svn commit: r898965 - in /ofbiz/branches/executionconte
Locked
svn commit: r898965 - in /ofbiz/branches/executionconte
 
|
Author: adrianc
Date: Wed Jan 13 22:06:46 2010 New Revision: 898965 URL: http://svn.apache.org/viewvc?rev=898965&view=rev Log: Implemented permission filters. Added a user group to the Example component. Main navigation is controlled by the new security design. Added: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java (with props) Modified: ofbiz/branches/executioncontext20091231/BranchReadMe.txt ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl Modified: ofbiz/branches/executioncontext20091231/BranchReadMe.txt URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/BranchReadMe.txt?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/BranchReadMe.txt (original) +++ ofbiz/branches/executioncontext20091231/BranchReadMe.txt Wed Jan 13 22:06:46 2010 @@ -1,6 +1,13 @@ ExecutionContext and Security-Aware Artifacts Notes --------------------------------------------------- +2010-01-13: The main navigation is controlled by the new +security design. I created a new class - ContextUtil.java - +to hold utility methods. Those methods can be moved to +other components when the branch is merged into the trunk. + +--------------------------------------------------- + 2010-01-11: The ExecutionContext implementation is fairly complete. The security-aware artifacts implementation is mostly complete Modified: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java (original) +++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java Wed Jan 13 22:06:46 2010 @@ -18,6 +18,7 @@ *******************************************************************************/ package org.ofbiz.api.context; +import java.util.List; import java.util.Locale; import java.util.Map; import java.util.TimeZone; @@ -38,6 +39,10 @@ } }; + public static <E> List<E> applyFilters(List<E> list) { + return executionContext.get().getAccessController().applyFilters(list); + } + public static void endRunUnprotected() { executionContext.get().endRunUnprotected(); } Modified: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java (original) +++ ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java Wed Jan 13 22:06:46 2010 @@ -29,27 +29,31 @@ import org.ofbiz.api.authorization.AccessController; import org.ofbiz.api.context.ArtifactPath; import org.ofbiz.base.util.Debug; +import org.ofbiz.base.util.UtilGenerics; import org.ofbiz.base.util.UtilProperties; import org.ofbiz.entity.util.EntityListIterator; import org.ofbiz.service.DispatchContext; +import org.ofbiz.service.GenericServiceException; import org.ofbiz.service.LocalDispatcher; import org.ofbiz.service.ModelService; import org.ofbiz.service.ThreadContext; +import org.ofbiz.service.ServiceUtil; /** An implementation of the <code>AccessController</code> interface. */ public class AccessControllerImpl implements AccessController { public static final String module = AccessControllerImpl.class.getName(); - protected final OFBizPermission permission; - protected final PermissionsGatherer permissionsGatherer; + /** + * The root node of the current user's permission tree. + */ + protected final PathNode node; // Temporary - will be removed later protected boolean verbose = false; protected boolean disabled = false; protected AccessControllerImpl(PathNode node) { - this.permission = new OFBizPermission(ThreadContext.getUserLogin().getString("userLoginId")); - this.permissionsGatherer = new PermissionsGatherer(node, this.permission); + this.node = node; this.verbose = "true".equals(UtilProperties.getPropertyValue("api.properties", "authorizationManager.verbose")); this.disabled = "true".equals(UtilProperties.getPropertyValue("api.properties", "authorizationManager.disabled")); if (this.verbose) { @@ -57,9 +61,56 @@ } } + /** Applies permission filters to a <code>List</code>. The + * returned <code>List</code> will contain only the objects + * the user has permission to access. + * + * <p>This implementation invokes the specified service + * with the list as a parameter called <code>candidateList</code>. + * The service must return a <code>List</code> called + * <code>candidateList</code>. The service returns only + * those list elements the user is permitted to access.</p> + * + * @param list The <code>List</code> to apply filters to + * @return A security-aware <code>List</code> if filters + * were specified for the current artifact, or the original + * <code>List</code> otherwise + */ public <E> List<E> applyFilters(List<E> list) { - if (this.permission.getFilterNames().size() > 0) { - return new SecurityAwareList<E>(list, this.permission.getFilterNames()); + OFBizPermission permission = new OFBizPermission("applyFilters"); + PermissionsGatherer permissionsGatherer = new PermissionsGatherer(this.node, permission); + permissionsGatherer.gatherPermissions(new ArtifactPath(ThreadContext.getExecutionPathAsArray())); + if (permission.getFilterNames().size() > 0) { + try { + LocalDispatcher dispatcher = ThreadContext.getDispatcher(); + DispatchContext ctx = dispatcher.getDispatchContext(); + Map<String, ? extends Object> params = ThreadContext.getParameters(); + for (String serviceName : permission.getFilterNames()) { + Debug.logInfo("Applying filter service: " + serviceName, module); + ModelService modelService = ctx.getModelService(serviceName); + Map<String, Object> context = FastMap.newInstance(); + if (params != null) { + context.putAll(params); + } + if (!context.containsKey("userLogin")) { + context.put("userLogin", ThreadContext.getUserLogin()); + } + if (!context.containsKey("locale")) { + context.put("locale", ThreadContext.getLocale()); + } + if (!context.containsKey("timeZone")) { + context.put("timeZone", ThreadContext.getTimeZone()); + } + context.put("candidateList", list); + context = modelService.makeValid(context, ModelService.IN_PARAM); + Map<String, Object> result = dispatcher.runSync(serviceName, context); + if (ServiceUtil.isSuccess(result)) { + list = UtilGenerics.cast(result.get("candidateList")); + } + } + } catch (GenericServiceException e) { + Debug.logError(e, module); + } } return list; } @@ -69,8 +120,11 @@ // Decorating the EntityListIterator breaks a lot of code. return listIterator; } - if (this.permission.getFilterNames().size() > 0) { - return new SecurityAwareListIterator<E>(listIterator, this.permission.getFilterNames()); + OFBizPermission permission = new OFBizPermission("applyFilters"); + PermissionsGatherer permissionsGatherer = new PermissionsGatherer(this.node, permission); + permissionsGatherer.gatherPermissions(new ArtifactPath(ThreadContext.getExecutionPathAsArray())); + if (permission.getFilterNames().size() > 0) { + return new SecurityAwareListIterator<E>(listIterator, permission.getFilterNames()); } return listIterator; } @@ -79,15 +133,37 @@ checkPermission(permission, new ArtifactPath(ThreadContext.getExecutionPathAsArray())); } - protected boolean hasServicePermission() { + @Override + public void checkPermission(Permission permission, ArtifactPath artifactPath) throws AccessControlException { + if (this.verbose) { + Debug.logInfo("Checking permission: " + artifactPath + "[" + permission + "]", module); + } + OFBizPermission gatheredPermissions = new OFBizPermission("checkPermission"); + PermissionsGatherer permissionsGatherer = new PermissionsGatherer(this.node, gatheredPermissions); + permissionsGatherer.gatherPermissions(artifactPath); + if (this.verbose) { + Debug.logInfo("Found permission(s): " + ThreadContext.getUserLogin().getString("userLoginId") + + "@" + artifactPath + "[" + gatheredPermissions + "]", module); + } + if (this.disabled) { + return; + } + if (gatheredPermissions.implies(permission) && this.hasServicePermission(gatheredPermissions)) { + return; + } + throw new AccessControlException(ThreadContext.getUserLogin().getString("userLoginId") + + "@" + artifactPath + "[" + permission + "]"); + } + + protected boolean hasServicePermission(OFBizPermission permission) { try { - if (this.permission.getServiceNames().size() == 0) { + if (permission.getServiceNames().size() == 0) { return true; } LocalDispatcher dispatcher = ThreadContext.getDispatcher(); DispatchContext ctx = dispatcher.getDispatchContext(); Map<String, ? extends Object> params = ThreadContext.getParameters(); - for (String serviceName : this.permission.getServiceNames()) { + for (String serviceName : permission.getServiceNames()) { ModelService modelService = ctx.getModelService(serviceName); Map<String, Object> context = FastMap.newInstance(); if (params != null) { @@ -114,24 +190,4 @@ } return true; } - - @Override - public void checkPermission(Permission permission, ArtifactPath artifactPath) throws AccessControlException { - if (this.verbose) { - Debug.logInfo("Checking permission: " + artifactPath + "[" + permission + "]", module); - } - this.permissionsGatherer.gatherPermissions(artifactPath); - if (this.verbose) { - Debug.logInfo("Found permission(s): " + ThreadContext.getUserLogin().getString("userLoginId") + - "@" + artifactPath + "[" + this.permission + "]", module); - } - if (this.disabled) { - return; - } - if (this.permission.implies(permission) && this.hasServicePermission()) { - return; - } - throw new AccessControlException(ThreadContext.getUserLogin().getString("userLoginId") + - "@" + artifactPath + "[" + permission + "]"); - } } Added: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java?rev=898965&view=auto ============================================================================== --- ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java (added) +++ ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java Wed Jan 13 22:06:46 2010 @@ -0,0 +1,57 @@ +/******************************************************************************* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + *******************************************************************************/ +package org.ofbiz.context; + +import static org.ofbiz.api.authorization.BasicPermissions.Access; + +import java.util.List; + +import javolution.util.FastList; + +import org.ofbiz.api.authorization.AccessController; +import org.ofbiz.api.context.ArtifactPath; +import org.ofbiz.api.context.ThreadContext; +import org.ofbiz.base.component.ComponentConfig; +import org.ofbiz.base.component.ComponentConfig.WebappInfo; + +/** + * ExecutionContext utility methods. + * + */ +public class ContextUtil { + + public static List<WebappInfo> getAppBarWebInfos(String serverName, String menuName) { + List<WebappInfo> webInfos = ComponentConfig.getAppBarWebInfos(serverName, menuName); + String [] pathArray = {ArtifactPath.PATH_ROOT_NODE_NAME, null}; + ArtifactPath artifactPath = new ArtifactPath(pathArray); + AccessController accessController = ThreadContext.getAccessController(); + List<WebappInfo> resultList = FastList.newInstance(); + for (WebappInfo webAppInfo : webInfos) { + pathArray[1] = webAppInfo.getContextRoot().replace("/", ""); + artifactPath.saveState(); + try { + accessController.checkPermission(Access, artifactPath); + resultList.add(webAppInfo); + } catch (Exception e) {} + artifactPath.restoreState(); + } + return resultList; + } + +} Propchange: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java ------------------------------------------------------------------------------ svn:keywords = "Date Rev Author URL Id" Propchange: ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java ------------------------------------------------------------------------------ svn:mime-type = text/plain Modified: ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml (original) +++ ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml Wed Jan 13 22:06:46 2010 @@ -18,21 +18,25 @@ under the License. --> <entity-engine-xml> + <!-- Example security --> <ArtifactPath artifactPath="ofbiz/example" description="Example Application"/> <ArtifactPath artifactPath="ofbiz/exampleext" description="Extended Example Application"/> + <UserGroup groupId="EXAMPLE_USERS" description="Example Application Users"/> + <UserGrpToArtifactPermRel groupId="EXAMPLE_USERS" artifactPath="ofbiz/example" permissionValue="access=true"/> + <UserGrpToArtifactPermRel groupId="EXAMPLE_USERS" artifactPath="ofbiz/example" permissionValue="view=true"/> + <UserGrpToArtifactPermRel groupId="EXAMPLE_USERS" artifactPath="ofbiz/example" permissionValue="create=true"/> + <UserGrpToArtifactPermRel groupId="EXAMPLE_USERS" artifactPath="ofbiz/example" permissionValue="update=true"/> <!-- Data needed to demonstrate the security-aware artifacts. This is temporary - it will not be included in the project. --> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example" permissionValue="access=true"/> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example" permissionValue="view=true"/> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example" permissionValue="create=true"/> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example" permissionValue="update=true"/> + + <UserToUserGroupRel userLoginId="artifact-user" groupId="EXAMPLE_USERS"/> <ArtifactPath artifactPath="ofbiz/example/*/anotherDate" description="Example Application - 'anotherDate' field"/> <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example/*/anotherDate" permissionValue="view=false"/> - <ArtifactPath artifactPath="ofbiz/example/*/appbar"/> - <ArtifactPath artifactPath="ofbiz/example/*/appbar/example"/> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example/*/appbar" permissionValue="view=false"/> - <UserToArtifactPermRel userLoginId="artifact-user" artifactPath="ofbiz/example/*/appbar/example" permissionValue="view=true"/> + + <!-- artifact-user is a member of the EXAMPLE_USERS group, so the user inherits all + of the permissions assigned to that group. In addition, artifact-user is assigned + a permission value that denies access to the 'anotherDate' field. --> </entity-engine-xml> Modified: ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl Wed Jan 13 22:06:46 2010 @@ -20,7 +20,7 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "main")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "main")> <#if userLogin?has_content> <div id="main-nav"> @@ -30,19 +30,7 @@ <li><h4>${uiLabelMap.CommonPrimaryApps}</h4></li> <#list displayApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session)> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <@ofbizSecurity permission="view" artifactId=thisApp> - <#assign permission = true> - </@ofbizSecurity> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -59,7 +47,6 @@ <#else> <li><a href="${thisURL + externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}">${display.title}</#if></a></li> </#if> - </#if> </#list> </ul> Modified: ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl Wed Jan 13 22:06:46 2010 @@ -22,26 +22,13 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "secondary")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "secondary")> <#if userLogin?has_content> <ul> <li><h4>${uiLabelMap.CommonSecondaryApps}</h4></li> <#list displayApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> - <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session)> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <@ofbizSecurity permission="view" artifactId=thisApp> - <#assign permission = true> - </@ofbizSecurity> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -50,7 +37,6 @@ <#assign thisURL = thisURL + "/control/main"> </#if> <li><a<#if selected> class="current-section"</#if> href="${thisURL}${externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}"> ${display.title}</#if></a></li> - </#if> </#list> </ul> </#if> \ No newline at end of file Modified: ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl Wed Jan 13 22:06:46 2010 @@ -20,7 +20,7 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "main")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "main")> <#assign showBreadcrumbs = true> Modified: ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl Wed Jan 13 22:06:46 2010 @@ -21,8 +21,8 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "main")> -<#assign displaySecondaryApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "secondary")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "main")> +<#assign displaySecondaryApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "secondary")> <#assign appModelMenu = Static["org.ofbiz.widget.menu.MenuFactory"].getMenuFromLocation(applicationMenuLocation,applicationMenuName,delegator,dispatcher)> <#if appModelMenu.getModelMenuItemByName(headerItem)?exists> @@ -41,16 +41,7 @@ <#-- Primary Applications --> <#list displayApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if (perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session) && !authz.hasPermission(session, perm, requestParameters))> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -66,23 +57,13 @@ <#else> <li <#if selected>class="selected"</#if>><a href="${thisURL + externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}">${display.title}</#if></a></li> </#if> - </#if> </#list> </ul></li> <li><ul class="secondary"> <#-- Secondary Applications --> <#list displaySecondaryApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if (perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session) && !authz.hasPermission(session, perm, requestParameters))> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -98,7 +79,6 @@ <#else> <li <#if selected>class="selected"</#if>><a href="${thisURL + externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}">${display.title}</#if></a></li> </#if> - </#if> </#list> </ul> </li> Modified: ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl Wed Jan 13 22:06:46 2010 @@ -21,23 +21,14 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "main")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "main")> <#if userLogin?has_content> <div id="main-navigation"> <ul> <#list displayApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if (perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session) && !authz.hasPermission(session, perm, requestParameters))> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -53,7 +44,6 @@ <#else> <li<#if selected> class="selected"</#if>><a href="${thisURL}${externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}">${display.title}</#if></a></li> </#if> - </#if> </#list> </ul> <br class="clear"/> Modified: ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl?rev=898965&r1=898964&r2=898965&view=diff ============================================================================== --- ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl (original) +++ ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl Wed Jan 13 22:06:46 2010 @@ -23,23 +23,14 @@ <#if (externalLoginKey)?exists><#assign externalKeyParam = "?externalLoginKey=" + requestAttributes.externalLoginKey?if_exists></#if> <#assign ofbizServerName = application.getAttribute("_serverId")?default("default-server")> <#assign contextPath = request.getContextPath()> -<#assign displayApps = Static["org.ofbiz.base.component.ComponentConfig"].getAppBarWebInfos(ofbizServerName, "secondary")> +<#assign displayApps = Static["org.ofbiz.context.ContextUtil"].getAppBarWebInfos(ofbizServerName, "secondary")> <#if userLogin?has_content> <center> <div id="secondary-navigation"> <#list displayApps as display> <#assign thisApp = display.getContextRoot()> - <#assign permission = true> <#assign selected = false> - <#assign permissions = display.getBasePermission()> - <#list permissions as perm> - <#if (perm != "NONE" && !security.hasEntityPermission(perm, "_VIEW", session) && !authz.hasPermission(session, perm, requestParameters))> - <#-- User must have ALL permissions in the base-permission list --> - <#assign permission = false> - </#if> - </#list> - <#if permission == true> <#if thisApp == contextPath || contextPath + "/" == thisApp> <#assign selected = true> </#if> @@ -48,7 +39,6 @@ <#assign thisURL = thisURL + "/control/main"> </#if> <a<#if selected> class="selected"</#if> href="${thisURL}${externalKeyParam}" <#if uiLabelMap?exists> title="${uiLabelMap[display.description]}">${uiLabelMap[display.title]}<#else> title="${display.description}"> ${display.title}</#if></a> - </#if> </#list> </div> </center> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |