svn commit: r507591 - in /ofbiz/trunk/applications/cont
Locked
 
|
Author: jaz
Date: Wed Feb 14 07:58:17 2007 New Revision: 507591 URL: http://svn.apache.org/viewvc?view=rev&rev=507591 Log: updated content permission services; add more documentation; fixed variables so they do not conflict Modified: ofbiz/trunk/applications/content/script/org/ofbiz/content/permission/ContentPermissionServices.xml ofbiz/trunk/applications/content/servicedef/services.xml Modified: ofbiz/trunk/applications/content/script/org/ofbiz/content/permission/ContentPermissionServices.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/script/org/ofbiz/content/permission/ContentPermissionServices.xml?view=diff&rev=507591&r1=507590&r2=507591 ============================================================================== --- ofbiz/trunk/applications/content/script/org/ofbiz/content/permission/ContentPermissionServices.xml (original) +++ ofbiz/trunk/applications/content/script/org/ofbiz/content/permission/ContentPermissionServices.xml Wed Feb 14 07:58:17 2007 @@ -114,6 +114,21 @@ xml-resource="org/ofbiz/common/permission/CommonPermissionServices.xml"/> </if-empty> + <!-- ownerContentId can be set from a calling method --> + <if-empty field-name="ownerContentId"> + <set field="ownerContentId" from-field="parameters.ownerContentId"/> + </if-empty> + + <!-- operation ID can be set from the calling method --> + <if-empty field-name="contentOperationId"> + <set field="contentOperationId" from-field="parameters.contentOperationId"/> + </if-empty> + + <!-- statusId can be set from the calling method --> + <if-empty field-name="statusId"> + <set field="statusId" from-field="parameters.statusId"/> + </if-empty> + <!-- check role permission? --> <set field="primaryPermission" value="CONTENTMGR_ROLE"/> <call-simple-method method-name="genericBasePermissionCheck" @@ -129,12 +144,10 @@ <if> <condition> <not> - <if-empty field-name="parameters.contentOperationId"/> + <if-empty field-name="contentOperationId"/> </not> </condition> - <then> - <set field="contentOperationId" from-field="parameters.contentOperationId"/> - <set field="statusId" from-field="parameters.statusId"/> + <then> <call-simple-method method-name="checkContentOperationSecurity"/> </then> @@ -143,27 +156,31 @@ <if> <condition> <not> - <if-empty field-name="parameters.ownerContentId"/> + <if-empty field-name="ownerContentId"/> </not> </condition> <then> - <set field="contentId" from-field="parameters.ownerContentId"/> + <set field="checkContentId" from-field="ownerContentId"/> <call-simple-method method-name="checkContentOwnership"/> <if> <condition> <if-compare field-name="hasPermission" value="false" type="Boolean" operator="equals"/> </condition> <then> - <!-- check parent(s) --> + <!-- no permission on this parent; check the parent's parent(s) --> <while> <condition> - <not> - <if-empty field-name="contentId"/> - </not> + <!-- iterate until either we have permission or there are no more parents --> + <and> + <if-compare field-name="hasPermission" value="false" type="Boolean" operator="equals"/> + <not> + <if-empty field-name="checkContentId"/> + </not> + </and> </condition> <then> <entity-one entity-name="Content" value-name="currentContent"> - <field-map field-name="contentId"/> + <field-map field-name="contentId" env-name="checkContentId"/> </entity-one> <if> <condition> @@ -172,13 +189,13 @@ </not> </condition> <then> - <set field="contentId" from-field="currentContent.ownerContentId"/> + <set field="checkContentId" from-field="currentContent.ownerContentId"/> <call-simple-method method-name="checkContentOwnership"/> </then> <!-- no parent record found; time to stop recursion --> <else> - <clear-field field-name="contentId"/> + <clear-field field-name="checkContentId"/> </else> </if> </then> @@ -202,6 +219,30 @@ xml-resource="org/ofbiz/common/permission/CommonPermissionServices.xml"/> </if-empty> + <!-- contentId is required for update checking --> + <if> + <condition> + <and> + <if-empty field-name="parameters.contentId"/> + <if-empty field-name="contentId"/> + </and> + </condition> + <then> + <add-error><fail-message message="Content Permission Service UPDATE requires a contentId!"/></add-error> + </then> + </if> + <check-errors/> + + <!-- ownerContentId can be set from a calling method --> + <if-empty field-name="ownerContentId"> + <set field="ownerContentId" from-field="parameters.ownerContentId"/> + </if-empty> + + <!-- operation ID can be set from the calling method --> + <if-empty field-name="contentOperationId"> + <set field="contentOperationId" from-field="parameters.contentOperationId"/> + </if-empty> + <!-- check role permission --> <set field="primaryPermission" value="CONTENTMGR_ROLE"/> <call-simple-method method-name="genericBasePermissionCheck" @@ -217,17 +258,16 @@ <if> <condition> <not> - <if-empty field-name="parameters.contentOperationId"/> + <if-empty field-name="contentOperationId"/> </not> </condition> <then> - <set field="contentOperationId" from-field="parameters.contentOperationId"/> <call-simple-method method-name="checkContentOperationSecurity"/> </then> <!-- if no operation is passed; check ownership for permission --> <else> - <set field="contentId" from-field="parameters.contentId"/> + <set field="checkContentId" from-field="contentId"/> <call-simple-method method-name="checkContentOwnership"/> <!-- we are okay to update; unless we are updating the owner content; verify ownership there --> @@ -236,28 +276,32 @@ <and> <if-compare field-name="hasPermission" value="true" type="Boolean" operator="equals"/> <not> - <if-empty field-name="parameters.ownerContentId"/> + <if-empty field-name="ownerContentId"/> </not> </and> </condition> <then> - <set field="contentId" from-field="parameters.ownerContentId"/> + <set field="checkContentId" from-field="ownerContentId"/> <call-simple-method method-name="checkContentOwnership"/> <if> <condition> <if-compare field-name="hasPermission" value="false" type="Boolean" operator="equals"/> </condition> <then> - <!-- check parent(s) --> + <!-- no permission on this parent; check the parent's parent(s) --> <while> <condition> - <not> - <if-empty field-name="contentId"/> - </not> + <!-- iterate until either we have permission or there are no more parents --> + <and> + <if-compare field-name="hasPermission" value="false" type="Boolean" operator="equals"/> + <not> + <if-empty field-name="checkContentId"/> + </not> + </and> </condition> <then> <entity-one entity-name="Content" value-name="currentContent"> - <field-map field-name="contentId"/> + <field-map field-name="contentId" env-name="checkContentId"/> </entity-one> <if> <condition> @@ -266,11 +310,13 @@ </not> </condition> <then> - <set field="contentId" from-field="currentContent.ownerContentId"/> + <set field="checkContentId" from-field="currentContent.ownerContentId"/> <call-simple-method method-name="checkContentOwnership"/> </then> + + <!-- no parent record found; time to stop recursion --> <else> - <clear-field field-name="contentId"/> + <clear-field field-name="checkContentId"/> </else> </if> </then> @@ -365,8 +411,8 @@ <simple-method method-name="checkContentOwnership" short-description="Checks the ownership of a content record"> <set field="hasPermission" type="Boolean" value="false"/> - <if-empty field-name="contentId"> - <add-error><fail-message message="Required field 'contentId' is missing in simple method call [checkContentOwnership]"/></add-error> + <if-empty field-name="checkContentId"> + <add-error><fail-message message="Required field 'checkContentId' is missing in simple method call [checkContentOwnership]"/></add-error> </if-empty> <if-empty field-name="partyId"> <set field="partyId" from-field="userLogin.partyId"/> @@ -388,8 +434,8 @@ <set field="hasPermission" type="Boolean" value="false"/> <!-- setting the env field contentId is required for this simple method --> - <if-empty field-name="contentId"> - <add-error><fail-message message="Required field 'contentId' is missing in simple method call [checkContentRoleSecurity]"/></add-error> + <if-empty field-name="checkContentId"> + <add-error><fail-message message="Required field 'checkContentId' is missing in simple method call [checkContentRoleSecurity]"/></add-error> </if-empty> <if-empty field-name="partyId"> <add-error><fail-message message="Required field 'partyId' is missing in simple method call [checkContentRoleSecurity]"/></add-error> @@ -405,7 +451,7 @@ <then> <!-- looking up a specific role --> <entity-and entity-name="ContentRole" list-name="foundRoles"> - <field-map field-name="contentId" env-name="contentId"/> + <field-map field-name="contentId" env-name="checkContentId"/> <field-map field-name="roleTypeId" env-name="roleTypeId"/> <field-map field-name="partyId" env-name="partyId"/> </entity-and> @@ -413,7 +459,7 @@ <else> <!-- looking up any role --> <entity-and entity-name="ContentRole" list-name="foundRoles"> - <field-map field-name="contentId" env-name="contentId"/> + <field-map field-name="contentId" env-name="checkContentId"/> <field-map field-name="partyId" env-name="partyId"/> </entity-and> </else> Modified: ofbiz/trunk/applications/content/servicedef/services.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/servicedef/services.xml?view=diff&rev=507591&r1=507590&r2=507591 ============================================================================== --- ofbiz/trunk/applications/content/servicedef/services.xml (original) +++ ofbiz/trunk/applications/content/servicedef/services.xml Wed Feb 14 07:58:17 2007 @@ -183,6 +183,8 @@ <attribute mode="IN" name="userLogin" optional="true" type="GenericValue"/> <attribute mode="INOUT" name="roleTypeList" optional="true" type="List"/> </service> + + <!-- old permission service; being replaced with genericContentPermission --> <service name="checkContentPermission" transaction-timeout="72000" auth="false" engine="java" invoke="checkContentPermission" @@ -211,6 +213,7 @@ <attribute mode="OUT" name="permissionStatus" optional="true" type="String"/> <attribute mode="OUT" name="permissionRecorder" optional="true" type="org.ofbiz.content.content.PermissionRecorder"/> </service> + <service name="findRelatedContent" default-entity-name="Content" engine="java" location="org.ofbiz.content.content.ContentServices" invoke="findRelatedContent" auth="true"> <description>Create a Content</description> @@ -227,16 +230,13 @@ </service> <!--Content Assoc services.--> - <service name="checkAssocPermission" - transaction-timeout="72000" - auth="true" engine="java" invoke="checkAssocPermission" - location="org.ofbiz.content.content.ContentPermissionServices" > + <service name="checkAssocPermission" engine="java" transaction-timeout="72000" auth="true" + location="org.ofbiz.content.content.ContentPermissionServices" invoke="checkAssocPermission"> <description>Check for permission to perform operation on Content</description> <attribute mode="IN" name="targetOperationList" optional="true" type="List"/> <attribute mode="IN" name="contentPurposeList" optional="true" type="List"/> <attribute mode="INOUT" name="roleTypeList" optional="true" type="List"/> - <attribute mode="IN" name="userLogin" optional="true" - type="org.ofbiz.core.entity.GenericValue"/> + <attribute mode="IN" name="userLogin" optional="true" type="org.ofbiz.core.entity.GenericValue"/> <attribute mode="IN" name="contentIdTo" optional="true" type="String"/> <attribute mode="IN" name="contentIdFrom" optional="true" type="String"/> <attribute mode="IN" name="fromDate" optional="true" type="String"/> @@ -251,6 +251,7 @@ <attribute mode="OUT" name="permissionRecorderTo" optional="true" type="org.ofbiz.content.content.PermissionRecorder"/> <attribute mode="OUT" name="permissionRecorder" optional="true" type="org.ofbiz.content.content.PermissionRecorder"/> </service> + <service name="assocContent" default-entity-name="ContentAssoc" auth="true" engine="simple" invoke="assocContent" @@ -1517,4 +1518,17 @@ <attribute name="ownerContentId" type="String" mode="IN" optional="false"/> </service> + <!-- content permissions --> + <service name="genericContentPermission" engine="simple" auth="true" + location="org/ofbiz/content/permission/ContentPermissionServices.xml" invoke="genericContentPermission"> + <description>Generic Content Permission Service; Takes mainAction to determine the mode.</description> + <implements service="permissionInterface"/> + <attribute name="ownerContentId" type="String" mode="IN" optional="true"/> + <attribute name="contentIdFrom" type="String" mode="IN" optional="true"/> + <attribute name="contentIdTo" type="String" mode="IN" optional="true"/> + <attribute name="contentId" type="String" mode="IN" optional="true"/> + <attribute name="statusId" type="String" mode="IN" optional="true"/> + <attribute name="contentPurposeTypeId" type="String" mode="IN" optional="true"/> + <attribute name="contentOperationId" type="String" mode="IN" optional="true"/> + </service> </services> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |