svn commit: r732744 - in /ofbiz/trunk/framework/common: servicedef/services.xml src/org/ofbiz/common/preferenc
Locked
 
|
Author: adrianc
Date: Thu Jan 8 08:18:54 2009 New Revision: 732744 URL: http://svn.apache.org/viewvc?rev=732744&view=rev Log: Fixed a design flaw in the user preference services. The services accepted an optional parameter - userLoginId - so that admins could perform CRUD operations on other user's preferences. This parameter caused a name clash with screens and services that also had a userLoginId parameter. The preference services userLoginId parameter has been renamed to userPrefLoginId. Modified: ofbiz/trunk/framework/common/servicedef/services.xml ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java Modified: ofbiz/trunk/framework/common/servicedef/services.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/servicedef/services.xml?rev=732744&r1=732743&r2=732744&view=diff ============================================================================== --- ofbiz/trunk/framework/common/servicedef/services.xml (original) +++ ofbiz/trunk/framework/common/servicedef/services.xml Thu Jan 8 08:18:54 2009 @@ -426,7 +426,7 @@ <permission-service service-name="preferenceCopyPermission"/> <attribute name="fromUserLoginId" type="String" mode="IN" optional="false"/> <attribute name="userPrefGroupTypeId" type="String" mode="IN" optional="false"/> - <attribute name="userLoginId" type="String" mode="IN" optional="true"/> + <attribute name="userPrefLoginId" type="String" mode="IN" optional="true"/> </service> <service name="getUserPreference" engine="java" @@ -443,7 +443,7 @@ location="org.ofbiz.common.preferences.PreferenceServices" invoke="getUserPreferenceGroup"> <description>Gets a group of user preferences.</description> <attribute name="userPrefGroupTypeId" type="String" mode="IN" optional="false"/> - <attribute name="userLoginId" type="String" mode="IN" optional="true"/> + <attribute name="userPrefLoginId" type="String" mode="IN" optional="true"/> <attribute name="userPrefMap" type="Map" mode="OUT" optional="true"/> </service> @@ -454,7 +454,7 @@ <attribute name="userPrefTypeId" type="String" mode="IN" optional="false"/> <attribute name="userPrefValue" type="String" mode="IN" optional="false"/> <attribute name="userPrefGroupTypeId" type="String" mode="IN" optional="true"/> - <attribute name="userLoginId" type="String" mode="IN" optional="true"/> + <attribute name="userPrefLoginId" type="String" mode="IN" optional="true"/> </service> <service name="setUserPreferenceGroup" engine="java" @@ -463,14 +463,14 @@ <permission-service service-name="preferenceGetSetPermission" main-action="CREATE"/> <attribute name="userPrefMap" type="Map" mode="IN" optional="false"/> <attribute name="userPrefGroupTypeId" type="String" mode="IN" optional="false"/> - <attribute name="userLoginId" type="String" mode="IN" optional="true"/> + <attribute name="userPrefLoginId" type="String" mode="IN" optional="true"/> </service> <service name="preferenceGetSetPermission" engine="java" location="org.ofbiz.common.preferences.PreferenceWorker" invoke="checkPermission"> <description>User preference get/set permission checking.</description> <implements service="permissionInterface"/> - <attribute name="userLoginId" type="String" mode="IN" optional="true"/> + <attribute name="userPrefLoginId" type="String" mode="IN" optional="true"/> </service> <service name="preferenceCopyPermission" engine="java" Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java?rev=732744&r1=732743&r2=732744&view=diff ============================================================================== --- ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java (original) +++ ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java Thu Jan 8 08:18:54 2009 @@ -53,7 +53,7 @@ /** * Retrieves a single user preference from persistent storage. Call with - * userPrefTypeId and optional userLoginId. If userLoginId isn't + * userPrefTypeId and optional userPrefLoginId. If userPrefLoginId isn't * specified, then the currently logged-in user's userLoginId will be * used. The retrieved preference is contained in the <b>userPrefMap</b> element. * @param ctx The DispatchContext that this service is operating in. @@ -106,7 +106,7 @@ /** * Retrieves a group of user preferences from persistent storage. Call with - * userPrefGroupTypeId and optional userLoginId. If userLoginId isn't + * userPrefGroupTypeId and optional userPrefLoginId. If userPrefLoginId isn't * specified, then the currently logged-in user's userLoginId will be * used. The retrieved preferences group is contained in the <b>userPrefMap</b> element. * @param ctx The DispatchContext that this service is operating in. @@ -147,8 +147,8 @@ /** * Stores a single user preference in persistent storage. Call with - * userPrefTypeId, userPrefGroupTypeId, userPrefValue and optional userLoginId. - * If userLoginId isn't specified, then the currently logged-in user's + * userPrefTypeId, userPrefGroupTypeId, userPrefValue and optional userPrefLoginId. + * If userPrefLoginId isn't specified, then the currently logged-in user's * userLoginId will be used. * @param ctx The DispatchContext that this service is operating in. * @param context Map containing the input arguments. @@ -186,7 +186,7 @@ /** * Stores a user preference group in persistent storage. Call with - * userPrefMap, userPrefGroupTypeId and optional userLoginId. If userLoginId + * userPrefMap, userPrefGroupTypeId and optional userPrefLoginId. If userPrefLoginId * isn't specified, then the currently logged-in user's userLoginId will be * used. * @param ctx The DispatchContext that this service is operating in. @@ -223,7 +223,7 @@ /** * Copies a user preference group. Call with - * fromUserLoginId, userPrefGroupTypeId and optional userLoginId. If userLoginId + * fromUserLoginId, userPrefGroupTypeId and optional userPrefLoginId. If userPrefLoginId * isn't specified, then the currently logged-in user's userLoginId will be * used. * @param ctx The DispatchContext that this service is operating in. Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java?rev=732744&r1=732743&r2=732744&view=diff ============================================================================== --- ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java (original) +++ ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java Thu Jan 8 08:18:54 2009 @@ -41,6 +41,11 @@ * User preference administrator permission. Currently set to "USERPREF_ADMIN". */ public static final String ADMIN_PERMISSION = "USERPREF_ADMIN"; + /** User login ID parameter name. Currently set to "userPrefLoginId". This + * parameter name is used in preference service definitions to specify a user login ID + * that is different than the currently logged in user. + */ + public static final String LOGINID_PARAMETER_NAME = "userPrefLoginId"; /** Default userLoginId. Currently set to "_NA_". This userLoginId is used to * retrieve default preferences when the user is not logged in. @@ -80,7 +85,7 @@ GenericValue userLogin = (GenericValue) context.get("userLogin"); if (userLogin != null) { String userLoginId = userLogin.getString("userLoginId"); - String userLoginIdArg = (String) context.get("userLoginId"); // is an optional parameters which defaults to the logged on user + String userLoginIdArg = (String) context.get(LOGINID_PARAMETER_NAME); // is an optional parameters which defaults to the logged on user if (userLoginIdArg == null || (userLoginIdArg != null && userLoginId.equals(userLoginIdArg))) { hasPermission = true; // users can copy to their own preferences } else { @@ -105,7 +110,7 @@ boolean hasPermission = false; String mainAction = (String) context.get("mainAction"); if ("VIEW".equals(mainAction)) { - if (DEFAULT_UID.equals(context.get("userLoginId"))) { + if (DEFAULT_UID.equals(context.get(LOGINID_PARAMETER_NAME))) { hasPermission = true; } else { hasPermission = isValidGetId(ctx, context); @@ -148,7 +153,7 @@ /** * Gets a valid userLoginId parameter from the context Map. - * <p>This method searches the context Map for a userLoginId key. If none is + * <p>This method searches the context Map for a userPrefLoginId key. If none is * found, the method attempts to get the current user's userLoginId. If the user * isn't logged in, then the method returns <a href="#DEFAULT_UID">DEFAULT_UID</a> * if returnDefault is set to true, otherwise the method returns a null or empty string.</p> @@ -158,7 +163,7 @@ * @return userLoginId String */ public static String getUserLoginId(Map<String, ?> context, boolean returnDefault) { - String userLoginId = (String) context.get("userLoginId"); + String userLoginId = (String) context.get(LOGINID_PARAMETER_NAME); if (UtilValidate.isEmpty(userLoginId)) { GenericValue userLogin = (GenericValue) context.get("userLogin"); if (userLogin != null) { @@ -177,9 +182,9 @@ * can be retrieved by the current user: * <ul> * <li>If the user isn't logged in, then the method returns true</li> - * <li>If the user is logged in and the userLoginId specified in the context Map + * <li>If the user is logged in and the userPrefLoginId specified in the context Map * matches the user's userLoginId, then the method returns true.</li> - * <li>If the user is logged in and the userLoginId specified in the context Map + * <li>If the user is logged in and the userPrefLoginId specified in the context Map * is different than the user's userLoginId, then a security permission check is performed. * If the user has the <a href="#ADMIN_PERMISSION">ADMIN_PERMISSION</a> permission then the * method returns true.</li> @@ -197,7 +202,7 @@ } else { currentUserLoginId = userLogin.getString("userLoginId"); } - String userLoginIdArg = (String) context.get("userLoginId"); + String userLoginIdArg = (String) context.get(LOGINID_PARAMETER_NAME); if (!currentUserLoginId.equals(DEFAULT_UID) && !currentUserLoginId.equals(userLoginIdArg) && userLoginIdArg != null) { Security security = ctx.getSecurity(); @@ -212,9 +217,9 @@ * can be set by the current user: * <ul> * <li>If the user isn't logged in, then the method returns false</li> - * <li>If the user is logged in and the userLoginId specified in the context Map + * <li>If the user is logged in and the userPrefLoginId specified in the context Map * matches the user's userLoginId, then the method returns true.</li> - * <li>If the user is logged in and the userLoginId specified in the context Map + * <li>If the user is logged in and the userPrefLoginId specified in the context Map * is different than the user's userLoginId, then a security permission check is performed. * If the user has the <a href="#ADMIN_PERMISSION">ADMIN_PERMISSION</a> * permission then the method returns true.</li> @@ -229,7 +234,7 @@ return false; } String currentUserLoginId = userLogin.getString("userLoginId"); - String userLoginIdArg = (String) context.get("userLoginId"); + String userLoginIdArg = (String) context.get(LOGINID_PARAMETER_NAME); if (!currentUserLoginId.equals(userLoginIdArg) && userLoginIdArg != null) { Security security = ctx.getSecurity(); return security.hasPermission(ADMIN_PERMISSION, userLogin); |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |