You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by gk...@apache.org on 2017/12/23 09:32:08 UTC
svn commit: r1819127 - in /turbine/core/trunk: ./
src/java/org/apache/turbine/modules/actions/
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/services/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/util/
Author: gk
Date: Sat Dec 23 09:32:08 2017
New Revision: 1819127
URL: http://svn.apache.org/viewvc?rev=1819127&view=rev
Log:
- updates due to fulcrum security version 1.1.2-SNAPSHOT
- allow annotations in turbine services (TODO test)
Modified:
turbine/core/trunk/pom.xml
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/AccessController.java
turbine/core/trunk/src/java/org/apache/turbine/om/security/DefaultUserImpl.java
turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
turbine/core/trunk/src/java/org/apache/turbine/services/security/DefaultSecurityService.java
turbine/core/trunk/src/java/org/apache/turbine/services/security/SecurityService.java
turbine/core/trunk/src/java/org/apache/turbine/util/SecurityCheck.java
Modified: turbine/core/trunk/pom.xml
URL: http://svn.apache.org/viewvc/turbine/core/trunk/pom.xml?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/pom.xml (original)
+++ turbine/core/trunk/pom.xml Sat Dec 23 09:32:08 2017
@@ -1107,7 +1107,7 @@
<properties>
<!-- TODO: Change for release -->
<turbine.site.path>turbine/development/turbine-4.1</turbine.site.path>
- <fulcrum.security>1.1.1</fulcrum.security>
+ <fulcrum.security>1.1.2-SNAPSHOT</fulcrum.security>
<slf4j.version>1.7.25</slf4j.version>
</properties>
Modified: turbine/core/trunk/src/java/org/apache/turbine/modules/actions/AccessController.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/modules/actions/AccessController.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/modules/actions/AccessController.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/modules/actions/AccessController.java Sat Dec 23 09:32:08 2017
@@ -82,7 +82,7 @@ public class AccessController
* If there is a user and the user is logged in, doPerform will
* set the RunData ACL. The list is first sought from the current
* session, otherwise it is loaded through
- * <code>TurbineSecurity.getACL()</code> and added to the current
+ * <code>link {@link SecurityService#getACL(User)}</code> and added to the current
* session.
*
* @param pipelineData Turbine information.
Modified: turbine/core/trunk/src/java/org/apache/turbine/om/security/DefaultUserImpl.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/om/security/DefaultUserImpl.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/om/security/DefaultUserImpl.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/om/security/DefaultUserImpl.java Sat Dec 23 09:32:08 2017
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpSessionBin
import org.apache.fulcrum.security.model.turbine.entity.TurbineUser;
import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole;
+import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.turbine.services.TurbineServices;
import org.apache.turbine.services.security.SecurityService;
import org.apache.turbine.util.ObjectUtils;
@@ -288,9 +289,10 @@ public class DefaultUserImpl implements
* Get the User/Group/Role set associated with this entity
*
* @return a set of User/Group/Role relations
+ * @throws DataBackendException
*/
@Override
- public <T extends TurbineUserGroupRole> Set<T> getUserGroupRoleSet()
+ public <T extends TurbineUserGroupRole> Set<T> getUserGroupRoleSet() throws DataBackendException
{
return userDelegate.getUserGroupRoleSet();
}
@@ -312,9 +314,10 @@ public class DefaultUserImpl implements
*
* @param userGroupRole
* a User/Group/Role relation to add
+ * @throws DataBackendException
*/
@Override
- public void addUserGroupRole(TurbineUserGroupRole userGroupRole)
+ public void addUserGroupRole(TurbineUserGroupRole userGroupRole) throws DataBackendException
{
userDelegate.addUserGroupRole(userGroupRole);
}
@@ -324,9 +327,10 @@ public class DefaultUserImpl implements
*
* @param userGroupRole
* a User/Group/Role relation to remove
+ * @throws DataBackendException
*/
@Override
- public void removeUserGroupRole(TurbineUserGroupRole userGroupRole)
+ public void removeUserGroupRole(TurbineUserGroupRole userGroupRole) throws DataBackendException
{
userDelegate.removeUserGroupRole(userGroupRole);
}
Modified: turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java Sat Dec 23 09:32:08 2017
@@ -33,6 +33,8 @@ import org.apache.commons.configuration.
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.turbine.annotation.AnnotationProcessor;
+import org.apache.turbine.util.TurbineException;
/**
* A generic implementation of a <code>ServiceBroker</code> which
@@ -373,6 +375,16 @@ public abstract class BaseServiceBroker
if (!instance.getInit())
{
+
+ try
+ {
+ // convenience annotation in Turbine services
+ AnnotationProcessor.process(instance);
+ }
+ catch ( TurbineException e )
+ {
+ throw new InstantiationException( e.getMessage(), e );
+ }
// this call might result in an indirect recursion
instance.init();
}
Modified: turbine/core/trunk/src/java/org/apache/turbine/services/security/DefaultSecurityService.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/services/security/DefaultSecurityService.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/services/security/DefaultSecurityService.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/services/security/DefaultSecurityService.java Sat Dec 23 09:32:08 2017
@@ -920,6 +920,28 @@ public class DefaultSecurityService
{
modelManager.revokeAll(role);
}
+
+ /**
+ * Revokes by default all permissions from a Role and if flag is set
+ * all group and user relationships with this role
+ *
+ * This method is used when deleting a Role.
+ *
+ * @param role
+ * the Role
+ * @param cascadeDelete
+ * if <code>true </code> removes all groups and user for this role.
+ * @throws DataBackendException
+ * if there was an error accessing the data backend.
+ * @throws UnknownEntityException
+ * if the Role is not present.
+ */
+ @Override
+ public void revokeAll( Role role, boolean cascadeDelete )
+ throws DataBackendException, UnknownEntityException
+ {
+ modelManager.revokeAll(role, cascadeDelete);
+ }
/**
* Retrieves all permissions associated with a role.
Modified: turbine/core/trunk/src/java/org/apache/turbine/services/security/SecurityService.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/services/security/SecurityService.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/services/security/SecurityService.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/services/security/SecurityService.java Sat Dec 23 09:32:08 2017
@@ -460,6 +460,24 @@ public interface SecurityService
*/
void revokeAll(Role role)
throws DataBackendException, UnknownEntityException;
+
+ /**
+ * Revokes by default all permissions from a Role and if flag is set
+ * all groups and users for this role
+ *
+ * This method is used when deleting a Role.
+ *
+ * @param role
+ * the Role
+ * @param cascadeDelete
+ * if <code>true </code> removes all groups and user for this role.
+ * @throws DataBackendException
+ * if there was an error accessing the data backend.
+ * @throws UnknownEntityException
+ * if the Role is not present.
+ */
+ void revokeAll( Role role, boolean cascadeDelete )
+ throws DataBackendException, UnknownEntityException;
/*-----------------------------------------------------------------------
Retrieval & storage of SecurityObjects
@@ -695,4 +713,5 @@ public interface SecurityService
*/
void renamePermission(Permission permission, String name)
throws DataBackendException, UnknownEntityException;
+
}
Modified: turbine/core/trunk/src/java/org/apache/turbine/util/SecurityCheck.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/util/SecurityCheck.java?rev=1819127&r1=1819126&r2=1819127&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/util/SecurityCheck.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/util/SecurityCheck.java Sat Dec 23 09:32:08 2017
@@ -192,7 +192,7 @@ public class SecurityCheck
* The permission will be created and granted to the first available Role of
* the user, that the SecurityCheck is running against.
*
- * If the User has no Roles, the first Role via TurbineSecurity is granted the
+ * If the User has no Roles, the first Role via SecurityService is granted the
* permission.
*
* @param permission
@@ -228,7 +228,7 @@ public class SecurityCheck
{
/*
* The User within data has no roles yet, let us grant the permission
- * to the first role available through TurbineSecurity.
+ * to the first role available through SecurityService.
*/
roles = securityService.getRoleManager().getAllRoles();
if(roles.size() > 0)
Re: Re: svn commit: r1819127 - in /turbine/core/trunk: ./ src/java/org/apache/turbine/modules/actions/ src/java/org/apache/turbine/om/security/ src/java/org/apache/turbine/services/ src/java/org/apache/turbine/services/security/ src/java/org/apache/turbine/util/
Posted by Georg Kallidis <ge...@cedis.fu-berlin.de>.
ok, I reverted the (anyway still incomplete) service annotation
processing. To illustrate, what I intended, a patch is included. It may be
still incomplete or incorrect, but I think it would be possible at the
end.
Best regards, Georg
Von: Thomas Vandahl <tv...@apache.org>
An: Turbine Developers List <de...@turbine.apache.org>
Datum: 04.01.2018 18:41
Betreff: Re: svn commit: r1819127 - in /turbine/core/trunk: ./
src/java/org/apache/turbine/modules/actions/
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/services/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/util/
On 04.01.18 16:45, Georg Kallidis wrote:
> I thought as injectTurbineService just calls getService - which may be
> called at any time later - we should be quite safe (?).
Yes, but getService initializes the service if not yet done so you may
end up in a endless recursion.
> But even if processing is done after the init call it is only the early
> initialized services, which gets annotated and injections of other
> services would remain indeed unresolved. I think, if we use hashset,
which
> gets updated for each injected service (name) this could be fixed
(running
> the annotations process recursively after the service init loop).
Injected
> Turbine service annotation could then be used in all methods, but not in
> the init method itself and would require at least one early initialized
> root service.
Please keep in mind that the Turbine service layer can be extended by
other service providers, which would make this tracking next to
impossible. I already had a hard time to resolve the automatic
early-init of service provider classes. I'd rather go without this
feature.
Bye, Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org
Re: svn commit: r1819127 - in /turbine/core/trunk: ./
src/java/org/apache/turbine/modules/actions/
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/services/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/util/
Posted by Thomas Vandahl <tv...@apache.org>.
On 04.01.18 16:45, Georg Kallidis wrote:
> I thought as injectTurbineService just calls getService - which may be
> called at any time later - we should be quite safe (?).
Yes, but getService initializes the service if not yet done so you may
end up in a endless recursion.
> But even if processing is done after the init call it is only the early
> initialized services, which gets annotated and injections of other
> services would remain indeed unresolved. I think, if we use hashset, which
> gets updated for each injected service (name) this could be fixed (running
> the annotations process recursively after the service init loop). Injected
> Turbine service annotation could then be used in all methods, but not in
> the init method itself and would require at least one early initialized
> root service.
Please keep in mind that the Turbine service layer can be extended by
other service providers, which would make this tracking next to
impossible. I already had a hard time to resolve the automatic
early-init of service provider classes. I'd rather go without this feature.
Bye, Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org
Re: Re: svn commit: r1819127 - in /turbine/core/trunk: ./ src/java/org/apache/turbine/modules/actions/ src/java/org/apache/turbine/om/security/ src/java/org/apache/turbine/services/ src/java/org/apache/turbine/services/security/ src/java/org/apache/turbine/util/
Posted by Georg Kallidis <ge...@cedis.fu-berlin.de>.
I thought as injectTurbineService just calls getService - which may be
called at any time later - we should be quite safe (?).
But even if processing is done after the init call it is only the early
initialized services, which gets annotated and injections of other
services would remain indeed unresolved. I think, if we use hashset, which
gets updated for each injected service (name) this could be fixed (running
the annotations process recursively after the service init loop). Injected
Turbine service annotation could then be used in all methods, but not in
the init method itself and would require at least one early initialized
root service.
I think about this once more, waiting for some response...
Best regards, Georg
Von: Thomas Vandahl <tv...@apache.org>
An: dev@turbine.apache.org
Datum: 24.12.2017 12:21
Betreff: Re: svn commit: r1819127 - in /turbine/core/trunk: ./
src/java/org/apache/turbine/modules/actions/
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/services/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/util/
On 23.12.17 10:32, gk@apache.org wrote:
> Author: gk
> Date: Sat Dec 23 09:32:08 2017
> New Revision: 1819127
>
> URL: http://svn.apache.org/viewvc?rev=1819127&view=rev
> Log:
> - updates due to fulcrum security version 1.1.2-SNAPSHOT
> - allow annotations in turbine services (TODO test)
>
[...]
> Modified:
turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
> URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java?rev=1819127&r1=1819126&r2=1819127&view=diff
>
==============================================================================
> ---
turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
(original)
> +++
turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
Sat Dec 23 09:32:08 2017
> @@ -33,6 +33,8 @@ import org.apache.commons.configuration.
> import org.apache.commons.lang.StringUtils;
> import org.apache.commons.logging.Log;
> import org.apache.commons.logging.LogFactory;
> +import org.apache.turbine.annotation.AnnotationProcessor;
> +import org.apache.turbine.util.TurbineException;
>
> /**
> * A generic implementation of a <code>ServiceBroker</code> which
> @@ -373,6 +375,16 @@ public abstract class BaseServiceBroker
>
> if (!instance.getInit())
> {
> +
> + try
> + {
> + // convenience annotation in Turbine services
> + AnnotationProcessor.process(instance);
> + }
> + catch ( TurbineException e )
> + {
> + throw new InstantiationException( e.getMessage(), e );
> + }
> // this call might result in an indirect recursion
> instance.init();
> }
I'm afraid this will cause a stack overflow if you happen to hit a
cyclic dependency. The AnnotationProcessor expects services to be
initialized so I left this out intentionally.
Bye, Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org
Re: svn commit: r1819127 - in /turbine/core/trunk: ./
src/java/org/apache/turbine/modules/actions/
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/services/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/util/
Posted by Thomas Vandahl <tv...@apache.org>.
On 23.12.17 10:32, gk@apache.org wrote:
> Author: gk
> Date: Sat Dec 23 09:32:08 2017
> New Revision: 1819127
>
> URL: http://svn.apache.org/viewvc?rev=1819127&view=rev
> Log:
> - updates due to fulcrum security version 1.1.2-SNAPSHOT
> - allow annotations in turbine services (TODO test)
>
[...]
> Modified: turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java
> URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java?rev=1819127&r1=1819126&r2=1819127&view=diff
> ==============================================================================
> --- turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java (original)
> +++ turbine/core/trunk/src/java/org/apache/turbine/services/BaseServiceBroker.java Sat Dec 23 09:32:08 2017
> @@ -33,6 +33,8 @@ import org.apache.commons.configuration.
> import org.apache.commons.lang.StringUtils;
> import org.apache.commons.logging.Log;
> import org.apache.commons.logging.LogFactory;
> +import org.apache.turbine.annotation.AnnotationProcessor;
> +import org.apache.turbine.util.TurbineException;
>
> /**
> * A generic implementation of a <code>ServiceBroker</code> which
> @@ -373,6 +375,16 @@ public abstract class BaseServiceBroker
>
> if (!instance.getInit())
> {
> +
> + try
> + {
> + // convenience annotation in Turbine services
> + AnnotationProcessor.process(instance);
> + }
> + catch ( TurbineException e )
> + {
> + throw new InstantiationException( e.getMessage(), e );
> + }
> // this call might result in an indirect recursion
> instance.init();
> }
I'm afraid this will cause a stack overflow if you happen to hit a
cyclic dependency. The AnnotationProcessor expects services to be
initialized so I left this out intentionally.
Bye, Thomas
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org