Author: adrianc
Date: Sun Aug 9 17:20:06 2009
New Revision: 802563
URL: http://svn.apache.org/viewvc?rev=802563&view=rev
Log:
Converted Security.java to an interface. No functional change.
Modified:
ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
ofbiz/trunk/framework/security/src/org/ofbiz/security/Security.java
ofbiz/trunk/framework/security/src/org/ofbiz/security/SecurityFactory.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Modified:
ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java?rev=802563&r1=802562&r2=802563&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
(original)
+++ ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
Sun Aug 9 17:20:06 2009
@@ -29,6 +29,7 @@
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.UtilMisc;
+import org.ofbiz.base.util.cache.UtilCache;
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericEntityException;
import org.ofbiz.entity.GenericValue;
@@ -39,33 +40,42 @@
import org.ofbiz.entity.util.EntityUtil;
/**
- * <code>OFBizSecurity</code>
- * This class has not been altered from the original source. It now just
extends Security and was therefore renamed to
- * OFBizSecurity.
+ * An implementation of the Security interface that uses the OFBiz database
+ * for permission storage.
*/
-public class OFBizSecurity extends org.ofbiz.security.Security {
+public class OFBizSecurity implements Security {
public static final String module = OFBizSecurity.class.getName();
- public static final Map<String, Map<String, String>> simpleRoleEntity =
UtilMisc.toMap(
+ /**
+ * UtilCache to cache a Collection of UserLoginSecurityGroup entities for
each UserLogin, by userLoginId.
+ */
+ protected static UtilCache<String, List<GenericValue>>
userLoginSecurityGroupByUserLoginId = new UtilCache<String,
List<GenericValue>>("security.UserLoginSecurityGroupByUserLoginId");
+
+ /**
+ * UtilCache to cache whether or not a certain SecurityGroupPermission row
exists or not.
+ * For each SecurityGroupPermissionPK there is a Boolean in the cache
specifying whether or not it exists.
+ * In this way the cache speeds things up whether or not the user has a
permission.
+ */
+ protected static UtilCache<GenericValue, Boolean>
securityGroupPermissionCache = new UtilCache<GenericValue,
Boolean>("security.SecurityGroupPermissionCache");
+
+ protected GenericDelegator delegator = null;
+
+ protected static final Map<String, Map<String, String>> simpleRoleEntity =
UtilMisc.toMap(
"ORDERMGR", UtilMisc.toMap("name", "OrderRole", "pkey", "orderId"),
"FACILITY", UtilMisc.toMap("name", "FacilityParty", "pkey",
"facilityId"),
"MARKETING", UtilMisc.toMap("name", "MarketingCampaignRole", "pkey",
"marketingCampaignId"));
- GenericDelegator delegator = null;
-
protected OFBizSecurity() {}
protected OFBizSecurity(GenericDelegator delegator) {
this.delegator = delegator;
}
- @Override
public GenericDelegator getDelegator() {
- return delegator;
+ return this.delegator;
}
- @Override
public void setDelegator(GenericDelegator delegator) {
this.delegator = delegator;
}
@@ -73,7 +83,6 @@
/**
* @see
org.ofbiz.security.Security#findUserLoginSecurityGroupByUserLoginId(java.lang.String)
*/
- @Override
public Iterator<GenericValue>
findUserLoginSecurityGroupByUserLoginId(String userLoginId) {
List<GenericValue> collection =
userLoginSecurityGroupByUserLoginId.get(userLoginId);
@@ -95,7 +104,6 @@
/**
* @see
org.ofbiz.security.Security#securityGroupPermissionExists(java.lang.String,
java.lang.String)
*/
- @Override
public boolean securityGroupPermissionExists(String groupId, String
permission) {
GenericValue securityGroupPermissionValue =
delegator.makeValue("SecurityGroupPermission",
UtilMisc.toMap("groupId", groupId, "permissionId",
permission));
@@ -120,7 +128,6 @@
/**
* @see org.ofbiz.security.Security#hasPermission(java.lang.String,
javax.servlet.http.HttpSession)
*/
- @Override
public boolean hasPermission(String permission, HttpSession session) {
GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
@@ -132,7 +139,6 @@
/**
* @see org.ofbiz.security.Security#hasPermission(java.lang.String,
org.ofbiz.entity.GenericValue)
*/
- @Override
public boolean hasPermission(String permission, GenericValue userLogin) {
if (userLogin == null) return false;
@@ -150,7 +156,6 @@
/**
* @see org.ofbiz.security.Security#hasEntityPermission(java.lang.String,
java.lang.String, javax.servlet.http.HttpSession)
*/
- @Override
public boolean hasEntityPermission(String entity, String action,
HttpSession session) {
GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
@@ -161,7 +166,6 @@
/**
* @see org.ofbiz.security.Security#hasEntityPermission(java.lang.String,
java.lang.String, org.ofbiz.entity.GenericValue)
*/
- @Override
public boolean hasEntityPermission(String entity, String action,
GenericValue userLogin) {
if (userLogin == null) return false;
@@ -187,7 +191,6 @@
/**
* @see org.ofbiz.security.Security#hasRolePermission(java.lang.String,
java.lang.String, java.lang.String, java.lang.String,
javax.servlet.http.HttpSession)
*/
- @Override
public boolean hasRolePermission(String application, String action, String
primaryKey, String role, HttpSession session) {
GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
return hasRolePermission(application, action, primaryKey, role,
userLogin);
@@ -196,7 +199,6 @@
/**
* @see org.ofbiz.security.Security#hasRolePermission(java.lang.String,
java.lang.String, java.lang.String, java.lang.String,
org.ofbiz.entity.GenericValue)
*/
- @Override
public boolean hasRolePermission(String application, String action, String
primaryKey, String role, GenericValue userLogin) {
List<String> roles = null;
if (role != null && !role.equals(""))
@@ -207,7 +209,6 @@
/**
* @see org.ofbiz.security.Security#hasRolePermission(java.lang.String,
java.lang.String, java.lang.String, java.util.List,
javax.servlet.http.HttpSession)
*/
- @Override
public boolean hasRolePermission(String application, String action, String
primaryKey, List<String> roles, HttpSession session) {
GenericValue userLogin = (GenericValue)
session.getAttribute("userLogin");
return hasRolePermission(application, action, primaryKey, roles,
userLogin);
@@ -216,7 +217,6 @@
/**
* @see org.ofbiz.security.Security#hasRolePermission(java.lang.String,
java.lang.String, java.lang.String, java.util.List,
org.ofbiz.entity.GenericValue)
*/
- @Override
public boolean hasRolePermission(String application, String action, String
primaryKey, List<String> roles, GenericValue userLogin) {
String entityName = null;
EntityCondition condition = null;
@@ -291,4 +291,10 @@
return false;
}
+ public void clearUserData(GenericValue userLogin) {
+ if (userLogin != null) {
+
userLoginSecurityGroupByUserLoginId.remove(userLogin.getString("userLoginId"));
+ }
+ }
+
}
Modified: ofbiz/trunk/framework/security/src/org/ofbiz/security/Security.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/Security.java?rev=802563&r1=802562&r2=802563&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/src/org/ofbiz/security/Security.java
(original)
+++ ofbiz/trunk/framework/security/src/org/ofbiz/security/Security.java Sun Aug
9 17:20:06 2009
@@ -23,36 +23,17 @@
import javax.servlet.http.HttpSession;
-import org.ofbiz.base.util.cache.UtilCache;
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericValue;
/**
- * Security handler: This class is an abstract implementation for all
commononly used security aspects.
+ * Security interface. This interface defines security-related methods.
*/
-public abstract class Security {
+public interface Security {
- /**
- * UtilCache to cache a Collection of UserLoginSecurityGroup entities for
each UserLogin, by userLoginId.
- */
- public static UtilCache<String, List<GenericValue>>
userLoginSecurityGroupByUserLoginId = new UtilCache<String,
List<GenericValue>>("security.UserLoginSecurityGroupByUserLoginId");
-
- /**
- * UtilCache to cache whether or not a certain SecurityGroupPermission row
exists or not.
- * For each SecurityGroupPermissionPK there is a Boolean in the cache
specifying whether or not it exists.
- * In this way the cache speeds things up whether or not the user has a
permission.
- */
- public static UtilCache<GenericValue, Boolean>
securityGroupPermissionCache = new UtilCache<GenericValue,
Boolean>("security.SecurityGroupPermissionCache");
-
- GenericDelegator delegator = null;
+ public GenericDelegator getDelegator();
- public GenericDelegator getDelegator() {
- return delegator;
- }
-
- public void setDelegator(GenericDelegator delegator) {
- this.delegator = delegator;
- }
+ public void setDelegator(GenericDelegator delegator);
/**
* Uses userLoginSecurityGroupByUserLoginId cache to speed up the finding
of the userLogin's security group list.
@@ -61,7 +42,7 @@
* @return An iterator made from the Collection either cached or retrieved
from the database through the
* UserLoginSecurityGroup Delegator.
*/
- public abstract Iterator<GenericValue>
findUserLoginSecurityGroupByUserLoginId(String userLoginId);
+ public Iterator<GenericValue>
findUserLoginSecurityGroupByUserLoginId(String userLoginId);
/**
* Finds whether or not a SecurityGroupPermission row exists given a
groupId and permission.
@@ -73,7 +54,7 @@
* @param permission The name of the permission
* @return boolean specifying whether or not a SecurityGroupPermission row
exists
*/
- public abstract boolean securityGroupPermissionExists(String groupId,
String permission);
+ public boolean securityGroupPermissionExists(String groupId, String
permission);
/**
* Checks to see if the currently logged in userLogin has the passed
permission.
@@ -82,7 +63,7 @@
* @param session The current HTTP session, contains the logged in
userLogin as an attribute.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasPermission(String permission, HttpSession
session);
+ public boolean hasPermission(String permission, HttpSession session);
/**
* Checks to see if the userLogin has the passed permission.
@@ -91,7 +72,7 @@
* @param userLogin The userLogin object for user to check against.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasPermission(String permission, GenericValue
userLogin);
+ public boolean hasPermission(String permission, GenericValue userLogin);
/**
* Like hasPermission above, except it has functionality specific to
Entity permissions. Checks the entity for the
@@ -102,7 +83,7 @@
* @param session The current HTTP session, contains the logged in
userLogin as an attribute.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasEntityPermission(String entity, String action,
HttpSession session);
+ public boolean hasEntityPermission(String entity, String action,
HttpSession session);
/**
* Like hasPermission above, except it has functionality specific to
Entity permissions. Checks the entity for the
@@ -113,7 +94,7 @@
* @param userLogin The userLogin object for user to check against.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasEntityPermission(String entity, String action,
GenericValue userLogin);
+ public boolean hasEntityPermission(String entity, String action,
GenericValue userLogin);
/**
* Like hasEntityPermission above, this checks the specified action, as
well as for "_ADMIN" to allow for simplified
@@ -127,7 +108,7 @@
* @param session The current HTTP session, contains the logged in
userLogin as an attribute.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasRolePermission(String application, String
action, String primaryKey, String role, HttpSession session);
+ public boolean hasRolePermission(String application, String action, String
primaryKey, String role, HttpSession session);
/**
* Like hasEntityPermission above, this checks the specified action, as
well as for "_ADMIN" to allow for simplified
@@ -141,7 +122,7 @@
* @param userLogin The userLogin object for user to check against.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasRolePermission(String application, String
action, String primaryKey, String role, GenericValue userLogin);
+ public boolean hasRolePermission(String application, String action, String
primaryKey, String role, GenericValue userLogin);
/**
* Like hasEntityPermission above, this checks the specified action, as
well as for "_ADMIN" to allow for simplified
@@ -155,7 +136,7 @@
* @param userLogin The userLogin object for user to check against.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasRolePermission(String application, String
action, String primaryKey, List<String> roles, GenericValue userLogin);
+ public boolean hasRolePermission(String application, String action, String
primaryKey, List<String> roles, GenericValue userLogin);
/**
* Like hasEntityPermission above, this checks the specified action, as
well as for "_ADMIN" to allow for simplified
@@ -169,6 +150,12 @@
* @param session The current HTTP session, contains the logged in
userLogin as an attribute.
* @return Returns true if the currently logged in userLogin has the
specified permission, otherwise returns false.
*/
- public abstract boolean hasRolePermission(String application, String
action, String primaryKey, List<String> roles, HttpSession session);
+ public boolean hasRolePermission(String application, String action, String
primaryKey, List<String> roles, HttpSession session);
+ /** Clears any user-related cached data. This method is called by the
framework
+ * to indicate a user has logged out. Implementations should clear any
cached
+ * data related to the user.
+ * @param userLogin The user login to be cleared
+ */
+ public void clearUserData(GenericValue userLogin);
}
Modified:
ofbiz/trunk/framework/security/src/org/ofbiz/security/SecurityFactory.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/SecurityFactory.java?rev=802563&r1=802562&r2=802563&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/src/org/ofbiz/security/SecurityFactory.java
(original)
+++ ofbiz/trunk/framework/security/src/org/ofbiz/security/SecurityFactory.java
Sun Aug 9 17:20:06 2009
@@ -64,7 +64,7 @@
synchronized (SecurityFactory.class) {
try {
ClassLoader loader =
Thread.currentThread().getContextClassLoader();
- Class c = loader.loadClass(getSecurityClass(securityName));
+ Class<?> c = loader.loadClass(getSecurityClass(securityName));
security = (Security) c.newInstance();
security.setDelegator(delegator);
} catch (ClassNotFoundException cnf) {
Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=802563&r1=802562&r2=802563&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
(original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Sun Aug 9 17:20:06 2009
@@ -488,7 +488,7 @@
Security security = (Security) request.getAttribute("security");
if (security != null && userLogin != null) {
-
Security.userLoginSecurityGroupByUserLoginId.remove(userLogin.getString("userLoginId"));
+ security.clearUserData(userLogin);
}
// set the logged out flag
