svn commit: r494720 - in /ofbiz/trunk/framework/example
Locked
 
|
Author: jaz
Date: Tue Jan 9 21:31:37 2007 New Revision: 494720 URL: http://svn.apache.org/viewvc?view=rev&rev=494720 Log: added examples of using new service based security; removed all security calls from the simple methods, added the security line to the definitions, implemented a generic simple permission example Added: ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml (with props) Modified: ofbiz/trunk/framework/example/config/ExampleUiLabels.properties ofbiz/trunk/framework/example/script/org/ofbiz/example/example/ExampleServices.xml ofbiz/trunk/framework/example/servicedef/services.xml Modified: ofbiz/trunk/framework/example/config/ExampleUiLabels.properties URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/config/ExampleUiLabels.properties?view=diff&rev=494720&r1=494719&r2=494720 ============================================================================== --- ofbiz/trunk/framework/example/config/ExampleUiLabels.properties (original) +++ ofbiz/trunk/framework/example/config/ExampleUiLabels.properties Tue Jan 9 21:31:37 2007 @@ -35,7 +35,7 @@ ExampleNewExampleFeature=New Example Feature ExampleErrorNoExampleStatusValidChange=Error\: status change from [${lookedUpValue.statusId}] to [${parameters.statusId}] is not allowed. -ExamplePermissionError=Security Error\: to run ${methodShortDescription} you must have the EXAMPLE${securityAction} or EXAMPLE_ADMIN permission +ExamplePermissionError=Security Error\: to run ${methodShortDescription} you must have the EXAMPLE_${mainAction} or EXAMPLE_ADMIN permission ExampleViewPermissionError=You do not have permission to view this page. ("EXAMPLE_VIEW" or "EXAMPLE_ADMIN" needed) ExampleWelcome=Welcome to the Example application! Added: ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml?view=auto&rev=494720 ============================================================================== --- ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml (added) +++ ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml Tue Jan 9 21:31:37 2007 @@ -0,0 +1,37 @@ +<!-- + ~ Copyright 2001-2007 The Apache Software Foundation + ~ + ~ Licensed under the Apache License, Version 2.0 (the "License"); you may not + ~ use this file except in compliance with the License. You may obtain a copy of + ~ the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + ~ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + ~ License for the specific language governing permissions and limitations + ~ under the License. + --> + +<simple-methods xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:noNamespaceSchemaLocation="http://www.ofbiz.org/dtds/simple-methods.xsd"> + + <simple-method method-name="exampleGenericPermission" short-description="Main permission logic"> + <set field="mainAction" from-field="parameters.mainAction"/> + <if-empty field-name="mainAction"> + <add-error><fail-message message="Generic Example Permission request the main-action attribute"/></add-error> + <check-errors/> + </if-empty> + <if-has-permission permission="EXAMPLE" action="_${parameters.mainAction}"> + <set field="hasPermission" type="Boolean" value="true"/> + <field-to-result field-name="hasPermission"/> + <else> + <property-to-field resource="ExampleUiLabels" property="ExamplePermissionError" field-name="failMessage"/> + <set field="hasPermission" type="Boolean" value="false"/> + <field-to-result field-name="hasPermission"/> + <field-to-result field-name="failMessage"/> + </else> + </if-has-permission> + </simple-method> +</simple-methods> \ No newline at end of file Propchange: ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml ------------------------------------------------------------------------------ svn:keywords = "Date Rev Author URL Id" Propchange: ofbiz/trunk/framework/example/script/org/ofbiz/example/ExamplePermissionServices.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Modified: ofbiz/trunk/framework/example/script/org/ofbiz/example/example/ExampleServices.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/script/org/ofbiz/example/example/ExampleServices.xml?view=diff&rev=494720&r1=494719&r2=494720 ============================================================================== --- ofbiz/trunk/framework/example/script/org/ofbiz/example/example/ExampleServices.xml (original) +++ ofbiz/trunk/framework/example/script/org/ofbiz/example/example/ExampleServices.xml Tue Jan 9 21:31:37 2007 @@ -19,10 +19,6 @@ xsi:noNamespaceSchemaLocation="http://www.ofbiz.org/dtds/simple-methods.xsd"> <!-- Example methods --> <simple-method method-name="createExample" short-description="create a Example"> - <set value="_CREATE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> - <make-value entity-name="Example" value-name="newEntity"/> <sequenced-id-to-env sequence-name="Example" env-name="newEntity.exampleId"/> <!-- get the next sequenced ID --> <field-to-result field-name="newEntity.exampleId" result-name="exampleId"/> @@ -33,10 +29,6 @@ <call-service service-name="createExampleStatus" in-map-name="createExampleStatusMap"/> </simple-method> <simple-method method-name="updateExample" short-description="update a Example"> - <set value="_UPDATE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> - <entity-one entity-name="Example" value-name="lookedUpValue"/> <!-- handle statusId change stuff; first put the current statusId in the oldStatusId result --> @@ -65,16 +57,10 @@ <store-value value-name="lookedUpValue"/> </simple-method> <simple-method method-name="deleteExample" short-description="delete a Example"> - <set value="_DELETE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> <entity-one entity-name="Example" value-name="lookedUpValue"/> <remove-value value-name="lookedUpValue"/> </simple-method> <simple-method method-name="createExampleStatus" short-description="create a ExampleItem"> - <set value="_CREATE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> <make-value entity-name="ExampleStatus" value-name="newEntity"/> <set-pk-fields map-name="parameters" value-name="newEntity"/> <set-nonpk-fields map-name="parameters" value-name="newEntity"/> @@ -84,10 +70,6 @@ <!-- ExampleItem methods --> <simple-method method-name="createExampleItem" short-description="create a ExampleItem"> - <set value="_CREATE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> - <make-value entity-name="ExampleItem" value-name="newEntity"/> <set-pk-fields map-name="parameters" value-name="newEntity"/> <make-next-seq-id value-name="newEntity" seq-field-name="exampleItemSeqId"/> <!-- this finds the next sub-sequence ID --> @@ -96,19 +78,11 @@ <create-value value-name="newEntity"/> </simple-method> <simple-method method-name="updateExampleItem" short-description="update a ExampleItem"> - <set value="_UPDATE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> - <entity-one entity-name="ExampleItem" value-name="lookedUpValue"/> <set-nonpk-fields value-name="lookedUpValue" map-name="parameters"/> <store-value value-name="lookedUpValue"/> </simple-method> - <simple-method method-name="deleteExampleItem" short-description="delete a ExampleItem"> - <set value="_DELETE" field="securityAction"/> - <check-permission permission="EXAMPLE" action="${securityAction}"><fail-property resource="ExampleUiLabels" property="ExamplePermissionError"/></check-permission> - <check-errors/> - + <simple-method method-name="deleteExampleItem" short-description="delete a ExampleItem"> <entity-one entity-name="ExampleItem" value-name="lookedUpValue"/> <remove-value value-name="lookedUpValue"/> </simple-method> Modified: ofbiz/trunk/framework/example/servicedef/services.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/servicedef/services.xml?view=diff&rev=494720&r1=494719&r2=494720 ============================================================================== --- ofbiz/trunk/framework/example/servicedef/services.xml (original) +++ ofbiz/trunk/framework/example/servicedef/services.xml Tue Jan 9 21:31:37 2007 @@ -23,8 +23,9 @@ <!-- Example & Related Services --> <service name="createExample" default-entity-name="Example" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExample" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExample" auth="true"> <description>Create a Example</description> + <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> <auto-attributes include="pk" mode="OUT" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> <override name="exampleTypeId" optional="false"/> @@ -32,81 +33,99 @@ <override name="exampleName" optional="false"/> </service> <service name="updateExample" default-entity-name="Example" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="updateExample" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="updateExample" auth="true"> <description>Update a Example</description> + <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> <attribute name="oldStatusId" type="String" mode="OUT" optional="false"/> </service> <service name="deleteExample" default-entity-name="Example" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="deleteExample" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="deleteExample" auth="true"> <description>Delete a Example</description> + <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> <auto-attributes include="pk" mode="IN" optional="false"/> </service> <service name="createExampleStatus" default-entity-name="ExampleStatus" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExampleStatus" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExampleStatus" auth="true"> <description>Create a ExampleStatus</description> + <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> <auto-attributes include="all" mode="IN" optional="false"> <exclude field-name="statusDate"/> </auto-attributes> </service> <service name="createExampleItem" default-entity-name="ExampleItem" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExampleItem" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="createExampleItem" auth="true"> <description>Create a ExampleItem</description> + <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> <override name="exampleItemSeqId" mode="OUT"/> <!-- make this OUT rather than IN, we will automatically generate the next sub-sequence ID --> <override name="description" optional="false"/> </service> <service name="updateExampleItem" default-entity-name="ExampleItem" engine="simple" - location="org/ofbiz/example/example/ExampleServices.xml" invoke="updateExampleItem" auth="true"> + location="org/ofbiz/example/example/ExampleServices.xml" invoke="updateExampleItem" auth="true"> <description>Update a ExampleItem</description> + <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> </service> <service name="deleteExampleItem" default-entity-name="ExampleItem" engine="simple" location="org/ofbiz/example/example/ExampleServices.xml" invoke="deleteExampleItem" auth="true"> <description>Delete a ExampleItem</description> + <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> <auto-attributes include="pk" mode="IN" optional="false"/> </service> <!-- ExampleFeature Services --> <service name="createExampleFeature" default-entity-name="ExampleFeature" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="createExampleFeature" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="createExampleFeature" auth="true"> <description>Create a ExampleFeature</description> + <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> <auto-attributes include="pk" mode="OUT" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> <override name="description" optional="false"/> </service> <service name="updateExampleFeature" default-entity-name="ExampleFeature" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="updateExampleFeature" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="updateExampleFeature" auth="true"> <description>Update a ExampleFeature</description> + <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> </service> <service name="deleteExampleFeature" default-entity-name="ExampleFeature" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="deleteExampleFeature" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="deleteExampleFeature" auth="true"> <description>Delete a ExampleFeature</description> + <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> <auto-attributes include="pk" mode="IN" optional="false"/> </service> <service name="createExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="createExampleFeatureAppl" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="createExampleFeatureAppl" auth="true"> <description>Create a ExampleFeatureAppl</description> + <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> <override name="fromDate" optional="true"/> </service> <service name="updateExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="updateExampleFeatureAppl" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="updateExampleFeatureAppl" auth="true"> <description>Update a ExampleFeatureAppl</description> + <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> <auto-attributes include="pk" mode="IN" optional="false"/> <auto-attributes include="nonpk" mode="IN" optional="true"/> </service> <service name="deleteExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="simple" - location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="deleteExampleFeatureAppl" auth="true"> + location="org/ofbiz/example/feature/ExampleFeatureServices.xml" invoke="deleteExampleFeatureAppl" auth="true"> <description>Delete a ExampleFeatureAppl</description> + <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> <auto-attributes include="pk" mode="IN" optional="false"/> + </service> + + <!-- Permission Services --> + <service name="exampleGenericPermission" engine="simple" + location="org/ofbiz/example/ExamplePermissionServices.xml" invoke="exampleGenericPermission"> + <implements service="permissionInterface"/> </service> </services> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |