svn commit: r769943 - in /ofbiz/trunk/framework/widget/
Locked
svn commit: r769943 - in /ofbiz/trunk/framework/widget/
 
|
Author: jaz
Date: Wed Apr 29 21:27:59 2009 New Revision: 769943 URL: http://svn.apache.org/viewvc?rev=769943&view=rev Log: integration with new Authz API - JIRA OFBIZ-2381 NOTE: when using the action="" the old API is always used; when no action is specified the new API is used Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/cache/WidgetContextCacheKey.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/cache/WidgetContextCacheKey.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/cache/WidgetContextCacheKey.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/cache/WidgetContextCacheKey.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/cache/WidgetContextCacheKey.java Wed Apr 29 21:27:59 2009 @@ -40,6 +40,7 @@ fieldNamesToSkip.add("globalContext"); fieldNamesToSkip.add("delegator"); fieldNamesToSkip.add("dispatcher"); + fieldNamesToSkip.add("authz"); fieldNamesToSkip.add("security"); fieldNamesToSkip.add("webSiteId"); fieldNamesToSkip.add("userLogin"); Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java Wed Apr 29 21:27:59 2009 @@ -43,6 +43,7 @@ import org.ofbiz.entityext.permission.EntityPermissionChecker; import org.ofbiz.minilang.operation.BaseCompare; import org.ofbiz.security.Security; +import org.ofbiz.security.authz.Authorization; import org.ofbiz.service.DispatchContext; import org.ofbiz.service.GenericServiceException; import org.ofbiz.service.LocalDispatcher; @@ -308,15 +309,17 @@ String permission = permissionExdr.expandString(context); String action = actionExdr.expandString(context); + Authorization authz = (Authorization) context.get("authz"); Security security = (Security) context.get("security"); if (action != null && action.length() > 0) { + //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module); // run hasEntityPermission if (security.hasEntityPermission(permission, action, userLogin)) { return true; } } else { // run hasPermission - if (security.hasPermission(permission, userLogin)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { return true; } } Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java Wed Apr 29 21:27:59 2009 @@ -336,7 +336,7 @@ * - autoUserLogin (if a user is automatically logged in, ie no password has been entered) * - formStringRenderer * - request, response, session, application (special case, only in HTML contexts, etc) - * - delegator, dispatcher, security + * - delegator, dispatcher, authz, security * - null (represents a null field value for entity operations) * - sections (used for decorators to reference the sections to be decorated and render them) * @param screenStringRenderer An implementation of the ScreenStringRenderer Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java Wed Apr 29 21:27:59 2009 @@ -45,6 +45,7 @@ import org.ofbiz.entityext.permission.EntityPermissionChecker; import org.ofbiz.minilang.operation.BaseCompare; import org.ofbiz.security.Security; +import org.ofbiz.security.authz.Authorization; import org.ofbiz.service.DispatchContext; import org.ofbiz.service.GenericServiceException; import org.ofbiz.service.LocalDispatcher; @@ -304,15 +305,17 @@ String permission = permissionExdr.expandString(context); String action = actionExdr.expandString(context); + Authorization authz = (Authorization) context.get("authz"); Security security = (Security) context.get("security"); if (action != null && action.length() > 0) { + //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module); // run hasEntityPermission if (security.hasEntityPermission(permission, action, userLogin)) { return true; } } else { // run hasPermission - if (security.hasPermission(permission, userLogin)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { return true; } } Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java Wed Apr 29 21:27:59 2009 @@ -47,6 +47,7 @@ import org.ofbiz.entity.GenericEntity; import org.ofbiz.entity.GenericValue; import org.ofbiz.security.Security; +import org.ofbiz.security.authz.Authorization; import org.ofbiz.service.DispatchContext; import org.ofbiz.service.LocalDispatcher; import org.ofbiz.webapp.control.LoginWorker; @@ -139,11 +140,11 @@ return this.screenStringRenderer; } - public void populateBasicContext(Map<String, Object> parameters, GenericDelegator delegator, LocalDispatcher dispatcher, Security security, Locale locale, GenericValue userLogin) { - populateBasicContext(context, this, parameters, delegator, dispatcher, security, locale, userLogin); + public void populateBasicContext(Map<String, Object> parameters, GenericDelegator delegator, LocalDispatcher dispatcher, Authorization authz, Security security, Locale locale, GenericValue userLogin) { + populateBasicContext(context, this, parameters, delegator, dispatcher, authz, security, locale, userLogin); } - public static void populateBasicContext(MapStack<String> context, ScreenRenderer screens, Map<String, Object> parameters, GenericDelegator delegator, LocalDispatcher dispatcher, Security security, Locale locale, GenericValue userLogin) { + public static void populateBasicContext(MapStack<String> context, ScreenRenderer screens, Map<String, Object> parameters, GenericDelegator delegator, LocalDispatcher dispatcher, Authorization authz, Security security, Locale locale, GenericValue userLogin) { // ========== setup values that should always be in a screen context // include an object to more easily render screens context.put("screens", screens); @@ -157,6 +158,7 @@ context.put("parameters", parameters); context.put("delegator", delegator); context.put("dispatcher", dispatcher); + context.put("authz", authz); context.put("security", security); context.put("locale", locale); context.put("userLogin", userLogin); @@ -179,14 +181,14 @@ HttpSession session = request.getSession(); // attribute names to skip for session and application attributes; these are all handled as special cases, duplicating results and causing undesired messages - Set<String> attrNamesToSkip = UtilMisc.toSet("delegator", "dispatcher", "security", "webSiteId"); + Set<String> attrNamesToSkip = UtilMisc.toSet("delegator", "dispatcher", "authz", "security", "webSiteId"); Map<String, Object> parameterMap = UtilHttp.getCombinedMap(request, attrNamesToSkip); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); populateBasicContext(context, screens, parameterMap, (GenericDelegator) request.getAttribute("delegator"), - (LocalDispatcher) request.getAttribute("dispatcher"), (Security) request.getAttribute("security"), - UtilHttp.getLocale(request), userLogin); + (LocalDispatcher) request.getAttribute("dispatcher"), (Authorization) request.getAttribute("authz"), + (Security) request.getAttribute("security"), UtilHttp.getLocale(request), userLogin); context.put("autoUserLogin", session.getAttribute("autoUserLogin")); context.put("person", session.getAttribute("person")); @@ -296,7 +298,7 @@ } public void populateContextForService(DispatchContext dctx, Map<String, Object> serviceContext) { - this.populateBasicContext(serviceContext, dctx.getDelegator(), dctx.getDispatcher(), dctx.getSecurity(), - (Locale) serviceContext.get("locale"), (GenericValue) serviceContext.get("userLogin")); + this.populateBasicContext(serviceContext, dctx.getDelegator(), dctx.getDispatcher(), dctx.getAuthorization(), + dctx.getSecurity(), (Locale) serviceContext.get("locale"), (GenericValue) serviceContext.get("userLogin")); } } Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java?rev=769943&r1=769942&r2=769943&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java Wed Apr 29 21:27:59 2009 @@ -42,6 +42,7 @@ import org.ofbiz.entityext.permission.EntityPermissionChecker; import org.ofbiz.minilang.operation.BaseCompare; import org.ofbiz.security.Security; +import org.ofbiz.security.authz.Authorization; import org.w3c.dom.Element; /** @@ -209,15 +210,17 @@ String permission = permissionExdr.expandString(context); String action = actionExdr.expandString(context); + Authorization authz = (Authorization) context.get("authorization"); Security security = (Security) context.get("security"); if (action != null && action.length() > 0) { + //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module); // run hasEntityPermission if (security.hasEntityPermission(permission, action, userLogin)) { return true; } } else { // run hasPermission - if (security.hasPermission(permission, userLogin)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { return true; } } |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |