You are viewing a plain text version of this content. The canonical link for it is here.
Posted to photark-commits@incubator.apache.org by av...@apache.org on 2010/07/10 12:40:00 UTC
svn commit: r962834 - in /incubator/photark/trunk:
photark-filesystem/src/main/java/org/apache/photark/filesystem/services/
photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/
photark-jcr/src/main/java/org/apache/photark/jcr/servic...
Author: avd
Date: Sat Jul 10 12:39:59 2010
New Revision: 962834
URL: http://svn.apache.org/viewvc?rev=962834&view=rev
Log:
PHOTARK-20 Applying patch from Suhothayan Sriskandarajah improved and fine grained authorization support for photark
Added:
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/JSONRPCSecurityManager.java
incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/GallerySecurity.java
Modified:
incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemAlbumImpl.java
incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemGalleryImpl.java
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRAlbumImpl.java
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRImageUploadServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java
incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/admin.js
incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/upload.js
incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html
incubator/photark/trunk/photark-ui/src/main/webapp/js/gallery.js
incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/Album.java
incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/AlbumAgregator.java
incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/BaseGalleryImpl.java
incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/Gallery.java
Modified: incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemAlbumImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemAlbumImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemAlbumImpl.java (original)
+++ incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemAlbumImpl.java Sat Jul 10 12:39:59 2010
@@ -97,7 +97,15 @@ public class FileSystemAlbumImpl impleme
throw new UnsupportedOperationException("Not implemented");
}
- public void deletePicture(String picture){
+ public void addOwner(String owner) {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ public String[] getOwners() {
+ return new String[0]; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ public void deletePicture(String picture){
throw new UnsupportedOperationException("Not implemented");
}
Modified: incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemGalleryImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemGalleryImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemGalleryImpl.java (original)
+++ incubator/photark/trunk/photark-filesystem/src/main/java/org/apache/photark/filesystem/services/FileSystemGalleryImpl.java Sat Jul 10 12:39:59 2010
@@ -83,7 +83,11 @@ public class FileSystemGalleryImpl exten
}
- public void deleteAlbum(String albumName) {
+ public boolean hasAlbum(String albumName) {
+ return false;
+ }
+
+ public void deleteAlbum(String albumName) {
}
}
\ No newline at end of file
Modified: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java (original)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java Sat Jul 10 12:39:59 2010
@@ -20,11 +20,14 @@
package org.apache.photark.jcr.security.authorization;
import org.apache.photark.jcr.JCRRepositoryManager;
+import org.apache.photark.jcr.services.JCRAlbumImpl;
import org.apache.photark.security.authorization.AccessList;
import org.apache.photark.security.authorization.Permission;
import org.apache.photark.security.authorization.User;
import org.apache.photark.security.authorization.UserInfo;
import org.apache.photark.security.authorization.services.AccessManager;
+import org.apache.photark.security.authorization.services.JSONRPCSecurityManager;
+import org.apache.photark.services.album.Album;
import org.oasisopen.sca.annotation.*;
import javax.jcr.*;
@@ -103,6 +106,12 @@ public class JCRAccessManager implements
userNode.setProperty("webSite", "");
userNode.setProperty("userId","SuperAdmin");
+ userNode= unRegisteredUserRole.addNode("UnRegisteredUser");
+ userNode.setProperty("displayName","UnRegisteredUser");
+ userNode.setProperty("email", "");
+ userNode.setProperty("realName", "");
+ userNode.setProperty("webSite", "");
+ userNode.setProperty("userId","UnRegisteredUser");
unRegisteredUserRolePermissions.addNode("boston").setProperty("permissions", new String[]{"viewImages"});
// unRegisteredUserRolePermissions.addNode("vegas").setProperty("permissions",new String[]{"view"});
@@ -113,39 +122,39 @@ public class JCRAccessManager implements
// superAdminRolePermissions.addNode("boston").setProperty("permissions", new String[]{"viewImages", "addImages", "deleteImages", "deleteAlbum", "editAlbumDescription"});
// superAdminRolePermissions.addNode("vegas").setProperty("permissions", new String[]{"viewImages", "addImages", "deleteImages", "deleteAlbum", "editAlbumDescription"});
- registeredUserRolePermissions.setProperty("permissions", new String[]{"createAlbum", "deleteOwnAlbum"
- , "createGroupRole", "deleteOwnGroupRole", "manageOwnGroupRole"
- , "viewImagesOnOwnAlbum", "addOwnImagesToOwnAlbum", "deleteImagesFromOwnAlbum", "editOwnAlbumDescription"});
-
- superAdminRolePermissions.setProperty("permissions", new String[]{"createAlbum", "deleteOwnAlbum", "deleteOtherAlbum"
- , "createGroupRole", "deleteOwnGroupRole", "deleteOthersGroupRole", "manageOwnGroupRole", "manageOthersGroupRole", "manageMainRoles"
- , "viewImagesOnOwnAlbum", "addOwnImagesToOwnAlbum", "deleteImagesFromOwnAlbum", "editOwnAlbumDescription"
- , "viewImagesOnOthersAlbum", "addOwnImagesToOthersAlbum", "deleteImagesFromOthersAlbum", "editOthersAlbumDescription"});
+ registeredUserRolePermissions.setProperty("permissions", new String[]{"createAlbum", "deleteAlbum.own"
+ , "createGroupRole", "deleteGroupRole.own", "manageGroupRole.own"
+ , "viewImagesOnAlbum.own", "addImagesToAlbum.own", "deleteImagesFromAlbum.own", "editAlbumDescription.own"});
+
+ superAdminRolePermissions.setProperty("permissions", new String[]{"createAlbum", "deleteAlbum.own", "deleteAlbum.others"
+ , "createGroupRole", "deleteGroupRole.own", "deleteGroupRole.others", "manageGroupRole.own", "manageGroupRole.others", "manageMainRoles"
+ , "viewImagesOnAlbum.own", "addImagesToAlbum.own", "deleteImagesFromAlbum.own", "editAlbumDescription.own"
+ , "viewImagesOnAlbum.others", "addImagesToAlbum.others", "deleteImagesFromAlbum.others", "editAlbumDescription.others"});
Node allPermissions = userStore.addNode("allPermissions");
allPermissions.addNode("createAlbum").setProperty("desc", "Allow the users to crete a new Albums");
- allPermissions.addNode("deleteOwnAlbum").setProperty("desc", "Allow the users to delete the Albums they own");
- allPermissions.addNode("deleteOtherAlbum").setProperty("desc", "Allow the users to delete the Albums they dont own");
+ allPermissions.addNode("deleteAlbum.own").setProperty("desc", "Allow the users to delete the Albums they own");
+ allPermissions.addNode("deleteAlbum.others").setProperty("desc", "Allow the users to delete the Albums they dont own");
allPermissions.addNode("createGroupRole").setProperty("desc", "Allow the users to create Groups");
- allPermissions.addNode("deleteOwnGroupRole").setProperty("desc", "Allow the users to delete the Groups they own");
- allPermissions.addNode("deleteOthersGroupRole").setProperty("desc", "Allow the users to delete the Groups they dont own");
- allPermissions.addNode("manageOwnGroupRole").setProperty("desc", "Allow the users to change the users and permissions of the Groups they own");
- allPermissions.addNode("manageOthersGroupRole").setProperty("desc", "Allow the users to change the users and permissions of the Groups they dont own");
+ allPermissions.addNode("deleteGroupRole.own").setProperty("desc", "Allow the users to delete the Groups they own");
+ allPermissions.addNode("deleteGroupRole.others").setProperty("desc", "Allow the users to delete the Groups they dont own");
+ allPermissions.addNode("manageGroupRole.own").setProperty("desc", "Allow the users to change the users and permissions of the Groups they own");
+ allPermissions.addNode("manageGroupRole.others").setProperty("desc", "Allow the users to change the users and permissions of the Groups they dont own");
allPermissions.addNode("manageMainRoles").setProperty("desc", "Allow the users to change the users and permissions of the Main roles (superAdminRole, registeredUserRole, unRegisteredUserRole, blockedUserRole)");
- allPermissions.addNode("viewImagesOnOwnAlbum").setProperty("desc", "Allow the users to view their album images");
- allPermissions.addNode("addOwnImagesToOwnAlbum").setProperty("desc", "Allow the users to add new images to their album");
- allPermissions.addNode("deleteImagesFromOwnAlbum").setProperty("desc", "Allow the users to delete images from their album");
- allPermissions.addNode("editOwnAlbumDescription").setProperty("desc", "Allow the users to edit their Album description");
-
- allPermissions.addNode("viewImagesOnOthersAlbum").setProperty("desc", "Allow the users to view Others album images");
- allPermissions.addNode("addOwnImagesToOthersAlbum").setProperty("desc", "Allow the users to add new images to Others album");
- allPermissions.addNode("deleteImagesFromOthersAlbum").setProperty("desc", "Allow the users to delete images from Others album");
- allPermissions.addNode("editOthersAlbumDescription").setProperty("desc", "Allow the users to edit Others Album description");
+ allPermissions.addNode("viewImagesOnAlbum.own").setProperty("desc", "Allow the users to view their album images");
+ allPermissions.addNode("addImagesToAlbum.own").setProperty("desc", "Allow the users to add new images to their album");
+ allPermissions.addNode("deleteImagesFromAlbum.own").setProperty("desc", "Allow the users to delete images from their album");
+ allPermissions.addNode("editAlbumDescription.own").setProperty("desc", "Allow the users to edit their Album description");
+
+ allPermissions.addNode("viewImagesOnAlbum.others").setProperty("desc", "Allow the users to view Others album images");
+ allPermissions.addNode("addImagesToAlbum.others").setProperty("desc", "Allow the users to add new images to Others album");
+ allPermissions.addNode("deleteImagesFromAlbum.others").setProperty("desc", "Allow the users to delete images from Others album");
+ allPermissions.addNode("editAlbumDescription.others").setProperty("desc", "Allow the users to edit Others Album description");
//per Album permissions
allPermissions.addNode("viewImages").setProperty("desc", "Allow the users to view the album images");
@@ -230,7 +239,7 @@ public class JCRAccessManager implements
Node allMutuallyExclusiveRoles = (Node) session.getItem("/userStore/mutuallyExclusiveRoles");
for (PropertyIterator pi = allMutuallyExclusiveRoles.getProperties(); pi.hasNext();) {
Property p = pi.nextProperty();
-
+
if (!p.getName().equals("jcr:primaryType")) {
ArrayList<String> list =new ArrayList<String>();
for(Value v :p.getValues()){
@@ -515,4 +524,48 @@ public class JCRAccessManager implements
}
}
+ public boolean isPermitted(AccessList accessList, String resourceName, String[] permissionNames) {
+ if (accessList == null) {
+ return false;
+ }
+ Map<String, List<Permission>> userPermissions = accessList.getPermissions();
+ List allowedPermissions = Arrays.asList(permissionNames);
+ List<Permission> permissions = new ArrayList<Permission>();
+ if (userPermissions.containsKey(resourceName)) {
+ permissions = (userPermissions.get(resourceName));
+ }
+ for (Permission permission : permissions) {
+ if (allowedPermissions.contains(permission.getPermission())) {
+ if (!permission.getPermission().endsWith(".others") || !permission.getPermission().endsWith(".own")) {
+ return true;
+ }
+ }
+ }
+
+ if (userPermissions.containsKey("_default")) {
+ permissions = (userPermissions.get("_default"));
+ }
+ for (Permission permission : permissions) {
+ if (allowedPermissions.contains(permission.getPermission())) {
+
+ // System.out.println(resourceName+ " added");
+ if (permission.getPermission().endsWith(".own") && isUserTheOwner(accessList.getUserId(), resourceName)) {
+ return true;
+
+ } else if (permission.getPermission().endsWith(".others") && !isUserTheOwner(accessList.getUserId(), resourceName)) {
+ return true;
+
+ } else if ((!permission.getPermission().endsWith(".others")) && (!permission.getPermission().endsWith(".own"))) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ private boolean isUserTheOwner(String userId, String albumName) {
+ Album album = new JCRAlbumImpl(repositoryManager, albumName);
+ return Arrays.asList(album.getOwners()).contains(userId);
+ }
+
}
Modified: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRAlbumImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRAlbumImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRAlbumImpl.java (original)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRAlbumImpl.java Sat Jul 10 12:39:59 2010
@@ -23,19 +23,14 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.net.URL;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
import java.util.logging.Logger;
-import javax.jcr.Node;
-import javax.jcr.NodeIterator;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
+import javax.jcr.*;
import org.apache.photark.Image;
import org.apache.photark.jcr.JCRRepositoryManager;
+import org.apache.photark.security.authorization.Permission;
import org.apache.photark.services.album.Album;
import org.apache.photark.services.album.ImageFilter;
import org.oasisopen.sca.annotation.Destroy;
@@ -274,6 +269,62 @@ public class JCRAlbumImpl implements Alb
}
}
+ @Property
+ public void addOwner(String owner) {
+ List<String> ownerList = new ArrayList<String>();
+ ownerList.add(owner);
+ try {
+ Session session = repositoryManager.getSession();
+ Node root = session.getRootNode();
+ Node albumNode = root.getNode(name);
+ if (albumNode.hasProperty("owners")) {
+ for (Value ownerValue : albumNode.getProperty("owners").getValues()) {
+ if (!ownerList.contains(ownerValue.getString())) {
+ ownerList.add(ownerValue.getString());
+ }
+
+ }
+ }
+ String[] owners = new String[ownerList.size()];
+ for (int i = 0; i < ownerList.size(); i++) {
+ owners[i] = ownerList.get(i);
+ }
+ albumNode.setProperty("owners", owners);
+ session.save();
+ } catch (RepositoryException e) {
+ e.printStackTrace();
+ } finally {
+ //repositoryManager.releaseSession();
+ }
+ }
+
+ public String[] getOwners() {
+ if (!initialized) {
+ init();
+ }
+ try {
+ Session session = repositoryManager.getSession();
+ Node root = session.getRootNode();
+ Node albumNode = root.getNode(name);
+ if (albumNode.hasProperty("owners")) {
+ Value[] values = albumNode.getProperty("owners").getValues();
+ String[] owners = new String[values.length];
+ for (int i = 0; i < values.length; i++) {
+ owners[i] = values[i].getString();
+ }
+ return owners;
+ }
+
+
+ } catch (Exception e) {
+ // FIXME: ignore for now
+ e.printStackTrace();
+ } finally {
+ //repositoryManager.releaseSession();
+ }
+ return new String[]{};
+ }
+
/**
* This method deletes the picture node.
* @param String pictureName
Modified: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java (original)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java Sat Jul 10 12:39:59 2010
@@ -21,7 +21,9 @@ package org.apache.photark.jcr.services;
import java.io.File;
import java.net.URL;
+import java.util.ArrayList;
import java.util.GregorianCalendar;
+import java.util.List;
import java.util.logging.Logger;
import javax.jcr.Node;
@@ -31,6 +33,8 @@ import javax.jcr.Session;
import org.apache.photark.Image;
import org.apache.photark.jcr.JCRRepositoryManager;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.apache.photark.security.authorization.services.JSONRPCSecurityManager;
import org.apache.photark.services.album.Album;
import org.apache.photark.services.gallery.BaseGalleryImpl;
import org.apache.photark.services.gallery.Gallery;
@@ -41,18 +45,24 @@ import org.oasisopen.sca.annotation.Scop
@Scope("COMPOSITE")
public class JCRGalleryImpl extends BaseGalleryImpl implements Gallery {
private static final Logger logger = Logger.getLogger(JCRGalleryImpl.class.getName());
-
- private JCRRepositoryManager repositoryManager;
+ private JCRRepositoryManager repositoryManager;
+ private AccessManager accessManager;
public JCRGalleryImpl() {
}
-
+
@Reference(name="repositoryManager")
protected void setRepositoryManager(JCRRepositoryManager repositoryManager) {
this.repositoryManager = repositoryManager;
}
+
+ @Reference(name="accessmanager")
+ protected void setAccessService(AccessManager accessManager) {
+ this.accessManager = accessManager;
+ }
+
public JCRGalleryImpl(String name) {
super(name);
}
@@ -88,22 +98,22 @@ public class JCRGalleryImpl extends Base
// FIXME: ignore for now
e.printStackTrace();
}
-
+
initialized = true;
Album[] albums = getAlbums();
-
+
for (Album album : albums) {
String[] pictures = album.getPictures();
-
-
+
+
for (String picture : pictures) {
imageAdded(album.getName(), new Image(picture, new GregorianCalendar().getTime(), null));
}
-
+
}
-
+
}
-
+
private void getAlbumsFromJcrRepository() {
try {
Session session = repositoryManager.getSession();
@@ -150,7 +160,23 @@ public class JCRGalleryImpl extends Base
}
}
- public void deleteAlbum(String albumName) {
+ public boolean hasAlbum(String albumName) {
+ try {
+ Session session = repositoryManager.getSession();
+ Node rootNode = session.getRootNode();
+ if (rootNode.hasNode(albumName)) {
+ // logger.info("This album is already in gallery");
+ return true;
+ }
+ } catch (RepositoryException e) {
+ e.printStackTrace();
+ } finally {
+ //repositoryManager.releaseSession();
+ }
+ return false;
+ }
+
+ public void deleteAlbum(String albumName) {
try {
Session session = repositoryManager.getSession();
Node root = session.getRootNode();
@@ -166,12 +192,83 @@ public class JCRGalleryImpl extends Base
logger.info("album " + albumName + " deleted");
}else{
logger.info("album " + albumName + " not found");
- }
+ }
} catch (RepositoryException e) {
e.printStackTrace();
} finally {
//repositoryManager.releaseSession();
}
-
+
}
+
+
+ public String[] getAlbumPictures(String albumName) {
+ return getAlbumPicturesToUser(albumName, JSONRPCSecurityManager.getSecurityToken("UnRegisteredUser"));
+ }
+
+ public String[] getAlbumPicturesToUser(String albumName, String securityToken) {
+String[] permissions = new String[]{"viewImages", "viewImagesOnAlbum.own", "viewImagesOnAlbum.others"};
+ if (accessManager.isPermitted(JSONRPCSecurityManager.getAccessListFromSecurityToken(securityToken), albumName,permissions)) {
+ Album albumLookup = getAlbum(albumName);
+ if (albumLookup != null) {
+ return albumLookup.getPictures();
+ } else {
+ // FIXME: return proper not found exception
+ return new String[]{};
+ }
+ } else {
+ return new String[]{};
+ }
+ }
+
+ public String getAlbumCover(String albumName) {
+ return getAlbumCoverToUser(albumName, JSONRPCSecurityManager.getSecurityToken("UnRegisteredUser"));
+ }
+
+ public String getAlbumCoverToUser(String albumName, String securityToken) {
+ String[] permissions = new String[]{"viewImages", "viewImagesOnAlbum.others", "viewImagesOnAlbum.own"};
+ if (accessManager.isPermitted(JSONRPCSecurityManager.getAccessListFromSecurityToken(securityToken), albumName, permissions)) {
+ Album albumLookup = getAlbum(albumName);
+
+ if (albumLookup != null) {
+ String[] pictures = albumLookup.getPictures();
+ // this check is to avoid Exception
+ if (pictures.length > 0) {
+ return albumLookup.getPictures()[0];
+ } else {
+ logger.info("No Album Cover Picture found for album:" + albumName);
+ return null;
+ }
+ } else {
+ // FIXME: return proper not found exception
+ return null;
+ }
+ } else {
+ return null;
+ }
+ }
+
+ public Album[] getAlbums() {
+ return getAlbumsToUser(JSONRPCSecurityManager.getSecurityToken("UnRegisteredUser"));
+ }
+
+ public Album[] getAlbumsToUser(String securityToken) {
+ if (!initialized) {
+ init();
+ }
+ List<Album> userAlbums = new ArrayList<Album>();
+ for (Album album : albums) {
+ String[] permissions = new String[]{"viewImages", "viewImagesOnAlbum.others", "viewImagesOnAlbum.own"};
+ if (accessManager.isPermitted(JSONRPCSecurityManager.getAccessListFromSecurityToken(securityToken), album.getName(), permissions)) {
+ userAlbums.add(album);
+ }
+ }
+ Album[] albumArray = new Album[userAlbums.size()];
+ userAlbums.toArray(albumArray);
+ return albumArray;
+ }
+
+
+
+
}
Modified: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRImageUploadServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRImageUploadServiceImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRImageUploadServiceImpl.java (original)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRImageUploadServiceImpl.java Sat Jul 10 12:39:59 2010
@@ -23,10 +23,7 @@ import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
+import java.util.*;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -45,6 +42,10 @@ import org.apache.commons.fileupload.ser
import org.apache.photark.Image;
import org.apache.photark.jcr.JCRRepositoryManager;
import org.apache.photark.jcr.util.ArchiveFileExtractor;
+import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.Permission;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.apache.photark.security.authorization.services.JSONRPCSecurityManager;
import org.apache.photark.services.album.Album;
import org.apache.photark.services.gallery.Gallery;
import org.oasisopen.sca.annotation.Init;
@@ -68,6 +69,8 @@ public class JCRImageUploadServiceImpl e
private JCRRepositoryManager repositoryManager;
+ private static AccessManager accessManager;
+
private ServletFileUpload upload;
private Gallery gallery;
@@ -90,6 +93,11 @@ public class JCRImageUploadServiceImpl e
this.repositoryManager = repositoryManager;
}
+ @Reference(name="accessmanager")
+ protected void setAccessService(AccessManager accessManager) {
+ this.accessManager = accessManager;
+ }
+
@Reference(name="gallery")
protected void setGallery(Gallery gallery) {
this.gallery = gallery;
@@ -118,12 +126,12 @@ public class JCRImageUploadServiceImpl e
albumDescription= (String) request.getParameter("addAlbumDesc");
if(albumDescription!=null){
- addDescToAlbum(albumName,albumDescription);
- if(logger.isLoggable(Level.INFO)) {
- logger.log(Level.INFO, "album description updated in " + albumName+" with "+albumDescription);
- }
- PrintWriter out = response.getWriter();
- out.write("albumDescription updated in " + albumName+" with "+albumDescription);
+ PrintWriter out = response.getWriter();
+ if(addDescToAlbum(albumName,albumDescription,request)){
+ out.write("albumDescription updated in " + albumName+" with "+albumDescription);
+ }else{
+ out.write("No permission to add albumDescription in " + albumName);
+ }
out.close();
return;
}else{
@@ -163,6 +171,10 @@ public class JCRImageUploadServiceImpl e
albumDescription = fileItem.getString();
}
+ if (fileItem.getFieldName().equalsIgnoreCase("securityToken")&&request.getSession().getAttribute("accessList")==null) {
+ request.getSession().setAttribute("accessList", JSONRPCSecurityManager.getAccessListFromSecurityToken(fileItem.getString())) ;
+ }
+
boolean isFormField = fileItem.isFormField();
if (!isFormField) {
@@ -186,7 +198,7 @@ public class JCRImageUploadServiceImpl e
}
for (Image picture : pictures) {
- addPictureToAlbum(albumName,albumDescription, picture);
+ addPictureToAlbum(albumName,albumDescription, picture,request); //todo
}
sb.append("file=uploaded/" + fileName);
sb.append(",name=" + fileName);
@@ -206,7 +218,9 @@ public class JCRImageUploadServiceImpl e
}
}
- @Override
+
+
+ @Override
protected void doDelete(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
@@ -217,7 +231,7 @@ public class JCRImageUploadServiceImpl e
imageName= (String) request.getParameter("imageName");
- deleteNode(albumName, imageName);
+ deleteNode(albumName, imageName,request); //todo
PrintWriter out = response.getWriter();
//sb.append("deleted " + albumName+"/"+imageName);
@@ -231,41 +245,65 @@ public class JCRImageUploadServiceImpl e
* @param albumName String
* @param albumDescription Picture
* @param image albumDescription
- */
- private void addPictureToAlbum(String albumName,String albumDescription, Image image) {
- gallery.addAlbum(albumName);
- Album album = new JCRAlbumImpl(repositoryManager, albumName);
- album.addPicture(image);
- album.setDescription(albumDescription);
-
- this.gallery.imageAdded(albumName, image);
-
- }
+ */
+ private void addPictureToAlbum(String albumName, String albumDescription, Image image, HttpServletRequest request) {
+ Album album = new JCRAlbumImpl(repositoryManager, albumName);
+ AccessList accessList = (AccessList) request.getSession().getAttribute("accessList");
+ if (!gallery.hasAlbum(albumName)) {
+ if (accessManager.isPermitted(accessList, albumName, new String[]{"createAlbum"})) {
+ gallery.addAlbum(albumName);
+ album.addOwner(accessList.getUserId());
+ }
+ }
+
+
+ if (accessManager.isPermitted(accessList, albumName, new String[]{"addImagesToAlbum.own", "addImagesToAlbum.others", "addImages"})) {
+ album.addPicture(image);
+ this.gallery.imageAdded(albumName, image);
+ }
+ if (accessManager.isPermitted(accessList, albumName, new String[]{"editAlbumDescription.others", "editAlbumDescription.own", "editAlbumDescription"})) {
+ album.setDescription(albumDescription);
+ }
+
+ }
/**
- * @param albumName String
- * @param picture Picture
- * @param String albumDescription
+ * @param albumName the name of the album
+ * @param albumDescription the album description that need to be added
+ * @param request the HttpServletRequest
+ * @return boolean
*/
- private void addDescToAlbum(String albumName,String albumDescription) {
- gallery.addAlbum(albumName);
- Album album = new JCRAlbumImpl(repositoryManager, albumName);
- album.setDescription(albumDescription);
- }
-
+ private boolean addDescToAlbum(String albumName, String albumDescription, HttpServletRequest request) {
+ if (accessManager.isPermitted((AccessList) request.getSession().getAttribute("accessList"), albumName, new String[]{"editAlbumDescription.others", "editAlbumDescription.own", "editAlbumDescription"})) {
+ gallery.addAlbum(albumName);
+ Album album = new JCRAlbumImpl(repositoryManager, albumName);
+ album.setDescription(albumDescription);
+ if (logger.isLoggable(Level.INFO)) {
+ logger.log(Level.INFO, "album description updated in " + albumName + " with " + albumDescription);
+ }
+ return true;
+ }
+ return false;
+ }
- /**
+ /**
*
- * @param String albumName
- * @param String imageName
+ * @param albumName
+ * @param imageName
*/
- private void deleteNode(String albumName, String imageName) {
+ private void deleteNode(String albumName, String imageName, HttpServletRequest request) {
+ AccessList accessList= (AccessList) request.getSession().getAttribute("accessList");
if(imageName==null){
+ if (accessManager.isPermitted(accessList, albumName, new String[]{"deleteAlbum.own", "deleteAlbum.others"})) {
+
gallery.deleteAlbum(albumName);
-
+ }
}else{
+ if (accessManager.isPermitted(accessList, albumName, new String[]{"deleteImagesFromAlbum.own", "deleteImagesFromAlbum.others","deleteImages"})) {
+
Album album = new JCRAlbumImpl(repositoryManager, albumName);
album.deletePicture(imageName);
+ }
}
}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java Sat Jul 10 12:39:59 2010
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpServletResponse;
import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.services.JSONRPCSecurityManager;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
@@ -61,7 +62,10 @@ public class LogoutServiceImpl extends H
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if(request.getSession().getAttribute("accessList")!=null){
- System.err.print(((AccessList)request.getSession().getAttribute("accessList")).getUserId());
+ String userId=((AccessList)request.getSession().getAttribute("accessList")).getUserId();
+ System.err.print(userId);
+ JSONRPCSecurityManager.removeAccessListAndToken(userId);
+
}
// Removing the AccessList
request.getSession().setAttribute("accessList", "");
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java Sat Jul 10 12:39:59 2010
@@ -71,4 +71,16 @@ public class Permission implements Seria
public String getPermissionDesc(){
return desc;
}
+
+ public boolean equals(Object obj){
+ if(!(obj instanceof Permission))
+ return false;
+
+ Permission permission = (Permission)obj;
+ return this.getPermission().equals(permission.getPermission()) ;
+
+ }
+ public int hashCode() {
+ return permission.hashCode();
+ }
}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java Sat Jul 10 12:39:59 2010
@@ -36,4 +36,6 @@ public interface AccessManager {
void addUserToRole(User user, String node);
+ boolean isPermitted(AccessList accessList, String resourceName, String[] permissionNames);
+
}
Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/JSONRPCSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/JSONRPCSecurityManager.java?rev=962834&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/JSONRPCSecurityManager.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/JSONRPCSecurityManager.java Sat Jul 10 12:39:59 2010
@@ -0,0 +1,122 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.photark.security.authorization.services;
+
+import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.Permission;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.*;
+
+/**
+ */
+public class JSONRPCSecurityManager {
+ private static Map<String, Object[]> accessTokenMap = new HashMap<String, Object[]>();
+
+ public static boolean isUserExist(String userId) {
+ return accessTokenMap.containsKey(userId);
+ }
+
+ public static AccessList getAccessList(String userId) {
+ Object[] accessListAndToken = accessTokenMap.get(userId);
+ return (AccessList) accessListAndToken[0];
+
+ }
+
+ public static String getSecurityToken(String userId) {
+ Object[] accessListAndToken = accessTokenMap.get(userId);
+ return (String) accessListAndToken[1];
+
+ }
+
+ public static AccessList getAccessListFromSecurityToken(String token) {
+ Object[] accessListAndToken = accessTokenMap.get(userIdFromSecurityToken(token));
+ return (AccessList) accessListAndToken[0];
+
+ }
+
+ public static String userIdFromSecurityToken(String token) {
+ String userId= token.substring(0, token.length() - 25); //don't use this anywhere else
+ getSecurityToken(userId);
+ if(token.equals(getSecurityToken(userId))){
+ return userId;
+ }
+ return "UnRegisteredUser";
+
+ }
+
+ public static void putAccessListAndToken(AccessList accessList, String token) {
+ accessTokenMap.put(accessList.getUserId(), new Object[]{accessList, token});
+
+ }
+
+ public static void removeAccessListAndToken(String userId) {
+ accessTokenMap.remove(userId);
+
+ }
+
+ public String getJSONAccessList(HttpServletRequest request) {
+
+ AccessList accessList = (AccessList) request.getSession().getAttribute("accessList");
+ String token;
+ if (JSONRPCSecurityManager.isUserExist(accessList.getUserId())) {
+ token = JSONRPCSecurityManager.getSecurityToken(accessList.getUserId());
+ } else {
+ token = createAccessToken(accessList.getUserId());
+ JSONRPCSecurityManager.putAccessListAndToken(accessList, token);
+ }
+ String jsonPermission = "|";
+ for (String key:accessList.getPermissions().keySet()) {
+ List permissions = accessList.getPermissions().get(key);
+ if("_default".equals(key)) {
+ for (Object permission : permissions) {
+ jsonPermission += ((Permission) permission).getPermission()+"|" ;
+ }
+ }else{
+ for (Object permission : permissions) {
+ jsonPermission += key+"."+ ((Permission) permission).getPermission()+"|" ;
+ }
+ }
+
+ }
+ return "userId:'" + accessList.getUserId() +
+ "',token:'" + token +
+ "',permissions:'" + jsonPermission + "'";
+
+ }
+
+ private String createAccessToken(String userId) {
+ Random randomGenerator = new Random();
+ String token = "";
+ for (int i = 0; i < 25; i++) {
+ int n = randomGenerator.nextInt(36);
+ if (n < 10) {
+ token += (n); // digit 0-9
+ } else {
+ token += (char) (n - 10 + 'A'); // alpha A-Z
+ }
+ }
+ // System.out.println(token);
+
+ return userId + token;
+ }
+
+
+
+}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java Sat Jul 10 12:39:59 2010
@@ -20,6 +20,7 @@
package org.apache.photark.security.authorization.services;
import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.Permission;
import org.apache.photark.security.authorization.User;
import org.apache.photark.security.authorization.UserInfo;
import org.oasisopen.sca.annotation.Reference;
@@ -33,6 +34,10 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Random;
@Service(Servlet.class)
@@ -44,6 +49,7 @@ public class SecurityServiceImpl extends
*/
private static final long serialVersionUID = -6452934544772432330L;
private AccessManager accessManager;
+ JSONRPCSecurityManager jsonSecurityManager=new JSONRPCSecurityManager();
@Reference(name = "accessmanager")
protected void setAccessService(AccessManager accessManager) {
@@ -99,12 +105,19 @@ public class SecurityServiceImpl extends
//sb.append(",unRegistered=false");
}
send(out, sb);
- accessList=accessManager.createAccessList(userId,request.getParameter("email"));
- request.getSession().removeAttribute("accessList");
- request.getSession().setAttribute("accessList", accessList);
+ accessList = accessManager.createAccessList(userId, request.getParameter("email"));
+ request.getSession().removeAttribute("accessList");
+ request.getSession().setAttribute("accessList", accessList);
} else if ("getUser".equalsIgnoreCase(request.getParameter("request"))) {
sb.append("{" + createJSONUser(request) + "}");
send(out, sb);
+ } else if ("getJSONAccessList".equalsIgnoreCase(request.getParameter("request"))) {
+ if (request.getSession().getAttribute("accessList") == null) {
+ AccessList accessList = accessManager.createAccessList("UnRegisteredUser", "");
+ request.getSession().setAttribute("accessList", accessList);
+ }
+ sb.append("{" + jsonSecurityManager.getJSONAccessList(request) + "}");
+ send(out, sb);
} else {
response.sendRedirect(request.getContextPath() + "/home/authenticate");
}
@@ -112,6 +125,12 @@ public class SecurityServiceImpl extends
}
+
+// private AccessList getAccessList(String token) { //todo
+// Object[] accessListAndToken = AccessManager.accessTokenMap.get(token.substring(0,token.length()-25));
+// return (AccessList )accessListAndToken[0] ;
+// }
+
private void send(PrintWriter out, StringBuffer sb) {
out.write(sb.toString());
out.flush();
@@ -152,4 +171,6 @@ public class SecurityServiceImpl extends
}
return sb;
}
+
+
}
Modified: incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/admin.js
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/admin.js?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/admin.js (original)
+++ incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/admin.js Sat Jul 10 12:39:59 2010
@@ -23,29 +23,35 @@ dojo.require("dojo._base.xhr");
var albumCover;
var albums;
-var albumName="New Album";
+var albumName = "New Album";
var albumIndex;
-var albumDescEditOn=false;
-var albumDesc="";
-
-var gallery = new dojo.rpc.JsonService( photark.constants.GalleryServiceEndpoint );
-
-function populateSelect(){
- gallery = new dojo.rpc.JsonService( photark.constants.GalleryServiceEndpoint );
- gallery.getAlbums().addCallback( function(albums, exception) {
- if(exception) {
+var albumDescEditOn = false;
+var albumDesc = "";
+var userId;
+var SECURITY_TOKEN;
+var permissions = "";
+
+var gallery = new dojo.rpc.JsonService(photark.constants.GalleryServiceEndpoint);
+
+function populateSelect() {
+ gallery = new dojo.rpc.JsonService(photark.constants.GalleryServiceEndpoint);
+ gallery.getAlbumsToUser(SECURITY_TOKEN).addCallback(function(albums, exception) {
+ // gallery.getAlbums().addCallback( function(albums, exception) {
+ if (exception) {
alert(exception.msg);
return;
}
- this.albums=albums;
+ this.albums = albums;
var selectAlbum = dojo.byId("selectAlbum");
- selectAlbum.options.length=0;
- selectAlbum.options[selectAlbum.options.length] = new Option("New Album", "New Album", true, false);
- for(var pos = 0; pos<albums.length; pos++) {
- selectAlbum.options[selectAlbum.options.length] = new Option(albums[pos].name, albums[pos].name, false, false);
+ selectAlbum.options.length = 0;
+ if (permissions.indexOf("|createAlbum|") != -1) {
+ selectAlbum.options[selectAlbum.options.length] = new Option("New Album", "New Album", true, false);
}
- dojo.byId("selectAlbum").value=albumName;
+ for (var pos = 0; pos < albums.length; pos++) {
+ selectAlbum.options[selectAlbum.options.length] = new Option(albums[pos].name, albums[pos].name, false, false);
+ }
+ dojo.byId("selectAlbum").value = albumName;
manageAlbumFields();
});
@@ -53,177 +59,231 @@ function populateSelect(){
//to set the album cover
function setAlbumCoverResponse(cover, exception) {
- if(exception){
+ if (exception) {
alert(exception.msg);
return;
}
document.getElementById('albumCoverDiv').innerHTML = "<table id='albumCover' style='width:200px;' border='0' cellspacing='0' cellpadding='1'></table>";
- var table=document.getElementById('albumCover');
+ var table = document.getElementById('albumCover');
var row = table.insertRow(0);
var column = row.insertCell(0);
if (cover != null) {
var img = document.createElement("img");
- img.src = (window.location.href).replace("admin/upload.html","") + "gallery/"+ albumName +"/" + cover;
+ img.src = (window.location.href).replace("admin/upload.html", "") + "gallery/" + albumName + "/" + cover;
var img_html = "<img src=" + img.src + " class=\"slideImage\" width=200px ondragstart=\"return false\" onselectstart=\"return false\" oncontextmenu=\"return false\" galleryimg=\"no\" usemap=\"#imagemap\" alt=\"\"/>";
- var html = "<table border=\"0\" style=\"width:180px; text-align: center;\"><tr style=\"cellpadding:10\"><td><a>" + img_html + "</a></td></tr><tr><td>"+albumName+"</td></tr></table>";
+ var html = "<table border=\"0\" style=\"width:180px; text-align: center;\"><tr style=\"cellpadding:10\"><td><a>" + img_html + "</a></td></tr><tr><td>" + albumName + "</td></tr></table>";
column.innerHTML = html;
}
}
function initializeAdminGallery() {
- var table=document.getElementById('adminTableGallery');
+ var remove = false;
+ if (permissions.indexOf("|deleteImagesFromAlbum.others|") != -1 || (permissions.indexOf("|deleteImagesFromAlbum.own|") != -1 && albums[albumIndex].owners + "".indexOf(userId) != -1) || permissions.indexOf("|" + albumName + ".deleteImages|") != -1) {
+ remove = true;
+ }
+ var table = document.getElementById('adminTableGallery');
var lastRow = table.rows.length;
for (var i = 0; i < albums[albumIndex].pictures.length;) {
- var row = table.insertRow( Math.floor(i/4));
- for (var j = 0; j < 4;j++) {
- var column = row.insertCell(i%4);
+ var row = table.insertRow(Math.floor(i / 4));
+ for (var j = 0; j < 4; j++) {
+ var column = row.insertCell(i % 4);
if (albums[albumIndex].pictures[i] != null) {
var albumName = albums[albumIndex].name;
var img = document.createElement("img");
- img.src = (window.location.href).replace("admin/upload.html","") + "gallery/"+ albumName +"/" + albums[albumIndex].pictures[i];
+ img.src = (window.location.href).replace("admin/upload.html", "") + "gallery/" + albumName + "/" + albums[albumIndex].pictures[i];
var img_html = "<img src=" + img.src + " class=\"slideImage\" width=200px ondragstart=\"return false\" onselectstart=\"return false\" oncontextmenu=\"return false\" galleryimg=\"no\" usemap=\"#imagemap\" alt=\"\"/>";
- var html = "<table border=\"0\" style=\"width:180px; text-align: center;\"><tr style=\"cellpadding:10\"><td colspan=\"2\"><a>" + img_html + "</a></td></tr><tr><td>"+albums[albumIndex].pictures[i]+"</td><td><a href=\"javascript:confirmDelete('"+albums[albumIndex].pictures[i]+"');\">Remove</a></td></tr></table>";
+ if (remove) {
+ var html = "<table border=\"0\" style=\"width:180px; text-align: center;\"><tr style=\"cellpadding:10\"><td colspan=\"2\"><a>" + img_html + "</a></td></tr><tr><td>" + albums[albumIndex].pictures[i] + "</td><td><a href=\"javascript:confirmDelete('" + albums[albumIndex].pictures[i] + "');\">Remove</a></td></tr></table>";
+ } else {
+ var html = "<table border=\"0\" style=\"width:180px; text-align: center;\"><tr style=\"cellpadding:10\"><td colspan=\"2\"><a>" + img_html + "</a></td></tr><tr><td>" + albums[albumIndex].pictures[i] + "</td><td></td></tr></table>";
+ }
column.innerHTML = html;
+
}
- i++;
+ i++;
}
}
}
-function manageAlbumFields(){
+function manageAlbumFields() {
var selectAlbum = dojo.byId("selectAlbum");
albumName = selectAlbum.value;
document.getElementById('adminGallery').innerHTML = "<table id='adminTableGallery' style='width:720px;' border='0' cellspacing='0' cellpadding='1'></table>";
- albumIndex=selectAlbum.selectedIndex-1;
+ if (selectAlbum.children[0].value == "New Album") {
+ albumIndex = selectAlbum.selectedIndex - 1;
+ } else {
+ albumIndex = selectAlbum.selectedIndex;
+ }
cancelAlbumDesc();
- dojo.byId("progressBar").style.display="none";
+ dojo.byId("progressBar").style.display = "none";
+
+ if (albumName == "New Album") {
- if(albumName == "New Album") {
document.getElementById('albumCoverDiv').innerHTML = "<table id='albumCover' style='width:200px;' border='0' cellspacing='0' cellpadding='1'></table>";
dojo.byId("newAlbumName").style.display = "";
dojo.byId("newAlbumLabel").style.display = "";
dojo.byId("btnAlbumDesc").style.display = "none";
dojo.byId("deleteAlbum").style.display = "none";
- dojo.byId("albumDescriptionDiv").innerHTML="<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription'></textarea>";
- }else{
+ dojo.byId("albumDescriptionDiv").innerHTML = "<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription'></textarea>";
+ } else {
+
dojo.byId("newAlbumName").style.display = "none";
dojo.byId("newAlbumLabel").style.display = "none";
- dojo.byId("btnAlbumDesc").style.display = "";
- dojo.byId("deleteAlbum").style.display = "";
- gallery.getAlbums().addCallback( function(albums, exception) {
- if(exception) {
+ if (permissions.indexOf("|editAlbumDescription.others|") != -1 || (permissions.indexOf("|editAlbumDescription.own|") != -1 && albums[albumIndex].owners + "".indexOf(userId) != -1) || permissions.indexOf("|" + albumName + ".editAlbumDescription|") != -1) {
+ dojo.byId("btnAlbumDesc").style.display = "";
+ } else {
+ dojo.byId("btnAlbumDesc").style.display = "none";
+ }
+ if (permissions.indexOf("|deleteAlbum.others|") != -1 || (permissions.indexOf("|deleteAlbum.own|") != -1 && albums[albumIndex].owners + "".indexOf(userId) != -1)) {
+ dojo.byId("deleteAlbum").style.display = "";
+ } else {
+ dojo.byId("deleteAlbum").style.display = "none";
+ }
+ gallery.getAlbumsToUser(SECURITY_TOKEN).addCallback(function(albums, exception) {
+ // gallery.getAlbums().addCallback( function(albums, exception) {
+ if (exception) {
alert(exception.msg);
return;
}
- dojo.byId("albumDescription").value=albums[selectAlbum.selectedIndex-1].description;
- gallery.getAlbumCover(albums[albumIndex].name).addCallback(setAlbumCoverResponse);
+ dojo.byId("albumDescription").value = albums[selectAlbum.selectedIndex - 1].description;
+ gallery.getAlbumCoverToUser(albums[albumIndex].name, SECURITY_TOKEN).addCallback(setAlbumCoverResponse);
+ // gallery.getAlbumCover(albums[albumIndex].name).addCallback(setAlbumCoverResponse);
initializeAdminGallery();
});
- dojo.byId("albumDescription").value="";
+ dojo.byId("albumDescription").value = "";
+ if (permissions.indexOf("|addImagesToAlbum.others|") != -1 || (permissions.indexOf("|addImagesToAlbum.own|") != -1 && albums[albumIndex].owners + "".indexOf(userId) != -1) || permissions.indexOf("|" + albumName + ".addImages|") != -1) {
+ dojo.byId("filesDiv").style.display = "";
+ dojo.byId("btnUploader").style.display = "";
+ dojo.byId("btnUpload").style.display = "";
+ } else {
+ dojo.byId("filesDiv").style.display = "none";
+ dojo.byId("btnUploader").style.display = "none";
+ dojo.byId("btnUpload").style.display = "none";
+ }
}
}
//this method will delete the selected image from the current album
-function addAlbumDesc(){
- if(albumDescEditOn==false){
- albumDescEditOn=true;
- albumDesc=dojo.byId("albumDescription").value;
- dojo.byId("albumDescriptionDiv").innerHTML="<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription'></textarea>";
- dojo.byId("albumDescription").value=albumDesc;
+function addAlbumDesc() {
+ if (albumDescEditOn == false) {
+ albumDescEditOn = true;
+ albumDesc = dojo.byId("albumDescription").value;
+ dojo.byId("albumDescriptionDiv").innerHTML = "<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription'></textarea>";
+ dojo.byId("albumDescription").value = albumDesc;
dojo.byId("albumDescription").focus();
- dojo.byId("btnAlbumDesc").innerHTML="Save album Description";
- dojo.byId("cancelBtnAlbumDesc").style.display="";
- }else{
- var desc=dojo.byId("albumDescription").value;
+ dojo.byId("btnAlbumDesc").innerHTML = "Save album Description";
+ dojo.byId("cancelBtnAlbumDesc").style.display = "";
+ } else {
+ var desc = dojo.byId("albumDescription").value;
cancelAlbumDesc();
dojo.xhrPost({
url:"upload",
content:{albumName:albumName,addAlbumDesc:desc},
handleAs: "text",
- load: function(response, ioArgs){
+ load: function(response, ioArgs) {
reloadAdminGallery();
},
- error: function(response, ioArgs){
- console.error("Error in editing album description");
+ error: function(response, ioArgs) {
+ console.error("Error in editing album description");
}
});
}
}
//to cancel the editing of the albumDescription
-function cancelAlbumDesc(){
- dojo.byId("albumDescriptionDiv").innerHTML="<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription' readonly='readonly' style='background-color:#F4F2F2;'></textarea>";
- dojo.byId("albumDescription").value=albumDesc;
- dojo.byId("btnAlbumDesc").innerHTML="Edit album Description";
- dojo.byId("cancelBtnAlbumDesc").style.display="none";
- albumDescEditOn=false;
+function cancelAlbumDesc() {
+ dojo.byId("albumDescriptionDiv").innerHTML = "<textarea cols='20' rows='5' class='textarea' name='albumDescription' id='albumDescription' readonly='readonly' style='background-color:#F4F2F2;'></textarea>";
+ dojo.byId("albumDescription").value = albumDesc;
+ dojo.byId("btnAlbumDesc").innerHTML = "Edit album Description";
+ dojo.byId("cancelBtnAlbumDesc").style.display = "none";
+ albumDescEditOn = false;
}
//this method will delete the selected image from the current album
-function removeImage(imageName){
+function removeImage(imageName) {
dojo.xhrDelete({
url:"upload",
content:{imageName:imageName,albumName:albumName},
handleAs: "text",
- load: function(response, ioArgs){
+ load: function(response, ioArgs) {
reloadAdminGallery();
},
- error: function(response, ioArgs){
- console.error("Error in deleting file");
+ error: function(response, ioArgs) {
+ console.error("Error in deleting file");
}
});
}
-function reloadAdminGallery(){
- gallery = new dojo.rpc.JsonService( photark.constants.GalleryServiceEndpoint );
+function reloadAdminGallery() {
+ gallery = new dojo.rpc.JsonService(photark.constants.GalleryServiceEndpoint);
populateSelect();
}
//confirm before deletion
-function confirmDelete(item ){
-var r;
- if(item==undefined){
- r=confirm("Are you sure to delete the album "+albumName+"?");
- }else{
- r=confirm("Are you sure to delete the image "+item+"?");
+function confirmDelete(item) {
+ var r;
+ if (item == undefined) {
+ r = confirm("Are you sure to delete the album " + albumName + "?");
+ } else {
+ r = confirm("Are you sure to delete the image " + item + "?");
}
- if (r==true){
+ if (r == true) {
removeImage(item);
}
}
function populateUserInfo() {
- dojo.xhrPost({
- url:"../security", //photark.constants.SecurityEndpoint,
- content:{request:"getUser"},
- handleAs: "json",
- load: function(response, ioArgs) {
- displayLoginLinks(response);
- },
- error: function(response, ioArgs) {
- console.error("Error in getting user info");
- }
- });
+ dojo.xhrPost({
+ url:"../security", //photark.constants.SecurityEndpoint,
+ content:{request:"getUser"},
+ handleAs: "json",
+ load: function(response, ioArgs) {
+ displayLoginLinks(response);
+ },
+ error: function(response, ioArgs) {
+ console.error("Error in getting user info");
}
+ });
+}
-function displayLoginLinks (response) {
- if(response!=null&&response.user.userId!="null"){
+function displayLoginLinks(response) {
+ if (response != null && response.user.userId != "null") {
var displayName = response.user.userInfo.displayName;
- document.getElementById("loginName").innerHTML="<b>"+displayName+"</b>" ;
+ document.getElementById("loginName").innerHTML = "<b>" + displayName + "</b>";
} else {
- document.getElementById("loginName").innerHTML="";
+ document.getElementById("loginName").innerHTML = "";
}
}
-dojo.addOnLoad( function() {
- dojo.addOnLoad(populateUserInfo);
- populateSelect();
+
+function getJSONAccessList() {
+ dojo.xhrPost({
+ sync: true,
+ url:"../security", //photark.constants.SecurityEndpoint,
+ content:{request:"getJSONAccessList"},
+ handleAs: "json",
+ load: function(response, ioArgs) {
+ userId = response.userId;
+ SECURITY_TOKEN = response.token;
+ permissions = response.permissions;
+ populateUserInfo();
+ populateSelect();
+
+ },
+ error: function(response, ioArgs) {
+ console.error("Error in getting JSON Access List");
+ }
+ });
+}
+
+dojo.addOnLoad(function() {
+ dojo.addOnLoad(getJSONAccessList);
});
Modified: incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/upload.js
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/upload.js?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/upload.js (original)
+++ incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/js/upload.js Sat Jul 10 12:39:59 2010
@@ -29,7 +29,7 @@ dojo.require("dojox.embed.Flash");
var passthrough = function(msg){
//for catching messages from Flash
if(window.console){
- console.log(msg);
+ console.log(msg);
}
};
@@ -41,7 +41,7 @@ var displayProgress = function (){
var setProgressbar = function(currentVal,totalVal){
jsProgress.update({
- maximum: totalVal,
+ maximum: totalVal,
progress: currentVal,
indeterminate:false
});
@@ -62,10 +62,10 @@ dojo.addOnLoad( function(){
["Image Archive Files","*.zip;*.tar"]
]
};
-
+
if(dojo.byId("btnUploader")){
dojo.byId("files").value = "";
-
+
//instantiate uploader passing config properties
var uploader = new dojox.form.FileUploader(dojo.mixin({
button:dojo.byId("btnUploader"),
@@ -73,8 +73,8 @@ dojo.addOnLoad( function(){
selectMultipleFiles:true,
deferredUploading:false
},fileUploaderConfig), "btnUploader");
-
-
+
+
doUpload = function(){
console.log("doUpload");
displayProgress();
@@ -83,40 +83,41 @@ dojo.addOnLoad( function(){
var selected = selectAlbum.value;
albumName=selected;
var albumDescription= dojo.byId("albumDescription").value;
+ var securityToken = SECURITY_TOKEN;
console.log("selected:"+selected);
if(files == 0) {//to stop upload when on files are selected
alert("Photo Upload can not be started. Select picture(s) before upload");
- dojo.byId("progressBar").style.display="none";
+ dojo.byId("progressBar").style.display="none";
} else if(selected == null || (selected != null && selected == "" && selected.length == 0)) {
alert("Photo Upload can not be started.Select Album before upload");
- dojo.byId("progressBar").style.display="none";
+ dojo.byId("progressBar").style.display="none";
} else if(selected == "New Album") {
albumName = dojo.byId("newAlbumName").value;
if( albumName == null || (albumName != null && albumName == "" && albumName.length == 0)) {
alert("Photo Upload can not be started.Enter the new album name");
- dojo.byId("progressBar").style.display="none";
+ dojo.byId("progressBar").style.display="none";
} else {
//add new album to list of albums
selectAlbum.options[selectAlbum.options.length] = new Option(albumName, albumName, false, false);
//upload the files
setProgressbar(0,1);
- uploader.upload({albumName:albumName, albumDescription:albumDescription});
+ uploader.upload({albumName:albumName, albumDescription:albumDescription, securityToken:securityToken});
}
} else {
//upload files to existent album
setProgressbar(0,1);
- uploader.upload({albumName:selected,albumDescription:albumDescription});
+ uploader.upload({albumName:selected,albumDescription:albumDescription, securityToken:securityToken});
}
//dojo.byId("newAlbumName").value ="";
}
-
+
dojo.connect(uploader, "onComplete", function(dataArray){
console.log("onComplete");
setProgressbar(1,1);
dojo.byId("newAlbumName").value ="";
reloadAdminGallery();
});
-
+
dojo.connect(uploader, "onProgress", function(dataArray){
var uploadedPercent=0;
var totalPercent=0;
@@ -128,12 +129,12 @@ dojo.addOnLoad( function(){
setProgressbar((uploadedPercent/totalPercent),1.01011);
//dojo.byId("newAlbumName").value ="";
});
-
+
dojo.connect(uploader, "onChange", function(dataArray){
//hiding the progress bar
dojo.byId("progressBar").style.display="none";
});
-
+
dojo.connect(uploader, "onError", function(err){
var uploadedPercent=0;
var totalPercent=0;
@@ -148,7 +149,7 @@ dojo.addOnLoad( function(){
//alert("Error uploading files:" + err.text);
}
});
-
+
}
});
\ No newline at end of file
Modified: incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html (original)
+++ incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html Sat Jul 10 12:39:59 2010
@@ -1,4 +1,4 @@
-<!--
+.<!--
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -61,13 +61,13 @@
<tr>
<td>
<div id="albumCoverDiv">
-
+
</div>
</td>
- <td>
+ <td>
<label for="albumDescriptionDiv">Album Description</label>
<div id="albumDescriptionDiv" >
-
+
</div>
</td>
</tr>
@@ -86,14 +86,15 @@
</table>
</li>
<li>
- <label>Files:</label>
- <div id="files" class="field"></div>
-
+ <div id="filesDiv" >
+ <label>Files:</label>
+ <div id="files" class="field"></div>
+ </div>
</li>
<li>
- <div id="progressDiv" class="tundra" >
+ <div id="progressDiv" class="tundra" >
<div id="progressBar" dojoType="dijit.ProgressBar" style="width:300px;display:none;"
- jsId="jsProgress">
+ jsId="jsProgress">
</div>
</div>
</li>
Modified: incubator/photark/trunk/photark-ui/src/main/webapp/js/gallery.js
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui/src/main/webapp/js/gallery.js?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui/src/main/webapp/js/gallery.js (original)
+++ incubator/photark/trunk/photark-ui/src/main/webapp/js/gallery.js Sat Jul 10 12:39:59 2010
@@ -41,15 +41,37 @@ var albumPos = 0;
var pos = 0;
var slideShowSpeed=0;
var timer;
+var userId;
+var SECURITY_TOKEN;
+var permissions = new Array();
dojo.addOnLoad(function() {
dojo.require("dojo._base.xhr");
dojo.require("dojo.rpc.JsonService");
+ dojo.addOnLoad(getJSONAccessList);
dojo.addOnLoad(populateUserInfo);
dojo.addOnLoad(initServices);
dojo.addOnLoad(initGallery);
});
+function getJSONAccessList() {
+ dojo.xhrPost({
+ sync: true,
+ url:"security", //photark.constants.SecurityEndpoint,
+ content:{request:"getJSONAccessList"},
+ handleAs: "json",
+ load: function(response, ioArgs) {
+ userId = response.userId;
+ SECURITY_TOKEN = response.token;
+ permissions = response.defaultPermissions;
+
+ },
+ error: function(response, ioArgs) {
+ console.error("Error in getting JSON Access List");
+ }
+ });
+}
+
function initServices(){
searchService = new dojo.rpc.JsonService( photark.constants.SearchServiceEndpoint );
gallery = new dojo.rpc.JsonService( photark.constants.GalleryServiceEndpoint );
@@ -57,7 +79,8 @@ function initServices(){
function initGallery() {
try {
- gallery.getAlbums().addCallback(gallery_getAlbumsResponse);
+ // gallery.getAlbums().addCallback(gallery_getAlbumsResponse); getAlbumsToUser
+ gallery.getAlbumsToUser(SECURITY_TOKEN).addCallback(gallery_getAlbumsResponse);
} catch(exception) {
alert(exception);
}
@@ -77,14 +100,14 @@ function populateUserInfo() {
});
}
function displayLoginLinks (response) {
- if(response!=null&&response.user.userId!="null"){
+ if(response!=null&&response.user.userId!="null"&&response.user.userId!="UnRegisteredUser"){
var displayName = response.user.userInfo.displayName;
document.getElementById("loginLinks").innerHTML="Welcome <b>"+displayName+"</b> : <span><a href=\"./admin/upload.html\"><u>Admin page</u></a></span> <span><a href=\"./logout/\"><u>Logout</u></a></span>" ;
} else {
document.getElementById("loginLinks").innerHTML="<span><a href=\"./admin/authenticate\"><u>Super admin</u></a></span> <span><a href=\"./home/authenticate\"><u>Login</u></a></span>";
}
-
+
}
@@ -97,7 +120,8 @@ function gallery_getAlbumsResponse(album
for(i=0; i< galleryAlbums.length; i++)
{
- gallery.getAlbumCover(galleryAlbums[i].name).addCallback(gallery_getAlbumCoverResponse);
+ // gallery.getAlbumCover(galleryAlbums[i].name).addCallback(gallery_getAlbumCoverResponse);
+ gallery.getAlbumCoverToUser(galleryAlbums[i].name,SECURITY_TOKEN).addCallback(gallery_getAlbumCoverResponse);
}
}
@@ -129,7 +153,7 @@ function searchResponse(items, exception
for (i = 0; i < items.length; i++) {
var row = table.insertRow(lastRow++);
var column = row.insertCell(0);
-
+
var img = document.createElement("img");
img.src = "";
//img.class = "slideImage";
@@ -142,9 +166,9 @@ function searchResponse(items, exception
column = row.insertCell(0)
column.innerHTML = "<img src=\"images/space.gif\" class=\"slideImage\" width=\"10\" height=\"10\" ondragstart=\"return false\" onselectstart=\"return false\" oncontextmenu=\"return false\" galleryimg=\"no\" usemap=\"#imagemap\" alt=\"\">";
}
-
+
displaySearchResults();
-
+
}
function deleteTableRows(table) {
@@ -198,7 +222,8 @@ function displaySearchResults() {
function initializeAlbum(albumName) {
try {
this.albumName = albumName;
- gallery.getAlbumPictures(albumName).addCallback(gallery_getAlbumPicturesResponse);
+ // gallery.getAlbumPictures(albumName).addCallback(gallery_getAlbumPicturesResponse);
+ gallery.getAlbumPicturesToUser(albumName,SECURITY_TOKEN).addCallback(gallery_getAlbumPicturesResponse);
} catch(exception) {
alert(e);
}
Modified: incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite (original)
+++ incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite Sat Jul 10 12:39:59 2010
@@ -33,6 +33,7 @@
</service>
<reference name="repositoryManager" target="RepositoryManager"/>
<reference name="listeners" target="SearchService"/>
+ <reference name="accessmanager" target="AccessManager"/>
</component>
<!-- Component responsible for providing REST access to images -->
@@ -64,7 +65,8 @@
<reference name="repositoryManager" target="RepositoryManager"/>
<reference name="gallery" target="Gallery">
<binding.sca name="local"/>
- </reference>
+ </reference>
+ <reference name="accessmanager" target="AccessManager"/>
</component>
<!-- Component responsible for providing JCR Management Support -->
Modified: incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/Album.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/Album.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/Album.java (original)
+++ incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/Album.java Sat Jul 10 12:39:59 2010
@@ -44,4 +44,8 @@ public interface Album {
void deletePicture(String picture);
void deletePicture(Image picture);
+
+ void addOwner(String owner);
+
+ String[] getOwners();
}
\ No newline at end of file
Modified: incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/AlbumAgregator.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/AlbumAgregator.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/AlbumAgregator.java (original)
+++ incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/album/AlbumAgregator.java Sat Jul 10 12:39:59 2010
@@ -124,6 +124,14 @@ public class AlbumAgregator implements A
}
+ public void addOwner(String owner) {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ public String[] getOwners() {
+ return new String[0]; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
public void deletePicture(String picture){
}
Modified: incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/BaseGalleryImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/BaseGalleryImpl.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/BaseGalleryImpl.java (original)
+++ incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/BaseGalleryImpl.java Sat Jul 10 12:39:59 2010
@@ -102,7 +102,7 @@ public abstract class BaseGalleryImpl {
}
}
- private Album getAlbum(String albumName) {
+ protected Album getAlbum(String albumName) {
Album albumLookup = null;
for (Album album : albums) {
if (album.getName().equalsIgnoreCase(albumName)) {
@@ -145,5 +145,15 @@ public abstract class BaseGalleryImpl {
}
}
-
+ public Album[] getAlbumsToUser(String securityToken){
+ return getAlbums();
+ }
+
+ public String getAlbumCoverToUser(String albumName, String securityToken){
+ return getAlbumCover(albumName);
+ }
+
+ public String[] getAlbumPicturesToUser(String albumName, String securityToken) {
+ return getAlbumPictures(albumName);
+ }
}
Modified: incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/Gallery.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/Gallery.java?rev=962834&r1=962833&r2=962834&view=diff
==============================================================================
--- incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/Gallery.java (original)
+++ incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/Gallery.java Sat Jul 10 12:39:59 2010
@@ -22,13 +22,15 @@ import org.apache.photark.services.album
import org.oasisopen.sca.annotation.Remotable;
@Remotable
-public interface Gallery extends GalleryListener {
+public interface Gallery extends GalleryListener ,GallerySecurity{
String getName();
void setName(String name);
void addAlbum(String albumName);
+
+ boolean hasAlbum(String albumName);
void deleteAlbum(String albumName);
Added: incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/GallerySecurity.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/GallerySecurity.java?rev=962834&view=auto
==============================================================================
--- incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/GallerySecurity.java (added)
+++ incubator/photark/trunk/photark/src/main/java/org/apache/photark/services/gallery/GallerySecurity.java Sat Jul 10 12:39:59 2010
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.photark.services.gallery;
+
+import org.apache.photark.services.album.Album;
+import org.oasisopen.sca.annotation.Remotable;
+
+/**
+ * This is to provide security to PhotArk JSON RPC Services
+ */
+
+@Remotable
+public interface GallerySecurity{
+
+ Album[] getAlbumsToUser(String securityToken);
+
+ String getAlbumCoverToUser(String albumName, String securityToken);
+
+ String[] getAlbumPicturesToUser(String albumName, String securityToken);
+
+}