svn commit: r584399 - in /ofbiz/trunk/framework/common: config/CommonUiLabels.properties script/org/ofbiz/common/CommonServices.xml script/org/ofbiz/common/permission/CommonPermissionServices.xml

Author: jleroux
Date: Sat Oct 13 06:35:05 2007
New Revision: 584399

URL: http://svn.apache.org/viewvc?rev=584399&view=rev
Log:
A patch from Adrian Crum "Improved Common Permission Checking Simple Method & Messages" (https://issues.apache.org/jira/browse/OFBIZ-1246)

Modified:
    ofbiz/trunk/framework/common/config/CommonUiLabels.properties
    ofbiz/trunk/framework/common/script/org/ofbiz/common/CommonServices.xml
    ofbiz/trunk/framework/common/script/org/ofbiz/common/permission/CommonPermissionServices.xml

Modified: ofbiz/trunk/framework/common/config/CommonUiLabels.properties
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/config/CommonUiLabels.properties?rev=584399&r1=584398&r2=584399&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/config/CommonUiLabels.properties (original)
+++ ofbiz/trunk/framework/common/config/CommonUiLabels.properties Sat Oct 13 06:35:05 2007
@@ -186,6 +186,7 @@
 CommonFromDateNotValidDateTime=From Date is not a valid Date-Time.
 CommonFromDateThruDate=From Date / Thru Date
 CommonFromDateTime=From Date & Time
+CommonGenericPermissionError=Security Error\: To run ${resourceDescription} you must have the one of the following permissions: ${primaryPermission}_${mainAction}, ${primaryPermission}_ADMIN${altPermissionList}
 CommonGeo=Geo
 CommonGeos=Geos
 CommonGetPasswordHint=Get Password Hint
@@ -300,11 +301,10 @@
 CommonPassword=Password
 CommonPasswordChange=Please Change Your Password
 CommonPerform=Perform
-CommonPermissionErrorMessage=Security Error\: to run ${resourceDescription} you must have the EXAMPLE_${mainAction} or EXAMPLE_ADMIN permission
 CommonPermissionError=Permission Error
 CommonPermissionMainActionAttributeMissing=Permission main-action parameter missing!
 CommonPermissionPrimaryPermissionMissing=Permission primaryPermission parameter missing!
-CommonGenericPermissionError=Security Error\: To run ${resourceDescription} you must have the ${}_${mainAction} or ${}_ADMIN permission
+CommonPermissionThisOperation=this operation
 CommonPerson=Person
 CommonPostedBy=Posted By
 CommonPostedDate=Posted Date

Modified: ofbiz/trunk/framework/common/script/org/ofbiz/common/CommonServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/script/org/ofbiz/common/CommonServices.xml?rev=584399&r1=584398&r2=584399&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/script/org/ofbiz/common/CommonServices.xml (original)
+++ ofbiz/trunk/framework/common/script/org/ofbiz/common/CommonServices.xml Sat Oct 13 06:35:05 2007
@@ -21,21 +21,8 @@
 <simple-methods xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/simple-methods.xsd">
     <simple-method method-name="commonGenericPermission" short-description="Main permission logic">
-        <set field="mainAction" from-field="parameters.mainAction"/>
-        <if-empty field-name="mainAction">
-            <add-error><fail-message message="In the permission-service element for the commonGenericPermission service the main-action attribute was missing but is required"/></add-error>
-            <check-errors/>
-        </if-empty>
-        <if-has-permission permission="COMMON" action="_${parameters.mainAction}">
-            <set field="hasPermission" type="Boolean" value="true"/>
-            <field-to-result field-name="hasPermission"/>
-            <else>
-                <property-to-field resource="CommonUiLabels" property="CommonPermissionErrorMessage" field-name="failMessage"/>
-                <set field="hasPermission" type="Boolean" value="false"/>
-                <field-to-result field-name="hasPermission"/>
-                <field-to-result field-name="failMessage"/>
-            </else>
-        </if-has-permission>
+        <set field="primaryPermission" value="COMMON"/>
+        <call-simple-method method-name="genericBasePermissionCheck" xml-resource="component://common/script/org/ofbiz/common/permission/CommonPermissionServices.xml"/>
     </simple-method>
     
     <simple-method method-name="createKeywordThesaurus" short-description="Create a KeywordThesaurus">

Modified: ofbiz/trunk/framework/common/script/org/ofbiz/common/permission/CommonPermissionServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/script/org/ofbiz/common/permission/CommonPermissionServices.xml?rev=584399&r1=584398&r2=584399&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/script/org/ofbiz/common/permission/CommonPermissionServices.xml (original)
+++ ofbiz/trunk/framework/common/script/org/ofbiz/common/permission/CommonPermissionServices.xml Sat Oct 13 06:35:05 2007
@@ -21,38 +21,51 @@
         xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/simple-methods.xsd">
 
     <simple-method method-name="genericBasePermissionCheck" short-description="Basic Permission check">
-        <!-- allow primary permission to be set form outside methods or direct to the service -->
-        <if-empty field-name="primaryPermission">
-            <set field="primaryPermission" from-field="parameters.primaryPermission"/>
+        <!-- allow mainAction to be set from outside methods or direct to the service -->
+        <if-empty field-name="mainAction">
+            <set field="mainAction" from-field="parameters.mainAction"/>
+            <if-empty field-name="mainAction">
+                <add-error><fail-property resource="CommonUiLabels" property="CommonPermissionMainActionAttributeMissing"/></add-error>
+            </if-empty>
         </if-empty>
+        <check-errors/>
+
+        <!-- allow primary permission to be set from outside methods or direct to the service -->
         <if-empty field-name="primaryPermission">
-            <add-error><fail-property resource="CommonUiLabels" property="CommonPermissionPrimaryPermissionMissing"/></add-error>
+            <set field="primaryPermission" from-field="parameters.primaryPermission"/>
+            <if-empty field-name="primaryPermission">
+                <add-error><fail-property resource="CommonUiLabels" property="CommonPermissionPrimaryPermissionMissing"/></add-error>
+            </if-empty>
         </if-empty>
+        <check-errors/>
+        <log level="info" message="Checking for primary permission ${primaryPermission}_${mainAction}"/>
 
-        <!-- allow alt permission to be set form outside methods or direct to the service -->
+        <!-- allow alt permission to be set from outside methods or direct to the service -->
         <if-empty field-name="altPermission">
             <set field="altPermission" from-field="parameters.altPermission"/>
         </if-empty>
-        <!-- altPermission is not a required field; no need to addError -->
+        <if-not-empty field-name="altPermission">
+            <log level="info" message="Checking for alternate permission ${altPermission}_${mainAction}"/>
+            <set field="altPermissionList" value=", ${altPermission}_${mainAction}, ${altPermission}_ADMIN"/>
+        </if-not-empty>
+        <!-- altPermission is not a required field; no need to add Error -->
 
-        <!-- allow mainAction to be set from outside methods -->
-        <if-empty field-name="mainAction">
-            <set field="mainAction" from-field="parameters.mainAction"/>
+        <!-- set up called service name -->
+        <if-empty field-name="resourceDescription">
+            <set field="resourceDescription" from-field="parameters.resourceDescriptionn"/>
+            <if-empty field-name="resourceDescription">
+                <property-to-field resource="CommonUiLabels" property="CommonPermissionThisOperation" field-name="resourceDescription"/>
+            </if-empty>
         </if-empty>
-        <if-empty field-name="mainAction">
-            <add-error><fail-property resource="CommonUiLabels" property="CommonPermissionMainActionAttributeMissing"/></add-error>
-        </if-empty>
-
-        <log level="info" message="Checking for primary ${primaryPermission}_${mainAction}"/>
-        <log level="info" message="Checking for alternate ${altPermission}_${mainAction}"/>
-        <check-errors/>
 
         <!-- check permission -->
         <if>
             <condition>
                 <or>
+                    <if-has-permission permission="${primaryPermission}_ADMIN"/>
                     <if-has-permission permission="${primaryPermission}" action="_${parameters.mainAction}"/>
                     <if-has-permission permission="${altPermission}" action="_${parameters.mainAction}"/>
+                    <if-has-permission permission="${altPermission}_ADMIN"/>
                 </or>
             </condition>
             <then>