Hi Jeff, as far as I can see, I assume the implementation class might be TorqueTurbineModelManagerImpl? Could you check this? Your second attempt may be indeed close, but the reason is missing. Could you provide the stack/cause of the exception?
Probably, if this is the case, at this point of the code of the model manager the role, group and user are already checked, but what might have caused the exception is a failing cast to - org.apache.fulcrum.security.model.turbine.entity.TurbineUser of the user object or - org.apache.fulcrum.security.torque.security.TorqueAbstractSecurityEntity of any of the objects, which may be the reason, if in your schema the baseclass attribute is not set to org.apache.fulcrum.security.torque.turbine.DefaultAbstractTurbineXXX (XXX = User|Role|Group) class (or another class implementing the required interface, cft. the example torque-security-schem.xml in the Turbine webapp archetype)... And thanks for your efforts to migrate / use the flux library! Best regards, Georg -----Jeffery Painter <[email protected]> schrieb: ----- An: [email protected] Von: Jeffery Painter <[email protected]> Datum: 16.11.2017 23:29 Betreff: Re: Problem with grant and revoke user roles in turbine-4 I looked a little more at the test cases, and got my code setup enough to try and call the fulcrum security service directly... // try using fulcrum service ((TurbineModelManager)fulcrumSecurityService.getModelManager()).grant(fulcrumUser, group, role); The error logs are still reporting problems: I verified that this loaded the user "dean" from the database as a fulcrumUser and it came through with a class type of com.jivecast.smartorder.om.TurbineUser rather than the wrapper that the turbine security service provided. and now I get a DataBackendException error on the grant call... 2017-11-16 17:24:43,722 [http-nio-8080-exec-3] DEBUG avalon - Located the service 'org.apache.fulcrum.security.UserManager' in the local container 2017-11-16 17:24:47,895 [http-nio-8080-exec-3] DEBUG com.jivecast.smartorder.modules.actions.admin.UserAction - fulcrumUser: com.jivecast.smartorder.om.TurbineUser 2017-11-16 17:24:54,147 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c 2017-11-16 17:24:55,750 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807 2017-11-16 17:24:56,031 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807 2017-11-16 17:24:56,315 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807 2017-11-16 17:24:56,599 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c 2017-11-16 17:25:03,129 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c 2017-11-16 17:25:03,143 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807 2017-11-16 17:25:09,097 [http-nio-8080-exec-3] DEBUG com.jivecast.smartorder.modules.actions.admin.UserAction - Adding new role to user: inventory 2017-11-16 17:25:10,535 [http-nio-8080-exec-3] DEBUG avalon - Located the service 'org.apache.fulcrum.security.ModelManager' in the local container 2017-11-16 17:25:10,545 [http-nio-8080-exec-3] DEBUG avalon - Located the service 'org.apache.fulcrum.security.RoleManager' in the local container 2017-11-16 17:25:10,547 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@1f7f807 2017-11-16 17:25:10,560 [http-nio-8080-exec-3] DEBUG avalon - Located the service 'org.apache.fulcrum.security.UserManager' in the local container 2017-11-16 17:25:10,561 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineUserPeerImpl@86cedb4 2017-11-16 17:25:10,598 [http-nio-8080-exec-3] DEBUG avalon - Located the service 'org.apache.fulcrum.security.GroupManager' in the local container 2017-11-16 17:25:10,599 [http-nio-8080-exec-3] DEBUG avalon.peerManager - get cached PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@3ccc32c 2017-11-16 17:25:25,202 [http-nio-8080-exec-3] ERROR com.jivecast.smartorder.modules.actions.admin.UserAction - Error setting roles: org.apache.fulcrum.security.util.DataBackendException: grant('dean', 'global', 'inventory') failed any ideas? -- Jeff On 11/16/2017 05:00 PM, Jeffery Painter wrote: > > Hi Georg, > > I am making some good progress. I don't know if you remember the old > flux library for user management, but I have started to re-write that > to work with Turbine 4.0. I am having some troubles however with the > grant/revoke roles with casting the user object incorrectly from the > TurbineWrapper class. Can you help me with the issue I am having > below? I looked at the unit tests in the Turbine source for > inspiration on migrating, but it isn't recognizing the user class > properly. I even tried to manually downcast (see my code below), and > still cannot make it work. > > If I can get this all working, I thought it might be useful to publish > a new flux library compatible with Turbine-4.0 for user management as > a guide to others on how to get started. > > > My logs show the following error when calling the grant/revoke method > on the security service when trying to add the "inventory" role to a > user: > > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG > com.jivecast.smartorder.modules.actions.admin.UserAction - Adding new > role to user: inventory > > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located > the service 'org.apache.fulcrum.security.RoleManager' in the local > container > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG > avalon.peerManager - get cached > PeerInstance():com.jivecast.smartorder.om.TurbineRolePeerImpl@71897a2b > > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located > the service 'org.apache.fulcrum.security.UserManager' in the local > container > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG > avalon.peerManager - get cached > PeerInstance():com.jivecast.smartorder.om.TurbineUserPeerImpl@448e6624 > > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG avalon - Located > the service 'org.apache.fulcrum.security.GroupManager' in the local > container > 2017-11-16 16:49:26,918 [http-nio-8080-exec-13] DEBUG > avalon.peerManager - get cached > PeerInstance():com.jivecast.smartorder.om.TurbineGroupPeerImpl@151d470d > > 2017-11-16 16:49:26,919 [http-nio-8080-exec-13] ERROR > com.jivecast.smartorder.modules.actions.admin.UserAction - Error > setting roles: java.lang.ClassCastException: > com.jivecast.smartorder.wrapper.TurbineUserWrapper cannot be cast to > org.apache.fulcrum.security.torque.security.TorqueAbstractSecurityEntity > > > Here is the relevant code in my doRoles() method to make the new > assignment... it is modeled after the old flux methods: > > I have the following import: > > import org.apache.turbine.services.security.SecurityService; > > and in the body of the class, I use the injection to get the instance > mapped > > /** Injected service instance */ > @TurbineService > private SecurityService security; > > .... then my action class method is called doRoles() which does the > role assignment and fails > > /** > * Update the roles that are to assigned to a user for a project. > */ > public void doRoles(PipelineData pipelineData, Context context) > throws Exception { > > try { > > RunData data = getRunData(pipelineData); > > // Get the Turbine ACL implementation for our current > user, only admin can update user roles > TurbineAccessControlList adminAcl = > getRunData(data).getACL(); > if (adminAcl.hasRole("administrator")) { > > // Username of the account we are updating > String username = > data.getParameters().getString("username"); > if (security.accountExists(username)) { > > // Try to downcast for the security grant function > org.apache.turbine.om.security.User user = > (org.apache.turbine.om.security.User) security.getUser(username); > > // Get the Turbine ACL implementation > TurbineAccessControlList acl = security.getACL(user); > > /* > * Grab all the Groups and Roles in the system. > */ > GroupSet groups = security.getAllGroups(); > RoleSet roles = security.getAllRoles(); > > for (Group group : groups) { > String groupName = group.getName(); > for (Role role : roles) { > String roleName = role.getName(); > > /* > * In the UserRoleForm.vm we made a > checkbox for every possible Group/Role > * combination so we will compare every > possible combination with the values > * that were checked off in the form. If > we have a match then we will grant the > * user the role in the group. > */ > String groupRole = groupName + roleName; > String formGroupRole = > data.getParameters().getString(groupRole); > > if (formGroupRole != null && > !acl.hasRole(role, group)) { > // add the role for this user > if (acl.hasRole(role) == false) { > log.debug("Adding new role to > user: " + role.getName()); > security.grant(user, group, role); > } > } else if (formGroupRole == null && > acl.hasRole(role, group)) { > // revoke the role for this user > log.debug("Revoke role: " + > role.getName()); > security.revoke(user, group, role); > } > } > } > > } else { > log.error("User does not exist!"); > } > } else { > data.setMessage("You do not have access to perform > this action."); > } > } catch (Exception e) { > log.error("Error setting roles: " + e.toString()); > } > > } > > -- Jeff Painter CEO and Founder of JiveCast Software and analytics, made together http://jivecast.com 301 Fayetteville St. Unit 2301, Raleigh, NC 27601 (919) 533-9024 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
