portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pau...@apache.org
Subject cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine TestAccessController.java TurbineAccessController.java
Date Sat, 01 Jun 2002 20:29:06 GMT
paulsp      2002/06/01 13:29:06

  Modified:    src/java/org/apache/jetspeed/services/security Tag:
                        security_14 PortalAccessController.java
               src/java/org/apache/jetspeed/services Tag: security_14
                        JetspeedPortalAccessController.java
               src/java/org/apache/jetspeed/services/security/turbine Tag:
                        security_14 TestAccessController.java
                        TurbineAccessController.java
  Added:       src/java/org/apache/jetspeed/services/security Tag:
                        security_14 PortalResource.java
  Log:
  Add support for authorization on PortalResources, i.e. parameters.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.1.2.3   +15 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/PortalAccessController.java
  
  Index: PortalAccessController.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/PortalAccessController.java,v
  retrieving revision 1.1.2.2
  retrieving revision 1.1.2.3
  diff -u -r1.1.2.2 -r1.1.2.3
  --- PortalAccessController.java	27 May 2002 13:04:25 -0000	1.1.2.2
  +++ PortalAccessController.java	1 Jun 2002 20:29:05 -0000	1.1.2.3
  @@ -58,6 +58,7 @@
   import org.apache.jetspeed.om.security.JetspeedUser;
   import org.apache.jetspeed.om.profile.Entry;
   import org.apache.jetspeed.portal.Portlet;
  +import org.apache.jetspeed.services.security.PortalResource;
   
   // Turbine imports
   import org.apache.turbine.services.Service;
  @@ -70,7 +71,7 @@
    *
    * 
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
  - * @version $Id: PortalAccessController.java,v 1.1.2.2 2002/05/27 13:04:25 paulsp Exp $
  + * @version $Id: PortalAccessController.java,v 1.1.2.3 2002/06/01 20:29:05 paulsp Exp $
    */
   
   public interface PortalAccessController extends Service
  @@ -116,6 +117,19 @@
        * @return boolean true if the user has sufficient privilege.
        */
       public boolean checkPermission(JetspeedUser user, int resourceType, String resource,
String action); 
  +
  +    /**
  +     * Given a <code>JetspeedUser</code>, authorize that user to perform the
secured action on
  +     * the given resource. If the user does not have
  +     * sufficient privilege to perform the action on the resource, the check returns false,
  +     * otherwise when sufficient privilege is present, checkPermission returns true.
  +     *
  +     * @param user the user to be checked.
  +     * @param resources requesting an action
  +     * @param action the secured action to be performed on the resource by the user.
  +     * @return boolean true if the user has sufficient privilege.
  +     */
  +    public boolean checkPermission(JetspeedUser user, PortalResource resource, String action);

   }
   
   
  
  
  
  No                   revision
  
  
  No                   revision
  
  
  1.1.2.1   +193 -0    jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/PortalResource.java
  
  
  
  
  No                   revision
  
  
  No                   revision
  
  
  1.1.2.2   +6 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/services/Attic/JetspeedPortalAccessController.java
  
  Index: JetspeedPortalAccessController.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/Attic/JetspeedPortalAccessController.java,v
  retrieving revision 1.1.2.1
  retrieving revision 1.1.2.2
  diff -u -r1.1.2.1 -r1.1.2.2
  --- JetspeedPortalAccessController.java	27 May 2002 13:04:24 -0000	1.1.2.1
  +++ JetspeedPortalAccessController.java	1 Jun 2002 20:29:05 -0000	1.1.2.2
  @@ -59,6 +59,7 @@
   import org.apache.jetspeed.om.profile.Entry;
   import org.apache.jetspeed.portal.Portlet;
   import org.apache.jetspeed.services.security.PortalAccessController;
  +import org.apache.jetspeed.services.security.PortalResource;
   
   // Turbine
   import org.apache.turbine.services.TurbineServices;
  @@ -67,7 +68,7 @@
    * Static accessor for the PortalAccessController service
    *
    * @author <a href="mailto:paulsp@apache.org">Paul Spencer</a>
  - * @version $Id: JetspeedPortalAccessController.java,v 1.1.2.1 2002/05/27 13:04:24 paulsp
Exp $
  + * @version $Id: JetspeedPortalAccessController.java,v 1.1.2.2 2002/06/01 20:29:05 paulsp
Exp $
    */
   public abstract class JetspeedPortalAccessController
   {
  @@ -100,6 +101,10 @@
       public static boolean checkPermission(JetspeedUser user, int resourceType, String resource,
String action)
       {
           return getService().checkPermission(user, resourceType, resource, action);
  +    }
  +    public static boolean checkPermission(JetspeedUser user, PortalResource resource, String
action)
  +    {
  +        return getService().checkPermission(user, resource, action);
       }
       
   }
  
  
  
  No                   revision
  
  
  No                   revision
  
  
  1.1.2.4   +71 -43    jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/Attic/TestAccessController.java
  
  Index: TestAccessController.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/Attic/TestAccessController.java,v
  retrieving revision 1.1.2.3
  retrieving revision 1.1.2.4
  diff -u -r1.1.2.3 -r1.1.2.4
  --- TestAccessController.java	29 May 2002 04:15:08 -0000	1.1.2.3
  +++ TestAccessController.java	1 Jun 2002 20:29:05 -0000	1.1.2.4
  @@ -72,10 +72,18 @@
   import org.apache.jetspeed.om.profile.psml.PsmlRole;
   import org.apache.jetspeed.om.profile.psml.PsmlSkin;
   import org.apache.jetspeed.om.security.JetspeedUser;
  +import org.apache.jetspeed.om.registry.base.BaseSecurity;
  +import org.apache.jetspeed.om.registry.base.BasePortletEntry;
  +import org.apache.jetspeed.om.registry.base.BaseParameter;
  +import org.apache.jetspeed.om.registry.Parameter;
  +import org.apache.jetspeed.om.registry.PortletEntry;
  +import org.apache.jetspeed.om.registry.Security;
  +
   import org.apache.jetspeed.services.JetspeedSecurity;
   import org.apache.jetspeed.services.JetspeedPortalAccessController;
   import org.apache.jetspeed.services.Profiler;
   import org.apache.jetspeed.services.resources.JetspeedResources;
  +import org.apache.jetspeed.services.security.PortalResource;
   
   // Turbine imports
   import org.apache.turbine.services.TurbineServices;
  @@ -92,7 +100,7 @@
    * TestAccessController
    *
    * @author <a href="paulsp@apache.org">Paul Spencer</a>
  - * @version $Id: TestAccessController.java,v 1.1.2.3 2002/05/29 04:15:08 paulsp Exp $
  + * @version $Id: TestAccessController.java,v 1.1.2.4 2002/06/01 20:29:05 paulsp Exp $
    */
   public class TestAccessController extends TestCase
   {
  @@ -150,49 +158,7 @@
           assertNotNull( "Getting turbine user", JetspeedSecurity.getUser("turbine"));
           assertNotNull( "Getting anonymous user", JetspeedSecurity.getAnonymousUser());
       }
  -    
  -    public void xtestCreateTestPSML() throws Exception
  -    {
  -        Portlets rootPortletSet = null;
  -        ProfileLocator currentLocator = null;
  -        ProfileLocator newLocator = null;
  -        PsmlController controller = null;
  -        PsmlPortlets portlets = null;
  -        PsmlSkin skin = null;
  -        
  -        // Create the RunData object to be used during testing.
  -        newLocator = new BaseProfileLocator();
  -        newLocator.setGroupByName(TEST_GROUP);
  -        newLocator.setName(TEST_SECURITY_PAGE);
  -        
  -        // Create portlet set
  -        portlets = new PsmlPortlets();
  -        controller = new PsmlController();
  -        controller.setName("RowController");
  -        portlets.setController(controller);
  -        skin = new PsmlSkin();
  -        skin.setName("orange-red");
  -        portlets.setSkin(skin);
  -        rootPortletSet = portlets;
  -        
  -        portlets = new PsmlPortlets();
  -        // Add entries
  -        portlets.addEntry( createEntry("HelloVelocity", "ST_01.all"));
  -        portlets.addEntry( createEntry("SkinBrowser", "ST_01.user"));
  -        portlets.addEntry( createEntry("GlobalAdminPortlet", "ST_01.admin"));
  -        rootPortletSet.addPortlets(portlets);
  -        
  -        Profile newProfile = Profiler.createProfile(newLocator, rootPortletSet);
  -        PSMLDocument doc = newProfile.getDocument();
  -        //        System.out.println("doc = " + doc.getName());
  -        
  -        // this only works with the default configuration (Castor/Filebased)
  -        File file = new File(doc.getName());
  -        assertTrue(file.exists());
  -        //file.delete();
           
  -    }
  -    
       public void testRequiredActions() throws Exception
       {
           JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin");
  @@ -223,6 +189,68 @@
           assertEquals( "Turbine user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
turbineUser, allEntry, "view"));
           assertEquals( "Anonymous user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
anonymousUser, allEntry, "view"));
           assertEquals( "null user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
(JetspeedUser) null, allEntry, "view"));
  +    }
  +
  +    public void testRegistryActions() throws Exception
  +    {
  +        JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin");
  +        assertNotNull( "Getting admin user", adminUser);
  +        adminUser.setHasLoggedIn(Boolean.TRUE);
  +        
  +        JetspeedUser turbineUser = (JetspeedUser) JetspeedSecurity.getUser("turbine");
  +        assertNotNull( "Getting turbine user", turbineUser);
  +        turbineUser.setHasLoggedIn(Boolean.TRUE);
  +        
  +        JetspeedUser anonymousUser =  (JetspeedUser) JetspeedSecurity.getAnonymousUser();
  +        assertNotNull( "Getting anonymous user", anonymousUser);
  +        // Create security objects
  +        Security adminSecurity = new BaseSecurity("admin");
  +        assertNotNull( "Have admin security", adminSecurity);
  +        Security userSecurity = new BaseSecurity("user");
  +        assertNotNull( "Have user security", userSecurity);
  +
  +        PortletEntry userPortletEntry = new BasePortletEntry();
  +        assertNotNull( "Have userPortletEntry", userPortletEntry);
  +        userPortletEntry.setName( USER_PORTLET);
  +        userPortletEntry.setSecurity( userSecurity);
  +        Parameter adminParam = new BaseParameter();
  +        assertNotNull( "Have adminParameter", adminParam);
  +        adminParam.setName("AdminParam");
  +        adminParam.setValue("adminValue");
  +        adminParam.setSecurity(adminSecurity);
  +        userPortletEntry.addParameter(adminParam);
  +
  +        Parameter userParam = new BaseParameter();
  +        assertNotNull( "Have userParameter", userParam);
  +        userParam.setName("UserParam");
  +        userParam.setValue("userValue");
  +        userParam.setSecurity(userSecurity);
  +        userPortletEntry.addParameter(userParam);
  +        assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission(
adminUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
  +        assertEquals( "Turbine user customize access to admin parameter", false, JetspeedPortalAccessController.checkPermission(
turbineUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
  +        assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission(
adminUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
  +        assertEquals( "Turbine user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission(
turbineUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
  +        
  +/*
  +        RegistryEntry adminEntry = createRegistryEntry( ADMIN_PORTLET, "ST_01.admin");
  +        RegistryEntry userEntry = createRegistryEntry( USER_PORTLET, "ST_01.user");
  +        RegistryEntry allEntry = createRegistryEntry( ALL_PORTLET, "ST_01.all");
  +        
  +        assertEquals( "Admin user has view access to " + ADMIN_PORTLET, true, JetspeedPortalAccessController.checkPermission(
adminUser, adminEntry, "view"));
  +        assertEquals( "Turbine user DOES NOT have view access to " + ADMIN_PORTLET, false,
JetspeedPortalAccessController.checkPermission( turbineUser, adminEntry, "view"));
  +        assertEquals( "Anonymous user DOES NOT have view access to " + ADMIN_PORTLET, false,
JetspeedPortalAccessController.checkPermission( anonymousUser, adminEntry, "view"));
  +        assertEquals( "null user DOES NOT have view access to " + ADMIN_PORTLET, false,
JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, adminEntry, "view"));
  +        
  +        assertEquals( "Admin user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission(
adminUser, userEntry, "view"));
  +        assertEquals( "Turbine user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission(
turbineUser, userEntry, "view"));
  +        assertEquals( "Anonymous user DOES NOT have view access to " + USER_PORTLET, false,
JetspeedPortalAccessController.checkPermission( anonymousUser, userEntry, "view"));
  +        assertEquals( "null user DOES NOT have view access to " + USER_PORTLET, false,
JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, userEntry, "view"));
  +        
  +        assertEquals( "Admin user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
adminUser, allEntry, "view"));
  +        assertEquals( "Turbine user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
turbineUser, allEntry, "view"));
  +        assertEquals( "Anonymous user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
anonymousUser, allEntry, "view"));
  +        assertEquals( "null user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission(
(JetspeedUser) null, allEntry, "view"));
  +*/
       }
       /*
        * Setup Turbine environment
  
  
  
  1.1.2.3   +43 -11    jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/Attic/TurbineAccessController.java
  
  Index: TurbineAccessController.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/Attic/TurbineAccessController.java,v
  retrieving revision 1.1.2.2
  retrieving revision 1.1.2.3
  diff -u -r1.1.2.2 -r1.1.2.3
  --- TurbineAccessController.java	27 May 2002 13:04:25 -0000	1.1.2.2
  +++ TurbineAccessController.java	1 Jun 2002 20:29:05 -0000	1.1.2.3
  @@ -69,6 +69,7 @@
   import org.apache.jetspeed.services.JetspeedSecurity;
   import org.apache.jetspeed.services.Registry;
   import org.apache.jetspeed.services.security.PortalAccessController;
  +import org.apache.jetspeed.services.security.PortalResource;
   
   // Turbine imports
   import org.apache.turbine.services.TurbineBaseService;
  @@ -80,14 +81,14 @@
    * TurbineAccessController
    *
    * @author <a href="paulsp@apache.org">Paul Spencer</a>
  - * @version $Id: TurbineAccessController.java,v 1.1.2.2 2002/05/27 13:04:25 paulsp Exp
$
  + * @version $Id: TurbineAccessController.java,v 1.1.2.3 2002/06/01 20:29:05 paulsp Exp
$
    */
   public class TurbineAccessController extends TurbineBaseService
   implements PortalAccessController
   {
       private final static String CONFIG_DEFAULT_PERMISSION_LOGGEDIN     = "services.JetspeedSecurity.permission.default.loggedin";
       private final static String CONFIG_DEFAULT_PERMISSION_ANONYMOUS     = "services.JetspeedSecurity.permission.default.anonymous";
  -
  +    
       /**
        * Given a <code>JetspeedUser</code>, authorize that user to perform the
secured action on
        * the given resource of the specified resource type. If the user does not have
  @@ -165,6 +166,31 @@
       
       
       /**
  +     * Given a <code>JetspeedUser</code>, authorize that user to perform the
secured action on
  +     * the given resource. If the user does not have
  +     * sufficient privilege to perform the action on the resource, the check returns false,
  +     * otherwise when sufficient privilege is present, checkPermission returns true.
  +     *
  +     * @param user the user to be checked.
  +     * @param resources requesting an action
  +     * @param action the secured action to be performed on the resource by the user.
  +     * @return boolean true if the user has sufficient privilege.
  +     */
  +    public boolean checkPermission(JetspeedUser user, PortalResource resource, String action)
  +    {
  +        switch (resource.getResourceType())
  +        {
  +            case PortalResource.TYPE_ENTRY:
  +                return checkPermission(user, resource.getEntry(), action);
  +            case PortalResource.TYPE_REGISTRY:
  +                return checkPermission(user, resource.getRegistryEntry(), action);
  +            case PortalResource.TYPE_REGISTRY_PARAMETER:
  +                return checkPermission(user, resource.getRegistryParameter(), action);
  +        }
  +        return false;
  +    }
  +    
  +    /**
        * Checks if the user has access to a given portlet for the given action
        *
        * @param user the requesting user.
  @@ -182,7 +208,7 @@
           String securityRole = security.getRole();
           if (null == securityRole)
               return checkDefaultPermission( user, action);
  -
  +        
           // determine if Portlet has specified role
           try
           {
  @@ -194,7 +220,7 @@
           }
           if (null == acl)
               return false;
  -
  +        
           if (!acl.hasRole( securityRole, JetspeedSecurity.JETSPEED_GROUP ))
               return false;
           
  @@ -218,7 +244,7 @@
        * @exception Sends a RegistryException if the manager can't add
        *            the provided entry
        */
  - private boolean checkPermission(JetspeedUser user, String action)
  +    private boolean checkPermission(JetspeedUser user, String action)
       {
           AccessControlList acl = null;
           // determine if user has specified role
  @@ -246,20 +272,25 @@
           
           return true;
       }
  -
  +    
       private boolean checkDefaultPermission(JetspeedUser user, String action)
       {
           String defaultPermissions[] = null;
  -        try {
  -            if ( (user == null) || !user.hasLoggedIn() ) {
  +        try
  +        {
  +            if ( (user == null) || !user.hasLoggedIn() )
  +            {
                   defaultPermissions = JetspeedResources.getStringArray(CONFIG_DEFAULT_PERMISSION_ANONYMOUS);
  -            } else {
  +            } else
  +            {
                   defaultPermissions = JetspeedResources.getStringArray(CONFIG_DEFAULT_PERMISSION_LOGGEDIN);
               }
  -        } catch (Exception e) {
  +        } catch (Exception e)
  +        {
               e.printStackTrace();
           }
  -        for (int i = 0; i < defaultPermissions.length; i++) {
  +        for (int i = 0; i < defaultPermissions.length; i++)
  +        {
               if (defaultPermissions[i].equals("*"))
                   return true;
               if (defaultPermissions[i].equals(action))
  @@ -288,4 +319,5 @@
           
           setInit(true);
       }
  +    
   }
  
  
  

--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message