Author: adrianc
Date: Mon Jan 11 23:20:25 2010
New Revision: 898107
URL: http://svn.apache.org/viewvc?rev=898107&view=rev
Log:
Used the OFBizSecurity transform to control main navigation display.
Modified:
ofbiz/branches/executioncontext20091231/BranchReadMe.txt
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java
ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl
Modified: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/BranchReadMe.txt?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/BranchReadMe.txt (original)
+++ ofbiz/branches/executioncontext20091231/BranchReadMe.txt Mon Jan 11
23:20:25 2010
@@ -9,10 +9,8 @@
in the branch is still proof-of-concept. In other words, the
design is implemented and working, but very little of the project uses it.
-Some examples: The screen renderer doesn't catch the security exceptions,
+Example: The screen renderer doesn't catch the security exceptions,
so when a user is denied access to an artifact they get the JSP error page.
-Also, the main navigation doesn't display the Example component tab because
-the Freemarker template is still checking the old-style permissions.
---------------------------------------------------
Modified:
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
Mon Jan 11 23:20:25 2010
@@ -71,20 +71,31 @@
StringBuilder sb = new StringBuilder(PATH_ROOT_NODE_NAME);
for (ExecutionArtifact artifact : this.artifactStack) {
sb.append(PATH_ELEMENT_SEPARATOR);
- sb.append(artifact.getName() == null ? "null" :
artifact.getName());
+ sb.append(artifact.getName());
}
return sb.toString();
}
public String[] getExecutionPathAsArray() {
- String[] strArray = new String[this.artifactStack.size() + 1];
- strArray[0] = PATH_ROOT_NODE_NAME;
- int index = 1;
+ FastList<String> elementList = FastList.newInstance();
+ elementList.add(PATH_ROOT_NODE_NAME);
for (ExecutionArtifact artifact : this.artifactStack) {
- strArray[index] = artifact.getName();
- index++;
+ String artifactName = artifact.getName();
+ if (artifactName.contains(PATH_ELEMENT_SEPARATOR)) {
+ String[] strArray = artifactName.split(PATH_ELEMENT_SEPARATOR);
+ for (int i = 0; i < strArray.length; i++) {
+ elementList.add(strArray[i]);
+ }
+ } else {
+ elementList.add(artifactName);
+ }
+ }
+ String[] elementArray = new String[elementList.size()];
+ int index = 0;
+ for (String artifactName : elementList) {
+ elementArray[index++] = artifactName;
}
- return strArray;
+ return elementArray;
}
public Locale getLocale() {
Modified:
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/OFBizPermission.java
Mon Jan 11 23:20:25 2010
@@ -135,7 +135,11 @@
StringBuilder sb = new StringBuilder();
sb.append(this.includePermissions);
sb.append(" ");
- sb.append(this.excludePermissions);
+ if (this.excludePermissions.getPermissionsSet().size() > 0) {
+ sb.append("!(");
+ sb.append(this.excludePermissions);
+ sb.append(")");
+ }
for (String filter : this.filters) {
sb.append(" filter=");
sb.append(filter);
Modified:
ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
(original)
+++
ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml
Mon Jan 11 23:20:25 2010
@@ -30,5 +30,9 @@
<UserToArtifactPermRel userLoginId="artifact-user"
artifactPath="ofbiz/example" permissionValue="update=true"/>
<ArtifactPath artifactPath="ofbiz/example/*/anotherDate"
description="Example Application - 'anotherDate' field"/>
<UserToArtifactPermRel userLoginId="artifact-user"
artifactPath="ofbiz/example/*/anotherDate" permissionValue="view=false"/>
+ <ArtifactPath artifactPath="ofbiz/example/*/appbar"/>
+ <ArtifactPath artifactPath="ofbiz/example/*/appbar/example"/>
+ <UserToArtifactPermRel userLoginId="artifact-user"
artifactPath="ofbiz/example/*/appbar" permissionValue="view=false"/>
+ <UserToArtifactPermRel userLoginId="artifact-user"
artifactPath="ofbiz/example/*/appbar/example" permissionValue="view=true"/>
</entity-engine-xml>
Modified:
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl
(original)
+++
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl
Mon Jan 11 23:20:25 2010
@@ -28,7 +28,7 @@
<div id="header-nav" class="clearfix" style="display:none">
<ul>
<li><h4>${uiLabelMap.CommonPrimaryApps}</h4></li>
- <#list displayApps as display>
+ <#list displayApps as display>
<#assign thisApp = display.getContextRoot()>
<#assign permission = true>
<#assign selected = false>
@@ -39,6 +39,9 @@
<#assign permission = false>
</#if>
</#list>
+ <@ofbizSecurity permission="view" artifactId=thisApp>
+ <#assign permission = true>
+ </@ofbizSecurity>
<#if permission == true>
<#if thisApp == contextPath || contextPath + "/" == thisApp>
<#assign selected = true>
Modified:
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl?rev=898107&r1=898106&r2=898107&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl
(original)
+++
ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl
Mon Jan 11 23:20:25 2010
@@ -38,6 +38,9 @@
<#assign permission = false>
</#if>
</#list>
+ <@ofbizSecurity permission="view" artifactId=thisApp>
+ <#assign permission = true>
+ </@ofbizSecurity>
<#if permission == true>
<#if thisApp == contextPath || contextPath + "/" == thisApp>
<#assign selected = true>
