Author: mir
Date: Wed Jun 30 12:37:22 2010
New Revision: 959287
URL: http://svn.apache.org/viewvc?rev=959287&view=rev
Log:
CLEREZZA-250: added PermissionDescriptionProviders and annotated permissions in
projects
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.permissiondescriptions/src/main/java/org/apache/clerezza/permissiondescriptions/DefaultDescriptions.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/src/main/java/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/src/main/java/org/apache/clerezza/platform/config/TcPermissionDescriptionsProvider.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/src/main/java/org/apache/clerezza/platform/graphprovider/content/TcPermissionDescriptionsProvider.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailPermissionDescriptionsProvider.java
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailManPermission.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/src/main/java/org/apache/clerezza/platform/scripting/scriptmanager/ScriptManagerAppPermission.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/AuthenticationCheckerImpl.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/CheckAuthenticationPermission.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/src/main/java/org/apache/clerezza/rdf/web/core/GraphManagementAppPermission.java
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.permissiondescriptions/src/main/java/org/apache/clerezza/permissiondescriptions/DefaultDescriptions.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.permissiondescriptions/src/main/java/org/apache/clerezza/permissiondescriptions/DefaultDescriptions.java?rev=959287&view=auto
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.permissiondescriptions/src/main/java/org/apache/clerezza/permissiondescriptions/DefaultDescriptions.java
(added)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.permissiondescriptions/src/main/java/org/apache/clerezza/permissiondescriptions/DefaultDescriptions.java
Wed Jun 30 12:37:22 2010
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2010 mir.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * under the License.
+ */
+
+package org.apache.clerezza.permissiondescriptions;
+
+import java.security.AllPermission;
+import java.util.HashSet;
+import java.util.Set;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+
+/**
+ * <code>PermissionDescriptionsProvider</code> implementation that provides
+ * <code>PermissionDescripton</code>s of permissions of the java api and of
+ * the OSGi framework.
+ * The following permissions are described:
+ * <ul>
+ * <li>java.security.AllPermission</li>
+ *
+ * </ul>
+ *
+ *
+ * @author mir
+ */
+...@component
+...@service(PermissionDescriptionsProvider.class)
+public class DefaultDescriptions implements PermissionDescriptionsProvider {
+
+ private Set<PermissionDescripton> defaultDescriptions = new
HashSet<PermissionDescripton>();
+ {
+ defaultDescriptions.add(new PermissionDescripton("All
permissions",
+ "Grants all permissions", null,
AllPermission.class,
+ "(java.security.AllPermission \"\" \"\")"));
+ }
+
+ @Override
+ public Set<PermissionDescripton> getPermissionDescriptors() {
+ return defaultDescriptions;
+ }
+
+}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/pom.xml
Wed Jun 30 12:37:22 2010
@@ -85,5 +85,9 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.platform.accountcontrolpanel.ontologies</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
</project>
\ No newline at end of file
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/src/main/java/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/src/main/java/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.java?rev=959287&view=auto
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/src/main/java/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.java
(added)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.accountcontrolpanel/org.apache.clerezza.platform.accountcontrolpanel.core/src/main/java/org/apache/clerezza/platform/accountcontrolpanel/AcpPermissionDescriptionsProvider.java
Wed Jun 30 12:37:22 2010
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.clerezza.platform.accountcontrolpanel;
+
+import java.util.HashSet;
+import java.util.Set;
+import
org.apache.clerezza.permissiondescriptions.PermissionDescriptionsProvider;
+import org.apache.clerezza.permissiondescriptions.PermissionDescripton;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+
+/**
+ * <code>PermissionDescriptionsProvider</code> implementation that provides
+ * <code>PermissionDescripton</code>s of Account Control Panel permissions.
+ * The following permissions are described:
+ * <ul>
+ *
<li>org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission</li>
+ *
<li>org.apache.clerezza.platform.accountcontrolpanel.ChangePasswordPermission</li>
+ *
<li>org.apache.clerezza.platform.accountcontrolpanel.UserBundlePermission</li>
+ * </ul>
+ *
+ * @author mir
+ */
+...@component
+...@service(PermissionDescriptionsProvider.class)
+public class AcpPermissionDescriptionsProvider implements
PermissionDescriptionsProvider{
+
+ private static final Set<PermissionDescripton>
ACP_PERMISSION_DESCRIPTIONS = new HashSet<PermissionDescripton>();
+ static {
+ ACP_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Change Own Password Permission",
+ "Grants permission to the user to change its
own password", null, ChangePasswordPermission.class,
+
"(org.apache.clerezza.platform.accountcontrolpanel.ChangePasswordPermission
\"{username}\" \"\")"));
+
+ ACP_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Access Own Account Control Panel Permission",
+ "Grants permission to the user to access its
own Account Control Panel", null, AccountControlPanelAppPermission.class,
+
"(org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission
\"{username}\" \"\")"));
+
+ ACP_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Bundle Upload Permission",
+ "Grants permission to the user to upload a
bundle", null, AccountControlPanelAppPermission.class,
+
"(org.apache.clerezza.platform.accountcontrolpanel.UserBundlePermission
\"{username}\" \"\")"));
+ }
+
+ @Override
+ public Set<PermissionDescripton> getPermissionDescriptors() {
+ return ACP_PERMISSION_DESCRIPTIONS;
+ }
+
+}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/pom.xml
Wed Jun 30 12:37:22 2010
@@ -39,6 +39,10 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.platform.graphprovider.content</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
</project>
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/src/main/java/org/apache/clerezza/platform/config/TcPermissionDescriptionsProvider.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/src/main/java/org/apache/clerezza/platform/config/TcPermissionDescriptionsProvider.java?rev=959287&view=auto
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/src/main/java/org/apache/clerezza/platform/config/TcPermissionDescriptionsProvider.java
(added)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.config/src/main/java/org/apache/clerezza/platform/config/TcPermissionDescriptionsProvider.java
Wed Jun 30 12:37:22 2010
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2010 mir.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * under the License.
+ */
+
+package org.apache.clerezza.platform.config;
+
+import java.util.HashSet;
+import java.util.Set;
+import
org.apache.clerezza.permissiondescriptions.PermissionDescriptionsProvider;
+import org.apache.clerezza.permissiondescriptions.PermissionDescripton;
+import org.apache.clerezza.rdf.core.access.security.TcPermission;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+
+/**
+ * <code>PermissionDescriptionsProvider</code> implementation that provides
+ * <code>PermissionDescripton</code>s of the graph access permissions for
+ * the graphs used by the platform.
+ * The access permissions for the following graphs are described:
+ * <ul>
+ * <li>system graph</li>
+ * <li>config graph</li>
+ * </ul>
+ *
+ * @author mir
+ */
+...@component
+...@service(PermissionDescriptionsProvider.class)
+public class TcPermissionDescriptionsProvider implements
PermissionDescriptionsProvider {
+
+ private static final Set<PermissionDescripton>
GRAPH_ACCESS_PERMISSION_DESCRIPTIONS =
+ new HashSet<PermissionDescripton>();
+ static {
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("System Graph Read Permission",
+ "Grants permission to the user to read the
system graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/system.graph\"; \"read\")"));
+
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("System Graph Read/Write Permission",
+ "Grants permission to the user to read and
write the system graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/system.graph\"; \"readwrite\")"));
+
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Configuration Graph Read Permission",
+ "Grants permission to the user to read the
configuration graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/config.graph\"; \"read\")"));
+
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Configuration Graph Read/Write Permission",
+ "Grants permission to the user to read and
write the configuration graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/config.graph\"; \"readwrite\")"));
+ }
+
+ @Override
+ public Set<PermissionDescripton> getPermissionDescriptors() {
+ return GRAPH_ACCESS_PERMISSION_DESCRIPTIONS;
+ }
+}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/pom.xml
Wed Jun 30 12:37:22 2010
@@ -27,5 +27,9 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.rdf.utils</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
</project>
\ No newline at end of file
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/src/main/java/org/apache/clerezza/platform/graphprovider/content/TcPermissionDescriptionsProvider.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/src/main/java/org/apache/clerezza/platform/graphprovider/content/TcPermissionDescriptionsProvider.java?rev=959287&view=auto
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/src/main/java/org/apache/clerezza/platform/graphprovider/content/TcPermissionDescriptionsProvider.java
(added)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.graphprovider.content/src/main/java/org/apache/clerezza/platform/graphprovider/content/TcPermissionDescriptionsProvider.java
Wed Jun 30 12:37:22 2010
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.clerezza.platform.graphprovider.content;
+
+import java.util.HashSet;
+import java.util.Set;
+import
org.apache.clerezza.permissiondescriptions.PermissionDescriptionsProvider;
+import org.apache.clerezza.permissiondescriptions.PermissionDescripton;
+import org.apache.clerezza.rdf.core.access.security.TcPermission;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+
+/**
+ * <code>PermissionDescriptionsProvider</code> implementation that provides
+ * <code>PermissionDescripton</code>s of the <code>TcPermission</code>s used to
+ * access the content graph.
+ *
+ * @author mir
+ */
+...@component
+...@service(PermissionDescriptionsProvider.class)
+public class TcPermissionDescriptionsProvider implements
PermissionDescriptionsProvider {
+
+ private static final Set<PermissionDescripton>
GRAPH_ACCESS_PERMISSION_DESCRIPTIONS =
+ new HashSet<PermissionDescripton>();
+ static {
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Content Graph Read Permission",
+ "Grants permission to the user to read the
content graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/content.graph\"; \"read\")"));
+
+ GRAPH_ACCESS_PERMISSION_DESCRIPTIONS.add(new
PermissionDescripton("Content Graph Read/Write Permission",
+ "Grants permission to the user to read and
write the content graph", null, TcPermission.class,
+
"(org.apache.clerezza.rdf.core.access.security.TcPermission
\"http://tpf.localhost/content.graph\"; \"readwrite\")"));
+
+ }
+
+ @Override
+ public Set<PermissionDescripton> getPermissionDescriptors() {
+ return GRAPH_ACCESS_PERMISSION_DESCRIPTIONS;
+ }
+}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/pom.xml
Wed Jun 30 12:37:22 2010
@@ -40,7 +40,10 @@
<dependency>
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.platform.security</artifactId>
- <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
</dependency>
</dependencies>
</project>
\ No newline at end of file
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailManPermission.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailManPermission.java?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailManPermission.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailManPermission.java
Wed Jun 30 12:37:22 2010
@@ -18,15 +18,13 @@
*/
package org.apache.clerezza.platform.mail;
-import java.security.AccessController;
import java.security.Permission;
-import java.security.Principal;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
-import javax.security.auth.Subject;
+import org.apache.clerezza.platform.security.UserUtil;
/**
* A permission to send e-mails as a specific user.
@@ -80,7 +78,7 @@ public class MailManPermission extends P
}
if (namePattern.equals(SELF_ACTION)) {
- String userName = getUserName();
+ String userName = UserUtil.getCurrentUserName();
if (userName == null) {
return false;
}
@@ -134,18 +132,4 @@ public class MailManPermission extends P
}
return sb.toString();
}
-
- private String getUserName() {
- Subject subject =
Subject.getSubject(AccessController.getContext());
- if (subject == null) {
- return null;
- }
- Iterator<Principal> iter = subject.getPrincipals().iterator();
- String name = null;
-
- if (iter.hasNext()) {
- name = iter.next().getName();
- }
- return name;
- }
}
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailPermissionDescriptionsProvider.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailPermissionDescriptionsProvider.java?rev=959287&view=auto
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailPermissionDescriptionsProvider.java
(added)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.mail/src/main/java/org/apache/clerezza/platform/mail/MailPermissionDescriptionsProvider.java
Wed Jun 30 12:37:22 2010
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.clerezza.platform.mail;
+
+import java.util.HashSet;
+import java.util.Set;
+import
org.apache.clerezza.permissiondescriptions.PermissionDescriptionsProvider;
+import org.apache.clerezza.permissiondescriptions.PermissionDescripton;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Service;
+
+/**
+ * <code>PermissionDescriptionsProvider</code> implementation that provides
+ * <code>PermissionDescripton</code>s for the most common
<code>MailManPermission<code>s
+ * used.
+ *
+ * @author mir
+ */
+...@component
+...@service(PermissionDescriptionsProvider.class)
+public class MailPermissionDescriptionsProvider implements
PermissionDescriptionsProvider {
+
+ private static final Set<PermissionDescripton>
MAIL_PERMISSION_DESCRIPTIONS = new HashSet<PermissionDescripton>();
+ static {
+ MAIL_PERMISSION_DESCRIPTIONS.add(new PermissionDescripton("Send
Mails From Account Permission",
+ "Grants permission to the user to send emails
from his/her account. The sender email address will" +
+ " be the address associated to the user
account.", null, MailManPermission.class,
+
"(org.apache.clerezza.platform.mail.MailManPermission \"" +
MailManPermission.SELF_ACTION +
+ " \"" + MailManPermission.SEND_FROM + "\")"));
+
+ MAIL_PERMISSION_DESCRIPTIONS.add(new PermissionDescripton("Send
Mails Permission",
+ "Grants permission to send emails. The sender
email address can be freely specified. " +
+ "This permission does not grant permission to
send emails from any accounts.", null, MailManPermission.class,
+
"(org.apache.clerezza.platform.mail.MailManPermission \"\"" +
MailManPermission.SEND_MAIL + "\")"));
+ }
+
+ @Override
+ public Set<PermissionDescripton> getPermissionDescriptors() {
+ return MAIL_PERMISSION_DESCRIPTIONS;
+ }
+
+}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/pom.xml
Wed Jun 30 12:37:22 2010
@@ -60,5 +60,9 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.platform.content</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
</project>
\ No newline at end of file
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/src/main/java/org/apache/clerezza/platform/scripting/scriptmanager/ScriptManagerAppPermission.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/src/main/java/org/apache/clerezza/platform/scripting/scriptmanager/ScriptManagerAppPermission.java?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/src/main/java/org/apache/clerezza/platform/scripting/scriptmanager/ScriptManagerAppPermission.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.scripting.scriptmanager/src/main/java/org/apache/clerezza/platform/scripting/scriptmanager/ScriptManagerAppPermission.java
Wed Jun 30 12:37:22 2010
@@ -20,6 +20,7 @@
package org.apache.clerezza.platform.scripting.scriptmanager;
import java.security.Permission;
+import org.apache.clerezza.permissiondescriptions.PermissionInfo;
/**
* Permission to use the Script-Manager page. Note that the user
@@ -27,6 +28,8 @@ import java.security.Permission;
*
* @author mir
*/
+...@permissioninfo(value="Script Manager Access Permission",
description="Grants access " +
+ "to the Script Manager")
public class ScriptManagerAppPermission extends Permission{
public ScriptManagerAppPermission() {
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/pom.xml
Wed Jun 30 12:37:22 2010
@@ -70,6 +70,10 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.platform.config</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
<build>
<plugins>
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/AuthenticationCheckerImpl.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/AuthenticationCheckerImpl.java?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/AuthenticationCheckerImpl.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/AuthenticationCheckerImpl.java
Wed Jun 30 12:37:22 2010
@@ -55,6 +55,7 @@ public class AuthenticationCheckerImpl i
/**
* Checks if the provided username and password matches a username and
* password stored in the system graph
+ *
* @param userName
* @param password
* @return true if the password matched, false otherwise
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/CheckAuthenticationPermission.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/CheckAuthenticationPermission.java?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/CheckAuthenticationPermission.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/auth/CheckAuthenticationPermission.java
Wed Jun 30 12:37:22 2010
@@ -19,11 +19,15 @@
package org.apache.clerezza.platform.security.auth;
import java.security.Permission;
+import org.apache.clerezza.permissiondescriptions.PermissionInfo;
/**
*
* @author mir
*/
+...@permissioninfo(value="Authentication Checker Permission", description="
Grants permission " +
+ "to use the AuthenticationChecker service which checks if a provided
username " +
+ "and password matches a username and password stored in the system
graph")
public class CheckAuthenticationPermission extends Permission {
public CheckAuthenticationPermission() {
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/pom.xml?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/pom.xml
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/pom.xml
Wed Jun 30 12:37:22 2010
@@ -55,10 +55,14 @@
<groupId>org.apache.clerezza</groupId>
<artifactId>org.apache.clerezza.rdf.web.ontologies</artifactId>
</dependency>
- <dependency>
- <groupId>org.apache.clerezza</groupId>
- <artifactId>org.apache.clerezza.platform.dashboard.core</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.platform.dashboard.core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+
<artifactId>org.apache.clerezza.permissiondescriptions</artifactId>
+ </dependency>
</dependencies>
</project>
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/src/main/java/org/apache/clerezza/rdf/web/core/GraphManagementAppPermission.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/src/main/java/org/apache/clerezza/rdf/web/core/GraphManagementAppPermission.java?rev=959287&r1=959286&r2=959287&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/src/main/java/org/apache/clerezza/rdf/web/core/GraphManagementAppPermission.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.rdf.web/org.apache.clerezza.rdf.web.core/src/main/java/org/apache/clerezza/rdf/web/core/GraphManagementAppPermission.java
Wed Jun 30 12:37:22 2010
@@ -19,6 +19,7 @@
package org.apache.clerezza.rdf.web.core;
import java.security.Permission;
+import org.apache.clerezza.permissiondescriptions.PermissionInfo;
/**
* Permission to use the Graph-Management page. Nothe that the user
@@ -26,6 +27,8 @@ import java.security.Permission;
*
* @author reto
*/
+...@permissioninfo(value="Graph Management Access Permission",
description="Grants access " +
+ "to the Graph Management page")
public class GraphManagementAppPermission extends Permission {
