Author: adrianc
Date: Wed Jan 13 22:57:25 2010
New Revision: 898989
URL: http://svn.apache.org/viewvc?rev=898989&view=rev
Log:
I made a slight change in the ExecutionContext API to help make client code
simpler.
Modified:
ofbiz/branches/executioncontext20091231/BranchReadMe.txt
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessDeniedController.java
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessGrantedController.java
Modified: ofbiz/branches/executioncontext20091231/BranchReadMe.txt
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/BranchReadMe.txt?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20091231/BranchReadMe.txt (original)
+++ ofbiz/branches/executioncontext20091231/BranchReadMe.txt Wed Jan 13
22:57:25 2010
@@ -6,6 +6,12 @@
to hold utility methods. Those methods can be moved to
other components when the branch is merged into the trunk.
+An interesting side-effect of the new security design is
+its ability to expose security holes in the trunk. Log in
+as admin, go to Party Manager and click on the Find button.
+The exception that is thrown exposes a flaw in the
+findparty.ftl file.
+
---------------------------------------------------
2010-01-11: The ExecutionContext implementation is fairly complete.
Modified:
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/AbstractExecutionContext.java
Wed Jan 13 22:57:25 2010
@@ -65,13 +65,8 @@
return this.currencyUom;
}
- public String getExecutionPath() {
- StringBuilder sb = new
StringBuilder(ArtifactPath.PATH_ROOT_NODE_NAME);
- for (ExecutionArtifact artifact : this.artifactStack) {
- sb.append(ArtifactPath.PATH_ELEMENT_SEPARATOR);
- sb.append(artifact.getName());
- }
- return sb.toString();
+ public ArtifactPath getExecutionPath() {
+ return new ArtifactPath(getExecutionPathAsArray());
}
public String[] getExecutionPathAsArray() {
@@ -96,6 +91,15 @@
return elementArray;
}
+ public String getExecutionPathAsString() {
+ StringBuilder sb = new StringBuilder(ArtifactPath.PATH_ROOT_NODE_NAME);
+ for (ExecutionArtifact artifact : this.artifactStack) {
+ sb.append(ArtifactPath.PATH_ELEMENT_SEPARATOR);
+ sb.append(artifact.getName());
+ }
+ return sb.toString();
+ }
+
public Locale getLocale() {
return this.locale;
}
@@ -176,12 +180,6 @@
return this.properties.put(key, value);
}
- public void setTimeZone(TimeZone timeZone) {
- if (timeZone != null) {
- this.timeZone = timeZone;
- }
- }
-
protected void setTimeZone(String timeZone) {
if (timeZone != null) {
this.timeZone = TimeZone.getTimeZone(timeZone);
@@ -190,8 +188,14 @@
}
}
+ public void setTimeZone(TimeZone timeZone) {
+ if (timeZone != null) {
+ this.timeZone = timeZone;
+ }
+ }
+
@Override
public String toString() {
- return this.getExecutionPath();
+ return this.getExecutionPathAsString();
}
}
Modified:
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ExecutionContext.java
Wed Jan 13 22:57:25 2010
@@ -64,12 +64,18 @@
*/
public String getCurrencyUom();
- /** Returns the current execution path. Artifact names are separated
- * with a forward slash.
+ /** Returns the current execution path.
*
* @return The current execution path
*/
- public String getExecutionPath();
+ public ArtifactPath getExecutionPath();
+
+ /** Returns the current execution path as a <code>String</code>.
+ * Path elements are separated with a forward slash.
+ *
+ * @return The current execution path
+ */
+ public String getExecutionPathAsString();
/** Returns the current execution path as an array of strings.
* Each array element contains an Artifact name, with the
Modified:
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java
Wed Jan 13 22:57:25 2010
@@ -55,7 +55,7 @@
return executionContext.get().getCurrencyUom();
}
- public static String getExecutionPath() {
+ public static ArtifactPath getExecutionPath() {
return executionContext.get().getExecutionPath();
}
@@ -63,6 +63,10 @@
return executionContext.get().getExecutionPathAsArray();
}
+ public static String getExecutionPathAsString() {
+ return executionContext.get().getExecutionPathAsString();
+ }
+
public static Locale getLocale() {
return executionContext.get().getLocale();
}
Modified:
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
Wed Jan 13 22:57:25 2010
@@ -122,7 +122,7 @@
}
OFBizPermission permission = new OFBizPermission("applyFilters");
PermissionsGatherer permissionsGatherer = new
PermissionsGatherer(this.node, permission);
- permissionsGatherer.gatherPermissions(new
ArtifactPath(ThreadContext.getExecutionPathAsArray()));
+
permissionsGatherer.gatherPermissions(ThreadContext.getExecutionPath());
if (permission.getFilterNames().size() > 0) {
return new SecurityAwareListIterator<E>(listIterator,
permission.getFilterNames());
}
@@ -130,7 +130,7 @@
}
public void checkPermission(Permission permission) throws
AccessControlException {
- checkPermission(permission, new
ArtifactPath(ThreadContext.getExecutionPathAsArray()));
+ checkPermission(permission, ThreadContext.getExecutionPath());
}
@Override
Modified:
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessDeniedController.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessDeniedController.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessDeniedController.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessDeniedController.java
Wed Jan 13 22:57:25 2010
@@ -57,7 +57,7 @@
@Override
public void checkPermission(Permission permission) throws
AccessControlException {
- checkPermission(permission, new
ArtifactPath(ThreadContext.getExecutionPathAsArray()));
+ checkPermission(permission, ThreadContext.getExecutionPath());
}
@Override
Modified:
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessGrantedController.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessGrantedController.java?rev=898989&r1=898988&r2=898989&view=diff
==============================================================================
---
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessGrantedController.java
(original)
+++
ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessGrantedController.java
Wed Jan 13 22:57:25 2010
@@ -54,7 +54,7 @@
@Override
public void checkPermission(Permission permission) throws
AccessControlException {
- checkPermission(permission, new
ArtifactPath(ThreadContext.getExecutionPathAsArray()));
+ checkPermission(permission, ThreadContext.getExecutionPath());
}
@Override
