OFBiz › OFBiz - Commits

svn commit: r1846137 - in /ofbiz/ofbiz-framework/trunk/framework: webapp/src/main/java/org/apache/ofbiz/webapp/event/ webtools/config/ webtools/data/ webtools/widget/

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jleroux@apache.org

svn commit: r1846137 - in /ofbiz/ofbiz-framework/trunk/framework: webapp/src/main/java/org/apache/ofbiz/webapp/event/ webtools/config/ webtools/data/ webtools/widget/

Author: jleroux
Date: Thu Nov 8 13:20:32 2018
New Revision: 1846137

URL: http://svn.apache.org/viewvc?rev=1846137&view=rev
Log:
Improved: Add the ability to schedule a job to run as a system/service user
(OFBIZ-9557)

When scheduling a job it automatically schedules it to run as the user that
created the schedule. The issue comes up when that users password changes.

If your are forced to change your password automatically you have to delete all
previously scheduled jobs and recreate them.

This adds a checkbox to run a job as system on Schedule Job screen as system user
Permissions are used to guarantee security.

Thanks: Matthew Mulligan for report and Rohit Koushal for discussion and patch

Modified:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/event/CoreEvents.java
ofbiz/ofbiz-framework/trunk/framework/webtools/config/WebtoolsUiLabels.xml
ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityGroupDemoData.xml
ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityPermissionSeedData.xml
ofbiz/ofbiz-framework/trunk/framework/webtools/widget/ServiceForms.xml

Modified: ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/event/CoreEvents.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/event/CoreEvents.java?rev=1846137&r1=1846136&r2=1846137&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/event/CoreEvents.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/event/CoreEvents.java Thu Nov 8 13:20:32 2018
@@ -42,8 +42,11 @@ import org.apache.ofbiz.base.util.Debug;
import org.apache.ofbiz.base.util.UtilHttp;
import org.apache.ofbiz.base.util.UtilProperties;
import org.apache.ofbiz.base.util.UtilValidate;
+import org.apache.ofbiz.entity.Delegator;
import org.apache.ofbiz.entity.GenericEntity;
+import org.apache.ofbiz.entity.GenericEntityException;
import org.apache.ofbiz.entity.GenericValue;
+import org.apache.ofbiz.entity.util.EntityQuery;
import org.apache.ofbiz.security.Security;
import org.apache.ofbiz.service.GenericServiceException;
import org.apache.ofbiz.service.LocalDispatcher;
@@ -107,7 +110,7 @@ public class CoreEvents {
Security security = (Security) request.getAttribute("security");
GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher");
- //Delegator delegator = (Delegator) request.getAttribute("delegator");
+ Delegator delegator = (Delegator) request.getAttribute("delegator");
Locale locale = UtilHttp.getLocale(request);
TimeZone timeZone = UtilHttp.getTimeZone(request);

@@ -122,6 +125,7 @@ public class CoreEvents {
String serviceIntr = (String) params.remove("SERVICE_INTERVAL");
String serviceCnt = (String) params.remove("SERVICE_COUNT");
String retryCnt = (String) params.remove("SERVICE_MAXRETRY");
+ String runAsSystemUser = (String) params.remove("SERVICE_RUN_AS_SYSTEM");

// the frequency map
Map<String, Integer> freqMap = new HashMap<String, Integer>();
@@ -206,6 +210,17 @@ public class CoreEvents {
serviceContext.put("userLogin", userLogin);
}

+ // Override the userLogin with system when runAsSystem is Y
+ if ("Y".equals(runAsSystemUser)) {
+ try {
+ userLogin = EntityQuery.use(delegator).from("UserLogin").where("userLoginId", "system").queryOne();
+ serviceContext.put("userLogin", userLogin);
+ } catch (GenericEntityException e) {
+ request.setAttribute("_ERROR_MESSAGE_", e.getMessage());
+ return "error";
+ }
+ }
+
if (locale != null) {
serviceContext.put("locale", locale);
}

Modified: ofbiz/ofbiz-framework/trunk/framework/webtools/config/WebtoolsUiLabels.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webtools/config/WebtoolsUiLabels.xml?rev=1846137&r1=1846136&r2=1846137&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webtools/config/WebtoolsUiLabels.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webtools/config/WebtoolsUiLabels.xml Thu Nov 8 13:20:32 2018
@@ -4535,6 +4535,9 @@
<value xml:lang="zh">ç»æ</value>
<value xml:lang="zh-TW">çµæ</value>
</property>
+ <property key="WebtoolsRunAsSystem">
+ <value xml:lang="en">Run As System</value>
+ </property>
<property key="WebtoolsRunGC">
<value xml:lang="de">GC starten</value>
<value xml:lang="en">Run GC</value>

Modified: ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityGroupDemoData.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityGroupDemoData.xml?rev=1846137&r1=1846136&r2=1846137&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityGroupDemoData.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityGroupDemoData.xml Thu Nov 8 13:20:32 2018
@@ -45,6 +45,7 @@ under the License.

<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_JM_LOCK"/>
+ <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_RSAS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVICE_JM_LOCK"/>

Modified: ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityPermissionSeedData.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityPermissionSeedData.xml?rev=1846137&r1=1846136&r2=1846137&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityPermissionSeedData.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webtools/data/WebtoolsSecurityPermissionSeedData.xml Thu Nov 8 13:20:32 2018
@@ -36,6 +36,7 @@ under the License.

<SecurityPermission description="Use the Service Maintenance pages." permissionId="SERVICE_MAINT"/>
<SecurityPermission description="Edit the job manager lock on the Service Maintenance pages." permissionId="SERVICE_JM_LOCK"/>
+ <SecurityPermission description="Run Schedule jobs as system user." permissionId="SERVICE_RSAS_VIEW" />


<SecurityPermission description="Use the Period Maintenance pages." permissionId="PERIOD_MAINT"/>
@@ -60,6 +61,7 @@ under the License.

<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="WEBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="SERVER_STATS_VIEW"/>
+ <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="SERVICE_RSAS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="ARTIFACT_INFO_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="LABEL_MANAGER_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="DATAFILE_MAINT"/>
@@ -75,4 +77,5 @@ under the License.
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="UTIL_DEBUG_EDIT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="UTIL_DEBUG_VIEW"/>

+
</entity-engine-xml>

Modified: ofbiz/ofbiz-framework/trunk/framework/webtools/widget/ServiceForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webtools/widget/ServiceForms.xml?rev=1846137&r1=1846136&r2=1846137&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webtools/widget/ServiceForms.xml (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webtools/widget/ServiceForms.xml Thu Nov 8 13:20:32 2018
@@ -23,6 +23,9 @@ under the License.

<form name="ScheduleJob" type="single" target="setServiceParameters"
header-row-style="header-row" default-table-style="basic-table">
+ <actions>
+ <set field="canRunJobsWithSystemUser" value="${groovy: security.hasPermission('SERVICE_RSAS_VIEW', userLogin) }" type="Boolean"/>
+ </actions>
<field name="JOB_NAME" title="${uiLabelMap.WebtoolsJob}"><text/></field>
<field name="SERVICE_NAME" title="${uiLabelMap.WebtoolsService}"><text/></field>
<field name="POOL_NAME" title="${uiLabelMap.WebtoolsPool}"><text/></field>
@@ -43,6 +46,7 @@ under the License.
<field name="SERVICE_INTERVAL" title="${uiLabelMap.WebtoolsInterval}" tooltip="${uiLabelMap.WebtoolsForUseWithFrequency}"><text/></field>
<field name="SERVICE_COUNT" title="${uiLabelMap.WebtoolsCount}" tooltip="${uiLabelMap.WebtoolsNumberOfTimeTheJobWillRun}"><text default-value="1"/></field>
<field name="SERVICE_MAXRETRY" title="${uiLabelMap.WebtoolsMaxRetry}" tooltip="${uiLabelMap.WebtoolsNumberOfJobRetry}"><text default-value="0"/></field>
+ <field name="SERVICE_RUN_AS_SYSTEM" title="${uiLabelMap.WebtoolsRunAsSystem}" use-when="canRunJobsWithSystemUser"><check/></field>
<field name="submitButton" title="${uiLabelMap.CommonSubmit}"><submit button-type="button"/></field>
</form>