ofbiz-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From adri...@apache.org
Subject svn commit: r894961 [1/4] - in /ofbiz/branches/executioncontext20091231: ./ applications/accounting/ applications/accounting/data/ applications/content/ applications/content/data/ applications/humanres/data/ applications/manufacturing/ applications/man...
Date Fri, 01 Jan 2010 00:38:57 GMT
Author: adrianc
Date: Fri Jan  1 00:38:52 2010
New Revision: 894961

URL: http://svn.apache.org/viewvc?rev=894961&view=rev
Log:
Ported over the security-aware artifacts code from the executioncontext20090812 branch.

Added:
    ofbiz/branches/executioncontext20091231/BranchReadMe.txt   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/
    ofbiz/branches/executioncontext20091231/framework/api/build.xml
    ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/GenericExecutionArtifact.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/GenericParametersArtifact.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ParametersArtifact.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/
    ofbiz/branches/executioncontext20091231/framework/context/build.xml
    ofbiz/branches/executioncontext20091231/framework/context/lib/
    ofbiz/branches/executioncontext20091231/framework/context/ofbiz-component.xml
    ofbiz/branches/executioncontext20091231/framework/context/src/
    ofbiz/branches/executioncontext20091231/framework/context/src/org/
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/PathNode.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareEli.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareIterator.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareList.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/SecurityAwareListIterator.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/ExecutionContext.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/ThreadContext.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ExecutionContext.java   (with props)
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ThreadContext.java   (with props)
    ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/data/
    ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/data/HhFacilitySecurityData.xml   (with props)
Modified:
    ofbiz/branches/executioncontext20091231/.classpath
    ofbiz/branches/executioncontext20091231/applications/accounting/build.xml
    ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/content/build.xml
    ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml
    ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/marketing/build.xml
    ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/order/build.xml
    ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/party/build.xml
    ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/product/build.xml
    ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml
    ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml
    ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml
    ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml
    ofbiz/branches/executioncontext20091231/framework/bi/build.xml
    ofbiz/branches/executioncontext20091231/framework/build.xml
    ofbiz/branches/executioncontext20091231/framework/common/build.xml
    ofbiz/branches/executioncontext20091231/framework/common/src/org/ofbiz/common/login/LoginServices.java
    ofbiz/branches/executioncontext20091231/framework/component-load.xml
    ofbiz/branches/executioncontext20091231/framework/entity/build.xml
    ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/GenericDelegator.java
    ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/GenericEntity.java
    ofbiz/branches/executioncontext20091231/framework/entity/src/org/ofbiz/entity/model/ModelEntity.java
    ofbiz/branches/executioncontext20091231/framework/entityext/build.xml
    ofbiz/branches/executioncontext20091231/framework/entityext/src/org/ofbiz/entityext/data/EntityDataLoadContainer.java
    ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
    ofbiz/branches/executioncontext20091231/framework/minilang/build.xml
    ofbiz/branches/executioncontext20091231/framework/security/build.xml
    ofbiz/branches/executioncontext20091231/framework/security/config/security.xml
    ofbiz/branches/executioncontext20091231/framework/security/data/SecurityData.xml
    ofbiz/branches/executioncontext20091231/framework/security/entitydef/entitymodel.xml
    ofbiz/branches/executioncontext20091231/framework/security/src/org/ofbiz/security/authz/AuthorizationFactory.java
    ofbiz/branches/executioncontext20091231/framework/service/build.xml
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ModelService.java
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/ServiceDispatcher.java
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/job/GenericServiceJob.java
    ofbiz/branches/executioncontext20091231/framework/service/src/org/ofbiz/service/job/JobPoller.java
    ofbiz/branches/executioncontext20091231/framework/webapp/build.xml
    ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
    ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
    ofbiz/branches/executioncontext20091231/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
    ofbiz/branches/executioncontext20091231/framework/webtools/build.xml
    ofbiz/branches/executioncontext20091231/framework/webtools/data/WebtoolsSecurityData.xml
    ofbiz/branches/executioncontext20091231/framework/widget/build.xml
    ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/form/ModelForm.java
    ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java
    ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/screen/ModelScreen.java
    ofbiz/branches/executioncontext20091231/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java
    ofbiz/branches/executioncontext20091231/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/cmssite/data/CmsSiteDemoData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/ebay/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/ebay/data/EbaySecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/DemoOrderPeopleData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/DemoPurchasing.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/ecommerce/data/EcommerceTypeData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/googlebase/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/googlebase/data/GoogleBaseSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/googlecheckout/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/googlecheckout/data/GoogleCheckoutSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/hhfacility/ofbiz-component.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/myportal/data/MyPortalSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/oagis/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/oagis/data/OagisSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/pos/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/pos/data/DemoRetail.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/projectmgr/data/ProjectMgrDemoData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/projectmgr/data/ProjectMgrSecurityData.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/webpos/build.xml
    ofbiz/branches/executioncontext20091231/specialpurpose/webpos/data/DemoPosData.xml
    ofbiz/branches/executioncontext20091231/themes/bizznesstime/data/BizznessTimeThemeData.xml
    ofbiz/branches/executioncontext20091231/themes/bluelight/data/BlueLightThemeData.xml
    ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/data/DroppingCrumbsThemeData.xml
    ofbiz/branches/executioncontext20091231/themes/flatgrey/data/FlatGreyThemeData.xml
    ofbiz/branches/executioncontext20091231/themes/multiflex/data/MultiflexThemeData.xml

Modified: ofbiz/branches/executioncontext20091231/.classpath
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/.classpath?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/.classpath (original)
+++ ofbiz/branches/executioncontext20091231/.classpath Fri Jan  1 00:38:52 2010
@@ -180,11 +180,13 @@
     <classpathentry kind="src" path="applications/product/src" excluding="ShipmentScaleApplet.java"/>
     <classpathentry kind="src" path="applications/securityext/src" excluding="org/ofbiz/securityext/thirdparty/truition/TruitionCoReg.java"/>
     <classpathentry kind="src" path="applications/workeffort/src"/>
+    <classpathentry kind="src" path="framework/api/src"/>
     <classpathentry kind="src" path="framework/appserver/src"/>
     <classpathentry kind="src" path="framework/base/src" excluding="org/ofbiz/base/config/CoberturaInstrumenter.java"/>
     <classpathentry kind="src" path="framework/bi/src"/>
     <classpathentry kind="src" path="framework/catalina/src"/>
     <classpathentry kind="src" path="framework/common/src"/>
+    <classpathentry kind="src" path="framework/context/src"/>
     <classpathentry kind="src" path="framework/datafile/src"/>
     <classpathentry kind="src" path="framework/entity/src" excluding="org/ofbiz/entity/connection/XaPoolConnectionFactory.java"/>
     <classpathentry kind="src" path="framework/entityext/src"/>

Added: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/BranchReadMe.txt?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/BranchReadMe.txt (added)
+++ ofbiz/branches/executioncontext20091231/BranchReadMe.txt Fri Jan  1 00:38:52 2010
@@ -0,0 +1,65 @@
+ExecutionContext and Security-Aware Artifacts Notes
+---------------------------------------------------
+
+2009-12-31: I put this text file in the branch as a means
+of keeping anyone who is interested updated on the progress
+of the branch.
+
+This branch is an implementation of the Security-Aware Artifacts
+design document -
+
+http://cwiki.apache.org/confluence/display/OFBTECH/OFBiz+Security+Redesign
+
+and it is a work in progress.
+
+The ExecutionContext interface is
+scattered across several components due to the cross-dependency
+or circular-dependency issue. Cross-dependency is when Class
+A references Class B, and Class B references Class A, and both
+classes are in separate components. There is no way to get them
+to compile. The problem is compounded in ExecutionContext because
+it references 3 or 4 components.
+
+The workaround I came up with was to have the lowest level methods
+declared in the api component, then have each component extend
+the interface and add their methods. It's not pretty, but it works.
+
+This is where you can find the interfaces:
+
+org.ofbiz.api.context.ExecutionContext
+  org.ofbiz.entity.ExecutionContext
+    org.ofbiz.service.ExecutionContext
+
+When the cross-dependency issues are solved, all of the extended
+interfaces will be consolidated into one.
+
+The interface implementations can be found in the context component. 
+  
+The ultimate goal of ExecutionContext is to have all client code
+get the contained objects from ExecutionContext only - instead of
+getting them from the various classes now in use. This initial
+implementation focuses more on the ExecutionContext's role as
+a means of tracking the execution path - which is needed for the
+security-aware artifacts.
+
+The AuthorizationManager and AccessController interfaces are based
+on the java.security.* classes, and they are intended to be
+implementation-agnostic. OFBiz will have an implementation based
+on the entity engine, but the goal is to be able to swap out that
+implementation with another.
+
+If you want to see the ExecutionContext and AccessController in
+action, change the settings in api.properties. You will see info
+messages in the console log.
+
+I added a security-aware Freemarker transform. Template
+sections can be controlled with:
+
+<@ofbizSecurity permission="view" artifactId="thisTemplate">Some text</@ofbizSecurity>
+
+If the user has permission to view the artifact, then "Some text"
+will be rendered.
+
+The Authorization Manager is mostly working. Filtering
+EntityListIterator values is not implemented due to architectural
+problems.

Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: ofbiz/branches/executioncontext20091231/applications/accounting/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/accounting/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/accounting/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/accounting/build.xml Fri Jan  1 00:38:52 2010
@@ -30,6 +30,7 @@
     <property name="ofbiz.home.dir" value="../.."/>
 
     <path id="local.class.path">
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/accounting/data/AccountingSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -130,4 +130,16 @@
     <SecurityGroupPermission groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_UPDATE"/>
     <SecurityGroupPermission groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_VIEW"/>
 
+    <ArtifactPath artifactPath="ofbiz/accounting" description="Accounting Application"/>
+    <ArtifactPath artifactPath="ofbiz/ap" description="Accounts Payable Application"/>
+    <ArtifactPath artifactPath="ofbiz/ar" description="Accounts Receivable Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/accounting" permissionValue="admin=true"/>
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ap" permissionValue="admin=true"/>
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ar" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/content/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/content/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/content/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/content/build.xml Fri Jan  1 00:38:52 2010
@@ -32,6 +32,7 @@
     <path id="local.class.path">
         <fileset dir="${lib.dir}" includes="*.jar"/>
         <fileset dir="${lib.dir}/uno" includes="*.jar"/>
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/content/data/ContentSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -47,4 +47,13 @@
     <SecurityPermission description="Send to the Control Applet." permissionId="SEND_CONTROL_APPLET"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="SEND_CONTROL_APPLET"/>
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SEND_CONTROL_APPLET"/>
+
+    <ArtifactPath artifactPath="ofbiz/content" description="Content Manager Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/content" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/humanres/data/HumanResSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -30,4 +30,13 @@
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="HUMANRES_VIEW"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="HUMANRES_VIEW"/>
     <SecurityGroupPermission groupId="BIZADMIN" permissionId="HUMANRES_ADMIN"/>
+
+    <ArtifactPath artifactPath="ofbiz/humanres" description="Human Resources Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/humanres" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/manufacturing/build.xml Fri Jan  1 00:38:52 2010
@@ -31,6 +31,7 @@
 
     <path id="local.class.path">
         <!-- <fileset dir="${lib.dir}" includes="*.jar"/> -->
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
         <fileset dir="../../framework/base/build/lib" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/manufacturing/data/ManufacturingSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -32,4 +32,13 @@
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="MANUFACTURING_VIEW"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="MANUFACTURING_VIEW"/>
     <SecurityGroupPermission groupId="BIZADMIN" permissionId="MANUFACTURING_ADMIN"/>
+
+    <ArtifactPath artifactPath="ofbiz/manufacturing" description="Manufacturing Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/manufacturing" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/marketing/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/marketing/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/marketing/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/marketing/build.xml Fri Jan  1 00:38:52 2010
@@ -30,6 +30,7 @@
     <property name="ofbiz.home.dir" value="../.."/>
 
     <path id="local.class.path">
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
         <fileset dir="../../framework/base/build/lib" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/marketing/data/MarketingSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -50,6 +50,15 @@
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SFA_VIEW"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="SFA_VIEW"/>
     <SecurityGroupPermission groupId="BIZADMIN" permissionId="SFA_ADMIN"/>
-    
+
+    <ArtifactPath artifactPath="ofbiz/marketing" description="Marketing Application"/>
+    <ArtifactPath artifactPath="ofbiz/SalesForceAutomation" description="Sales Force Automation Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/marketing" permissionValue="admin=true"/>
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/SalesForceAutomation" permissionValue="admin=true"/>
     
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/order/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/order/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/order/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/order/build.xml Fri Jan  1 00:38:52 2010
@@ -31,6 +31,7 @@
 
     <path id="local.class.path">
         <!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/order/data/OrderSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -146,4 +146,13 @@
     <SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="ORDERMGR_SEND_CONFIRMATION"/>
     <SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="OFBTOOLS_VIEW"/>
     <SecurityGroupPermission groupId="ORDERENTRY_ALL" permissionId="ORDERMGR_CRQ_CREATE"/>
+
+    <ArtifactPath artifactPath="ofbiz/order" description="Order Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/order" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/party/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/party/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/party/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/party/build.xml Fri Jan  1 00:38:52 2010
@@ -31,6 +31,7 @@
 
     <path id="local.class.path">
         <!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
         <fileset dir="../../framework/base/build/lib" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/party/data/PartySecurityData.xml Fri Jan  1 00:38:52 2010
@@ -92,4 +92,12 @@
     <SecurityGroup description="Security Admin group, has all permissions to modify security settings in party manager." groupId="SECURITYADMIN"/>
     <SecurityGroupPermission groupId="SECURITYADMIN" permissionId="SECURITY_ADMIN"/>
 
+    <ArtifactPath artifactPath="ofbiz/party" description="Party Manager Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/party" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/product/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/product/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/product/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/product/build.xml Fri Jan  1 00:38:52 2010
@@ -31,6 +31,7 @@
 
     <path id="local.class.path">
         <!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/commons" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/product/data/ProductSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -92,4 +92,15 @@
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="FACILITY_VIEW"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="FACILITY_VIEW"/>
     <SecurityGroupPermission groupId="BIZADMIN" permissionId="FACILITY_ADMIN"/>
+
+    <ArtifactPath artifactPath="ofbiz/catalog" description="Catalog Manager Application"/>
+    <ArtifactPath artifactPath="ofbiz/facility" description="Facility Manager Application"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/catalog" permissionValue="admin=true"/>
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/facility" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/securityext/data/UserDemoData.xml Fri Jan  1 00:38:52 2010
@@ -86,4 +86,15 @@
     <UserLoginSecurityGroup groupId="VIEWADMIN" userLoginId="ltdadmin1" fromDate="2001-01-01 12:00:00.0"/>
     <UserLoginSecurityGroup groupId="BIZADMIN" userLoginId="bizadmin" fromDate="2001-01-01 12:00:00.0"/>
 
+    <UserToUserGroupRel userLoginId="anonymous" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="system" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="admin" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="flexadmin" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="demoadmin" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="ltdadmin" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="ltdadmin1" groupId="OFBIZ_USERS"/>
+    <UserToUserGroupRel userLoginId="bizadmin" groupId="OFBIZ_USERS"/>
+
+    <UserToArtifactPermRel userLoginId="admin" artifactPath="ofbiz" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Modified: ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/workeffort/build.xml Fri Jan  1 00:38:52 2010
@@ -31,6 +31,7 @@
 
     <path id="local.class.path">
         <!--<fileset dir="${lib.dir}" includes="*.jar"/>-->
+        <fileset dir="../../framework/api/build/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/j2eespecs" includes="*.jar"/>
         <fileset dir="../../framework/base/lib/scripting" includes="*.jar"/>

Modified: ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml?rev=894961&r1=894960&r2=894961&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20091231/applications/workeffort/data/WorkEffortSecurityData.xml Fri Jan  1 00:38:52 2010
@@ -48,4 +48,15 @@
     <SecurityGroupPermission groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_UPDATE"/>
     <SecurityGroupPermission groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_DELETE"/>
 
+    <ArtifactPath artifactPath="ofbiz/workeffort" description="Work Effort Application"/>
+    <ArtifactPath artifactPath="ofbiz/ical" description="iCalendar Public URL"/>
+    <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/ical" permissionValue="view=true"/>
+
+    <!-- Data needed for the transition to security-aware artifacts. As each webapp
+         is converted over to the new security design, the corresponding admin
+         permission should be removed. -->
+
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/workeffort" permissionValue="admin=true"/>
+    <UserGrpToArtifactPermRel groupId="OFBIZ_USERS" artifactPath="ofbiz/ical" permissionValue="admin=true"/>
+
 </entity-engine-xml>

Added: ofbiz/branches/executioncontext20091231/framework/api/build.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/build.xml?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/build.xml (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/build.xml Fri Jan  1 00:38:52 2010
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<project name="OFBiz - Framework API" default="jar" basedir=".">
+    <import file="../../common.xml"/>
+
+    <!-- ================================================================== -->
+    <!-- Initialization of all property settings                            -->
+    <!-- ================================================================== -->
+
+    <property name="name" value="ofbiz-api"/>
+    <property name="ofbiz.home.dir" value="../.."/>
+
+    <path id="local.class.path">
+        <fileset dir="${lib.dir}" includes="*.jar"/>
+        <fileset dir="../base/lib" includes="*.jar"/>
+        <fileset dir="../base/lib/commons" includes="*.jar"/>
+        <fileset dir="../base/lib/j2eespecs" includes="*.jar"/>
+        <fileset dir="../base/lib/scripting" includes="*.jar"/>
+        <fileset dir="../base/build/lib" includes="*.jar"/>
+    </path>
+
+    <!-- ================================================================== -->
+    <!-- Compilation of the source files                                    -->
+    <!-- ================================================================== -->
+
+    <target name="jar" depends="classes">
+        <jar jarfile="${build.dir}/lib/${name}.jar">
+            <fileset dir="${build.dir}/classes"/>
+            <fileset dir="${src.dir}">
+                <include name="**/*.properties,**/*.xml,**/*.bsh,**/*.logic,**/*.js,**/*.jacl,**/*.py"/>
+                <include name="META-INF/**"/>
+            </fileset>
+            <!-- now add the NOTICE and LICENSE files to allow the jar file to be distributed alone -->
+            <zipfileset dir="${ofbiz.home.dir}" prefix="META-INF" includes="NOTICE,LICENSE"/>
+        </jar>
+    </target>
+
+    <!-- ================================================================== -->
+    <!-- Build JavaDoc                                                      -->
+    <!-- ================================================================== -->
+
+    <target name="docs" depends="prepare-docs">
+        <javadoc packagenames="org.ofbiz.base.*"
+                 classpathref="local.class.path"
+                 destdir="${build.dir}/javadocs"
+                 Windowtitle="Open for Business - Framework API">
+            <sourcepath path="${src.dir}"/>
+        </javadoc>
+    </target>
+</project>

Added: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml Fri Jan  1 00:38:52 2010
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<ofbiz-component name="api"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/ofbiz-component.xsd">
+    <resource-loader name="main" type="component"/>
+    <classpath type="jar" location="build/lib/*"/>
+    <classpath type="dir" location="config"/>
+    <classpath type="jar" location="lib/*"/>
+</ofbiz-component>

Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/ofbiz-component.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.List;
+import java.util.ListIterator;
+
+/** AccessController interface. This interface is intended to
+ * separate the permissions-checking logic from the artifacts
+ * that use it.
+ */
+public interface AccessController  {
+
+	/** Returns silently if the user has been granted <code>permission</code>
+	 * access for the current artifact, throws <code>AccessControlException</code>
+	 * otherwise.<p>Security-aware artifacts call this
+     * method with the desired permission. If access is granted the
+     * method returns, otherwise it throws an unchecked exception.
+     * Higher level code can catch the exception and handle it accordingly.</p>
+	 * 
+	 * @param permission The permission to check
+	 * @throws AccessControlException
+	 */
+    public void checkPermission(Permission permission) throws AccessControlException;
+
+    /** Applies permission filters to a <code>List</code>. The
+     * returned <code>List</code> is security-aware, so methods
+     * that return an <code>Object</code> will return only the
+     * objects the user has permission to access.
+     * 
+     * @param list The <code>List</code> to apply filters to
+     * @return A security-aware <code>List</code> if filters
+     * were specified for the current artifact, or the original
+     * <code>List</code> otherwise
+     */
+    public <E> List<E> applyFilters(List<E> list);
+
+    /** Applies permission filters to a <code>ListIterator</code>. The
+     * returned <code>ListIterator</code> is security-aware, so methods
+     * that return an <code>Object</code> will return only the
+     * objects the user has permission to access.
+     * 
+     * @param list The <code>ListIterator</code> to apply filters to
+     * @return A security-aware <code>ListIterator</code> if filters
+     * were specified for the current artifact, or the original
+     * <code>ListIterator</code> otherwise
+     */
+	public <E> ListIterator<E> applyFilters(ListIterator<E> list);
+
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AccessController.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+
+/**
+ * Admin permission class. Extends BasicPermission.
+ */
+@SuppressWarnings("serial")
+public class AdminPermission extends BasicPermission {
+
+	public AdminPermission() {
+		super("admin=true");
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj == this) {
+			return true;
+		}
+		try {
+		    AdminPermission that = (AdminPermission) obj;
+			return this.permissionString.equals(that.permissionString);
+		} catch (Exception e) {}
+		return false;
+	}
+
+	@Override
+	public String getActions() {
+		return null;
+	}
+
+	@Override
+	public int hashCode() {
+		return this.permissionString.hashCode();
+	}
+
+	/** Returns <code>true</code> - the admin permission has
+	 * no restrictions.
+	 * 
+	 */
+	@Override
+	public boolean implies(Permission permission) {
+		return true;
+	}
+
+	@Override
+	public String toString() {
+		return this.permissionString;
+	}
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AdminPermission.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+
+/**
+ * AuthorizationManager interface.
+ */
+public interface AuthorizationManager {
+
+	// Get the access controller for an artifact/user combination
+	public AccessController getAccessController () throws AccessControlException;
+
+	// User methods
+    public void createUser(String userLoginId, String password);
+    public void updateUser(String userLoginId, String password);
+    public void deleteUser(String userLoginId);
+
+    // User Group methods
+    public String createUserGroup(String description);
+    public void updateUserGroup(String userGroupId, String description);
+    public void deleteUserGroup(String userGroupId);
+
+    // User Group Assignment methods
+    public void assignUserToGroup(String userLoginId, String userGroupId);
+    public void deleteUserFromGroup(String userLoginId, String userGroupId);
+    public void assignGroupToGroup(String childGroupId, String parentGroupId);
+    public void deleteGroupFromGroup(String childGroupId, String parentGroupId);
+
+    // Permission Assignment methods
+    public void assignUserPermission(String userLoginId, String artifactId, Permission permission);
+    public void deleteUserPermission(String userLoginId, String artifactId, Permission permission);
+    public void assignGroupPermission(String userGroupId, String artifactId, Permission permission);
+    public void deleteGroupPermission(String userGroupId, String artifactId, Permission permission);
+
+
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/AuthorizationManager.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,85 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+
+/**
+ * Generic permission class. Similar to java.security.BasicPermission.
+ */
+@SuppressWarnings("serial")
+public class BasicPermission extends Permission {
+
+	protected final String permissionString;
+
+	public BasicPermission(String permissionString) {
+		super(permissionString);
+		this.permissionString = permissionString;
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj == this) {
+			return true;
+		}
+		try {
+		    BasicPermission that = (BasicPermission) obj;
+			return this.permissionString.equals(that.permissionString);
+		} catch (Exception e) {}
+		return false;
+	}
+
+	@Override
+	public String getActions() {
+		return null;
+	}
+
+	@Override
+	public int hashCode() {
+		return this.permissionString.hashCode();
+	}
+
+	@Override
+	public boolean implies(Permission permission) {
+		try {
+			PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+			for (Permission perm : permissionsUnion.getPermissionsSet()) {
+				if (this.implies(perm)) {
+					return true;
+				}
+			}
+			return false;
+		} catch (Exception e) {}
+		try {
+			PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+			for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+				if (!this.implies(perm)) {
+					return false;
+				}
+			}
+			return true;
+		} catch (Exception e) {}
+		return this.equals(permission);
+	}
+
+	@Override
+	public String toString() {
+		return this.permissionString;
+	}
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermission.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,49 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.Map;
+
+import javolution.util.FastMap;
+
+/**
+ * A collection of basic permissions.
+ */
+public class BasicPermissions {
+
+	public static final Permission Access = new BasicPermission("access=true");
+	public static final Permission Admin = new AdminPermission();
+	public static final Permission Create = new BasicPermission("create=true");
+	public static final Permission Delete = new BasicPermission("delete=true");
+	public static final Permission Update = new BasicPermission("update=true");
+	public static final Permission View = new BasicPermission("view=true");
+	public static final Map<String, Permission> ConversionMap = createConversionMap();
+
+    protected static Map<String, Permission> createConversionMap() {
+        Map<String, Permission> conversionMap = FastMap.newInstance();
+        conversionMap.put("ACCESS", Access);
+        conversionMap.put("ADMIN", Admin);
+        conversionMap.put("CREATE", Create);
+        conversionMap.put("DELETE", Delete);
+        conversionMap.put("UPDATE", Update);
+        conversionMap.put("VIEW", View);
+        return conversionMap;
+    }
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,132 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.List;
+import java.util.ListIterator;
+
+import org.ofbiz.api.context.ThreadContext;
+import org.ofbiz.base.util.Debug;
+import org.ofbiz.base.util.UtilProperties;
+
+/** An implementation of <code>AuthorizationManager</code> that allows
+ * unrestricted access to all security-aware artifacts. This class
+ * is intended to be used in situations where user permissions are
+ * not available or accessible (the initial data load for example).
+ * <p>Extreme care should be taken when using this class so that
+ * security holes are not introduced. A recommended strategy is:<br><br>
+ * <ul>
+ * <li>Save the current <code>AuthorizationManager</code> instance in
+ * a local variable - using <code>ExecutionContext.getSecurity()</code>.</li>
+ * <li>Call <code>ExecutionContext.setSecurity(...)</code> with a
+ * <code>NullAuthorizationManager</code> instance.</li>
+ * <li>Perform the unrestricted tasks.</li>
+ * <li>Restore the original <code>AuthorizationManager</code> by
+ * calling <code>ExecutionContext.setSecurity(...)</code> with the
+ * saved <code>AuthorizationManager</code> instance.</li>
+ * </ul></p>
+ * 
+ */
+public class NullAuthorizationManager implements AuthorizationManager {
+
+    protected static final String module = NullAuthorizationManager.class.getName();
+    protected static final AccessController nullAccessController = new NullAccessController();
+
+    public void assignGroupPermission(String userGroupId, String artifactId,
+            Permission permission) {
+    }
+
+    public void assignGroupToGroup(String childGroupId, String parentGroupId) {
+    }
+
+    public void assignUserPermission(String userLoginId, String artifactId,
+            Permission permission) {
+    }
+
+    public void assignUserToGroup(String userLoginId, String userGroupId) {
+    }
+
+    public void createUser(String userLoginId, String password) {
+    }
+
+    public String createUserGroup(String description) {
+        return null;
+    }
+
+    public void deleteGroupFromGroup(String childGroupId, String parentGroupId) {
+    }
+
+    public void deleteGroupPermission(String userGroupId, String artifactId,
+            Permission permission) {
+    }
+
+    public void deleteUser(String userLoginId) {
+    }
+
+    public void deleteUserFromGroup(String userLoginId, String userGroupId) {
+    }
+
+    public void deleteUserGroup(String userGroupId) {
+    }
+
+    public void deleteUserPermission(String userLoginId, String artifactId,
+            Permission permission) {
+    }
+
+    public void updateUser(String userLoginId, String password) {
+    }
+
+    public void updateUserGroup(String userGroupId, String description) {
+    }
+
+    public AccessController getAccessController() throws AccessControlException {
+        return nullAccessController;
+    }
+
+    /** An implementation of the <code>AccessController</code> interface
+     * that allows unrestricted access to all security-aware artifacts.
+     */
+    protected static class NullAccessController implements AccessController {
+
+        // Temporary - will be removed later
+        protected boolean verbose = false;
+        protected NullAccessController() {
+            this.verbose = "true".equals(UtilProperties.getPropertyValue("api.properties", "authorizationManager.verbose"));
+        }
+
+        public <E> List<E> applyFilters(List<E> list) {
+            return list;
+        }
+
+        public <E> ListIterator<E> applyFilters(ListIterator<E> list) {
+            return list;
+        }
+
+        public void checkPermission(Permission permission) throws AccessControlException {
+            if (this.verbose) {
+                Debug.logInfo("Checking permission: " + ThreadContext.getExecutionPath() + "[" + permission + "]", module);
+                Debug.logInfo("Found permission(s): " + 
+                        "null-access-controller@" + ThreadContext.getExecutionPath() + "[admin=true]", module);
+            }
+        }
+    }
+
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,82 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.io.IOException;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.Map;
+
+import org.ofbiz.api.context.ThreadContext;
+import org.ofbiz.base.util.Debug;
+
+import freemarker.core.Environment;
+import freemarker.ext.beans.BeanModel;
+import freemarker.template.SimpleScalar;
+import freemarker.template.Template;
+import freemarker.template.TemplateDirectiveBody;
+import freemarker.template.TemplateException;
+import freemarker.template.TemplateModel;
+import freemarker.template.TemplateDirectiveModel;
+
+/**
+ * OfbizSecurityTransform - Security-aware Freemarker transform.
+ */
+public class OfbizSecurityTransform implements TemplateDirectiveModel {
+
+    public final static String module = OfbizSecurityTransform.class.getName();
+
+    @SuppressWarnings("unchecked")
+    public void execute(Environment env, Map params, TemplateModel[] loopVars, TemplateDirectiveBody body) throws TemplateException, IOException {
+        if (body == null) {
+            return;
+        }
+        SimpleScalar obj = (SimpleScalar) params.get("artifactId");
+        if (obj == null) {
+            Debug.logError("artifactId parameter not found, unable to execute transform", module);
+            return;
+        }
+        String artifactId = obj.getAsString();
+        obj = (SimpleScalar) params.get("permission");
+        if (obj == null) {
+            Debug.logError("permission parameter not found, unable to execute transform", module);
+            return;
+        }
+        String permStr = obj.getAsString();
+        Permission permission = BasicPermissions.ConversionMap.get(permStr.toUpperCase());
+        if (permission == null) {
+            Debug.logError("Unknown permission \"" + permStr + "\", unable to execute transform", module);
+            return;
+        }
+        BeanModel contextBean = (BeanModel)env.getVariable("executionContext");
+        if (contextBean == null) {
+            Debug.logError("ExecutionContext not found, unable to execute transform", module);
+            return;
+        }
+        Template template = env.getTemplate();
+        String location = template.getName();
+        ThreadContext.pushExecutionArtifact(location, artifactId);
+        AccessController accessController = ThreadContext.getAccessController();
+        try {
+            accessController.checkPermission(permission);
+            body.render(env.getOut());
+        } catch (AccessControlException e) {}
+        ThreadContext.popExecutionArtifact();
+    }
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+
+/**
+ * A <code>Set</code> of permissions that represents an intersection.
+ */
+@SuppressWarnings("serial")
+public class PermissionsIntersection extends PermissionsSet {
+
+	public PermissionsIntersection(String listName) {
+		super(listName);
+	}
+
+	public PermissionsIntersection(String listName, List<Permission> permissionsList) {
+		super(listName, permissionsList);
+	}
+
+	/** Returns <code>true</code> if all of the contained permissions
+	 * return <code>true</code>.
+	 */
+	@Override
+	public boolean implies(Permission permission) {
+		try {
+			PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+			for (Permission perm : permissionsUnion.getPermissionsSet()) {
+				if (this.implies(perm)) {
+					return true;
+				}
+			}
+			return false;
+		} catch (Exception e) {}
+		try {
+			PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+			for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+				if (!this.implies(perm)) {
+					return false;
+				}
+			}
+			return true;
+		} catch (Exception e) {}
+		for (Permission perm : this.permissionsSet) {
+			if (!perm.implies(permission)) {
+				return false;
+			}
+		}
+		return true;
+	}
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsIntersection.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,79 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+import java.util.Set;
+
+import javolution.util.FastSet;
+
+/**
+ * A <code>Set</code> of permissions.
+ */
+@SuppressWarnings("serial")
+public abstract class PermissionsSet extends BasicPermission {
+
+	protected final Set<Permission> permissionsSet = FastSet.newInstance();
+
+	public PermissionsSet(String setName) {
+		super(setName);
+	}
+
+    public PermissionsSet(String setName, List<Permission> permissionsList) {
+        super(setName);
+        this.permissionsSet.addAll(permissionsList);
+    }
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj == this) {
+			return true;
+		}
+		try {
+		    PermissionsSet that = (PermissionsSet) obj;
+			return this.permissionsSet.equals(that.permissionsSet);
+		} catch (Exception e) {}
+		return false;
+	}
+
+	@Override
+	public String getActions() {
+		return null;
+	}
+
+	@Override
+	public int hashCode() {
+		return permissionsSet.hashCode();
+	}
+
+	@Override
+	public String toString() {
+		StringBuilder sb = new StringBuilder();
+		for (Permission perm : this.permissionsSet) {
+			sb.append(perm);
+			sb.append(" ");
+		}
+		return sb.toString().trim();
+	}
+
+	public Set<Permission> getPermissionsSet() {
+        return this.permissionsSet;
+    }
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsSet.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,68 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.security.Permission;
+import java.util.List;
+
+/**
+ * A <code>Set</code> of permissions that represent a union.
+ */
+@SuppressWarnings("serial")
+public class PermissionsUnion extends PermissionsSet {
+
+	public PermissionsUnion(String listName) {
+        super(listName);
+	}
+
+	public PermissionsUnion(String listName, List<Permission> permissionsList) {
+        super(listName, permissionsList);
+	}
+
+	/** Returns <code>true</code> if any of the contained permissions
+	 * returns <code>true</code>.
+	 */
+	@Override
+	public boolean implies(Permission permission) {
+		try {
+			PermissionsUnion permissionsUnion = (PermissionsUnion) permission;
+			for (Permission perm : permissionsUnion.getPermissionsSet()) {
+				if (this.implies(perm)) {
+					return true;
+				}
+			}
+			return false;
+		} catch (Exception e) {}
+		try {
+			PermissionsIntersection permissionsIntersection = (PermissionsIntersection) permission;
+			for (Permission perm : permissionsIntersection.getPermissionsSet()) {
+				if (!this.implies(perm)) {
+					return false;
+				}
+			}
+			return true;
+		} catch (Exception e) {}
+		for (Permission perm : this.permissionsSet) {
+			if (perm.implies(permission)) {
+				return true;
+			}
+		}
+		return false;
+	}
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/authorization/PermissionsUnion.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java?rev=894961&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java (added)
+++ ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java Fri Jan  1 00:38:52 2010
@@ -0,0 +1,40 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.context;
+
+/** ExecutionArtifact interface. Artifacts in the program's execution
+ * path (services, screen widgets, form widgets, entities) should implement
+ * this interface.
+ */
+public interface ExecutionArtifact {
+
+	/**
+	 * Returns the location of this artifact.
+	 * 
+	 * @return Location of this artifact
+	 */
+	public String getLocation();
+
+	/**
+	 * Returns the name of this artifact.
+	 * 
+	 * @return Name of this artifact
+	 */
+	public String getName();
+}

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
    svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionArtifact.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain



Mime
View raw message