You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ad...@apache.org on 2009/12/30 01:30:03 UTC
svn commit: r894519 - in /ofbiz/branches/executioncontext20090812/framework:
api/src/org/ofbiz/api/authorization/ api/src/org/ofbiz/api/context/
common/src/org/ofbiz/common/login/ context/src/org/ofbiz/context/
entity/src/org/ofbiz/entity/ entity/src/o...
Author: adrianc
Date: Wed Dec 30 00:30:01 2009
New Revision: 894519
URL: http://svn.apache.org/viewvc?rev=894519&view=rev
Log:
The Authorization Manager is mostly working. Filtering
EntityListIterator values is not implemented due to architectural
problems. The Authorization Manager is still disabled by default
because the demo data load will not work with it enabled.
Removed:
ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIteratorImpl.java
Modified:
ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java
ofbiz/branches/executioncontext20090812/framework/common/src/org/ofbiz/common/login/LoginServices.java
ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java
ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java
ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/PathNode.java
ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/SecurityAwareEli.java
ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ExecutionContext.java
ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ThreadContext.java
ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/datasource/GenericDAO.java
ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIterator.java
ofbiz/branches/executioncontext20090812/framework/example/data/ExampleSecurityData.xml
ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Modified: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/NullAuthorizationManager.java Wed Dec 30 00:30:01 2009
@@ -102,7 +102,7 @@
}
/** An implementation of the <code>AccessController</code> interface
- * that allows unrestricted access.
+ * that allows unrestricted access to all security-aware artifacts.
*/
protected static class NullAccessController implements AccessController {
@@ -124,7 +124,7 @@
if (this.verbose) {
Debug.logInfo("Checking permission: " + ThreadContext.getExecutionPath() + "[" + permission + "]", module);
Debug.logInfo("Found permission(s): " +
- "system@" + ThreadContext.getExecutionPath() + "[admin=true]", module);
+ "null-access-controller@" + ThreadContext.getExecutionPath() + "[admin=true]", module);
}
}
}
Modified: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/context/ExecutionContextImpl.java Wed Dec 30 00:30:01 2009
@@ -139,6 +139,14 @@
}
}
+ protected void setLocale(String locale) {
+ if (locale != null) {
+ this.locale = new Locale(locale);
+ } else {
+ this.locale = Locale.getDefault();
+ }
+ }
+
public Object setProperty(String key, Object value) {
return this.properties.put(key, value);
}
@@ -149,6 +157,14 @@
}
}
+ protected void setTimeZone(String timeZone) {
+ if (timeZone != null) {
+ this.timeZone = TimeZone.getTimeZone(timeZone);
+ } else {
+ this.timeZone = TimeZone.getDefault();
+ }
+ }
+
@Override
public String toString() {
return this.getExecutionPath();
Modified: ofbiz/branches/executioncontext20090812/framework/common/src/org/ofbiz/common/login/LoginServices.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/common/src/org/ofbiz/common/login/LoginServices.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/common/src/org/ofbiz/common/login/LoginServices.java Wed Dec 30 00:30:01 2009
@@ -30,6 +30,7 @@
import javolution.util.FastList;
import javolution.util.FastMap;
+import org.ofbiz.service.ThreadContext;
import org.ofbiz.base.crypto.HashCrypt;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.UtilDateTime;
@@ -234,6 +235,7 @@
}
successfulLogin = "Y";
+ ThreadContext.setUserLogin(userLogin);
if (!isServiceAuth) {
// get the UserLoginSession if this is not a service auth
@@ -245,7 +247,6 @@
result.put("userLoginSession", userLoginSessionMap);
}
}
-
result.put("userLogin", userLogin);
result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_SUCCESS);
} else {
@@ -412,6 +413,7 @@
userLogin.set("userLoginId", username);
userLogin.set("enabled", "Y");
userLogin.set("hasLoggedOut", "N");
+ ThreadContext.setUserLogin(userLogin);
result.put("userLogin", userLogin);
result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_SUCCESS);
//TODO: more than this is needed to support 100% external authentication
Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AccessControllerImpl.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AccessControllerImpl.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AccessControllerImpl.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AccessControllerImpl.java Wed Dec 30 00:30:01 2009
@@ -62,9 +62,6 @@
if (this.verbose) {
Debug.logInfo("Found permission(s): " + ThreadContext.getUserLogin().getString("userLoginId") +
"@" + ThreadContext.getExecutionPath() + "[" + this.permission + "]", module);
-/* if ("NOT_LOGGED_IN".equals(ThreadContext.getUserLogin().getString("userLoginId"))) {
- Debug.logInfo(new Exception(), module);
- } */
}
if (this.disabled) {
return;
@@ -84,16 +81,12 @@
}
public <E> ListIterator<E> applyFilters(ListIterator<E> listIterator) {
- if (this.permission.getFilterNames().size() > 0) {
- return new SecurityAwareListIterator<E>(listIterator, this.permission.getFilterNames());
+ if (listIterator instanceof EntityListIterator) {
+ // Decorating the EntityListIterator breaks a lot of code.
+ return listIterator;
}
- return listIterator;
- }
-
- public EntityListIterator applyFilters(EntityListIterator listIterator) {
if (this.permission.getFilterNames().size() > 0) {
- // Commented out for now - causes problems with list pagination in UI
- // return new SecurityAwareEli(listIterator, this.serviceNameList, this.executionContext);
+ return new SecurityAwareListIterator<E>(listIterator, this.permission.getFilterNames());
}
return listIterator;
}
Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/AuthorizationManagerImpl.java Wed Dec 30 00:30:01 2009
@@ -130,45 +130,48 @@
public AccessController getAccessController() throws AccessControlException {
String userLoginId = ThreadContext.getUserLogin().getString("userLoginId");
- PathNode node = userPermCache.get(userLoginId);
+ PathNode node = getUserPermissionsNode(userLoginId);
if (node == null) {
- synchronized (userPermCache) {
- if (underConstruction) {
- return nullAuthorizationManager.getAccessController();
- }
- node = userPermCache.get(userLoginId);
- if (node == null) {
- node = getUserPermissionsNode();
- userPermCache.put(userLoginId, node);
- }
- }
+ // During object construction, artifacts will be used that will ultimately
+ // call this method. In order for object construction to succeed, we need
+ // to allow unrestricted access to all artifacts.
+ return nullAuthorizationManager.getAccessController();
}
- return new AccessControllerImpl(node);
+ return new AccessControllerImpl(getUserPermissionsNode(userLoginId));
}
- protected static PathNode getUserPermissionsNode() throws AccessControlException {
- underConstruction = true;
- // Set up the ExecutionContext for unrestricted access to security-aware artifacts
- AuthorizationManager originalSecurity = (AuthorizationManager) ThreadContext.getSecurity();
- ThreadContext.setSecurity(nullAuthorizationManager);
- String userLoginId = ThreadContext.getUserLogin().getString("userLoginId");
- GenericDelegator delegator = ThreadContext.getDelegator();
- PathNode node = new PathNode();
- try {
- // Process group membership permissions first
- List<GenericValue> groupMemberships = delegator.findList("UserToUserGroupRelationship", EntityCondition.makeCondition(UtilMisc.toMap("userLoginId", userLoginId)), null, null, null, false);
- for (GenericValue userGroup : groupMemberships) {
- processGroupPermissions(userGroup.getString("groupId"), node, delegator);
- }
- // Process user permissions last
- List<GenericValue> permissionValues = delegator.findList("UserToArtifactPermRel", EntityCondition.makeCondition(UtilMisc.toMap("userLoginId", userLoginId)), null, null, null, false);
- setPermissions(userLoginId, node, permissionValues);
- } catch (GenericEntityException e) {
- throw new AccessControlException(e.getMessage());
- } finally {
- ThreadContext.setSecurity(originalSecurity);
- underConstruction = false;
- }
+ protected static PathNode getUserPermissionsNode(String userLoginId) throws AccessControlException {
+ if (underConstruction) {
+ return null;
+ }
+ PathNode node = userPermCache.get(userLoginId);
+ if (node != null) {
+ return node;
+ }
+ synchronized (userPermCache) {
+ underConstruction = true;
+ node = new PathNode();
+ // Set up the ExecutionContext for unrestricted access to security-aware artifacts
+ AuthorizationManager originalSecurity = (AuthorizationManager) ThreadContext.getSecurity();
+ ThreadContext.setSecurity(nullAuthorizationManager);
+ GenericDelegator delegator = ThreadContext.getDelegator();
+ try {
+ // Process group membership permissions first
+ List<GenericValue> groupMemberships = delegator.findList("UserToUserGroupRelationship", EntityCondition.makeCondition(UtilMisc.toMap("userLoginId", userLoginId)), null, null, null, false);
+ for (GenericValue userGroup : groupMemberships) {
+ processGroupPermissions(userGroup.getString("groupId"), node, delegator);
+ }
+ // Process user permissions last
+ List<GenericValue> permissionValues = delegator.findList("UserToArtifactPermRel", EntityCondition.makeCondition(UtilMisc.toMap("userLoginId", userLoginId)), null, null, null, false);
+ setPermissions(userLoginId, node, permissionValues);
+ userPermCache.put(userLoginId, node);
+ } catch (GenericEntityException e) {
+ throw new AccessControlException(e.getMessage());
+ } finally {
+ ThreadContext.setSecurity(originalSecurity);
+ underConstruction = false;
+ }
+ }
return node;
}
Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/ExecutionContextImpl.java Wed Dec 30 00:30:01 2009
@@ -93,10 +93,10 @@
public void initializeContext(Map<String, ? extends Object> params) {
this.setDelegator((GenericDelegator) params.get("delegator"));
this.setDispatcher((LocalDispatcher) params.get("dispatcher"));
- this.setLocale((Locale) params.get("locale"));
this.setSecurity((AuthorizationManager) params.get("security"));
- this.setTimeZone((TimeZone) params.get("timeZone"));
this.setUserLogin((GenericValue) params.get("userLogin"));
+ this.setLocale((Locale) params.get("locale"));
+ this.setTimeZone((TimeZone) params.get("timeZone"));
}
@Override
@@ -108,7 +108,17 @@
this.userLogin = null;
}
- public void setDelegator(GenericDelegator delegator) {
+ protected void resetUserPreferences() {
+ if (this.userLogin != null) {
+ this.setLocale(userLogin.getString("lastLocale"));
+ this.setLocale(userLogin.getString("lastTimeZone"));
+ } else {
+ this.locale = Locale.getDefault();
+ this.timeZone = TimeZone.getDefault();
+ }
+ }
+
+ public void setDelegator(GenericDelegator delegator) {
if (delegator != null) {
this.delegator = delegator;
}
@@ -127,9 +137,14 @@
}
public void setUserLogin(GenericValue userLogin) {
- if (userLogin != null) {
- this.userLogin = userLogin;
- }
+ if (userLogin != null) {
+ this.userLogin = userLogin;
+ this.resetUserPreferences();
+ }
}
+ public void clearUserData() {
+ this.userLogin = null;
+ this.resetUserPreferences();
+ }
}
Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/PathNode.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/PathNode.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/PathNode.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/PathNode.java Wed Dec 30 00:30:01 2009
@@ -18,16 +18,25 @@
*******************************************************************************/
package org.ofbiz.context;
+import java.util.Collection;
import java.util.Map;
+import javolution.util.FastList;
import javolution.util.FastMap;
/** Implements a node in a permissions tree.
*/
public class PathNode {
- protected Map<String, PathNode> childNodes = null;
+ protected String nodeName = null;
protected OFBizPermission permission = null;
+ protected Map<String, PathNode> childNodes = null;
+
+ public PathNode() {}
+
+ protected PathNode(String nodeName) {
+ this.nodeName = nodeName;
+ }
public void setPermissions(String artifactPath, OFBizPermission permission) {
int pos = artifactPath.indexOf("/");
@@ -37,32 +46,76 @@
} else {
this.permission.accumulatePermissions(permission);
}
+ if (this.nodeName == null) {
+ this.nodeName = artifactPath;
+ }
return;
}
- String key = artifactPath.substring(0, pos - 1).toUpperCase();
+ String thisNodeName = artifactPath.substring(0, pos);
+ if (this.nodeName == null) {
+ this.nodeName = thisNodeName;
+ }
+ artifactPath = artifactPath.substring(pos + 1);
+ String nextNodeName = artifactPath;
+ pos = artifactPath.indexOf("/");
+ if (pos != -1) {
+ nextNodeName = artifactPath.substring(0, pos);
+ }
+ String key = nextNodeName.toUpperCase();
if (this.childNodes == null) {
this.childNodes = FastMap.newInstance();
}
PathNode node = this.childNodes.get(key);
if (node == null) {
- node = new PathNode();
+ node = new PathNode(nextNodeName);
this.childNodes.put(key, node);
}
- node.setPermissions(artifactPath.substring(pos + 1), permission);
+ node.setPermissions(artifactPath, permission);
}
public void getPermissions(String artifactPath, OFBizPermission permission) {
permission.accumulatePermissions(this.permission);
int pos = artifactPath.indexOf("/");
- if (pos == -1) {
- return;
- }
- String key = artifactPath.substring(0, pos - 1).toUpperCase();
- if (this.childNodes != null) {
- PathNode node = this.childNodes.get(key);
+ if (pos != -1 && this.childNodes != null) {
+ artifactPath = artifactPath.substring(pos + 1);
+ String nextNodeName = artifactPath;
+ pos = artifactPath.indexOf("/");
+ if (pos != -1) {
+ nextNodeName = artifactPath.substring(0, pos);
+ }
+ PathNode node = this.childNodes.get(nextNodeName.toUpperCase());
if (node != null) {
node.getPermissions(artifactPath, permission);
}
}
}
+
+ @Override
+ public String toString() {
+ FastList<PathNode> currentPath = FastList.newInstance();
+ StringBuilder result = new StringBuilder();
+ buildNodeString(currentPath, result);
+ return result.toString();
+ }
+
+ protected void buildNodeString(FastList<PathNode> currentPath, StringBuilder result) {
+ currentPath.add(this);
+ if (this.permission != null) {
+ for (PathNode pathNode: currentPath) {
+ result.append("/");
+ result.append(pathNode.nodeName);
+ }
+ result.append("[");
+ result.append(this.permission);
+ result.append("]");
+ result.append("\n");
+ }
+ if (this.childNodes != null) {
+ Collection<PathNode> childNodes = this.childNodes.values();
+ for (PathNode childNode : childNodes) {
+ childNode.buildNodeString(currentPath, result);
+ }
+ }
+ currentPath.removeLast();
+ }
}
Modified: ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/SecurityAwareEli.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/SecurityAwareEli.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/SecurityAwareEli.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/context/src/org/ofbiz/context/SecurityAwareEli.java Wed Dec 30 00:30:01 2009
@@ -38,7 +38,7 @@
* return <code>hasPermission = true</code> if the user is granted access
* to the <code>candidateObject</code>.</p>
*/
-public class SecurityAwareEli extends SecurityAwareListIterator<GenericValue> implements EntityListIterator {
+public class SecurityAwareEli extends SecurityAwareListIterator<GenericValue> {
public static final String module = SecurityAwareEli.class.getName();
protected final EntityListIterator listIterator;
Modified: ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ExecutionContext.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ExecutionContext.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ExecutionContext.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ExecutionContext.java Wed Dec 30 00:30:01 2009
@@ -30,6 +30,11 @@
*/
public GenericDelegator getDelegator();
+ /** Clears all user data kept in the <code>ExecutionContext</code>.
+ * This method is typically called when the user logs out.
+ */
+ public void clearUserData();
+
/** Returns the current userLogin <code>GenericValue</code>.
*
* @return The current userLogin <code>GenericValue</code>
Modified: ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ThreadContext.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ThreadContext.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ThreadContext.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/ThreadContext.java Wed Dec 30 00:30:01 2009
@@ -25,6 +25,10 @@
protected static final String module = ThreadContext.class.getName();
+ public static void clearUserData() {
+ getExecutionContext().clearUserData();
+ }
+
public static GenericDelegator getDelegator() {
return getExecutionContext().getDelegator();
}
Modified: ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/datasource/GenericDAO.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/datasource/GenericDAO.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/datasource/GenericDAO.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/datasource/GenericDAO.java Wed Dec 30 00:30:01 2009
@@ -53,7 +53,6 @@
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.entity.util.EntityFindOptions;
import org.ofbiz.entity.util.EntityListIterator;
-import org.ofbiz.entity.util.EntityListIteratorImpl;
/**
* Generic Entity Data Access Object - Handles persistence for any defined entity.
@@ -759,7 +758,7 @@
Debug.logTiming("Ran query in " + queryTotalTime + " milli-seconds: " + sql, module);
}
}
- return new EntityListIteratorImpl(sqlP, modelEntity, selectFields, modelFieldTypeReader);
+ return new EntityListIterator(sqlP, modelEntity, selectFields, modelFieldTypeReader);
}
protected StringBuilder makeConditionWhereString(ModelEntity modelEntity, EntityCondition whereEntityCondition, List<EntityCondition> viewWhereConditions, List<EntityConditionParam> whereEntityConditionParams) throws GenericEntityException {
Modified: ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIterator.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIterator.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIterator.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/entity/src/org/ofbiz/entity/util/EntityListIterator.java Wed Dec 30 00:30:01 2009
@@ -1,58 +1,550 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+
package org.ofbiz.entity.util;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
import java.util.List;
import java.util.ListIterator;
+import javolution.util.FastList;
+
+import org.ofbiz.base.util.Debug;
+import org.ofbiz.base.util.GeneralRuntimeException;
import org.ofbiz.entity.GenericDelegator;
import org.ofbiz.entity.GenericEntityException;
+import org.ofbiz.entity.GenericResultSetClosedException;
import org.ofbiz.entity.GenericValue;
-
-public interface EntityListIterator extends ListIterator<GenericValue> {
-
- public void setDelegator(GenericDelegator delegator);
+import org.ofbiz.entity.condition.EntityCondition;
+import org.ofbiz.entity.datasource.GenericDAO;
+import org.ofbiz.entity.jdbc.SQLProcessor;
+import org.ofbiz.entity.jdbc.SqlJdbcUtil;
+import org.ofbiz.entity.model.ModelEntity;
+import org.ofbiz.entity.model.ModelField;
+import org.ofbiz.entity.model.ModelFieldTypeReader;
+
+
+/**
+ * Generic Entity Cursor List Iterator for Handling Cursored DB Results
+ */
+public class EntityListIterator implements ListIterator<GenericValue> {
+
+ /** Module Name Used for debugging */
+ public static final String module = EntityListIterator.class.getName();
+
+ protected SQLProcessor sqlp;
+ protected ResultSet resultSet;
+ protected ModelEntity modelEntity;
+ protected List<ModelField> selectFields;
+ protected ModelFieldTypeReader modelFieldTypeReader;
+ protected boolean closed = false;
+ protected boolean haveMadeValue = false;
+ protected GenericDelegator delegator = null;
+ protected GenericDAO genericDAO = null;
+ protected EntityCondition whereCondition = null;
+ protected EntityCondition havingCondition = null;
+ protected boolean distinctQuery = false;
+
+ private boolean haveShowHasNextWarning = false;
+ private Integer resultSize = null;
+
+ public EntityListIterator(SQLProcessor sqlp, ModelEntity modelEntity, List<ModelField> selectFields, ModelFieldTypeReader modelFieldTypeReader) {
+ this(sqlp, modelEntity, selectFields, modelFieldTypeReader, null, null, null, false);
+ }
+
+ public EntityListIterator(SQLProcessor sqlp, ModelEntity modelEntity, List<ModelField> selectFields, ModelFieldTypeReader modelFieldTypeReader, GenericDAO genericDAO, EntityCondition whereCondition, EntityCondition havingCondition, boolean distinctQuery) {
+ this.sqlp = sqlp;
+ this.resultSet = sqlp.getResultSet();
+ this.modelEntity = modelEntity;
+ this.selectFields = selectFields;
+ this.modelFieldTypeReader = modelFieldTypeReader;
+ this.genericDAO = genericDAO;
+ this.whereCondition = whereCondition;
+ this.havingCondition = havingCondition;
+ this.distinctQuery = distinctQuery;
+ }
+
+ public EntityListIterator(ResultSet resultSet, ModelEntity modelEntity, List<ModelField> selectFields, ModelFieldTypeReader modelFieldTypeReader) {
+ this.sqlp = null;
+ this.resultSet = resultSet;
+ this.modelEntity = modelEntity;
+ this.selectFields = selectFields;
+ this.modelFieldTypeReader = modelFieldTypeReader;
+ }
+
+ public void setDelegator(GenericDelegator delegator) {
+ this.delegator = delegator;
+ }
/** Sets the cursor position to just after the last result so that previous() will return the last result */
- public void afterLast() throws GenericEntityException;
+ public void afterLast() throws GenericEntityException {
+ try {
+ resultSet.afterLast();
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error setting the cursor to afterLast", e);
+ }
+ }
/** Sets the cursor position to just before the first result so that next() will return the first result */
- public void beforeFirst() throws GenericEntityException;
+ public void beforeFirst() throws GenericEntityException {
+ try {
+ resultSet.beforeFirst();
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error setting the cursor to beforeFirst", e);
+ }
+ }
/** Sets the cursor position to last result; if result set is empty returns false */
- public boolean last() throws GenericEntityException;
+ public boolean last() throws GenericEntityException {
+ try {
+ return resultSet.last();
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error setting the cursor to last", e);
+ }
+ }
+
+ /** Sets the cursor position to first result; if result set is empty returns false */
+ public boolean first() throws GenericEntityException {
+ try {
+ return resultSet.first();
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error setting the cursor to first", e);
+ }
+ }
+
+ public void close() throws GenericEntityException {
+ if (closed) {
+ //maybe not the best way: throw new GenericResultSetClosedException("This EntityListIterator has been closed, this operation cannot be performed");
+ Debug.logWarning("This EntityListIterator for Entity [" + modelEntity==null?"":modelEntity.getEntityName() + "] has already been closed, not closing again.", module);
+ } else {
+ if (sqlp != null) {
+ sqlp.close();
+ closed = true;
+ } else if (resultSet != null) {
+ try {
+ resultSet.close();
+ } catch (SQLException e) {
+ throw new GenericEntityException("Cannot close EntityListIterator with ResultSet", e);
+ }
+ closed = true;
+ } else {
+ throw new GenericEntityException("Cannot close an EntityListIterator without a SQLProcessor or a ResultSet");
+ }
+ }
+ }
- /** Sets the cursor position to last result; if result set is empty returns false */
- public boolean first() throws GenericEntityException;
+ /** NOTE: Calling this method does return the current value, but so does calling next() or previous(), so calling one of those AND this method will cause the value to be created twice */
+ public GenericValue currentGenericValue() throws GenericEntityException {
+ if (closed) throw new GenericResultSetClosedException("This EntityListIterator has been closed, this operation cannot be performed");
- public void close() throws GenericEntityException;
+ GenericValue value = GenericValue.create(modelEntity);
- /** NOTE: Calling this method does return the current value, but so does calling next() or previous(), so calling one of those AND this method will cause the value to be created twice */
- public GenericValue currentGenericValue() throws GenericEntityException;
+ for (int j = 0; j < selectFields.size(); j++) {
+ ModelField curField = selectFields.get(j);
- public int currentIndex() throws GenericEntityException;
+ SqlJdbcUtil.getValue(resultSet, j + 1, curField, value, modelFieldTypeReader);
+ }
+
+ value.setDelegator(this.delegator);
+ value.synchronizedWithDatasource();
+ this.haveMadeValue = true;
+ if (this.delegator != null) {
+ this.delegator.decryptFields(value);
+ }
+ return value;
+ }
+
+ public int currentIndex() throws GenericEntityException {
+ if (closed) throw new GenericResultSetClosedException("This EntityListIterator has been closed, this operation cannot be performed");
+
+ try {
+ return resultSet.getRow();
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error getting the current index", e);
+ }
+ }
/** performs the same function as the ResultSet.absolute method;
* if rowNum is positive, goes to that position relative to the beginning of the list;
* if rowNum is negative, goes to that position relative to the end of the list;
* a rowNum of 1 is the same as first(); a rowNum of -1 is the same as last()
*/
- public boolean absolute(int rowNum) throws GenericEntityException;
+ public boolean absolute(int rowNum) throws GenericEntityException {
+ if (closed) throw new GenericResultSetClosedException("This EntityListIterator has been closed, this operation cannot be performed");
+
+ try {
+ return resultSet.absolute(rowNum);
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error setting the absolute index to " + rowNum, e);
+ }
+ }
/** performs the same function as the ResultSet.relative method;
* if rows is positive, goes forward relative to the current position;
* if rows is negative, goes backward relative to the current position;
*/
- public boolean relative(int rows) throws GenericEntityException;
+ public boolean relative(int rows) throws GenericEntityException {
+ if (closed) throw new GenericResultSetClosedException("This EntityListIterator has been closed, this operation cannot be performed");
- public void setFetchSize(int rows) throws GenericEntityException;
-
- public List<GenericValue> getCompleteList() throws GenericEntityException;
+ try {
+ return resultSet.relative(rows);
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error going to the relative index " + rows, e);
+ }
+ }
+
+ /**
+ * PLEASE NOTE: Because of the nature of the JDBC ResultSet interface this method can be very inefficient; it is much better to just use next() until it returns null
+ * For example, you could use the following to iterate through the results in an EntityListIterator:
+ *
+ * GenericValue nextValue = null;
+ * while ((nextValue = (GenericValue) this.next()) != null) { ... }
+ *
+ */
+ public boolean hasNext() {
+ if (!haveShowHasNextWarning) {
+ // DEJ20050207 To further discourage use of this, and to find existing use, always log a big warning showing where it is used:
+ Exception whereAreWe = new Exception();
+ Debug.logWarning(whereAreWe, "WARNING: For performance reasons do not use the EntityListIterator.hasNext() method, just call next() until it returns null; see JavaDoc comments in the EntityListIterator class for details and an example", module);
+
+ haveShowHasNextWarning = true;
+ }
+
+ try {
+ if (resultSet.isLast() || resultSet.isAfterLast()) {
+ return false;
+ } else {
+ // do a quick game to see if the resultSet is empty:
+ // if we are not in the first or beforeFirst positions and we haven't made any values yet, the result set is empty so return false
+ if (!haveMadeValue && !resultSet.isBeforeFirst() && !resultSet.isFirst()) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+ } catch (SQLException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error while checking to see if this is the last result", e);
+ }
+ }
+
+ /** PLEASE NOTE: Because of the nature of the JDBC ResultSet interface this method can be very inefficient; it is much better to just use previous() until it returns null */
+ public boolean hasPrevious() {
+ try {
+ if (resultSet.isFirst() || resultSet.isBeforeFirst()) {
+ return false;
+ } else {
+ // do a quick game to see if the resultSet is empty:
+ // if we are not in the last or afterLast positions and we haven't made any values yet, the result set is empty so return false
+ if (!haveMadeValue && !resultSet.isAfterLast() && !resultSet.isLast()) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+ } catch (SQLException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error while checking to see if this is the first result", e);
+ }
+ }
+
+ /** Moves the cursor to the next position and returns the GenericValue object for that position; if there is no next, returns null
+ * For example, you could use the following to iterate through the results in an EntityListIterator:
+ *
+ * GenericValue nextValue = null;
+ * while ((nextValue = (GenericValue) this.next()) != null) { ... }
+ *
+ */
+ public GenericValue next() {
+ try {
+ if (resultSet.next()) {
+ return currentGenericValue();
+ } else {
+ return null;
+ }
+ } catch (SQLException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error getting the next result", e);
+ } catch (GenericEntityException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error creating GenericValue", e);
+ }
+ }
+
+ /** Returns the index of the next result, but does not guarantee that there will be a next result */
+ public int nextIndex() {
+ try {
+ return currentIndex() + 1;
+ } catch (GenericEntityException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException(e.getNonNestedMessage(), e.getNested());
+ }
+ }
+
+ /** Moves the cursor to the previous position and returns the GenericValue object for that position; if there is no previous, returns null */
+ public GenericValue previous() {
+ try {
+ if (resultSet.previous()) {
+ return currentGenericValue();
+ } else {
+ return null;
+ }
+ } catch (SQLException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error getting the previous result", e);
+ } catch (GenericEntityException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error creating GenericValue", e);
+ }
+ }
+
+ /** Returns the index of the previous result, but does not guarantee that there will be a previous result */
+ public int previousIndex() {
+ try {
+ return currentIndex() - 1;
+ } catch (GenericEntityException e) {
+ if (!closed) {
+ try {
+ this.close();
+ } catch (GenericEntityException e1) {
+ Debug.logError(e1, "Error auto-closing EntityListIterator on error, so info below for more info on original error; close error: " + e1.toString(), module);
+ }
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error getting the current index", e);
+ }
+ }
+
+ public void setFetchSize(int rows) throws GenericEntityException {
+ try {
+ resultSet.setFetchSize(rows);
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException("Error getting the next result", e);
+ }
+ }
+
+ public List<GenericValue> getCompleteList() throws GenericEntityException {
+ try {
+ // if the resultSet has been moved forward at all, move back to the beginning
+ if (haveMadeValue && !resultSet.isBeforeFirst()) {
+ // do a quick check to see if the ResultSet is empty
+ resultSet.beforeFirst();
+ }
+ List<GenericValue> list = FastList.newInstance();
+ GenericValue nextValue = null;
+
+ while ((nextValue = this.next()) != null) {
+ list.add(nextValue);
+ }
+ return list;
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error getting results", e);
+ } catch (GeneralRuntimeException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException(e.getNonNestedMessage(), e.getNested());
+ }
+ }
/** Gets a partial list of results starting at start and containing at most number elements.
* Start is a one based value, ie 1 is the first element.
*/
- public List<GenericValue> getPartialList(int start, int number)
- throws GenericEntityException;
-
- public int getResultsSizeAfterPartialList() throws GenericEntityException;
-
-}
\ No newline at end of file
+ public List<GenericValue> getPartialList(int start, int number) throws GenericEntityException {
+ try {
+ if (number == 0) return FastList.newInstance();
+ List<GenericValue> list = FastList.newInstance();
+
+ // just in case the caller missed the 1 based thingy
+ if (start == 0) start = 1;
+
+ // if starting on result 1 just call next() to avoid scrollable issues in some databases
+ if (start == 1) {
+ if (!resultSet.next()) {
+ return list;
+ }
+ } else {
+ // if can't reposition to desired index, throw exception
+ if (!this.absolute(start)) {
+ // maybe better to just return an empty list here...
+ return list;
+ //throw new GenericEntityException("Could not move to the start position of " + start + ", there are probably not that many results for this find.");
+ }
+ }
+
+ // get the first as the current one
+ list.add(this.currentGenericValue());
+
+ GenericValue nextValue = null;
+ // init numRetreived to one since we have already grabbed the initial one
+ int numRetreived = 1;
+
+ //number > numRetreived comparison goes first to avoid the unwanted call to next
+ while (number > numRetreived && (nextValue = this.next()) != null) {
+ list.add(nextValue);
+ numRetreived++;
+ }
+ return list;
+ } catch (SQLException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GeneralRuntimeException("Error getting results", e);
+ } catch (GeneralRuntimeException e) {
+ if (!closed) {
+ this.close();
+ Debug.logWarning("Warning: auto-closed EntityListIterator because of exception: " + e.toString(), module);
+ }
+ throw new GenericEntityException(e.getNonNestedMessage(), e.getNested());
+ }
+ }
+
+ public int getResultsSizeAfterPartialList() throws GenericEntityException {
+ if (genericDAO != null) {
+ if (resultSize == null) {
+ EntityFindOptions efo = null;
+ if (distinctQuery) {
+ efo = new EntityFindOptions();
+ efo.setDistinct(distinctQuery);
+ }
+ resultSize = (int) genericDAO.selectCountByCondition(modelEntity, whereCondition, havingCondition, efo);
+ }
+ return resultSize;
+ } else if (this.last()) {
+ return this.currentIndex();
+ } else {
+ // evidently no valid rows in the ResultSet, so return 0
+ return 0;
+ }
+ }
+
+ public void add(GenericValue obj) {
+ throw new GeneralRuntimeException("CursorListIterator currently only supports read-only access");
+ }
+
+ public void remove() {
+ throw new GeneralRuntimeException("CursorListIterator currently only supports read-only access");
+ }
+
+ public void set(GenericValue obj) {
+ throw new GeneralRuntimeException("CursorListIterator currently only supports read-only access");
+ }
+
+ @Override
+ protected void finalize() throws Throwable {
+ try {
+ if (!closed) {
+ this.close();
+ Debug.logError("\n====================================================================\n EntityListIterator Not Closed for Entity [" + (modelEntity==null ? "" : modelEntity.getEntityName()) + "], caught in Finalize\n ====================================================================\n", module);
+ }
+ } catch (Exception e) {
+ Debug.logError(e, "Error closing the SQLProcessor in finalize EntityListIterator", module);
+ }
+ super.finalize();
+ }
+}
Modified: ofbiz/branches/executioncontext20090812/framework/example/data/ExampleSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/example/data/ExampleSecurityData.xml?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/example/data/ExampleSecurityData.xml (original)
+++ ofbiz/branches/executioncontext20090812/framework/example/data/ExampleSecurityData.xml Wed Dec 30 00:30:01 2009
@@ -38,9 +38,11 @@
<!-- Data needed to get users logged in -->
<ArtifactPath artifactPath="ofbiz/example/getUserPreferenceGroup" description="Example Application - getUserPreferenceGroup service"/>
<ArtifactPath artifactPath="ofbiz/example/login" description="Example Application - Login screen"/>
+ <ArtifactPath artifactPath="ofbiz/example/ServerHit" description="Example Application - Server hit"/>
<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/example/getUserPreferenceGroup" permissionValue="access=true"/>
<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/example/login" permissionValue="access=true"/>
<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/example/login" permissionValue="view=true"/>
+ <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/example/ServerHit" permissionValue="create=true"/>
<!-- Data needed for the transition to security-aware artifacts. As each webapp
is converted over to the new security design, the corresponding admin
Modified: ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java Wed Dec 30 00:30:01 2009
@@ -42,6 +42,7 @@
import org.ofbiz.entity.GenericValue;
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionUtil;
+import org.ofbiz.api.context.GenericExecutionArtifact;
import org.ofbiz.api.authorization.AuthorizationManager;
import org.ofbiz.security.authz.Authorization;
import org.ofbiz.service.LocalDispatcher;
@@ -311,6 +312,7 @@
Debug.logError("Error in ControlServlet output where response isCommitted and there is no session (probably because of a logout); not saving ServerHit/Bin information because there is no session and as the response isCommitted we can't get a new one. The output was successful, but we just can't save ServerHit/Bin info.", module);
} else {
try {
+ ThreadContext.pushExecutionArtifact(new GenericExecutionArtifact(module, webappName));
UtilHttp.setInitialRequestInfo(request);
VisitHandler.getVisitor(request, response);
if (requestHandler.trackStats(request)) {
@@ -318,6 +320,8 @@
}
} catch (Throwable t) {
Debug.logError(t, "Error in ControlServlet saving ServerHit/Bin information; the output was successful, but can't save this tracking information. The error was: " + t.toString(), module);
+ } finally {
+ ThreadContext.popExecutionArtifact();
}
}
if (Debug.timingOn()) timer.timerString("[" + rname + "] Request Done", module);
Modified: ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=894519&r1=894518&r2=894519&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Wed Dec 30 00:30:01 2009
@@ -380,7 +380,6 @@
if (ModelService.RESPOND_SUCCESS.equals(result.get(ModelService.RESPONSE_MESSAGE))) {
GenericValue userLogin = (GenericValue) result.get("userLogin");
- ThreadContext.setUserLogin(userLogin);
Map<String, Object> userLoginSession = checkMap(result.get("userLoginSession"), String.class, Object.class);
if (userLogin != null && "Y".equals(userLogin.getString("requirePasswordChange"))) {
return "requirePasswordChange";
@@ -494,10 +493,6 @@
GenericDelegator delegator = (GenericDelegator) request.getAttribute("delegator");
Security security = (Security) request.getAttribute("security");
- if (security != null && userLogin != null) {
- security.clearUserData(userLogin);
- }
-
// set the logged out flag
LoginWorker.setLoggedOut(userLogin.getString("userLoginId"), delegator);
@@ -515,6 +510,12 @@
if (currCatalog != null) session.setAttribute("CURRENT_CATALOG_ID", currCatalog);
if (delegatorName != null) session.setAttribute("delegatorName", delegatorName);
// DON'T save the cart, causes too many problems: if (shoppingCart != null) session.setAttribute("shoppingCart", new WebShoppingCart(shoppingCart, session));
+
+ // Must be done last
+ if (security != null && userLogin != null) {
+ security.clearUserData(userLogin);
+ }
+ ThreadContext.clearUserData();
}
public static String autoLoginSet(HttpServletRequest request, HttpServletResponse response) {