission Checking Logic</description>
         <implements service="permissionInterface"/>
     </service>


Free forum by Nabble Edit this page