OFBiz › OFBiz - Commits

svn commit: r769937 - in /ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp: control/ContextFilter.java control/ControlServlet.java control/LoginWorker.java event/CoreEvents.java ftl/FreeMarkerViewHandler.java

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jaz-3

svn commit: r769937 - in /ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp: control/ContextFilter.java control/ControlServlet.java control/LoginWorker.java event/CoreEvents.java ftl/FreeMarkerViewHandler.java

Author: jaz
Date: Wed Apr 29 21:14:21 2009
New Revision: 769937

URL: http://svn.apache.org/viewvc?rev=769937&view=rev
Log:
integration with Authz Integration with new Authz API - JIRA OFBIZ-2381

use request.getAttribute("authz") instead of request.getAttribute("security")

Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/FreeMarkerViewHandler.java

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java?rev=769937&r1=769936&r2=769937&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java Wed Apr 29 21:14:21 2009
@@ -54,6 +54,8 @@
import org.ofbiz.security.Security;
import org.ofbiz.security.SecurityConfigurationException;
import org.ofbiz.security.SecurityFactory;
+import org.ofbiz.security.authz.Authorization;
+import org.ofbiz.security.authz.AuthorizationFactory;
import org.ofbiz.service.GenericDispatcher;
import org.ofbiz.service.LocalDispatcher;

@@ -100,6 +102,8 @@
getServerId();
// initialize the delegator
getDelegator();
+ // initialize authorizer
+ getAuthz();
// initialize security
getSecurity();
// initialize the services dispatcher
@@ -330,6 +334,27 @@
return delegator;
}

+ protected Authorization getAuthz() {
+ Authorization authz = (Authorization) config.getServletContext().getAttribute("authorization");
+ if (authz == null) {
+ GenericDelegator delegator = (GenericDelegator) config.getServletContext().getAttribute("delegator");
+
+ if (delegator != null) {
+ try {
+ authz = AuthorizationFactory.getInstance(delegator);
+ } catch (SecurityConfigurationException e) {
+ Debug.logError(e, "[ServiceDispatcher.init] : No instance of authorization implementation found.", module);
+ }
+ }
+ config.getServletContext().setAttribute("authz", authz);
+ if (authz == null) {
+ Debug.logError("[ContextFilter.init] ERROR: authorization create failed.", module);
+ }
+ }
+ return authz;
+ }
+
+ @Deprecated
protected Security getSecurity() {
Security security = (Security) config.getServletContext().getAttribute("security");
if (security == null) {

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java?rev=769937&r1=769936&r2=769937&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java Wed Apr 29 21:14:21 2009
@@ -41,6 +41,7 @@
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
import org.ofbiz.service.LocalDispatcher;
import org.ofbiz.webapp.stats.ServerHitBin;
import org.ofbiz.webapp.stats.VisitHandler;
@@ -166,6 +167,15 @@
}
request.setAttribute("dispatcher", dispatcher);

+ Authorization authz = (Authorization) session.getAttribute("authz");
+ if (authz == null) {
+ authz = (Authorization) getServletContext().getAttribute("authz");
+ }
+ if (authz == null) {
+ Debug.logError("[ControlServlet] ERROR: authorization not found in ServletContext", module);
+ }
+ request.setAttribute("authz", authz); // maybe we should also add the value to 'security'
+
Security security = (Security) session.getAttribute("security");
if (security == null) {
security = (Security) getServletContext().getAttribute("security");

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=769937&r1=769936&r2=769937&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Wed Apr 29 21:14:21 2009
@@ -60,6 +60,7 @@
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
import org.ofbiz.service.GenericServiceException;
import org.ofbiz.service.LocalDispatcher;
import org.ofbiz.service.ModelService;
@@ -850,6 +851,7 @@

protected static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) {
ServletContext context = (ServletContext) request.getAttribute("servletContext");
+ Authorization authz = (Authorization) request.getAttribute("authz");
Security security = (Security) request.getAttribute("security");

String serverId = (String) context.getAttribute("_serverId");
@@ -859,7 +861,8 @@
if (security != null) {
if (info != null) {
for (String permission: info.getBasePermission()) {
- if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin)) {
+ if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) &&
+ !authz.hasPermission(userLogin.getString("userLoginId"), permission, null, true)) {
return false;
}
}

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java?rev=769937&r1=769936&r2=769937&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java Wed Apr 29 21:14:21 2009
@@ -46,7 +46,7 @@
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericEntity;
import org.ofbiz.entity.GenericValue;
-import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
import org.ofbiz.service.DispatchContext;
import org.ofbiz.service.GenericDispatcher;
import org.ofbiz.service.GenericServiceException;
@@ -103,10 +103,10 @@
*/
public static String changeDelegator(HttpServletRequest request, HttpServletResponse response) {
String delegatorName = request.getParameter("delegator");
- Security security = (Security) request.getAttribute("security");
+ Authorization authz = (Authorization) request.getAttribute("authz");
Locale locale = UtilHttp.getLocale(request);

- if (!security.hasPermission("ENTITY_MAINT", request.getSession())) {
+ if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null, true)) {
String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_use_fct", locale);
request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg);
return "error";
@@ -157,10 +157,10 @@
*/
public static String changeDispatcher(HttpServletRequest request, HttpServletResponse response) {
String dispatcherName = request.getParameter("dispatcher");
- Security security = (Security) request.getAttribute("security");
+ Authorization authz = (Authorization) request.getAttribute("authz");
Locale locale = UtilHttp.getLocale(request);

- if (!security.hasPermission("ENTITY_MAINT", request.getSession())) {
+ if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null, true)) {
String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_use_fct", locale);
request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg);
return "error";
@@ -200,7 +200,7 @@
*/
public static String scheduleService(HttpServletRequest request, HttpServletResponse response) {
GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
- Security security = (Security) request.getAttribute("security");
+ Authorization authz = (Authorization) request.getAttribute("authz");
LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher");
//GenericDelegator delegator = (GenericDelegator) request.getAttribute("delegator");
Locale locale = UtilHttp.getLocale(request);
@@ -304,8 +304,8 @@
if (locale != null) {
serviceContext.put("locale", locale);
}
-
- if (!modelService.export && !security.hasPermission("SERVICE_INVOKE_ANY", request.getSession())) {
+
+ if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null, true)) {
String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_to_call", locale);
request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg);
return "error";
@@ -526,8 +526,7 @@
}

// now do a security check
-
- Security security = (Security) request.getAttribute("security");
+ Authorization authz = (Authorization) request.getAttribute("authz");
LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher");

//lookup the service definition to see if this service is externally available, if not require the SERVICE_INVOKE_ANY permission
@@ -546,7 +545,7 @@
return "error";
}

- if (!modelService.export && !security.hasPermission("SERVICE_INVOKE_ANY", request.getSession())) {
+ if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null, true)) {
String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_to_call", locale);
request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg + ".");
return "error";

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/FreeMarkerViewHandler.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/FreeMarkerViewHandler.java?rev=769937&r1=769936&r2=769937&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/FreeMarkerViewHandler.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/FreeMarkerViewHandler.java Wed Apr 29 21:14:21 2009
@@ -94,6 +94,7 @@
// add in the OFBiz objects
root.put("delegator", request.getAttribute("delegator"));
root.put("dispatcher", request.getAttribute("dispatcher"));
+ root.put("authz", request.getAttribute("authz"));
root.put("security", request.getAttribute("security"));
root.put("userLogin", session.getAttribute("userLogin"));