turbine-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jon Scott Stevens <...@latchkey.com>
Subject Re: cvs commit: jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/util AccessControlList.java
Date Mon, 08 Jul 2002 23:33:46 GMT
Could you please format your code consistently?

In some places you have "if (foo)", in others you have "if(foo)" and in
others you have "if ( foo )"...

I would prefer "if (foo)"

-jon


on 7/8/02 4:24 PM, "henning@apache.org" <henning@apache.org> wrote:

> henning     2002/07/08 16:24:08
> 
> Modified:    src/java/org/apache/fulcrum/security
>                       BaseSecurityService.java SecurityService.java
>                       TurbineSecurity.java
>              src/java/org/apache/fulcrum/security/impl/db
>                       DBSecurityService.java
>              src/java/org/apache/fulcrum/security/impl/db/entity
>                       SecurityObject.java TurbineUserPeer.java
>              src/java/org/apache/fulcrum/security/util
>                       AccessControlList.java
> Removed:     propsals/securityservice README security-service.patch
> Log:
> Properties for setting the classes of the User, Group, Role and
> Permission objects added. Objects are instantiated with a Factory and
> can be changed at run time.
> 
> Property for configuring the AccessControlList class added,
> AccessControlList is now an interface (Warning, if you get
> IncompatibleClassChange errors, you have to recompile your application
> with the new Fulcrum!) and an implementation is separated and
> configureable.
> 
> Revision  Changes    Path
> 1.2       +342 -9
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/BaseSecurityServi
> ce.java
> 
> Index: BaseSecurityService.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/BaseSec
> urityService.java,v
> retrieving revision 1.1
> retrieving revision 1.2
> diff -u -r1.1 -r1.2
> --- BaseSecurityService.java    30 May 2002 02:27:29 -0000    1.1
> +++ BaseSecurityService.java    8 Jul 2002 23:24:07 -0000    1.2
> @@ -54,21 +54,30 @@
>   * <http://www.apache.org/>.
>   */
>  
> +import java.util.Map;
> +
>  import org.apache.fulcrum.BaseService;
>  import org.apache.fulcrum.InitializationException;
> +import org.apache.fulcrum.TurbineServices;
> +
> +import org.apache.fulcrum.factory.FactoryService;
> +
>  import org.apache.fulcrum.security.UserManager;
> -import org.apache.fulcrum.security.entity.User;
> +
>  import org.apache.fulcrum.security.entity.Group;
> -import org.apache.fulcrum.security.entity.Role;
>  import org.apache.fulcrum.security.entity.Permission;
> -import org.apache.fulcrum.security.util.GroupSet;
> -import org.apache.fulcrum.security.util.RoleSet;
> -import org.apache.fulcrum.security.util.PermissionSet;
> +import org.apache.fulcrum.security.entity.Role;
> +import org.apache.fulcrum.security.entity.User;
> +
> +import org.apache.fulcrum.security.util.AccessControlList;
>  import org.apache.fulcrum.security.util.DataBackendException;
> -import org.apache.fulcrum.security.util.UnknownEntityException;
>  import org.apache.fulcrum.security.util.EntityExistsException;
> +import org.apache.fulcrum.security.util.GroupSet;
>  import org.apache.fulcrum.security.util.PasswordMismatchException;
> +import org.apache.fulcrum.security.util.PermissionSet;
> +import org.apache.fulcrum.security.util.RoleSet;
>  import org.apache.fulcrum.security.util.TurbineSecurityException;
> +import org.apache.fulcrum.security.util.UnknownEntityException;
>  
>  import org.apache.torque.util.Criteria;
>  
> @@ -93,6 +102,8 @@
>   * </ul>
>   *
>   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
> + * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
> + * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
>   * @version $Id$
>   */
>  public abstract class BaseSecurityService
> @@ -119,6 +130,21 @@
>      /** The class of User the SecurityService uses */
>      private Class userClass = null;
>  
> +    /** The class of Group the SecurityService uses */
> +    private Class groupClass = null;
> +
> +    /** The class of Permission the SecurityService uses */
> +    private Class permissionClass = null;
> +    
> +    /** The class of Role the SecurityService uses */
> +    private Class roleClass = null;
> +
> +    /** The class of ACL the SecurityService uses */
> +    private Class aclClass = null;
> +
> +    /** A factory to construct ACL Objects */
> +    private FactoryService aclFactoryService = null;
> +
>      /**
>       * The Group object that represents the <a href="#global">global
> group</a>.
>       */
> @@ -195,27 +221,83 @@
>              SecurityService.USER_CLASS_KEY,
>              SecurityService.USER_CLASS_DEFAULT);
>  
> +        String groupClassName = getConfiguration().getString(
> +            SecurityService.GROUP_CLASS_KEY,
> +            SecurityService.GROUP_CLASS_DEFAULT);
> +
> +        String permissionClassName = getConfiguration().getString(
> +            SecurityService.PERMISSION_CLASS_KEY,
> +            SecurityService.PERMISSION_CLASS_DEFAULT);
> +
> +        String roleClassName = getConfiguration().getString(
> +            SecurityService.ROLE_CLASS_KEY,
> +            SecurityService.ROLE_CLASS_DEFAULT);
> +
> +        String aclClassName = getConfiguration().getString(
> +            SecurityService.ACL_CLASS_KEY,
> +            SecurityService.ACL_CLASS_DEFAULT);
> +
>          try
>          {
>              userClass = Class.forName(userClassName);
> +            groupClass      = Class.forName(groupClassName);
> +            permissionClass = Class.forName(permissionClassName);
> +            roleClass       = Class.forName(roleClassName);
> +            aclClass        = Class.forName(aclClassName);
>          }
>          catch(Exception e)
>          {
> +            if(userClass == null)
> +            {
> +                throw new InitializationException(
> +                      "Failed to create a Class object for User
> implementation", e);
> +            }
> +            if(groupClass == null)
> +            {
> +                throw new InitializationException(
> +                      "Failed to create a Class object for Group
> implementation", e);
> +            }
> +            if(permissionClass == null)
> +            {
> +                throw new InitializationException(
> +                      "Failed to create a Class object for Permission
> implementation", e);
> +            }
> +            if(roleClass == null)
> +            {
>              throw new InitializationException(
> -                "Failed create a Class object for User implementation", e);
> +                      "Failed to create a Class object for Role
> implementation", e);
> +            }
> +            if(aclClass == null)
> +            {
> +                throw new InitializationException(
> +                      "Failed to create a Class object for ACL
> implementation", e);
> +            }
>          }
>  
>          try
>          {
>              userManager =  (UserManager)Class.
>                  forName(userManagerClassName).newInstance();
> -            setInit(true);
>          }
>          catch(Exception e)
>          {
>              throw new InitializationException(
>                  "BaseSecurityService.init: Failed to instantiate UserManager"
> ,e);
>          }
> +
> +        try 
> +        {
> +            aclFactoryService =
> (FactoryService)TurbineServices.getInstance().
> +                getService(FactoryService.SERVICE_NAME);
> +        }
> +        catch(Exception e)
> +        {
> +            throw new InitializationException(
> +                "BaseSecurityService.init: Failed to get the Factory Service
> object", e);
> +        }
> +
> +
> +        setInit(true);
>      }
>  
>      /**
> @@ -259,6 +341,257 @@
>              throw new UnknownEntityException("Failed instantiate an User
> implementation object", e);
>          }
>          return user;
> +    }
> +
> +    /**
> +     * Construct a blank User object.
> +     *
> +     * This method calls getUserClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing User interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public User getUserInstance(String userName)
> +        throws UnknownEntityException
> +    {
> +        User user = getUserInstance();
> +        user.setName(userName);
> +        return user;
> +    }
> +
> +    /**
> +     * Return a Class object representing the system's chosen implementation
> of
> +     * of Group interface.
> +     *
> +     * @return systems's chosen implementation of Group interface.
> +     * @throws UnknownEntityException if the implementation of Group
> interface
> +     *         could not be determined, or does not exist.
> +     */
> +    public Class getGroupClass()
> +        throws UnknownEntityException
> +    {
> +        if ( groupClass == null )
> +        {
> +            throw new UnknownEntityException(
> +                "Failed to create a Class object for Group implementation");
> +        }
> +        return groupClass;
> +    }
> +
> +    /**
> +     * Construct a blank Group object.
> +     *
> +     * This method calls getGroupClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Group interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Group getGroupInstance()
> +        throws UnknownEntityException
> +    {
> +        Group group;
> +        try
> +        {
> +            group = (Group)getGroupClass().newInstance();
> +        }
> +        catch(Exception e)
> +        {
> +            throw new UnknownEntityException("Failed instantiate an Group
> implementation object", e);
> +        }
> +        return group;
> +    }
> +
> +    /**
> +     * Construct a blank Group object.
> +     *
> +     * This method calls getGroupClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Group interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Group getGroupInstance( String groupName )
> +        throws UnknownEntityException
> +    {
> +        Group group = getGroupInstance();
> +        group.setName(groupName);
> +        return group;
> +    }
> +
> +    /**
> +     * Return a Class object representing the system's chosen implementation
> of
> +     * of Permission interface.
> +     *
> +     * @return systems's chosen implementation of Permission interface.
> +     * @throws UnknownEntityException if the implementation of Permission
> interface
> +     *         could not be determined, or does not exist.
> +     */
> +    public Class getPermissionClass()
> +        throws UnknownEntityException
> +    {
> +        if ( permissionClass == null )
> +        {
> +            throw new UnknownEntityException(
> +                "Failed to create a Class object for Permission
> implementation");
> +        }
> +        return permissionClass;
> +    }
> +
> +    /**
> +     * Construct a blank Permission object.
> +     *
> +     * This method calls getPermissionClass, and then creates a new object
> using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Permission interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Permission getPermissionInstance()
> +        throws UnknownEntityException
> +    {
> +        Permission permission;
> +        try
> +        {
> +            permission = (Permission)getPermissionClass().newInstance();
> +        }
> +        catch(Exception e)
> +        {
> +            throw new UnknownEntityException("Failed instantiate an
> Permission implementation object", e);
> +        }
> +        return permission;
> +    }
> +
> +    /**
> +     * Construct a blank Permission object.
> +     *
> +     * This method calls getPermissionClass, and then creates a new object
> using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Permission interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Permission getPermissionInstance(String permName)
> +        throws UnknownEntityException
> +    {
> +        Permission perm = getPermissionInstance();
> +        perm.setName(permName);
> +        return perm;
> +    }
> +
> +    /**
> +     * Return a Class object representing the system's chosen implementation
> of
> +     * of Role interface.
> +     *
> +     * @return systems's chosen implementation of Role interface.
> +     * @throws UnknownEntityException if the implementation of Role interface
> +     *         could not be determined, or does not exist.
> +     */
> +    public Class getRoleClass()
> +        throws UnknownEntityException
> +    {
> +        if ( roleClass == null )
> +        {
> +            throw new UnknownEntityException(
> +                "Failed to create a Class object for Role implementation");
> +        }
> +        return roleClass;
> +    }
> +
> +    /**
> +     * Construct a blank Role object.
> +     *
> +     * This method calls getRoleClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Role interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Role getRoleInstance()
> +        throws UnknownEntityException
> +    {
> +        Role role;
> +        try
> +        {
> +            role = (Role)getRoleClass().newInstance();
> +        }
> +        catch(Exception e)
> +        {
> +            throw new UnknownEntityException("Failed instantiate an Role
> implementation object", e);
> +        }
> +        return role;
> +    }
> +
> +    /**
> +     * Construct a blank Role object.
> +     *
> +     * This method calls getRoleClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Role interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Role getRoleInstance(String roleName)
> +        throws UnknownEntityException
> +    {
> +        Role role = getRoleInstance();
> +        role.setName(roleName);
> +        return role;
> +    }
> +
> +    /**
> +     * Return a Class object representing the system's chosen implementation
> of
> +     * of ACL interface.
> +     *
> +     * @return systems's chosen implementation of ACL interface.
> +     * @throws UnknownEntityException if the implementation of ACL interface
> +     *         could not be determined, or does not exist.
> +     */
> +    public Class getAclClass()
> +        throws UnknownEntityException
> +    {
> +        if ( aclClass == null )
> +        {
> +            throw new UnknownEntityException(
> +                "Failed to create a Class object for ACL implementation");
> +        }
> +        return aclClass;
> +    }
> +
> +    /**
> +     * Construct a new ACL object.
> +     *
> +     * This constructs a new ACL object from the configured class and
> +     * initializes it with the supplied roles and permissions.
> +     * 
> +     * @param roles The roles that this ACL should contain
> +     * @param permissions The permissions for this ACL
> +     *
> +     * @return an object implementing ACL interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public AccessControlList getAclInstance(Map roles, Map permissions)
> +        throws UnknownEntityException
> +    {
> +        Object[] objects    = { roles, permissions };
> +        String[] signatures = {"java.util.Map","java.util.Map"};
> +        AccessControlList accessControlList;
> +        
> +        try
> +        {
> +            accessControlList =
> +                (AccessControlList)
> aclFactoryService.getInstance(aclClass.getName(),
> +                                                                  objects,
> +                
> signatures);
> +        }
> +        catch(Exception e)
> +        {
> +            throw new UnknownEntityException(
> +                      "Failed instantiate an ACL implementation object", e);
> +        }
> +
> +        return accessControlList;
>      }
>  
>      /**
> 
> 
> 
> 1.2       +189 -26
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/SecurityService.j
> ava
> 
> Index: SecurityService.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/Securit
> yService.java,v
> retrieving revision 1.1
> retrieving revision 1.2
> diff -u -r1.1 -r1.2
> --- SecurityService.java    30 May 2002 02:27:29 -0000    1.1
> +++ SecurityService.java    8 Jul 2002 23:24:07 -0000    1.2
> @@ -54,21 +54,27 @@
>   * <http://www.apache.org/>.
>   */
>  
> +import java.util.Map;
> +
>  import org.apache.fulcrum.Service;
> -import org.apache.fulcrum.security.entity.User;
> +
>  import org.apache.fulcrum.security.entity.Group;
> -import org.apache.fulcrum.security.entity.Role;
>  import org.apache.fulcrum.security.entity.Permission;
> +import org.apache.fulcrum.security.entity.Role;
> +import org.apache.fulcrum.security.entity.User;
> +
>  import org.apache.fulcrum.security.impl.db.entity.UserPeer;
> -import org.apache.fulcrum.security.util.GroupSet;
> -import org.apache.fulcrum.security.util.RoleSet;
> -import org.apache.fulcrum.security.util.PermissionSet;
> +
>  import org.apache.fulcrum.security.util.AccessControlList;
>  import org.apache.fulcrum.security.util.DataBackendException;
> -import org.apache.fulcrum.security.util.UnknownEntityException;
>  import org.apache.fulcrum.security.util.EntityExistsException;
> +import org.apache.fulcrum.security.util.GroupSet;
>  import org.apache.fulcrum.security.util.PasswordMismatchException;
> +import org.apache.fulcrum.security.util.PermissionSet;
> +import org.apache.fulcrum.security.util.RoleSet;
>  import org.apache.fulcrum.security.util.TurbineSecurityException;
> +import org.apache.fulcrum.security.util.UnknownEntityException;
> +
>  import org.apache.torque.util.Criteria;
>  
>  /**
> @@ -85,6 +91,8 @@
>   * and directory server as the data backend.<br>
>   *
>   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
> + * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
> + * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
>   * @version $Id$
>   */
>  public interface SecurityService
> @@ -96,14 +104,38 @@
>      /** the key within services's properties for user implementation
> classname (user.class) */
>      public static final String USER_CLASS_KEY = "user.class";
>  
> -    /** the default implementation of User interface
> (org.apache.turbine.om.security.DBUser) */
> -    public static final String USER_CLASS_DEFAULT =
> "org.apache.turbine.om.security.TurbineUser";
> +    /** the default implementation of User interface
> (org.apache.fulcrum.security.impl.db.entity.TurbineUser) */
> +    public static final String USER_CLASS_DEFAULT =
> "org.apache.fulcrum.security.impl.db.entity.TurbineUser";
>  
> -    /** the key within services's properties for user implementation
> classname (user.manager) */
> +    /** The key within services' properties for the GROUP implementation
> classname (group.class) */
> +    public static final String GROUP_CLASS_KEY = "group.class";
> +
> +    /** The default implementation of the Group interface
> (org.apache.fulcrum.security.impl.db.entity.TurbineGroup) */
> +    public static final String GROUP_CLASS_DEFAULT =
> "org.apache.fulcrum.security.impl.db.entity.TurbineGroup";
> +        
> +    /** The key within services' properties for the PERMISSION implementation
> classname (permission.class) */
> +    public static final String PERMISSION_CLASS_KEY = "permission.class";
> +
> +    /** The default implementation of the Permissions interface
> (org.apache.fulcrum.security.impl.db.entity.TurbinePermission) */
> +    public static final String PERMISSION_CLASS_DEFAULT =
> "org.apache.fulcrum.security.impl.db.entity.TurbinePermission";
> +        
> +    /** The key within services' properties for the ROLE implementation
> classname (role.class) */
> +    public static final String ROLE_CLASS_KEY = "role.class";
> +
> +    /** The default implementation of the Role Interface
> (org.apache.fulcrum.security.impl.db.entity.TurbineRole) */
> +    public static final String ROLE_CLASS_DEFAULT =
> "org.apache.fulcrum.security.impl.db.entity.TurbineRole";
> +        
> +    /** The key within services' properties for the ACL implementation
> classname (acl.class) */
> +    public static final String ACL_CLASS_KEY = "acl.class";
> +
> +    /** The default implementation of the Acl Interface
> (org.apache.fulcrum.security.impl.TurbineAccessControlList) */
> +    public static final String ACL_CLASS_DEFAULT =
> "org.apache.fulcrum.security.impl.TurbineAccessControlList";
> +        
> +    /** the key within services's properties for user manager implementation
> classname (user.manager) */
>      public static final String USER_MANAGER_KEY = "user.manager";
>  
>      /** the default implementation of UserManager interface
> (org.apache.fulcrum.security.DBUserManager) */
> -    public static final String USER_MANAGER_DEFAULT =
> "org.apache.fulcrum.security.DBUserManager";
> +    public static final String USER_MANAGER_DEFAULT =
> "org.apache.fulcrum.security.impl.db.DBUserManager";
>  
>      /** the key within services's properties for secure passwords flag
> (secure.passwords) */
>      public static final String SECURE_PASSWORDS_KEY = "secure.passwords";
> @@ -145,6 +177,149 @@
>          throws UnknownEntityException;
>  
>      /**
> +     * Construct a blank User object.
> +     *
> +     * This method calls getUserClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing User interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public User getUserInstance(String userName)
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Returns the Class object for the implementation of Group interface
> +     * used by the system.
> +     *
> +     * @return the implementation of Group interface used by the system.
> +     * @throws UnknownEntityException if the system's implementation of Group
> +     *         interface could not be determined.
> +     */
> +    public Class getGroupClass()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Group object.
> +     *
> +     * This method calls getGroupClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Group interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Group getGroupInstance()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Group object.
> +     *
> +     * This method calls getGroupClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Group interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Group getGroupInstance( String groupName )
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Returns the Class object for the implementation of Permission
> interface
> +     * used by the system.
> +     *
> +     * @return the implementation of Permission interface used by the system.
> +     * @throws UnknownEntityException if the system's implementation of
> Permission
> +     *         interface could not be determined.
> +     */
> +    public Class getPermissionClass()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Permission object.
> +     *
> +     * This method calls getPermissionClass, and then creates a new object
> using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Permission interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Permission getPermissionInstance()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Permission object.
> +     *
> +     * This method calls getPermissionClass, and then creates a new object
> using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Permission interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Permission getPermissionInstance(String permName)
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Returns the Class object for the implementation of Role interface
> +     * used by the system.
> +     *
> +     * @return the implementation of Role interface used by the system.
> +     * @throws UnknownEntityException if the system's implementation of Role
> +     *         interface could not be determined.
> +     */
> +    public Class getRoleClass()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Role object.
> +     *
> +     * This method calls getRoleClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Role interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Role getRoleInstance()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a blank Role object.
> +     *
> +     * This method calls getRoleClass, and then creates a new object using
> +     * the default constructor.
> +     *
> +     * @return an object implementing Role interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public Role getRoleInstance(String roleName)
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Returns the Class object for the implementation of AccessControlList
> interface
> +     * used by the system.
> +     *
> +     * @return the implementation of AccessControlList interface used by the
> system.
> +     * @throws UnknownEntityException if the system's implementation of
> AccessControlList
> +     *         interface could not be determined.
> +     */
> +    public Class getAclClass()
> +        throws UnknownEntityException;
> +
> +    /**
> +     * Construct a new ACL object.
> +     *
> +     * This constructs a new ACL object from the configured class and
> +     * initializes it with the supplied roles and permissions.
> +     * 
> +     * @param roles The roles that this ACL should contain
> +     * @param permissions The permissions for this ACL
> +     *
> +     * @return an object implementing ACL interface.
> +     * @throws UnknownEntityException if the object could not be
> instantiated.
> +     */
> +    public AccessControlList getAclInstance(Map roles, Map permissions)
> +        throws UnknownEntityException;
> +
> +    /**
>       * Check whether a specified user's account exists.
>       *
>       * The login name is used for looking up the account.
> @@ -417,29 +592,17 @@
>      public Group getGlobalGroup();
>  
>      /**
> -     * Retrieves a new Group. It creates
> -     * a new Group based on the Services Group implementation. It does not
> -     * create a new Group in the system though. Use addGroup for that.
> -     *
> -     * @param groupName The name of the Group to be retrieved.
> +     * @deprecated Use getGroupInstance(String name) instead.
>       */
>      public Group getNewGroup( String groupName );
>  
>      /**
> -     * Retrieves a new Role. It creates
> -     * a new Group based on the Services Role implementation. It does not
> -     * create a new Role in the system though. Use addRole for that.
> -     *
> -     * @param roleName The name of the Role to be retrieved.
> +     * @deprecated Use getRoleInstance(String name) instead.
>       */
>      public Role getNewRole( String roleName );
>  
>      /**
> -     * Retrieves a new Permission. It creates
> -     * a new Permission based on the Services Permission implementation. It
> does not
> -     * create a new Permission in the system though. Use addPermission for
> that.
> -     *
> -     * @param permissionName The name of the Permission to be retrieved.
> +     * @deprecated Use getPermissionInstance(String name) instead.
>       */
>      public Permission getNewPermission( String permissionName );
>  
> 
> 
> 
> 1.3       +8 -4  
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/TurbineSecurity.j
> ava
> 
> Index: TurbineSecurity.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/Turbine
> Security.java,v
> retrieving revision 1.2
> retrieving revision 1.3
> diff -u -r1.2 -r1.3
> --- TurbineSecurity.java    22 Jun 2002 16:26:32 -0000    1.2
> +++ TurbineSecurity.java    8 Jul 2002 23:24:07 -0000    1.3
> @@ -55,20 +55,24 @@
>   */
>  
>  import org.apache.fulcrum.TurbineServices;
> -import org.apache.fulcrum.security.entity.User;
> +
>  import org.apache.fulcrum.security.entity.Group;
> -import org.apache.fulcrum.security.entity.Role;
>  import org.apache.fulcrum.security.entity.Permission;
> +import org.apache.fulcrum.security.entity.Role;
> +import org.apache.fulcrum.security.entity.User;
> +
>  import org.apache.fulcrum.security.impl.db.entity.UserPeer;
> +
> +import org.apache.fulcrum.security.util.AccessControlList;
>  import org.apache.fulcrum.security.util.GroupSet;
>  import org.apache.fulcrum.security.util.RoleSet;
>  import org.apache.fulcrum.security.util.PermissionSet;
> -import org.apache.fulcrum.security.util.AccessControlList;
>  import org.apache.fulcrum.security.util.DataBackendException;
>  import org.apache.fulcrum.security.util.UnknownEntityException;
>  import org.apache.fulcrum.security.util.EntityExistsException;
>  import org.apache.fulcrum.security.util.PasswordMismatchException;
>  import org.apache.fulcrum.security.util.TurbineSecurityException;
> +
>  import org.apache.torque.util.Criteria;
>  
>  /**
> 
> 
> 
> 1.2       +54 -35
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db/DBSecurit
> yService.java
> 
> Index: DBSecurityService.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db
> /DBSecurityService.java,v
> retrieving revision 1.1
> retrieving revision 1.2
> diff -u -r1.1 -r1.2
> --- DBSecurityService.java    30 May 2002 02:27:33 -0000    1.1
> +++ DBSecurityService.java    8 Jul 2002 23:24:08 -0000    1.2
> @@ -55,38 +55,39 @@
>   */
>  
>  import java.math.BigDecimal;
> -import java.util.Collection;
>  import java.util.ArrayList;
> +import java.util.Collection;
>  import java.util.Hashtable;
>  import java.util.Iterator;
>  import java.util.List;
>  import java.util.Map;
>  import java.util.Set;
>  import java.util.Vector;
> -import org.apache.torque.om.BaseObject;
> -import org.apache.torque.om.ObjectKey;
> -import org.apache.torque.util.BasePeer;
> +
> +import org.apache.fulcrum.BaseService;
> +
> +import org.apache.fulcrum.security.BaseSecurityService;
> +import org.apache.fulcrum.security.TurbineSecurity;
> +
>  import org.apache.fulcrum.security.entity.Group;
>  import org.apache.fulcrum.security.entity.Permission;
>  import org.apache.fulcrum.security.entity.Role;
>  import org.apache.fulcrum.security.entity.SecurityEntity;
> -import org.apache.fulcrum.security.impl.db.entity.TurbineGroup;
> -import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
> -import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
>  import org.apache.fulcrum.security.entity.User;
> +
> +import org.apache.fulcrum.security.impl.db.entity.TurbineGroup;
>  import org.apache.fulcrum.security.impl.db.entity.TurbineGroup;
> -import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
> -import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
>  import org.apache.fulcrum.security.impl.db.entity.TurbineGroupPeer;
> +import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
> +import org.apache.fulcrum.security.impl.db.entity.TurbinePermission;
>  import org.apache.fulcrum.security.impl.db.entity.TurbinePermissionPeer;
> +import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
> +import org.apache.fulcrum.security.impl.db.entity.TurbineRole;
>  import org.apache.fulcrum.security.impl.db.entity.TurbineRolePeer;
>  import org.apache.fulcrum.security.impl.db.entity.TurbineRolePermissionPeer;
>  import org.apache.fulcrum.security.impl.db.entity.TurbineUserGroupRolePeer;
>  import org.apache.fulcrum.security.impl.db.entity.UserPeer;
> -import org.apache.fulcrum.BaseService;
> -import org.apache.fulcrum.security.BaseSecurityService;
> -import org.apache.fulcrum.security.TurbineSecurity;
> -import org.apache.torque.util.Criteria;
> +
>  import org.apache.fulcrum.security.util.AccessControlList;
>  import org.apache.fulcrum.security.util.DataBackendException;
>  import org.apache.fulcrum.security.util.EntityExistsException;
> @@ -94,12 +95,21 @@
>  import org.apache.fulcrum.security.util.PermissionSet;
>  import org.apache.fulcrum.security.util.RoleSet;
>  import org.apache.fulcrum.security.util.UnknownEntityException;
> +
>  import org.apache.log4j.Category;
>  
> +import org.apache.torque.om.BaseObject;
> +import org.apache.torque.om.ObjectKey;
> +
> +import org.apache.torque.util.BasePeer;
> +import org.apache.torque.util.Criteria;
> +
>  /**
>   * An implementation of SecurityService that uses a database as backend.
>   *
>   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
> + * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
> + * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
>   * @version $Id$
>   */
>  public class DBSecurityService
> @@ -113,10 +123,10 @@
>  
>      /**
>       * The default implementation of User interface
> -     * (org.apache.turbine.om.security.DBUser)
> +     * (org.apache.fulcrum.security.impl.db.entity.TurbineUserPeer)
>       */
>      public static final String USER_PEER_CLASS_DEFAULT =
> -        "org.apache.turbine.om.security.TurbineUserPeer";
> +        "org.apache.fulcrum.security.impl.db.entity.TurbineUserPeer";
>  
>      /**
>       * Log4j category
> @@ -181,7 +191,7 @@
>                  // put the Set into permissions(group)
>                  permissions.put(group, groupPermissions);
>              }
> -            return new AccessControlList(roles, permissions);
> +            return getAclInstance(roles, permissions);
>          }
>          catch(Exception e)
>          {
> @@ -734,39 +744,48 @@
>      }
>  
>      /**
> -     * Retrieves a new Group. It creates
> -     * a new Group based on the Services Group implementation. It does not
> -     * create a new Group in the system though. Use create for that.
> -     *
> -     * @param groupName The name of the Group to be retrieved.
> +     * @deprecated Use getGroupInstance(String name) instead.
>       */
>      public Group getNewGroup( String groupName )
>      {
> -        return (Group) new TurbineGroup(groupName);
> +        try
> +        {
> +            return getGroupInstance(groupName);
> +        }
> +        catch(UnknownEntityException uee)
> +        {
> +            return null;
> +        }
>      }
>  
>      /**
> -     * Retrieves a new Role. It creates
> -     * a new Role based on the Services Role implementation. It does not
> -     * create a new Role in the system though. Use create for that.
> -     *
> -     * @param roleName The name of the Role to be retrieved.
> +     * @deprecated Use getRoleInstance(String name) instead.
>       */
>      public Role getNewRole( String roleName )
>      {
> -        return (Role) new TurbineRole(roleName);
> +        try
> +        {
> +            return getRoleInstance(roleName);
> +        }
> +        catch(UnknownEntityException uee)
> +        {
> +            return null;
> +        }
>      }
>  
>      /**
> -     * Retrieves a new Permission. It creates
> -     * a new Permission based on the Services Permission implementation. It
> does
> -     * not create a new Permission in the system though. Use create for that.
> -     *
> -     * @param permissionName The name of the Permission to be retrieved.
> +     * @deprecated Use getPermissionInstance(String name) instead.
>       */
>      public Permission getNewPermission( String permissionName )
>      {
> -        return (Permission) new TurbinePermission(permissionName);
> +        try
> +        {
> +            return getPermissionInstance(permissionName);
> +        }
> +        catch(UnknownEntityException uee)
> +        {
> +            return null;
> +        }
>      }
>  
>      /**
> 
> 
> 
> 1.2       +7 -2  
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db/entity/Se
> curityObject.java
> 
> Index: SecurityObject.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db
> /entity/SecurityObject.java,v
> retrieving revision 1.1
> retrieving revision 1.2
> diff -u -r1.1 -r1.2
> --- SecurityObject.java    30 May 2002 02:27:33 -0000    1.1
> +++ SecurityObject.java    8 Jul 2002 23:24:08 -0000    1.2
> @@ -59,6 +59,8 @@
>  import java.util.Map;
>  import org.apache.torque.om.BaseObject;
>  
> +import org.apache.fulcrum.security.entity.SecurityEntity;
> +
>  /**
>   * This class represents a generic object used in the Access Control Lists.
>   *
> @@ -66,11 +68,14 @@
>   * @author <a href="mailto:jmcnally@collab.net">John D. McNally</a>
>   * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
>   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
> + * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
> + * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
>   * @version $Id$
>   */
>  public abstract class SecurityObject
>      extends BaseObject
> -    implements Comparable
> +    implements Comparable,
> +               SecurityEntity
>  {
>      /** The name of this object. */
>      private String name;
> 
> 
> 
> 1.3       +2 -2  
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db/entity/Tu
> rbineUserPeer.java
> 
> Index: TurbineUserPeer.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/impl/db
> /entity/TurbineUserPeer.java,v
> retrieving revision 1.2
> retrieving revision 1.3
> diff -u -r1.2 -r1.3
> --- TurbineUserPeer.java    22 Jun 2002 16:54:05 -0000    1.2
> +++ TurbineUserPeer.java    8 Jul 2002 23:24:08 -0000    1.3
> @@ -96,7 +96,7 @@
>          {
>              String className = TurbineSecurity.getService()
>                  .getConfiguration().getString("user.class",
> -                    "org.apache.turbine.om.security.TurbineUser");
> +                
> "org.apache.fulcrum.security.impl.db.entity.TurbineUser");
>  
>              try
>              {
> 
> 
> 
> 1.2       +30 -246
> jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/util/AccessContro
> lList.java
> 
> Index: AccessControlList.java
> ===================================================================
> RCS file: 
> /home/cvs/jakarta-turbine-fulcrum/src/java/org/apache/fulcrum/security/util/Ac
> cessControlList.java,v
> retrieving revision 1.1
> retrieving revision 1.2
> diff -u -r1.1 -r1.2
> --- AccessControlList.java    30 May 2002 02:27:35 -0000    1.1
> +++ AccessControlList.java    8 Jul 2002 23:24:08 -0000    1.2
> @@ -67,46 +67,23 @@
>  import org.apache.fulcrum.security.TurbineSecurity;
>  
>  /**
> - * This is a control class that makes it easy to find out if a
> - * particular User has a given Permission.  It also determines if a
> - * User has a a particular Role.
> + * This interface describes a control class that makes it
> + * easy to find out if a particular User has a given Permission.
> + * It also determines if a User has a a particular Role.
>   *
>   * @author <a href="mailto:jmcnally@collab.net">John D. McNally</a>
>   * @author <a href="mailto:bmclaugh@algx.net">Brett McLaughlin</a>
>   * @author <a href="mailto:greg@shwoop.com">Greg Ritter</a>
>   * @author <a href="mailto:Rafal.Krzewski@e-point.pl">Rafal Krzewski</a>
> + * @author <a href="mailto:hps@intermeta.de">Henning P. Schmiedehausen</a>
> + * @author <a href="mailto:marco@intermeta.de">Marco Kn&uuml;ttel</a>
>   * @version $Id$
>   */
> -public class AccessControlList implements Serializable
> +public interface AccessControlList
> +  extends Serializable
>  {
> -    /** The sets of roles that the user has in different groups */
> -    private Map roleSets;
> -
> -    /** The sets of permissions that the user has in different groups */
> -    private Map permissionSets;
> -
> -    public static java.lang.String SESSION_KEY = "turbine.AccessControlList";
> -
> -    /**
> -     * Constructs a new AccessControlList.
> -     *
> -     * This class follows 'immutable' pattern - it's objects can't be
> modified
> -     * once they are created. This means that the permissions the users have
> are
> -     * in effect form the moment they log in to the moment they log out, and
> -     * changes made to the security settings in that time are not reflected
> -     * in the state of this object. If you need to reset an user's
> permissions
> -     * you need to invalidate his session. <br>
> -     * The objects that constructs an AccessControlList must supply
> hashtables
> -     * of role/permission sets keyed with group objects. <br>
> -     *
> -     * @param roleSets a hashtable containing RoleSet objects keyed with
> Group objects
> -     * @param permissionSets a hashtable containing PermissionSet objects
> keyed with Group objects
> -     */
> -    public AccessControlList( Map roleSets, Map permissionSets )
> -    {
> -        this.roleSets = roleSets;
> -        this.permissionSets = permissionSets;
> -    }
> +    /** The default Session key for the Access Control List */
> +    public static final java.lang.String SESSION_KEY =
> "turbine.AccessControlList";
>  
>      /**
>       * Retrieves a set of Roles an user is assigned in a Group.
> @@ -114,12 +91,7 @@
>       * @param group the Group
>       * @return the set of Roles this user has within the Group.
>       */
> -    public RoleSet getRoles( Group group )
> -    {
> -        if(group == null)
> -            return null;
> -        return (RoleSet)roleSets.get(group);
> -    }
> +    RoleSet getRoles( Group group );
>  
>      /**
>       * Retrieves a set of Roles an user is assigned in the global Group.
> @@ -127,10 +99,7 @@
>       * @param group the Group
>       * @return the set of Roles this user has within the global Group.
>       */
> -    public RoleSet getRoles()
> -    {
> -        return getRoles(TurbineSecurity.getGlobalGroup());
> -    }
> +    RoleSet getRoles();
>  
>      /**
>       * Retrieves a set of Permissions an user is assigned in a Group.
> @@ -138,12 +107,7 @@
>       * @param group the Group
>       * @return the set of Permissions this user has within the Group.
>       */
> -    public PermissionSet getPermissions( Group group )
> -    {
> -        if(group == null)
> -            return null;
> -        return (PermissionSet)permissionSets.get(group);
> -    }
> +    PermissionSet getPermissions( Group group );
>  
>      /**
>       * Retrieves a set of Permissions an user is assigned in the global
> Group.
> @@ -151,10 +115,7 @@
>       * @param group the Group
>       * @return the set of Permissions this user has within the global Group.
>       */
> -    public PermissionSet getPermissions()
> -    {
> -        return getPermissions(TurbineSecurity.getGlobalGroup());
> -    }
> +    PermissionSet getPermissions();
>  
>      /**
>       * Checks if the user is assigned a specific Role in the Group.
> @@ -163,13 +124,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Role in the
> Group.
>       */
> -    public boolean hasRole( Role role, Group group )
> -    {
> -        RoleSet set = getRoles(group);
> -        if(set == null || role == null)
> -            return false;
> -        return set.contains(role);
> -    }
> +    boolean hasRole( Role role, Group group );
>  
>      /**
>       * Checks if the user is assigned a specific Role in any of the given
> @@ -180,27 +135,7 @@
>       * @return <code>true</code> if the user is assigned the Role in any of
>       *         the given Groups.
>       */
> -    public boolean hasRole( Role role, GroupSet groupset )
> -    {
> -        if(role == null)
> -        {
> -            return false;
> -        }
> -        Iterator groups = groupset.elements();
> -        while(groups.hasNext())
> -        {
> -            Group group = (Group)groups.next();
> -            RoleSet roles = getRoles(group);
> -            if(roles != null)
> -            {
> -                if(roles.contains(role))
> -                {
> -                    return true;
> -                }
> -            }
> -        }
> -        return false;
> -    }
> +    boolean hasRole( Role role, GroupSet groupset );
>  
>      /**
>       * Checks if the user is assigned a specific Role in the Group.
> @@ -209,17 +144,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Role in the
> Group.
>       */
> -    public boolean hasRole( String role, String group )
> -    {
> -        try
> -        {
> -            return hasRole(TurbineSecurity.getRole(role),
> TurbineSecurity.getGroup(group));
> -        }
> -        catch(Exception e)
> -        {
> -            return false;
> -        }
> -    }
> +    boolean hasRole( String role, String group );
>  
>      /**
>       * Checks if the user is assigned a specifie Role in any of the given
> @@ -230,36 +155,7 @@
>       * @return <code>true</code> if the user is assigned the Role in any of
>       *         the given Groups.
>       */
> -    public boolean hasRole( String rolename, GroupSet groupset )
> -    {
> -        Role role;
> -        try
> -        {
> -            role = TurbineSecurity.getRole(rolename);
> -        }
> -        catch(TurbineSecurityException e)
> -        {
> -            return false;
> -        }
> -        if(role == null)
> -        {
> -            return false;
> -        }
> -        Iterator groups = groupset.elements();
> -        while(groups.hasNext())
> -        {
> -            Group group = (Group)groups.next();
> -            RoleSet roles = getRoles(group);
> -            if(roles != null)
> -            {
> -                if(roles.contains(role))
> -                {
> -                    return true;
> -                }
> -            }
> -        }
> -        return false;
> -    }
> +    boolean hasRole( String rolename, GroupSet groupset );
>  
>      /**
>       * Checks if the user is assigned a specific Role in the global Group.
> @@ -268,10 +164,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Role in the
> global Group.
>       */
> -    public boolean hasRole( Role role )
> -    {
> -        return hasRole(role, TurbineSecurity.getGlobalGroup());
> -    }
> +    public boolean hasRole( Role role );
>  
>      /**
>       * Checks if the user is assigned a specific Role in the global Group.
> @@ -280,17 +173,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Role in the
> global Group.
>       */
> -    public boolean hasRole( String role )
> -    {
> -        try
> -        {
> -            return hasRole(TurbineSecurity.getRole(role));
> -        }
> -        catch(Exception e)
> -        {
> -            return false;
> -        }
> -    }
> +    public boolean hasRole( String role );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in the Group.
> @@ -299,13 +182,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Permission in
> the Group.
>       */
> -    public boolean hasPermission( Permission permission, Group group )
> -    {
> -        PermissionSet set = getPermissions(group);
> -        if(set == null || permission == null)
> -            return false;
> -        return set.contains(permission);
> -    }
> +    public boolean hasPermission( Permission permission, Group group );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in any of the
> given
> @@ -316,27 +193,7 @@
>       * @return <code>true</code> if the user is assigned the Permission in
> any
>       *         of the given Groups.
>       */
> -    public boolean hasPermission( Permission permission, GroupSet groupset )
> -    {
> -        if(permission == null)
> -        {
> -            return false;
> -        }
> -        Iterator groups = groupset.elements();
> -        while(groups.hasNext())
> -        {
> -            Group group = (Group)groups.next();
> -            PermissionSet permissions = getPermissions(group);
> -            if(permissions != null)
> -            {
> -                if(permissions.contains(permission))
> -                {
> -                    return true;
> -                }
> -            }
> -        }
> -        return false;
> -    }
> +    public boolean hasPermission( Permission permission, GroupSet groupset );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in the Group.
> @@ -345,18 +202,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Permission in
> the Group.
>       */
> -    public boolean hasPermission( String permission, String group )
> -    {
> -        try
> -        {
> -            return hasPermission(TurbineSecurity.getPermission(permission),
> -                                 TurbineSecurity.getGroup(group));
> -        }
> -        catch(Exception e)
> -        {
> -            return false;
> -        }
> -    }
> +    public boolean hasPermission( String permission, String group );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in the Group.
> @@ -365,18 +211,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Permission in
> the Group.
>       */
> -    public boolean hasPermission( String permission, Group group )
> -    {
> -        try
> -        {
> -            return hasPermission(
> -                TurbineSecurity.getPermission(permission), group);
> -        }
> -        catch(Exception e)
> -        {
> -            return false;
> -        }
> -    }
> +    public boolean hasPermission( String permission, Group group );
>  
>      /**
>       * Checks if the user is assigned a specifie Permission in any of the
> given
> @@ -387,36 +222,7 @@
>       * @return <code>true</code> if the user is assigned the Permission in
> any
>       *         of the given Groups.
>       */
> -    public boolean hasPermission( String permissionName, GroupSet groupset )
> -    {
> -        Permission permission;
> -        try
> -        {
> -            permission = TurbineSecurity.getPermission(permissionName);
> -        }
> -        catch(TurbineSecurityException e)
> -        {
> -            return false;
> -        }
> -        if(permission == null)
> -        {
> -            return false;
> -        }
> -        Iterator groups = groupset.elements();
> -        while(groups.hasNext())
> -        {
> -            Group group = (Group)groups.next();
> -            PermissionSet permissions = getPermissions(group);
> -            if(permissions != null)
> -            {
> -                if(permissions.contains(permission))
> -                {
> -                    return true;
> -                }
> -            }
> -        }
> -        return false;
> -    }
> +    public boolean hasPermission( String permissionName, GroupSet groupset );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in the global
> Group.
> @@ -425,10 +231,7 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Permission in
> the global Group.
>       */
> -    public boolean hasPermission( Permission permission )
> -    {
> -        return hasPermission(permission, TurbineSecurity.getGlobalGroup());
> -    }
> +    public boolean hasPermission( Permission permission );
>  
>      /**
>       * Checks if the user is assigned a specific Permission in the global
> Group.
> @@ -437,35 +240,16 @@
>       * @param group the Group
>       * @return <code>true</code> if the user is assigned the Permission in
> the global Group.
>       */
> -    public boolean hasPermission( String permission )
> -    {
> -        try
> -        {
> -            return hasPermission(TurbineSecurity.getPermission(permission));
> -        }
> -        catch(Exception e)
> -        {
> -            return false;
> -        }
> -    }
> +    public boolean hasPermission( String permission );
>  
>      /**
>       * Returns all groups definded in the system.
>       *
>       * This is useful for debugging, when you want to display all roles
> -     * and permissions an user is assingned. This method is needed
> +     * and permissions an user is assigned. This method is needed
>       * because you can't call static methods of TurbineSecurity class
>       * from within WebMacro/Velocity template
>       */
> -    public Group[] getAllGroups()
> -    {
> -        try
> -        {
> -            return TurbineSecurity.getAllGroups().getGroupsArray();
> -        }
> -        catch(TurbineSecurityException e)
> -        {
> -            return new Group[0];
> -        }
> -    }
> +    public Group[] getAllGroups();
> +
>  }


--
To unsubscribe, e-mail:   <mailto:turbine-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:turbine-dev-help@jakarta.apache.org>


Mime
View raw message