Author: adrianc
Date: Fri Jan 1 00:38:52 2010
New Revision: 894961
URL: http://svn.apache.org/viewvc?rev=894961&view=rev
Log:
Ported over the security-aware artifacts code from the executioncontext20090812 branch.
Added:
ofbiz/branches/executioncontext20091231/BranchReadMe.txt (with props)
ofbiz/branches/executioncontext20091231/framework/api/
ofbiz/branches/executioncontext20091231/framework/api/build.xml
ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/
ofbiz/branches/executioncontext20091231/framework/api/src/org/
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/GenericExecutionArtifact.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/GenericParametersArtifact.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ParametersArtifact.java (with props)
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/
ofbiz/branches/executioncontext20091231/framework/context/build.xml
ofbiz/branches/executioncontext20091231/framework/context/lib/
ofbiz/branches/executioncontext20091231/framework/context/ofbiz-component.xml
ofbiz/branches/executioncontext20091231/framework/context/src/
ofbiz/branches/executioncontext20091231/framework/context/src/org/
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/PathNode.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareEli.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareIterator.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareList.java (with props)
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareListIterator.java (with props)
ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/ExecutionContext.java (with props)
ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/ThreadContext.java (with props)
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ExecutionContext.java (with props)
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ThreadContext.java (with props)
ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/data/
ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/data/HhFacilitySecurityData.xml (with props)
Modified:
ofbiz/branches/executioncontext20091231/.classpath
ofbiz/branches/executioncontext20091231/applications/accounting/build.xml
ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/content/build.xml
ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml
ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/marketing/build.xml
ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/order/build.xml
ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/party/build.xml
ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml
ofbiz/branches/executioncontext20091231/applications/product/build.xml
ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml
ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml
ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml
ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml
ofbiz/branches/executioncontext20091231/framework/bi/build.xml
ofbiz/branches/executioncontext20091231/framework/build.xml
ofbiz/branches/executioncontext20091231/framework/common/build.xml
ofbiz/branches/executioncontext20091231/framework/common/src/org/ofbiz/common/login/LoginServices.java
ofbiz/branches/executioncontext20091231/framework/component-load.xml
ofbiz/branches/executioncontext20091231/framework/entity/build.xml
ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/GenericDelegator.java
ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/GenericEntity.java
ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/model/ModelEntity.java
ofbiz/branches/executioncontext20091231/framework/entityext/build.xml
ofbiz/branches/executioncontext20091231/framework/entityext/src/org/ofbiz/entityext/data/EntityDataLoadContainer.java
ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
ofbiz/branches/executioncontext20091231/framework/minilang/build.xml
ofbiz/branches/executioncontext20091231/framework/security/build.xml
ofbiz/branches/executioncontext20091231/framework/security/config/security.xml
ofbiz/branches/executioncontext20091231/framework/security/data/SecurityData.xml
ofbiz/branches/executioncontext20091231/framework/security/entitydef/entitymodel.xml
ofbiz/branches/executioncontext20091231/framework/security/src/org/ofbiz/security/authz/AuthorizationFactory.java
ofbiz/branches/executioncontext20091231/framework/service/build.xml
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ModelService.java
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ServiceDispatcher.java
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/job/GenericServiceJob.java
ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/job/JobPoller.java
ofbiz/branches/executioncontext20091231/framework/webapp/build.xml
ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
ofbiz/branches/executioncontext20091231/framework/webtools/build.xml
ofbiz/branches/executioncontext20091231/framework/webtools/data/WebtoolsSecurityData.xml
ofbiz/branches/executioncontext20091231/framework/widget/build.xml
ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/form/ModelForm.java
ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java
ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java
ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java
ofbiz/branches/executioncontext20091231/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/cmssite/data/CmsSiteDemoData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/ebay/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/ebay/data/EbaySecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/DemoOrderPeopleData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/DemoPurchasing.xml
ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/EcommerceTypeData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/googlebase/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/googlebase/data/GoogleBaseSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/googlecheckout/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/googlecheckout/data/GoogleCheckoutSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/ofbiz-component.xml
ofbiz/branches/executioncontext20091231/specialpurpose/myportal/data/MyPortalSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/oagis/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/oagis/data/OagisSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/pos/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/pos/data/DemoRetail.xml
ofbiz/branches/executioncontext20091231/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
ofbiz/branches/executioncontext20091231/specialpurpose/webpos/build.xml
ofbiz/branches/executioncontext20091231/specialpurpose/webpos/data/DemoPosData.xml
ofbiz/branches/executioncontext20091231/themes/bizznesstime/data/BizznessTimeThemeData.xml
ofbiz/branches/executioncontext20091231/themes/bluelight/data/BlueLightThemeData.xml
ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/data/DroppingCrumbsThemeData.xml
ofbiz/branches/executioncontext20091231/themes/flatgrey/data/FlatGreyThemeData.xml
ofbiz/branches/executioncontext20091231/themes/multiflex/data/MultiflexThemeData.xml
Modified: ofbiz/branches/executioncontext20091231/.classpath
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/.classpath?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/.classpath (original)
+++ ofbiz/branches/executioncontext20091231/.classpath Fri Jan 1 00:38:52 2010
@@ -180,11 +180,13 @@
<classpathentry kind="src" path="applications/product/src" excluding="ShipmentScaleApplet.java"/>
<classpathentry kind="src" path="applications/securityext/src" excluding="org/ofbiz/securityext/thirdparty/truition/TruitionCoReg.java"/>
<classpathentry kind="src" path="applications/workeffort/src"/>
+ <classpathentry kind="src" path="framework/api/src"/>
<classpathentry kind="src" path="framework/appserver/src"/>
<classpathentry kind="src" path="framework/base/src" excluding="org/ofbiz/base/config/CoberturaInstrumenter.java"/>
<classpathentry kind="src" path="framework/bi/src"/>
<classpathentry kind="src" path="framework/catalina/src"/>
<classpathentry kind="src" path="framework/common/src"/>
+ <classpathentry kind="src" path="framework/context/src"/>
<classpathentry kind="src" path="framework/datafile/src"/>
<classpathentry kind="src" path="framework/entity/src" excluding="org/ofbiz/entity/connection/XaPoolConnectionFactory.java"/>
<classpathentry kind="src" path="framework/entityext/src"/>
Added: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/BranchReadMe.txt?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/BranchReadMe.txt (added)
+++ ofbiz/branches/executioncontext20091231/BranchReadMe.txt Fri Jan 1 00:38:52 2010
@@ -0,0 +1,65 @@
+ExecutionContext and Security-Aware Artifacts Notes
+---------------------------------------------------
+
+2009-12-31: I put this text file in the branch as a means
+of keeping anyone who is interested updated on the progress
+of the branch.
+
+This branch is an implementation of the Security-Aware Artifacts
+design document -
+
+http://cwiki.apache.org/confluence/display/OFBTECH/OFBiz+Security+Redesign
+
+and it is a work in progress.
+
+The ExecutionContext interface is
+scattered across several components due to the cross-dependency
+or circular-dependency issue. Cross-dependency is when Class
+A references Class B, and Class B references Class A, and both
+classes are in separate components. There is no way to get them
+to compile. The problem is compounded in ExecutionContext because
+it references 3 or 4 components.
+
+The workaround I came up with was to have the lowest level methods
+declared in the api component, then have each component extend
+the interface and add their methods. It's not pretty, but it works.
+
+This is where you can find the interfaces:
+
+org.ofbiz.api.context.ExecutionContext
+ org.ofbiz.entity.ExecutionContext
+ org.ofbiz.service.ExecutionContext
+
+When the cross-dependency issues are solved, all of the extended
+interfaces will be consolidated into one.
+
+The interface implementations can be found in the context component.
+
+The ultimate goal of ExecutionContext is to have all client code
+get the contained objects from ExecutionContext only - instead of
+getting them from the various classes now in use. This initial
+implementation focuses more on the ExecutionContext's role as
+a means of tracking the execution path - which is needed for the
+security-aware artifacts.
+
+The AuthorizationManager and AccessController interfaces are based
+on the java.security.* classes, and they are intended to be
+implementation-agnostic. OFBiz will have an implementation based
+on the entity engine, but the goal is to be able to swap out that
+implementation with another.
+
+If you want to see the ExecutionContext and AccessController in
+action, change the settings in api.properties. You will see info
+messages in the console log.
+
+I added a security-aware Freemarker transform. Template
+sections can be controlled with:
+
+<@ofbizSecurity permission="view" artifactId="thisTemplate">Some text</@ofbizSecurity>
+
+If the user has permission to view the artifact, then "Some text"
+will be rendered.
+
+The Authorization Manager is mostly working. Filtering
+EntityListIterator values is not implemented due to architectural
+problems.
Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: ofbiz/branches/executioncontext20091231/applications/accounting/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/accounting/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/accounting/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/accounting/build.xml Fri Jan 1 00:38:52 2010
@@ -30,6 +30,7 @@
<property name="ofbiz.home.dir" value="../.."/>
<path id="local.class.path">
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -130,4 +130,16 @@
<SecurityGroupPermission groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_UPDATE"/>
<SecurityGroupPermission groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_VIEW"/>
+ <ArtifactPath artifactPath="ofbiz/accounting" description="Accounting Application"/>
+ <ArtifactPath artifactPath="ofbiz/ap" description="Accounts Payable Application"/>
+ <ArtifactPath artifactPath="ofbiz/ar" description="Accounts Receivable Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/accounting" permissionValue="admin=true"/>
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ap" permissionValue="admin=true"/>
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ar" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/content/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/content/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/content/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/content/build.xml Fri Jan 1 00:38:52 2010
@@ -32,6 +32,7 @@
<path id="local.class.path">
<fileset dir="${lib.dir}" includes="*.jar"/>
<fileset dir="${lib.dir}/uno" includes="*.jar"/>
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -47,4 +47,13 @@
<SecurityPermission description="Send to the Control Applet." permissionId="SEND_CONTROL_APPLET"/>
<SecurityGroupPermission groupId="FULLADMIN" permissionId="SEND_CONTROL_APPLET"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SEND_CONTROL_APPLET"/>
+
+ <ArtifactPath artifactPath="ofbiz/content" description="Content Manager Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/content" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -30,4 +30,13 @@
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="HUMANRES_ADMIN"/>
+
+ <ArtifactPath artifactPath="ofbiz/humanres" description="Human Resources Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/humanres" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml Fri Jan 1 00:38:52 2010
@@ -31,6 +31,7 @@
<path id="local.class.path">
<!-- <fileset dir="${lib.dir}" includes="*.jar"/> -->
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
<fileset dir="../../framework/base/build/lib" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -32,4 +32,13 @@
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="MANUFACTURING_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="MANUFACTURING_VIEW"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="MANUFACTURING_ADMIN"/>
+
+ <ArtifactPath artifactPath="ofbiz/manufacturing" description="Manufacturing Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/manufacturing" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/marketing/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/marketing/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/marketing/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/marketing/build.xml Fri Jan 1 00:38:52 2010
@@ -30,6 +30,7 @@
<property name="ofbiz.home.dir" value="../.."/>
<path id="local.class.path">
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
<fileset dir="../../framework/base/build/lib" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -50,6 +50,15 @@
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SFA_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="SFA_VIEW"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="SFA_ADMIN"/>
-
+
+ <ArtifactPath artifactPath="ofbiz/marketing" description="Marketing Application"/>
+ <ArtifactPath artifactPath="ofbiz/SalesForceAutomation" description="Sales Force Automation Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/marketing" permissionValue="admin=true"/>
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/SalesForceAutomation" permissionValue="admin=true"/>
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/order/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/order/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/order/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/order/build.xml Fri Jan 1 00:38:52 2010
@@ -31,6 +31,7 @@
<path id="local.class.path">
<!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -146,4 +146,13 @@
<SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="ORDERMGR_SEND_CONFIRMATION"/>
<SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="ORDERMGR_CRQ_CREATE"/>
+
+ <ArtifactPath artifactPath="ofbiz/order" description="Order Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/order" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/party/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/party/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/party/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/party/build.xml Fri Jan 1 00:38:52 2010
@@ -31,6 +31,7 @@
<path id="local.class.path">
<!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
<fileset dir="../../framework/base/build/lib" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml Fri Jan 1 00:38:52 2010
@@ -92,4 +92,12 @@
<SecurityGroup description="Security Admin group, has all permissions to modify security settings in party manager." groupId="SECURITYADMIN"/>
<SecurityGroupPermission groupId="SECURITYADMIN" permissionId="SECURITY_ADMIN"/>
+ <ArtifactPath artifactPath="ofbiz/party" description="Party Manager Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/party" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/product/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/product/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/product/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/product/build.xml Fri Jan 1 00:38:52 2010
@@ -31,6 +31,7 @@
<path id="local.class.path">
<!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -92,4 +92,15 @@
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="FACILITY_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="FACILITY_VIEW"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="FACILITY_ADMIN"/>
+
+ <ArtifactPath artifactPath="ofbiz/catalog" description="Catalog Manager Application"/>
+ <ArtifactPath artifactPath="ofbiz/facility" description="Facility Manager Application"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/catalog" permissionValue="admin=true"/>
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/facility" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml Fri Jan 1 00:38:52 2010
@@ -86,4 +86,15 @@
<UserLoginSecurityGroup groupId="VIEWADMIN" userLoginId="ltdadmin1" fromDate="2001-01-01 12:00:00.0"/>
<UserLoginSecurityGroup groupId="BIZADMIN" userLoginId="bizadmin" fromDate="2001-01-01 12:00:00.0"/>
+ <UserToUserGroupRel userLoginId="anonymous" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="system" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="admin" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="flexadmin" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="demoadmin" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="ltdadmin" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="ltdadmin1" groupId="OFBIZ_USERS"/>
+ <UserToUserGroupRel userLoginId="bizadmin" groupId="OFBIZ_USERS"/>
+
+ <UserToArtifactPermRel userLoginId="admin" artifactPath="ofbiz" permissionValue="admin=true"/>
+
</entity-engine-xml>
Modified: ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml Fri Jan 1 00:38:52 2010
@@ -31,6 +31,7 @@
<path id="local.class.path">
<!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+ <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib" includes="*.jar"/>
<fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
<fileset dir="../../framework/base/lib/scripting" includes="*.jar"/>
Modified: ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml Fri Jan 1 00:38:52 2010
@@ -48,4 +48,15 @@
<SecurityGroupPermission groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_UPDATE"/>
<SecurityGroupPermission groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_DELETE"/>
+ <ArtifactPath artifactPath="ofbiz/workeffort" description="Work Effort Application"/>
+ <ArtifactPath artifactPath="ofbiz/ical" description="iCalendar Public URL"/>
+ <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/ical" permissionValue="view=true"/>
+
+ <!-- Data needed for the transition to security-aware artifacts. As each webapp
+ is converted over to the new security design, the corresponding admin
+ permission should be removed. -->
+
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/workeffort" permissionValue="admin=true"/>
+ <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ical" permissionValue="admin=true"/>
+
</entity-engine-xml>
Added: ofbiz/branches/executioncontext20091231/framework/api/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/build.xml?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/build.xml (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/build.xml Fri Jan 1 00:38:52 2010
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<project name="OFBiz - Framework API" default="jar" basedir=".">
+ <import file="../../common.xml"/>
+
+ <!-- ================================================================== -->
+ <!-- Initialization of all property settings -->
+ <!-- ================================================================== -->
+
+ <property name="name" value="ofbiz-api"/>
+ <property name="ofbiz.home.dir" value="../.."/>
+
+ <path id="local.class.path">
+ <fileset dir="${lib.dir}" includes="*.jar"/>
+ <fileset dir="../base/lib" includes="*.jar"/>
+ <fileset dir="../base/lib/commons" includes="*.jar"/>
+ <fileset dir="../base/lib/j2eespecs" includes="*.jar"/>
+ <fileset dir="../base/lib/scripting" includes="*.jar"/>
+ <fileset dir="../base/build/lib" includes="*.jar"/>
+ </path>
+
+ <!-- ================================================================== -->
+ <!-- Compilation of the source files -->
+ <!-- ================================================================== -->
+
+ <target name="jar" depends="classes">
+ <jar jarfile="${build.dir}/lib/${name}.jar">
+ <fileset dir="${build.dir}/classes"/>
+ <fileset dir="${src.dir}">
+ <include name="**/*.properties,**/*.xml,**/*.bsh,**/*.logic,**/*.js,**/*.jacl,**/*.py"/>
+ <include name="META-INF/**"/>
+ </fileset>
+ <!-- now add the NOTICE and LICENSE files to allow the jar file to be distributed alone -->
+ <zipfileset dir="${ofbiz.home.dir}" prefix="META-INF" includes="NOTICE,LICENSE"/>
+ </jar>
+ </target>
+
+ <!-- ================================================================== -->
+ <!-- Build JavaDoc -->
+ <!-- ================================================================== -->
+
+ <target name="docs" depends="prepare-docs">
+ <javadoc packagenames="org.ofbiz.base.*"
+ classpathref="local.class.path"
+ destdir="${build.dir}/javadocs"
+ Windowtitle="Open for Business - Framework API">
+ <sourcepath path="${src.dir}"/>
+ </javadoc>
+ </target>
+</project>
Added: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml Fri Jan 1 00:38:52 2010
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<ofbiz-component name="api"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/ofbiz-component.xsd">
+ <resource-loader name="main" type="component"/>
+ <classpath type="jar" location="build/lib/*"/>
+ <classpath type="dir" location="config"/>
+ <classpath type="jar" location="lib/*"/>
+</ofbiz-component>
Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.List;
+import java.util.ListIterator;
+
+/** AccessController interface. This interface is intended to
+ * separate the permissions-checking logic from the artifacts
+ * that use it.
+ */
+public interface AccessController {
+
+ /** Returns silently if the user has been granted <code>permission</code>
+ * access for the current artifact, throws <code>AccessControlException</code>
+ * otherwise.<p>Security-aware artifacts call this
+ * method with the desired permission. If access is granted the
+ * method returns, otherwise it throws an unchecked exception.
+ * Higher level code can catch the exception and handle it accordingly.</p>
+ *
+ * @param permission The permission to check
+ * @throws AccessControlException
+ */
+ public void checkPermission(Permission permission) throws AccessControlException;
+
+ /** Applies permission filters to a <code>List</code>. The
+ * returned <code>List</code> is security-aware, so methods
+ * that return an <code>Object</code> will return only the
+ * objects the user has permission to access.
+ *
+ * @param list The <code>List</code> to apply filters to
+ * @return A security-aware <code>List</code> if filters
+ * were specified for the current artifact, or the original
+ * <code>List</code> otherwise
+ */
+ public <E> List<E> applyFilters(List<E> list);
+
+ /** Applies permission filters to a <code>ListIterator</code>. The
+ * returned <code>ListIterator</code> is security-aware, so methods
+ * that return an <code>Object</code> will return only the
+ * objects the user has permission to access.
+ *
+ * @param list The <code>ListIterator</code> to apply filters to
+ * @return A security-aware <code>ListIterator</code> if filters
+ * were specified for the current artifact, or the original
+ * <code>ListIterator</code> otherwise
+ */
+ public <E> ListIterator<E> applyFilters(ListIterator<E> list);
+
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+
+/**
+ * Admin permission class. Extends BasicPermission.
+ */
+@SuppressWarnings("serial")
+public class AdminPermission extends BasicPermission {
+
+ public AdminPermission() {
+ super("admin=true");
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ try {
+ AdminPermission that = (AdminPermission) obj;
+ return this.permissionString.equals(that.permissionString);
+ } catch (Exception e) {}
+ return false;
+ }
+
+ @Override
+ public String getActions() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ return this.permissionString.hashCode();
+ }
+
+ /** Returns <code>true</code> - the admin permission has
+ * no restrictions.
+ *
+ */
+ @Override
+ public boolean implies(Permission permission) {
+ return true;
+ }
+
+ @Override
+ public String toString() {
+ return this.permissionString;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+
+/**
+ * AuthorizationManager interface.
+ */
+public interface AuthorizationManager {
+
+ // Get the access controller for an artifact/user combination
+ public AccessController getAccessController () throws AccessControlException;
+
+ // User methods
+ public void createUser(String userLoginId, String password);
+ public void updateUser(String userLoginId, String password);
+ public void deleteUser(String userLoginId);
+
+ // User Group methods
+ public String createUserGroup(String description);
+ public void updateUserGroup(String userGroupId, String description);
+ public void deleteUserGroup(String userGroupId);
+
+ // User Group Assignment methods
+ public void assignUserToGroup(String userLoginId, String userGroupId);
+ public void deleteUserFromGroup(String userLoginId, String userGroupId);
+ public void assignGroupToGroup(String childGroupId, String parentGroupId);
+ public void deleteGroupFromGroup(String childGroupId, String parentGroupId);
+
+ // Permission Assignment methods
+ public void assignUserPermission(String userLoginId, String artifactId, Permission permission);
+ public void deleteUserPermission(String userLoginId, String artifactId, Permission permission);
+ public void assignGroupPermission(String userGroupId, String artifactId, Permission permission);
+ public void deleteGroupPermission(String userGroupId, String artifactId, Permission permission);
+
+
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,85 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+
+/**
+ * Generic permission class. Similar to java.security.BasicPermission.
+ */
+@SuppressWarnings("serial")
+public class BasicPermission extends Permission {
+
+ protected final String permissionString;
+
+ public BasicPermission(String permissionString) {
+ super(permissionString);
+ this.permissionString = permissionString;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ try {
+ BasicPermission that = (BasicPermission) obj;
+ return this.permissionString.equals(that.permissionString);
+ } catch (Exception e) {}
+ return false;
+ }
+
+ @Override
+ public String getActions() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ return this.permissionString.hashCode();
+ }
+
+ @Override
+ public boolean implies(Permission permission) {
+ try {
+ PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+ for (Permission perm : permissionsUnion.getPermissionsSet()) {
+ if (this.implies(perm)) {
+ return true;
+ }
+ }
+ return false;
+ } catch (Exception e) {}
+ try {
+ PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+ for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+ if (!this.implies(perm)) {
+ return false;
+ }
+ }
+ return true;
+ } catch (Exception e) {}
+ return this.equals(permission);
+ }
+
+ @Override
+ public String toString() {
+ return this.permissionString;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,49 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.Map;
+
+import javolution.util.FastMap;
+
+/**
+ * A collection of basic permissions.
+ */
+public class BasicPermissions {
+
+ public static final Permission Access = new BasicPermission("access=true");
+ public static final Permission Admin = new AdminPermission();
+ public static final Permission Create = new BasicPermission("create=true");
+ public static final Permission Delete = new BasicPermission("delete=true");
+ public static final Permission Update = new BasicPermission("update=true");
+ public static final Permission View = new BasicPermission("view=true");
+ public static final Map<String, Permission> ConversionMap = createConversionMap();
+
+ protected static Map<String, Permission> createConversionMap() {
+ Map<String, Permission> conversionMap = FastMap.newInstance();
+ conversionMap.put("ACCESS", Access);
+ conversionMap.put("ADMIN", Admin);
+ conversionMap.put("CREATE", Create);
+ conversionMap.put("DELETE", Delete);
+ conversionMap.put("UPDATE", Update);
+ conversionMap.put("VIEW", View);
+ return conversionMap;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,132 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.List;
+import java.util.ListIterator;
+
+import org.ofbiz.api.context.ThreadContext;
+import org.ofbiz.base.util.Debug;
+import org.ofbiz.base.util.UtilProperties;
+
+/** An implementation of <code>AuthorizationManager</code> that allows
+ * unrestricted access to all security-aware artifacts. This class
+ * is intended to be used in situations where user permissions are
+ * not available or accessible (the initial data load for example).
+ * <p>Extreme care should be taken when using this class so that
+ * security holes are not introduced. A recommended strategy is:<br><br>
+ * <ul>
+ * <li>Save the current <code>AuthorizationManager</code> instance in
+ * a local variable - using <code>ExecutionContext.getSecurity()</code>.</li>
+ * <li>Call <code>ExecutionContext.setSecurity(...)</code> with a
+ * <code>NullAuthorizationManager</code> instance.</li>
+ * <li>Perform the unrestricted tasks.</li>
+ * <li>Restore the original <code>AuthorizationManager</code> by
+ * calling <code>ExecutionContext.setSecurity(...)</code> with the
+ * saved <code>AuthorizationManager</code> instance.</li>
+ * </ul></p>
+ *
+ */
+public class NullAuthorizationManager implements AuthorizationManager {
+
+ protected static final String module = NullAuthorizationManager.class.getName();
+ protected static final AccessController nullAccessController = new NullAccessController();
+
+ public void assignGroupPermission(String userGroupId, String artifactId,
+ Permission permission) {
+ }
+
+ public void assignGroupToGroup(String childGroupId, String parentGroupId) {
+ }
+
+ public void assignUserPermission(String userLoginId, String artifactId,
+ Permission permission) {
+ }
+
+ public void assignUserToGroup(String userLoginId, String userGroupId) {
+ }
+
+ public void createUser(String userLoginId, String password) {
+ }
+
+ public String createUserGroup(String description) {
+ return null;
+ }
+
+ public void deleteGroupFromGroup(String childGroupId, String parentGroupId) {
+ }
+
+ public void deleteGroupPermission(String userGroupId, String artifactId,
+ Permission permission) {
+ }
+
+ public void deleteUser(String userLoginId) {
+ }
+
+ public void deleteUserFromGroup(String userLoginId, String userGroupId) {
+ }
+
+ public void deleteUserGroup(String userGroupId) {
+ }
+
+ public void deleteUserPermission(String userLoginId, String artifactId,
+ Permission permission) {
+ }
+
+ public void updateUser(String userLoginId, String password) {
+ }
+
+ public void updateUserGroup(String userGroupId, String description) {
+ }
+
+ public AccessController getAccessController() throws AccessControlException {
+ return nullAccessController;
+ }
+
+ /** An implementation of the <code>AccessController</code> interface
+ * that allows unrestricted access to all security-aware artifacts.
+ */
+ protected static class NullAccessController implements AccessController {
+
+ // Temporary - will be removed later
+ protected boolean verbose = false;
+ protected NullAccessController() {
+ this.verbose = "true".equals(UtilProperties.getPropertyValue("api.properties", "authorizationManager.verbose"));
+ }
+
+ public <E> List<E> applyFilters(List<E> list) {
+ return list;
+ }
+
+ public <E> ListIterator<E> applyFilters(ListIterator<E> list) {
+ return list;
+ }
+
+ public void checkPermission(Permission permission) throws AccessControlException {
+ if (this.verbose) {
+ Debug.logInfo("Checking permission: " + ThreadContext.getExecutionPath() + "[" + permission + "]", module);
+ Debug.logInfo("Found permission(s): " +
+ "null-access-controller@" + ThreadContext.getExecutionPath() + "[admin=true]", module);
+ }
+ }
+ }
+
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.io.IOException;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.Map;
+
+import org.ofbiz.api.context.ThreadContext;
+import org.ofbiz.base.util.Debug;
+
+import freemarker.core.Environment;
+import freemarker.ext.beans.BeanModel;
+import freemarker.template.SimpleScalar;
+import freemarker.template.Template;
+import freemarker.template.TemplateDirectiveBody;
+import freemarker.template.TemplateException;
+import freemarker.template.TemplateModel;
+import freemarker.template.TemplateDirectiveModel;
+
+/**
+ * OfbizSecurityTransform - Security-aware Freemarker transform.
+ */
+public class OfbizSecurityTransform implements TemplateDirectiveModel {
+
+ public final static String module = OfbizSecurityTransform.class.getName();
+
+ @SuppressWarnings("unchecked")
+ public void execute(Environment env, Map params, TemplateModel[] loopVars, TemplateDirectiveBody body) throws TemplateException, IOException {
+ if (body == null) {
+ return;
+ }
+ SimpleScalar obj = (SimpleScalar) params.get("artifactId");
+ if (obj == null) {
+ Debug.logError("artifactId parameter not found, unable to execute transform", module);
+ return;
+ }
+ String artifactId = obj.getAsString();
+ obj = (SimpleScalar) params.get("permission");
+ if (obj == null) {
+ Debug.logError("permission parameter not found, unable to execute transform", module);
+ return;
+ }
+ String permStr = obj.getAsString();
+ Permission permission = BasicPermissions.ConversionMap.get(permStr.toUpperCase());
+ if (permission == null) {
+ Debug.logError("Unknown permission \"" + permStr + "\", unable to execute transform", module);
+ return;
+ }
+ BeanModel contextBean = (BeanModel)env.getVariable("executionContext");
+ if (contextBean == null) {
+ Debug.logError("ExecutionContext not found, unable to execute transform", module);
+ return;
+ }
+ Template template = env.getTemplate();
+ String location = template.getName();
+ ThreadContext.pushExecutionArtifact(location, artifactId);
+ AccessController accessController = ThreadContext.getAccessController();
+ try {
+ accessController.checkPermission(permission);
+ body.render(env.getOut());
+ } catch (AccessControlException e) {}
+ ThreadContext.popExecutionArtifact();
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+
+/**
+ * A <code>Set</code> of permissions that represents an intersection.
+ */
+@SuppressWarnings("serial")
+public class PermissionsIntersection extends PermissionsSet {
+
+ public PermissionsIntersection(String listName) {
+ super(listName);
+ }
+
+ public PermissionsIntersection(String listName, List<Permission> permissionsList) {
+ super(listName, permissionsList);
+ }
+
+ /** Returns <code>true</code> if all of the contained permissions
+ * return <code>true</code>.
+ */
+ @Override
+ public boolean implies(Permission permission) {
+ try {
+ PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+ for (Permission perm : permissionsUnion.getPermissionsSet()) {
+ if (this.implies(perm)) {
+ return true;
+ }
+ }
+ return false;
+ } catch (Exception e) {}
+ try {
+ PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+ for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+ if (!this.implies(perm)) {
+ return false;
+ }
+ }
+ return true;
+ } catch (Exception e) {}
+ for (Permission perm : this.permissionsSet) {
+ if (!perm.implies(permission)) {
+ return false;
+ }
+ }
+ return true;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,79 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+import java.util.Set;
+
+import javolution.util.FastSet;
+
+/**
+ * A <code>Set</code> of permissions.
+ */
+@SuppressWarnings("serial")
+public abstract class PermissionsSet extends BasicPermission {
+
+ protected final Set<Permission> permissionsSet = FastSet.newInstance();
+
+ public PermissionsSet(String setName) {
+ super(setName);
+ }
+
+ public PermissionsSet(String setName, List<Permission> permissionsList) {
+ super(setName);
+ this.permissionsSet.addAll(permissionsList);
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ try {
+ PermissionsSet that = (PermissionsSet) obj;
+ return this.permissionsSet.equals(that.permissionsSet);
+ } catch (Exception e) {}
+ return false;
+ }
+
+ @Override
+ public String getActions() {
+ return null;
+ }
+
+ @Override
+ public int hashCode() {
+ return permissionsSet.hashCode();
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ for (Permission perm : this.permissionsSet) {
+ sb.append(perm);
+ sb.append(" ");
+ }
+ return sb.toString().trim();
+ }
+
+ public Set<Permission> getPermissionsSet() {
+ return this.permissionsSet;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+
+/**
+ * A <code>Set</code> of permissions that represent a union.
+ */
+@SuppressWarnings("serial")
+public class PermissionsUnion extends PermissionsSet {
+
+ public PermissionsUnion(String listName) {
+ super(listName);
+ }
+
+ public PermissionsUnion(String listName, List<Permission> permissionsList) {
+ super(listName, permissionsList);
+ }
+
+ /** Returns <code>true</code> if any of the contained permissions
+ * returns <code>true</code>.
+ */
+ @Override
+ public boolean implies(Permission permission) {
+ try {
+ PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+ for (Permission perm : permissionsUnion.getPermissionsSet()) {
+ if (this.implies(perm)) {
+ return true;
+ }
+ }
+ return false;
+ } catch (Exception e) {}
+ try {
+ PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+ for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+ if (!this.implies(perm)) {
+ return false;
+ }
+ }
+ return true;
+ } catch (Exception e) {}
+ for (Permission perm : this.permissionsSet) {
+ if (perm.implies(permission)) {
+ return true;
+ }
+ }
+ return false;
+ }
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java Fri Jan 1 00:38:52 2010
@@ -0,0 +1,40 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.context;
+
+/** ExecutionArtifact interface. Artifacts in the program's execution
+ * path (services, screen widgets, form widgets, entities) should implement
+ * this interface.
+ */
+public interface ExecutionArtifact {
+
+ /**
+ * Returns the location of this artifact.
+ *
+ * @return Location of this artifact
+ */
+ public String getLocation();
+
+ /**
+ * Returns the name of this artifact.
+ *
+ * @return Name of this artifact
+ */
+ public String getName();
+}
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
|