Re: svn commit: r770084 - in /ofbiz/trunk/framework/example: ./ config/ data/ entitydef/ security/ servicedef/ widget/example/

Fri, 01 May 2009 10:03:59 -0700 

Look in the Asset Maintenance component.

-Adrian

Andrew Zeneski wrote:

Adrian,
I will start a new thread to discuss this, but before I do I want to make sure there isn't something I neglected to account for. Could you please provide an example of such a service which uses SECA permission services? 

Andrew

On May 1, 2009, at 12:04 PM, Adrian Crum wrote:


Andrew,
I thought we were getting away from using the <required-permissions> element and using the <permission-service> element instead.
If this type of change is made in other components, it will break a lot of code - because some components use permission service SECAs. 

-Adrian

j...@apache.org wrote:

Author: jaz
Date: Thu Apr 30 06:23:18 2009
New Revision: 770084
URL: http://svn.apache.org/viewvc?rev=770084&view=rev
Log:
Refactored Example Application to use new security mechanics - JIRA OFBIZ-2392 

...



Modified: ofbiz/trunk/framework/example/servicedef/services.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/servicedef/services.xml?rev=770084&r1=770083&r2=770084&view=diff ============================================================================== 
--- ofbiz/trunk/framework/example/servicedef/services.xml (original)
+++ ofbiz/trunk/framework/example/servicedef/services.xml Thu Apr 30 06:23:18 2009 
@@ -27,29 +27,37 @@
    <!-- Example & Related Services -->
<service name="createExample" default-entity-name="Example" engine="entity-auto" invoke="create" auth="true"> 
        <description>Create a Example</description>
- <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> 
+        <required-permissions join-type="AND">
+            <check-permission permission="create:example"/>
+ </required-permissions> <auto-attributes include="pk" mode="OUT" optional="false"/> 
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
        <override name="exampleTypeId" optional="false"/>
        <override name="statusId" optional="false"/>
-        <override name="exampleName" optional="false"/>
+ <override name="exampleName" optional="false"/> </service> <service name="updateExample" default-entity-name="Example" engine="entity-auto" invoke="update" auth="true"> 
        <description>Update a Example</description>
- <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="update:example:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
<attribute name="oldStatusId" type="String" mode="OUT" optional="false"/> 
    </service>
<service name="deleteExample" default-entity-name="Example" engine="entity-auto" invoke="delete" auth="true"> 
        <description>Delete a Example</description>
- <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="delete:example:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
    </service>
<service name="createExampleStatus" default-entity-name="ExampleStatus" engine="simple" location="component://example/script/org/ofbiz/example/example/ExampleServices.xml" invoke="createExampleStatus" auth="true"> 
        <description>Create a ExampleStatus</description>
- <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="update:example:status:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="all" mode="IN" optional="false">
            <exclude field-name="statusDate"/>
            <exclude field-name="statusEndDate"/>
@@ -58,7 +66,9 @@
<service name="createExampleItem" default-entity-name="ExampleItem" engine="entity-auto" invoke="create" auth="true"> 
        <description>Create a ExampleItem</description>
- <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="create:example:item:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
<override name="exampleItemSeqId" mode="OUT"/> <!-- make this OUT rather than IN, we will automatically generate the next sub-sequence ID --> 
@@ -66,60 +76,78 @@
    </service>
<service name="updateExampleItem" default-entity-name="ExampleItem" engine="entity-auto" invoke="update" auth="true"> 
        <description>Update a ExampleItem</description>
- <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="update:example:item:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
    </service>
<service name="deleteExampleItem" default-entity-name="ExampleItem" engine="entity-auto" invoke="delete" auth="true"> 
        <description>Delete a ExampleItem</description>
- <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="delete:example:item:${exampleId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
    </service>
     <!-- ExampleFeature Services -->
<service name="createExampleFeature" default-entity-name="ExampleFeature" engine="entity-auto" invoke="create" auth="true"> 
        <description>Create a ExampleFeature</description>
- <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> 
+        <required-permissions join-type="AND">
+            <check-permission permission="create:example:feature"/>
+        </required-permissions>
        <auto-attributes include="pk" mode="OUT" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
        <override name="description" optional="false"/>
    </service>
<service name="updateExampleFeature" default-entity-name="ExampleFeature" engine="entity-auto" invoke="update" auth="true"> 
        <description>Update a ExampleFeature</description>
- <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> 
+        <required-permissions join-type="AND">
+            <check-permission permission="update:example:feature"/>
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
    </service>
<service name="deleteExampleFeature" default-entity-name="ExampleFeature" engine="entity-auto" invoke="delete" auth="true"> 
        <description>Delete a ExampleFeature</description>
- <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> 
+        <required-permissions join-type="AND">
+            <check-permission permission="delete:example:feature"/>
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
    </service>
<service name="createExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="entity-auto" invoke="create" auth="true"> 
        <description>Create a ExampleFeatureAppl</description>
- <permission-service service-name="exampleGenericPermission" main-action="CREATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="create:example:feature:${exampleFeatureId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
        <override name="fromDate" optional="true"/>
    </service>
<service name="updateExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="entity-auto" invoke="update" auth="true"> 
        <description>Update a ExampleFeatureAppl</description>
- <permission-service service-name="exampleGenericPermission" main-action="UPDATE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="update:example:feature:${exampleFeatureId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
    </service>
<service name="deleteExampleFeatureAppl" default-entity-name="ExampleFeatureAppl" engine="entity-auto" invoke="delete" auth="true"> 
        <description>Delete a ExampleFeatureAppl</description>
- <permission-service service-name="exampleGenericPermission" main-action="DELETE"/> 
+        <required-permissions join-type="AND">
+ <check-permission permission="delete:example:feature:${exampleFeatureId}"/> 
+        </required-permissions>
        <auto-attributes include="pk" mode="IN" optional="false"/>
    </service>
     <!-- Permission Services -->
+    <!--  @deprecated
    <service name="exampleGenericPermission" engine="simple"
location="component://example/script/org/ofbiz/example/ExamplePermissionServices.xml" invoke="exampleGenericPermission"> 
        <implements service="permissionInterface"/>
    </service>
+    -->
     <!-- Example ServiceTest Service -->
    <service name="testCreateExampleService" engine="simple"

Reply via email to