svn commit: r805146 - in /ofbiz/branches/executionconte
Locked
svn commit: r805146 - in /ofbiz/branches/executionconte
 
|
Author: adrianc
Date: Mon Aug 17 21:18:51 2009 New Revision: 805146 URL: http://svn.apache.org/viewvc?rev=805146&view=rev Log: Initial implementation of the Authorization Manager. Right now it doesn't control artifact access because the data files haven't been designed. There is a setting in api.properties that will turn on info messages so you can see it in action. Added: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java (with props) ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java (with props) Modified: ofbiz/branches/executioncontext20090812/framework/api/config/api.properties ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContext.java ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/DelegatorImpl.java ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/ExecutionContext.java ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/SecurityFactory.java ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ExecutionContext.java ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ServiceDispatcher.java ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/form/ModelForm.java ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java Modified: ofbiz/branches/executioncontext20090812/framework/api/config/api.properties URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/config/api.properties?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/api/config/api.properties (original) +++ ofbiz/branches/executioncontext20090812/framework/api/config/api.properties Mon Aug 17 21:18:51 2009 @@ -28,3 +28,11 @@ # Class name of the ExecutionContext implementation executionContext.class=org.ofbiz.context.ExecutionContextImpl + +# Set to true to enable AuthorizationManager info messages. This property is for +# development only, it will be removed when the AuthorizationManager implementation +# is complete. +authorizationManager.verbose=false + +# Class name of the AuthorizationManager implementation +authorizationManager.class=org.ofbiz.security.AuthorizationManagerImpl Modified: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContext.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContext.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContext.java (original) +++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContext.java Mon Aug 17 21:18:51 2009 @@ -21,9 +21,18 @@ import java.util.Locale; import java.util.TimeZone; +import org.ofbiz.api.authorization.AccessController; + /** ExecutionContext interface. */ public interface ExecutionContext { + /** Returns an <code>AccessController</code> instance for this + * user login and execution path combination. + * + * @return An <code>AccessController</code> instance + */ + public AccessController getAccessController(); + /** Returns the currency unit of measure. * * @return The ISO currency code Modified: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java (original) +++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java Mon Aug 17 21:18:51 2009 @@ -29,7 +29,7 @@ import org.ofbiz.base.util.UtilProperties; /** Implementation of the ExecutionContext interface. */ -public class ExecutionContextImpl implements ExecutionContext { +public abstract class ExecutionContextImpl implements ExecutionContext { public static final String module = ExecutionContextImpl.class.getName(); Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java (original) +++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java Mon Aug 17 21:18:51 2009 @@ -22,9 +22,12 @@ import java.util.Map; import java.util.TimeZone; +import org.ofbiz.api.authorization.AccessController; +import org.ofbiz.entity.DelegatorFactory; import org.ofbiz.entity.GenericDelegator; import org.ofbiz.entity.GenericValue; -import org.ofbiz.security.Security; +import org.ofbiz.security.AuthorizationManager; +import org.ofbiz.security.SecurityFactory; import org.ofbiz.service.LocalDispatcher; import org.ofbiz.service.ExecutionContext; @@ -33,10 +36,13 @@ protected GenericDelegator delegator = null; protected LocalDispatcher dispatcher = null; - protected Security security = null; + protected AuthorizationManager security = null; protected GenericValue userLogin = null; public GenericDelegator getDelegator() { + if (this.delegator == null) { + this.delegator = DelegatorFactory.getGenericDelegator("default"); + } return this.delegator; } @@ -44,7 +50,13 @@ return this.dispatcher; } - public Security getSecurity() { + public AuthorizationManager getSecurity() { + if (this.security == null) { + try { + this.security = SecurityFactory.getInstance(this.getDelegator()); + } catch (Exception e) { + } + } return this.security; } @@ -53,7 +65,10 @@ } public void initializeContext(Map<String, ? extends Object> params) { + this.setDelegator((GenericDelegator) params.get("delegator")); + this.setDispatcher((LocalDispatcher) params.get("dispatcher")); this.setLocale((Locale) params.get("locale")); + this.setSecurity((AuthorizationManager) params.get("security")); this.setTimeZone((TimeZone) params.get("timeZone")); this.setUserLogin((GenericValue) params.get("userLogin")); } @@ -71,7 +86,7 @@ } } - public void setSecurity(Security security) { + public void setSecurity(AuthorizationManager security) { if (security != null) { this.security = security; } @@ -82,4 +97,8 @@ this.userLogin = userLogin; } } + + public AccessController getAccessController() { + return this.getSecurity().getAccessController(this); + } } Modified: ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/DelegatorImpl.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/DelegatorImpl.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/DelegatorImpl.java (original) +++ ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/DelegatorImpl.java Mon Aug 17 21:18:51 2009 @@ -36,6 +36,8 @@ import javolution.util.FastList; import javolution.util.FastMap; +import org.ofbiz.api.authorization.AccessController; +import static org.ofbiz.api.authorization.BasicPermissions.*; import org.ofbiz.api.context.GenericExecutionArtifact; import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralRuntimeException; @@ -367,8 +369,10 @@ public GenericValue create(GenericValue value, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(value); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { + accessController.checkPermission(Create); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -519,6 +523,7 @@ public GenericValue createOrStore(GenericValue value, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(value); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { if (alwaysUseTransaction) { @@ -527,8 +532,10 @@ GenericValue checkValue = this.findOne(value.getEntityName(), value.getPrimaryKey(), false); if (checkValue != null) { + accessController.checkPermission(Update); this.store(value, doCacheClear); } else { + accessController.checkPermission(Create); this.create(value, doCacheClear); } if (value.lockEnabled()) { @@ -2099,6 +2106,8 @@ try { for (GenericEntity value : dummyPKs) { this.executionContext.pushExecutionArtifact(value); + AccessController accessController = this.executionContext.getAccessController(); + accessController.checkPermission(Delete); if (value.containsPrimaryKey()) { numRemoved += this.removeByPrimaryKey(value.getPrimaryKey(), doCacheClear); } else { @@ -2153,8 +2162,10 @@ public int removeByCondition(String entityName, EntityCondition condition, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(new GenericExecutionArtifact("GenericDelegator.removeByCondition", entityName)); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { + accessController.checkPermission(Delete); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -2206,8 +2217,10 @@ public int removeByPrimaryKey(GenericPK primaryKey, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(new GenericExecutionArtifact("GenericDelegator.removeByPrimaryKey", primaryKey.getEntityName())); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { + accessController.checkPermission(Delete); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -2291,10 +2304,12 @@ public int removeValue(GenericValue value, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(value); + AccessController accessController = this.executionContext.getAccessController(); // NOTE: this does not call the GenericDelegator.removeByPrimaryKey // method because it has more information to pass to the ECA rule hander boolean beganTransaction = false; try { + accessController.checkPermission(Delete); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -2517,8 +2532,10 @@ public int store(GenericValue value, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(value); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { + accessController.checkPermission(Update); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -2679,8 +2696,10 @@ public int storeByCondition(String entityName, Map<String, ? extends Object> fieldsToSet, EntityCondition condition, boolean doCacheClear) throws GenericEntityException { this.executionContext.pushExecutionArtifact(new GenericExecutionArtifact("GenericDelegator.storeByCondition", entityName)); + AccessController accessController = this.executionContext.getAccessController(); boolean beganTransaction = false; try { + accessController.checkPermission(Update); if (alwaysUseTransaction) { beganTransaction = TransactionUtil.begin(); } @@ -2718,6 +2737,7 @@ // after rolling back, rethrow the exception throw e; } finally { + this.executionContext.popExecutionArtifact(); // only commit the transaction if we started one... this will throw // an exception if it fails TransactionUtil.commit(beganTransaction); Added: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java?rev=805146&view=auto ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java (added) +++ ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java Mon Aug 17 21:18:51 2009 @@ -0,0 +1,50 @@ +/******************************************************************************* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + *******************************************************************************/ +package org.ofbiz.security; + +import java.security.Permission; + +/** + * AuthorizationManager interface. + */ +public interface AuthorizationManager extends org.ofbiz.api.authorization.AuthorizationManager, Security { + + // User methods + public void createUser(String userLoginId, String password); + public void updateUser(String userLoginId, String password); + public void deleteUser(String userLoginId); + + // User Group methods + public String createUserGroup(String description); + public void updateUserGroup(String userGroupId, String description); + public void deleteUserGroup(String userGroupId); + + // User Group Assignment methods + public void assignUserToGroup(String userLoginId, String userGroupId); + public void deleteUserFromGroup(String userLoginId, String userGroupId); + public void assignGroupToGroup(String childGroupId, String parentGroupId); + public void deleteGroupFromGroup(String childGroupId, String parentGroupId); + + // Permission Assignment methods + public void assignUserPermission(String userLoginId, String artifactId, Permission permission); + public void deleteUserPermission(String userLoginId, String artifactId, Permission permission); + public void assignGroupPermission(String userGroupId, String artifactId, Permission permission); + public void deleteGroupPermission(String userGroupId, String artifactId, Permission permission); + +} Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java ------------------------------------------------------------------------------ svn:keywords = "Date Rev Author URL Id" Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManager.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Added: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java?rev=805146&view=auto ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java (added) +++ ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java Mon Aug 17 21:18:51 2009 @@ -0,0 +1,143 @@ +/******************************************************************************* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + *******************************************************************************/ +package org.ofbiz.security; + +import static org.ofbiz.api.authorization.BasicPermissions.Admin; + +import java.security.AccessControlException; +import java.security.Permission; + +import org.ofbiz.api.authorization.AccessController; +import org.ofbiz.base.util.Debug; +import org.ofbiz.base.util.UtilProperties; + +/** + * An implementation of the AuthorizationManager interface that uses the OFBiz database + * for authorization data storage. + */ +public class AuthorizationManagerImpl extends OFBizSecurity implements AuthorizationManager { + + public static final String module = AuthorizationManagerImpl.class.getName(); + + public AuthorizationManagerImpl() { + } + + public void assignGroupPermission(String userGroupId, String artifactId, + Permission permission) { + // TODO Auto-generated method stub + + } + + public void assignGroupToGroup(String childGroupId, String parentGroupId) { + // TODO Auto-generated method stub + + } + + public void assignUserPermission(String userLoginId, String artifactId, + Permission permission) { + // TODO Auto-generated method stub + + } + + public void assignUserToGroup(String userLoginId, String userGroupId) { + // TODO Auto-generated method stub + + } + + public void createUser(String userLoginId, String password) { + // TODO Auto-generated method stub + + } + + public String createUserGroup(String description) { + // TODO Auto-generated method stub + return null; + } + + public void deleteGroupFromGroup(String childGroupId, String parentGroupId) { + // TODO Auto-generated method stub + + } + + public void deleteGroupPermission(String userGroupId, String artifactId, + Permission permission) { + // TODO Auto-generated method stub + + } + + public void deleteUser(String userLoginId) { + // TODO Auto-generated method stub + + } + + public void deleteUserFromGroup(String userLoginId, String userGroupId) { + // TODO Auto-generated method stub + + } + + public void deleteUserGroup(String userGroupId) { + // TODO Auto-generated method stub + + } + + public void deleteUserPermission(String userLoginId, String artifactId, + Permission permission) { + // TODO Auto-generated method stub + + } + + public void updateUser(String userLoginId, String password) { + // TODO Auto-generated method stub + + } + + public void updateUserGroup(String userGroupId, String description) { + // TODO Auto-generated method stub + + } + + public AccessController getAccessController(org.ofbiz.api.context.ExecutionContext executionContext) { + return new AccessControllerImpl(executionContext.getExecutionPath(), Admin); + } + + protected static class AccessControllerImpl implements AccessController { + + protected final String executionPath; + protected final Permission permission; + // Temporary - will be removed later + protected boolean verbose = false; + + protected AccessControllerImpl(String executionPath, Permission permission) { + this.executionPath = executionPath; + this.permission = permission; + this.verbose = "true".equals(UtilProperties.getPropertyValue("api.properties", "authorizationManager.verbose")); + } + + public void checkPermission(Permission permission) throws AccessControlException { + if (this.verbose) { + Debug.logInfo("Checking permission " + permission + " for path " + this.executionPath, module); + } + if (!this.permission.implies(permission)) { + throw new AccessControlException(this.executionPath); + } + } + + } + +} Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java ------------------------------------------------------------------------------ svn:keywords = "Date Rev Author URL Id" Propchange: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/AuthorizationManagerImpl.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/ExecutionContext.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/ExecutionContext.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/ExecutionContext.java (original) +++ ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/ExecutionContext.java Mon Aug 17 21:18:51 2009 @@ -24,15 +24,15 @@ */ public interface ExecutionContext extends org.ofbiz.entity.ExecutionContext { - /** Returns the current <code>Security</code> instance. + /** Returns the current <code>AuthorizationManager</code> instance. * - * @return The current <code>Security</code> instance + * @return The current <code>AuthorizationManager</code> instance */ - public Security getSecurity(); + public AuthorizationManager getSecurity(); - /** Sets the current <code>Security</code> instance. + /** Sets the current <code>AuthorizationManager</code> instance. * - * @param security The new <code>Security</code> instance + * @param security The new <code>AuthorizationManager</code> instance */ - public void setSecurity(Security security); + public void setSecurity(AuthorizationManager security); } Modified: ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/SecurityFactory.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/SecurityFactory.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/SecurityFactory.java (original) +++ ofbiz/branches/executioncontext20090812/framework/security/src/org/ofbiz/security/SecurityFactory.java Mon Aug 17 21:18:51 2009 @@ -37,7 +37,7 @@ public class SecurityFactory { public static final String module = SecurityFactory.class.getName(); - public static final String DEFAULT_SECURITY = "org.ofbiz.security.OFBizSecurity"; + public static final String DEFAULT_SECURITY = "org.ofbiz.security.AuthorizationManagerImpl"; private static String securityName = null; private static Element rootElement = null; @@ -50,8 +50,8 @@ * @param delegator the generic delegator * @return instance of security implementation (default: OFBizSecurity) */ - public static Security getInstance(GenericDelegator delegator) throws SecurityConfigurationException { - Security security = null; + public static AuthorizationManager getInstance(GenericDelegator delegator) throws SecurityConfigurationException { + AuthorizationManager security = null; // Make securityName a singleton if (securityName == null) { @@ -65,7 +65,7 @@ try { ClassLoader loader = Thread.currentThread().getContextClassLoader(); Class<?> c = loader.loadClass(getSecurityClass(securityName)); - security = (Security) c.newInstance(); + security = (AuthorizationManager) c.newInstance(); security.setDelegator(delegator); } catch (ClassNotFoundException cnf) { throw new SecurityConfigurationException("Cannot load security implementation class", cnf); Modified: ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ExecutionContext.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ExecutionContext.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ExecutionContext.java (original) +++ ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ExecutionContext.java Mon Aug 17 21:18:51 2009 @@ -20,6 +20,7 @@ import java.util.Map; +import org.ofbiz.security.SecurityConfigurationException; import org.ofbiz.service.LocalDispatcher; /** @@ -38,6 +39,7 @@ * <code>params</code>. * * @param params + * @throws SecurityConfigurationException */ public void initializeContext(Map<String, ? extends Object> params); Modified: ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ServiceDispatcher.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ServiceDispatcher.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ServiceDispatcher.java (original) +++ ofbiz/branches/executioncontext20090812/framework/service/src/org/ofbiz/service/ServiceDispatcher.java Mon Aug 17 21:18:51 2009 @@ -18,16 +18,20 @@ *******************************************************************************/ package org.ofbiz.service; +import static org.ofbiz.api.authorization.BasicPermissions.Access; + import java.util.List; import java.util.Locale; import java.util.Map; + import javax.transaction.Transaction; import javolution.util.FastList; import javolution.util.FastMap; -import org.ofbiz.base.config.GenericConfigException; +import org.ofbiz.api.authorization.AccessController; import org.ofbiz.api.context.ExecutionContextFactory; +import org.ofbiz.base.config.GenericConfigException; import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralRuntimeException; import org.ofbiz.base.util.UtilMisc; @@ -42,6 +46,7 @@ import org.ofbiz.entity.transaction.DebugXaResource; import org.ofbiz.entity.transaction.GenericTransactionException; import org.ofbiz.entity.transaction.TransactionUtil; +import org.ofbiz.security.AuthorizationManager; import org.ofbiz.security.Security; import org.ofbiz.security.SecurityConfigurationException; import org.ofbiz.security.SecurityFactory; @@ -77,7 +82,7 @@ protected GenericDelegator delegator = null; protected GenericEngineFactory factory = null; protected Authorization authz = null; - protected Security security = null; + protected AuthorizationManager security = null; protected Map<String, DispatchContext> localContext = null; protected Map<String, List<GenericServiceCallback>> callbacks = null; protected JobManager jm = null; @@ -300,13 +305,17 @@ } catch (Exception e) { throw new GenericServiceException(e); } - executionContext.initializeContext(context); context.put("executionContext", executionContext); } + executionContext.initializeContext(context); + executionContext.setDelegator(this.delegator); + executionContext.setSecurity(this.security); executionContext.pushExecutionArtifact(modelService); // start the transaction boolean beganTrans = false; try { + AccessController accessController = executionContext.getAccessController(); + accessController.checkPermission(Access); //Debug.logInfo("=========================== " + modelService.name + " 1 tx status =" + TransactionUtil.getStatusString() + ", modelService.requireNewTransaction=" + modelService.requireNewTransaction + ", modelService.useTransaction=" + modelService.useTransaction + ", TransactionUtil.isTransactionInPlace()=" + TransactionUtil.isTransactionInPlace(), module); if (modelService.useTransaction) { if (TransactionUtil.isTransactionInPlace()) { Modified: ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java (original) +++ ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java Mon Aug 17 21:18:51 2009 @@ -42,7 +42,7 @@ import org.ofbiz.entity.GenericValue; import org.ofbiz.entity.transaction.GenericTransactionException; import org.ofbiz.entity.transaction.TransactionUtil; -import org.ofbiz.security.Security; +import org.ofbiz.security.AuthorizationManager; import org.ofbiz.security.authz.Authorization; import org.ofbiz.service.ExecutionContext; import org.ofbiz.service.LocalDispatcher; @@ -191,9 +191,9 @@ } request.setAttribute("authz", authz); // maybe we should also add the value to 'security' - Security security = (Security) session.getAttribute("security"); + AuthorizationManager security = (AuthorizationManager) session.getAttribute("security"); if (security == null) { - security = (Security) getServletContext().getAttribute("security"); + security = (AuthorizationManager) getServletContext().getAttribute("security"); } if (security == null) { Debug.logError("[ControlServlet] ERROR: security not found in ServletContext", module); Modified: ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/form/ModelForm.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/form/ModelForm.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/form/ModelForm.java (original) +++ ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/form/ModelForm.java Mon Aug 17 21:18:51 2009 @@ -18,6 +18,8 @@ *******************************************************************************/ package org.ofbiz.widget.form; +import static org.ofbiz.api.authorization.BasicPermissions.View; + import java.io.IOException; import java.util.ArrayList; import java.util.Collection; @@ -34,6 +36,7 @@ import javolution.util.FastMap; import javolution.util.FastSet; +import org.ofbiz.api.authorization.AccessController; import org.ofbiz.api.context.ExecutionArtifact; import org.ofbiz.base.util.BshUtil; import org.ofbiz.base.util.Debug; @@ -784,6 +787,8 @@ public void renderFormString(Appendable writer, Map<String, Object> context, FormStringRenderer formStringRenderer) throws IOException { ExecutionContext executionContext = (ExecutionContext) context.get("executionContext"); executionContext.pushExecutionArtifact(this); + AccessController accessController = executionContext.getAccessController(); + accessController.checkPermission(View); runFormActions(context); setWidgetBoundaryComments(context); Modified: ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java (original) +++ ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java Mon Aug 17 21:18:51 2009 @@ -18,6 +18,8 @@ *******************************************************************************/ package org.ofbiz.widget.screen; +import static org.ofbiz.api.authorization.BasicPermissions.*; + import java.io.Serializable; import java.util.Collection; import java.util.List; @@ -26,6 +28,7 @@ import javolution.util.FastSet; +import org.ofbiz.api.authorization.AccessController; import org.ofbiz.api.context.ExecutionArtifact; import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.GeneralException; @@ -349,6 +352,8 @@ public void renderScreenString(Appendable writer, Map<String, Object> context, ScreenStringRenderer screenStringRenderer) throws ScreenRenderException { ExecutionContext executionContext = (ExecutionContext) context.get("executionContext"); executionContext.pushExecutionArtifact(this); + AccessController accessController = executionContext.getAccessController(); + accessController.checkPermission(View); // make sure the "null" object is in there for entity ops context.put("null", EntityFactory.NULL_FIELD); Modified: ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java?rev=805146&r1=805145&r2=805146&view=diff ============================================================================== --- ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java (original) +++ ofbiz/branches/executioncontext20090812/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java Mon Aug 17 21:18:51 2009 @@ -48,6 +48,7 @@ import org.ofbiz.entity.GenericDelegator; import org.ofbiz.entity.GenericValue; import org.ofbiz.security.Security; +import org.ofbiz.security.SecurityConfigurationException; import org.ofbiz.security.authz.Authorization; import org.ofbiz.service.DispatchContext; import org.ofbiz.service.ExecutionContext; @@ -207,7 +208,11 @@ context.put("timeZone", UtilHttp.getTimeZone(request)); ExecutionContext executionContext = (ExecutionContext) request.getAttribute("executionContext"); - executionContext.initializeContext(context); + try { + executionContext.initializeContext(context); + } catch (Exception e) { + Debug.logError(e, module); + } context.put("executionContext", executionContext); // ========== setup values that are specific to OFBiz webapps |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |