You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2007/10/09 15:43:06 UTC
svn commit: r583167 [1/2] - in
/roller/branches/roller_4.1_dev/apps/weblogger:
src/java/org/apache/roller/weblogger/business/
src/java/org/apache/roller/weblogger/business/jpa/
src/java/org/apache/roller/weblogger/planet/ui/
src/java/org/apache/roller/...
Author: snoopdave
Date: Tue Oct 9 06:43:02 2007
New Revision: 583167
URL: http://svn.apache.org/viewvc?rev=583167&view=rev
Log:
Final part of externalized user management: removing depedence on roles from from end, all authorization checks are now done using checkPermission()
Modified:
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/UserManager.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetConfig.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetGroups.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetSubscriptions.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/GlobalPermission.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/User.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/Weblog.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogEntry.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogPermission.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/MenuHelper.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTab.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTabItem.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/MenuModel.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/UtilitiesModel.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldPageHelper.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldWeblogPageModel.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CacheInfo.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetAdd.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargets.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUser.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUserBean.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalCommentManagement.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalConfig.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/UserAdmin.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Bookmarks.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarksImport.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Categories.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryAdd.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryRemove.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Comments.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargetEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargets.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Entries.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryAdd.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryBase.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderAdd.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Maintenance.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Members.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/MembersInvite.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Referrers.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Resources.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateRemove.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Templates.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/ThemeEdit.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogConfig.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogRemove.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java
roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryAdd.jsp
roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryEdit.jsp
roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/WeblogConfig.jsp
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/UserManager.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/UserManager.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/UserManager.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/UserManager.java Tue Oct 9 06:43:02 2007
@@ -280,13 +280,16 @@
/**
- * Returns true if user has role specified.
+ * Returns true if user has role specified, should be used only for testing.
+ * @deprecated User checkPermission() instead.
*/
public boolean hasRole(String roleName, User user) throws WebloggerException;
/**
+ * Get roles associated with user, should be used only for testing.
* Get all roles associated with user.
+ * @deprecated User checkPermission() instead.
*/
public List<String> getRoles(User user) throws WebloggerException;
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java Tue Oct 9 06:43:02 2007
@@ -470,8 +470,11 @@
existingPerm = new GlobalPermission(user);
}
- if (existingPerm.hasActions(perm.getActionsAsList())) return true;
if (existingPerm.implies(perm)) return true;
+
+ if (log.isDebugEnabled()) {
+ log.debug("PERM CHECK FAILED: user "+user.getUserName()+" does not have " + perm.toString());
+ }
return false;
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetConfig.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetConfig.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetConfig.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetConfig.java Tue Oct 9 06:43:02 2007
@@ -31,6 +31,7 @@
import org.apache.roller.planet.config.runtime.ConfigDef;
import org.apache.roller.planet.config.runtime.RuntimeConfigDefs;
import org.apache.roller.planet.pojos.RuntimeConfigProperty;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.struts2.interceptor.ParameterAware;
@@ -60,10 +61,10 @@
}
- @Override
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
+
@Override
public boolean isWeblogRequired() {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetGroups.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetGroups.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetGroups.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetGroups.java Tue Oct 9 06:43:02 2007
@@ -23,10 +23,10 @@
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.roller.RollerException;
import org.apache.roller.planet.business.PlanetFactory;
import org.apache.roller.planet.business.PlanetManager;
import org.apache.roller.planet.pojos.PlanetGroup;
+import org.apache.roller.weblogger.pojos.WeblogPermission;
/**
@@ -51,8 +51,8 @@
@Override
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
@Override
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetSubscriptions.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetSubscriptions.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetSubscriptions.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/planet/ui/PlanetSubscriptions.java Tue Oct 9 06:43:02 2007
@@ -29,7 +29,7 @@
import org.apache.roller.planet.business.fetcher.FeedFetcher;
import org.apache.roller.planet.pojos.PlanetGroup;
import org.apache.roller.planet.pojos.Subscription;
-import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
/**
@@ -57,8 +57,8 @@
@Override
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
@Override
@@ -226,6 +226,5 @@
public void setSubUrl(String subUrl) {
this.subUrl = subUrl;
- }
-
+ }
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/GlobalPermission.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/GlobalPermission.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/GlobalPermission.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/GlobalPermission.java Tue Oct 9 06:43:02 2007
@@ -31,9 +31,18 @@
* Represents a permssion that applies globally to the entire web application.
*/
public class GlobalPermission extends RollerPermission {
-
+
+ /** Allowed to login and edit profile */
+ public static final String LOGIN = "login";
+
+ /** Allowed to login and do weblogging */
+ public static final String WEBLOG = "weblog";
+
+ /** Allowed to login and do everything, including site-wide admin */
+ public static final String ADMIN = "admin";
+
/**
- * Create glbbal permission for one specific user initialized with the
+ * Create global permission for one specific user initialized with the
* actions that are implied by the user's roles.
* @param user User of permission.
* @throws org.apache.roller.weblogger.WebloggerException
@@ -59,9 +68,19 @@
}
/**
- * C
- * @param user
- * @param actions
+ * Create global permission with the actions specified by array.
+ * @param user User of permission.
+ * @throws org.apache.roller.weblogger.WebloggerException
+ */
+ public GlobalPermission(List<String> actions) throws WebloggerException {
+ super("GlobalPermission user: N/A");
+ setActionsAsList(actions);
+ }
+
+ /**
+ * Create global permission for one specific user initialized with the
+ * actions specified by array.
+ * @param user User of permission.
* @throws org.apache.roller.weblogger.WebloggerException
*/
public GlobalPermission(User user, List<String> actions) throws WebloggerException {
@@ -70,17 +89,51 @@
}
public boolean implies(Permission perm) {
- if (perm instanceof WeblogPermission) {
- if (hasAction("admin")) return true;
+ if (perm instanceof RollerPermission) {
+ RollerPermission rperm = (RollerPermission)perm;
+
+ if (hasAction(ADMIN)) {
+ // admin implies all other permissions
+ return true;
+
+ } else if (hasAction(WEBLOG)) {
+ // Best we've got is WEBLOG, so make sure perm doesn't specify ADMIN
+ for (String action : rperm.getActionsAsList()) {
+ if (action.equals(ADMIN)) return false;
+ }
+
+ } else if (hasAction(LOGIN)) {
+ // Best we've got is LOGIN, so make sure perm doesn't specify anything else
+ for (String action : rperm.getActionsAsList()) {
+ if (action.equals(WEBLOG)) return false;
+ if (action.equals(ADMIN)) return false;
+ }
+ }
+ return true;
}
return false;
}
+ private boolean actionImplies(String action1, String action2) {
+ if (action1.equals(ADMIN)) return true;
+ if (action1.equals(WEBLOG) && action2.equals(LOGIN)) return true;
+ return false;
+ }
+
public boolean equals(Object arg0) {
throw new UnsupportedOperationException("Not supported yet.");
}
public int hashCode() {
throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append("GlobalPermission: ");
+ for (String action : getActionsAsList()) {
+ sb.append(" ").append(action).append(" ");
+ }
+ return sb.toString();
}
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/User.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/User.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/User.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/User.java Tue Oct 9 06:43:02 2007
@@ -20,17 +20,19 @@
import java.io.Serializable;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.List;
import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import org.apache.commons.lang.builder.EqualsBuilder;
import org.apache.commons.lang.builder.HashCodeBuilder;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.config.WebloggerConfig;
-import org.apache.roller.weblogger.business.Weblogger;
import org.apache.roller.util.UUIDGenerator;
+import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.util.Utilities;
@@ -261,23 +263,19 @@
this.activationCode = activationCode;
}
-
- /**
- * List of weblog permissions for this user.
- *
- * @hibernate.bag lazy="true" inverse="true" cascade="none"
- * @hibernate.collection-key column="user_id"
- * @hibernate.collection-one-to-many
- * class="org.apache.roller.weblogger.pojos.WeblogPermission"
- */
- public List getPermissions() {
- return permissions;
+
+ public boolean hasGlobalPermission(String action) {
+ return hasGlobalPermissions(Collections.singletonList(action));
}
- public void setPermissions(List perms) {
- permissions = perms;
+ public boolean hasGlobalPermissions(List<String> actions) {
+ try {
+ GlobalPermission perm = new GlobalPermission(actions);
+ return WebloggerFactory.getWeblogger().getUserManager().checkPermission(perm, this);
+ } catch (WebloggerException ex) {
+ return false;
+ }
}
-
//------------------------------------------------------- Good citizenship
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/Weblog.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/Weblog.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/Weblog.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/Weblog.java Tue Oct 9 06:43:02 2007
@@ -648,9 +648,17 @@
/**
- * Returns true if user has all permissions specified by mask.
+ * Returns true if user has all permission action specified.
*/
- public boolean hasUserPermissions(User user, String actions) {
+ public boolean hasUserPermission(User user, String action) {
+ return hasUserPermissions(user, Collections.singletonList(action));
+ }
+
+
+ /**
+ * Returns true if user has all permissions actions specified in the weblog.
+ */
+ public boolean hasUserPermissions(User user, List<String> actions) {
try {
// look for user in website's permissions
UserManager umgr = WebloggerFactory.getWeblogger().getUserManager();
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogEntry.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogEntry.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogEntry.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogEntry.java Tue Oct 9 06:43:02 2007
@@ -26,6 +26,7 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
+import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
@@ -1121,7 +1122,11 @@
public boolean hasWritePermissions(User user) throws WebloggerException {
// global admins can hack whatever they want
- if(WebloggerFactory.getWeblogger().getUserManager().hasRole("admin", user)) {
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ boolean hasAdmin = WebloggerFactory.getWeblogger().getUserManager()
+ .checkPermission(adminPerm, user);
+ if (hasAdmin) {
return true;
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogPermission.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogPermission.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogPermission.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/pojos/WeblogPermission.java Tue Oct 9 06:43:02 2007
@@ -56,12 +56,25 @@
userName = user.getUserName();
}
+ public WeblogPermission(Weblog weblog, List<String> actions) {
+ super("WeblogPermission user: N/A");
+ setActionsAsList(actions);
+ objectType = "Weblog";
+ objectId = weblog.getHandle();
+ }
+
public Weblog getWeblog() throws WebloggerException {
- return WebloggerFactory.getWeblogger().getWeblogManager().getWeblogByHandle(objectId, null);
+ if (objectId != null) {
+ return WebloggerFactory.getWeblogger().getWeblogManager().getWeblogByHandle(objectId, null);
+ }
+ return null;
}
public User getUser() throws WebloggerException {
- return WebloggerFactory.getWeblogger().getUserManager().getUserByUserName(userName);
+ if (userName != null) {
+ return WebloggerFactory.getWeblogger().getUserManager().getUserByUserName(userName);
+ }
+ return null;
}
public boolean equals(Object arg0) {
@@ -74,17 +87,37 @@
public boolean implies(Permission perm) {
if (perm instanceof WeblogPermission) {
- WeblogPermission weblogPerm = (WeblogPermission)perm;
- if (getObjectId().equals(weblogPerm.getObjectId())) {
- if (hasAction(ADMIN)) {
- return true;
+ WeblogPermission rperm = (WeblogPermission)perm;
+
+ if (hasAction(ADMIN)) {
+ // admin implies all other permissions
+ return true;
+
+ } else if (hasAction(POST)) {
+ // Best we've got is POST, so make sure perm doesn't specify POST
+ for (String action : rperm.getActionsAsList()) {
+ if (action.equals(ADMIN)) return false;
}
- if (hasAction(POST) && weblogPerm.hasAction(EDIT_DRAFT)) {
- return true;
+
+ } else if (hasAction(EDIT_DRAFT)) {
+ // Best we've got is EDIT_DRAFT, so make sure perm doesn't specify anything else
+ for (String action : rperm.getActionsAsList()) {
+ if (action.equals(POST)) return false;
+ if (action.equals(ADMIN)) return false;
}
}
+ return true;
}
return false;
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append("GlobalPermission: ");
+ for (String action : getActionsAsList()) {
+ sb.append(" ").append(action).append(" ");
+ }
+ return sb.toString();
}
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/MenuHelper.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/MenuHelper.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/MenuHelper.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/MenuHelper.java Tue Oct 9 06:43:02 2007
@@ -26,11 +26,14 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
+import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.config.WebloggerConfig;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.pojos.Weblog;
import org.apache.roller.weblogger.pojos.WeblogPermission;
+import org.apache.roller.weblogger.util.Utilities;
import org.jdom.Document;
import org.jdom.Element;
import org.jdom.JDOMException;
@@ -51,10 +54,14 @@
try {
// parse menus and cache so we can efficiently reuse them
// TODO: there is probably a better way than putting the whole path
- ParsedMenu editorMenu = unmarshall(MenuHelper.class.getResourceAsStream("/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml"));
+ ParsedMenu editorMenu = unmarshall(
+ MenuHelper.class.getResourceAsStream(
+ "/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml"));
menus.put("editor", editorMenu);
- ParsedMenu adminMenu = unmarshall(MenuHelper.class.getResourceAsStream("/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml"));
+ ParsedMenu adminMenu = unmarshall(
+ MenuHelper.class.getResourceAsStream(
+ "/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml"));
menus.put("admin", adminMenu);
} catch (Exception ex) {
@@ -92,11 +99,12 @@
log.debug("creating menu for action - "+currentAction);
Menu tabMenu = new Menu();
+ UserManager umgr = WebloggerFactory.getWeblogger().getUserManager();
// iterate over tabs from parsed config
ParsedTab configTab = null;
Iterator tabsIter = menuConfig.getTabs().iterator();
- while(tabsIter.hasNext()) {
+ while (tabsIter.hasNext()) {
configTab = (ParsedTab) tabsIter.next();
log.debug("config tab = "+configTab.getName());
@@ -109,11 +117,14 @@
includeTab = ! WebloggerConfig.getBooleanProperty(configTab.getDisabledProperty());
}
- if(includeTab) {
+ if (includeTab) {
// user roles check
- if(configTab.getRole() != null) {
+ if (configTab.getGlobalPermissionActions() != null
+ && !configTab.getGlobalPermissionActions().isEmpty()) {
try {
- if (!WebloggerFactory.getWeblogger().getUserManager().hasRole(configTab.getRole(), user)) {
+ GlobalPermission perm =
+ new GlobalPermission(configTab.getGlobalPermissionActions());
+ if (!umgr.checkPermission(perm, user)) {
includeTab = false;
}
} catch (WebloggerException ex) {
@@ -123,12 +134,17 @@
}
}
- if(includeTab) {
+ if (includeTab) {
// weblog permissions check
- includeTab = isPermitted(configTab.getPerm(), user, weblog);
+ if (configTab.getWeblogPermissionActions() != null
+ && !configTab.getWeblogPermissionActions().isEmpty()) {
+ WeblogPermission perm =
+ new WeblogPermission(weblog, configTab.getWeblogPermissionActions());
+ includeTab = umgr.checkPermission(perm, user);
+ }
}
- if(includeTab) {
+ if (includeTab) {
log.debug("tab allowed - "+configTab.getName());
// all checks passed, tab should be included
@@ -139,33 +155,40 @@
boolean firstItem = true;
ParsedTabItem configTabItem = null;
Iterator itemsIter = configTab.getTabItems().iterator();
- while(itemsIter.hasNext()) {
+ while (itemsIter.hasNext()) {
configTabItem = (ParsedTabItem) itemsIter.next();
log.debug("config tab item = "+configTabItem.getName());
boolean includeItem = true;
- if(configTabItem.getEnabledProperty() != null) {
+ if (configTabItem.getEnabledProperty() != null) {
includeItem = WebloggerConfig.getBooleanProperty(configTabItem.getEnabledProperty());
- } else if(configTabItem.getDisabledProperty() != null) {
+ } else if (configTabItem.getDisabledProperty() != null) {
includeItem = ! WebloggerConfig.getBooleanProperty(configTabItem.getDisabledProperty());
}
- if(includeItem) {
+ if (includeItem) {
// user roles check
- if(configTabItem.getRole() != null) {
- if(!WebloggerFactory.getWeblogger().getUserManager().hasRole(configTabItem.getRole(), user)) {
+ if (configTabItem.getGlobalPermissionActions() != null
+ && !configTabItem.getGlobalPermissionActions().isEmpty()) {
+ GlobalPermission perm =
+ new GlobalPermission(configTabItem.getGlobalPermissionActions());
+ if (!umgr.checkPermission(perm, user)) {
includeItem = false;
}
}
}
- if(includeItem) {
+ if (includeItem) {
// weblog permissions check
- includeItem = isPermitted(configTabItem.getPerm(), user, weblog);
+ if (configTab.getWeblogPermissionActions() != null
+ && !configTab.getWeblogPermissionActions().isEmpty()) {
+ WeblogPermission perm = new WeblogPermission(weblog, configTab.getWeblogPermissionActions());
+ includeTab = umgr.checkPermission(perm, user);
+ }
}
- if(includeItem) {
+ if (includeItem) {
log.debug("tab item allowed - "+configTabItem.getName());
// all checks passed, item should be included
@@ -174,13 +197,13 @@
tabItem.setAction(configTabItem.getAction());
// is this the selected item?
- if(isSelected(currentAction, configTabItem)) {
+ if (isSelected(currentAction, configTabItem)) {
tabItem.setSelected(true);
tab.setSelected(true);
}
// the url for the tab is the url of the first item of the tab
- if(firstItem) {
+ if (firstItem) {
tab.setAction(tabItem.getAction());
firstItem = false;
}
@@ -196,41 +219,20 @@
}
return tabMenu;
- }
-
-
- private static boolean isPermitted(String perm, User user, Weblog weblog) {
-
- // convert permissions string to short
- String permMask = null;
- if(perm == null) {
- return true;
- } else if("limited".equals(perm)) {
- permMask = WeblogPermission.EDIT_DRAFT;
- } else if("author".equals(perm)) {
- permMask = WeblogPermission.POST;
- } else if("admin".equals(perm)) {
- permMask = WeblogPermission.ADMIN;
- } else {
- // unknown perm
- return false;
- }
-
- return weblog.hasUserPermissions(user, permMask);
- }
+ }
private static boolean isSelected(String currentAction, ParsedTabItem tabItem) {
- if(currentAction.equals(tabItem.getAction())) {
+ if (currentAction.equals(tabItem.getAction())) {
return true;
}
// an item is also considered selected if it's subforwards are the current action
String[] subActions = tabItem.getSubActions();
- if(subActions != null && subActions.length > 0) {
+ if (subActions != null && subActions.length > 0) {
for(int i=0; i < subActions.length; i++) {
- if(currentAction.equals(subActions[i])) {
+ if (currentAction.equals(subActions[i])) {
return true;
}
}
@@ -247,7 +249,7 @@
private static ParsedMenu unmarshall(InputStream instream)
throws IOException, JDOMException {
- if(instream == null)
+ if (instream == null)
throw new IOException("InputStream is null!");
ParsedMenu config = new ParsedMenu();
@@ -272,8 +274,12 @@
ParsedTab tab = new ParsedTab();
tab.setName(element.getAttributeValue("name"));
- tab.setPerm(element.getAttributeValue("perms"));
- tab.setRole(element.getAttributeValue("roles"));
+ if (element.getAttributeValue("weblogPerms") != null) {
+ tab.setWeblogPermissionActions(Utilities.stringToStringList(element.getAttributeValue("weblogPerms"),","));
+ }
+ if (element.getAttributeValue("globalPerms") != null) {
+ tab.setGlobalPermissionActions(Utilities.stringToStringList(element.getAttributeValue("globalPerms"),","));
+ }
tab.setEnabledProperty(element.getAttributeValue("enabledProperty"));
tab.setDisabledProperty(element.getAttributeValue("disabledProperty"));
@@ -296,12 +302,16 @@
tabItem.setAction(element.getAttributeValue("action"));
String subActions = element.getAttributeValue("subactions");
- if(subActions != null) {
+ if (subActions != null) {
tabItem.setSubActions(subActions.split(","));
}
- tabItem.setPerm(element.getAttributeValue("perms"));
- tabItem.setRole(element.getAttributeValue("roles"));
+ if (element.getAttributeValue("weblogPerms") != null) {
+ tabItem.setWeblogPermissionActions(Utilities.stringToStringList(element.getAttributeValue("weblogPerms"), ","));
+ }
+ if (element.getAttributeValue("globalPerms") != null) {
+ tabItem.setGlobalPermissionActions(Utilities.stringToStringList(element.getAttributeValue("globalPerms"), ","));
+ }
tabItem.setEnabledProperty(element.getAttributeValue("enabledProperty"));
tabItem.setDisabledProperty(element.getAttributeValue("disabledProperty"));
@@ -309,3 +319,4 @@
}
}
+
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTab.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTab.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTab.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTab.java Tue Oct 9 06:43:02 2007
@@ -28,8 +28,8 @@
public class ParsedTab {
private String name = null;
- private String perm = null;
- private String role = null;
+ private List<String> weblogPermissionActions = null;
+ private List<String> globalPermissionActions = null;
private String enabledProperty = null;
private String disabledProperty = null;
@@ -49,20 +49,20 @@
this.name = name;
}
- public String getPerm() {
- return perm;
+ public List<String> getWeblogPermissionActions() {
+ return weblogPermissionActions;
}
- public void setPerm(String perm) {
- this.perm = perm;
+ public void setWeblogPermissionActions(List<String> actions) {
+ this.weblogPermissionActions = actions;
}
- public String getRole() {
- return role;
+ public List<String> getGlobalPermissionActions() {
+ return globalPermissionActions;
}
- public void setRole(String role) {
- this.role = role;
+ public void setGlobalPermissionActions(List<String> actions) {
+ this.globalPermissionActions = actions;
}
public String getEnabledProperty() {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTabItem.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTabItem.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTabItem.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/util/menu/ParsedTabItem.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.core.util.menu;
+import java.util.List;
+
/**
* A parsed "tab-item" from an xml defined menu config.
@@ -27,8 +29,8 @@
private String name = null;
private String action = null;
private String[] subActions = null;
- private String perm = null;
- private String role = null;
+ private List<String> weblogPermissionActions = null;
+ private List<String> globalPermissionActions = null;
private String enabledProperty = null;
private String disabledProperty = null;
@@ -57,20 +59,20 @@
this.subActions = subActions;
}
- public String getPerm() {
- return perm;
+ public List<String> getWeblogPermissionActions() {
+ return weblogPermissionActions;
}
- public void setPerm(String perm) {
- this.perm = perm;
+ public void setWeblogPermissionActions(List<String> perms) {
+ this.weblogPermissionActions = perms;
}
- public String getRole() {
- return role;
+ public List<String> getGlobalPermissionActions() {
+ return globalPermissionActions;
}
- public void setRole(String role) {
- this.role = role;
+ public void setGlobalPermissionActions(List<String> perms) {
+ this.globalPermissionActions = perms;
}
public String getEnabledProperty() {
@@ -87,6 +89,6 @@
public void setDisabledProperty(String disabledProperty) {
this.disabledProperty = disabledProperty;
- }
-
+ }
}
+
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/MenuModel.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/MenuModel.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/MenuModel.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/MenuModel.java Tue Oct 9 06:43:02 2007
@@ -18,13 +18,13 @@
package org.apache.roller.weblogger.ui.rendering.model;
+import java.util.Collections;
import java.util.Map;
-import java.util.logging.Level;
-import java.util.logging.Logger;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.ui.core.util.menu.Menu;
import org.apache.roller.weblogger.ui.core.util.menu.MenuHelper;
import org.apache.roller.weblogger.ui.rendering.util.WeblogPageRequest;
@@ -75,8 +75,11 @@
*/
public Menu getAdminMenu() {
try {
- if (pageRequest.isLoggedIn() && WebloggerFactory.getWeblogger()
- .getUserManager().hasRole("admin", pageRequest.getUser())) {
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ boolean hasAdmin = WebloggerFactory.getWeblogger().getUserManager()
+ .checkPermission(adminPerm, pageRequest.getUser());
+ if (pageRequest.isLoggedIn() && hasAdmin) {
return MenuHelper.getMenu("admin", "noAction", pageRequest.getUser(), pageRequest.getWeblog());
}
} catch (WebloggerException ex) {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/UtilitiesModel.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/UtilitiesModel.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/UtilitiesModel.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/model/UtilitiesModel.java Tue Oct 9 06:43:02 2007
@@ -121,7 +121,7 @@
public boolean isUserAuthorizedToAuthor(WeblogWrapper weblog) {
try {
if (parsedRequest.getAuthenticUser() != null) {
- return weblog.getPojo().hasUserPermissions(
+ return weblog.getPojo().hasUserPermission(
parsedRequest.getUser(), WeblogPermission.POST);
}
} catch (Exception e) {
@@ -133,7 +133,7 @@
public boolean isUserAuthorizedToAdmin(WeblogWrapper weblog) {
try {
if (parsedRequest.getAuthenticUser() != null) {
- return weblog.getPojo().hasUserPermissions(
+ return weblog.getPojo().hasUserPermission(
parsedRequest.getUser(), WeblogPermission.ADMIN);
}
} catch (Exception e) {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldPageHelper.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldPageHelper.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldPageHelper.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldPageHelper.java Tue Oct 9 06:43:02 2007
@@ -142,7 +142,7 @@
RollerSession.getRollerSession(mRequest);
if ( rses != null && rses.getAuthenticatedUser() != null
&& mWebsite != null) {
- return mWebsite.hasUserPermissions(
+ return mWebsite.hasUserPermission(
rses.getAuthenticatedUser(), WeblogPermission.ADMIN);
}
} catch (Exception e) {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldWeblogPageModel.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldWeblogPageModel.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldWeblogPageModel.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/rendering/velocity/deprecated/OldWeblogPageModel.java Tue Oct 9 06:43:02 2007
@@ -536,7 +536,7 @@
if ( StringUtils.isNotEmpty(title)
&& StringUtils.isNotEmpty(excerpt) ) {
if (referer.getVisible().booleanValue()
- || referer.getWebsite().hasUserPermissions(rses.getAuthenticatedUser(), WeblogPermission.ADMIN) ) {
+ || referer.getWebsite().hasUserPermission(rses.getAuthenticatedUser(), WeblogPermission.ADMIN) ) {
referers.add(WeblogReferrerWrapper.wrap(referer, urlStrategy));
}
}
@@ -564,7 +564,7 @@
if ( StringUtils.isNotEmpty(title)
&& StringUtils.isNotEmpty(excerpt) ) {
if (referer.getVisible().booleanValue()
- || referer.getWebsite().hasUserPermissions(rses.getAuthenticatedUser(), WeblogPermission.ADMIN) ) {
+ || referer.getWebsite().hasUserPermission(rses.getAuthenticatedUser(), WeblogPermission.ADMIN) ) {
referers.add(WeblogReferrerWrapper.wrap(referer, urlStrategy));
}
}
@@ -736,7 +736,7 @@
RollerSession rses =
RollerSession.getRollerSession(mRequest);
if (rses != null && rses.getAuthenticatedUser() != null && mWebsite != null) {
- return mWebsite.hasUserPermissions(rses.getAuthenticatedUser(), WeblogPermission.POST);
+ return mWebsite.hasUserPermission(rses.getAuthenticatedUser(), WeblogPermission.POST);
}
} catch (Exception e) {
mLogger.warn("PageModel.isUserAuthorizedToEdit()", e);
@@ -751,7 +751,7 @@
RollerSession rses =
RollerSession.getRollerSession(mRequest);
if (rses != null && rses.getAuthenticatedUser() != null && mWebsite != null) {
- return mWebsite.hasUserPermissions(rses.getAuthenticatedUser(), WeblogPermission.POST);
+ return mWebsite.hasUserPermission(rses.getAuthenticatedUser(), WeblogPermission.POST);
}
} catch (Exception e) {
mLogger.warn("PageModel.isUserAuthorizedToAdmin()", e);
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CacheInfo.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CacheInfo.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CacheInfo.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CacheInfo.java Tue Oct 9 06:43:02 2007
@@ -19,9 +19,11 @@
package org.apache.roller.weblogger.ui.struts2.admin;
import java.util.Collections;
+import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
import org.apache.roller.weblogger.util.cache.CacheManager;
@@ -47,8 +49,8 @@
}
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
public boolean isWeblogRequired() {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetAdd.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetAdd.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetAdd.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetAdd.java Tue Oct 9 06:43:02 2007
@@ -18,8 +18,11 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.PingTarget;
import org.apache.roller.weblogger.ui.struts2.common.PingTargetAddBase;
@@ -39,8 +42,8 @@
}
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetEdit.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetEdit.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetEdit.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargetEdit.java Tue Oct 9 06:43:02 2007
@@ -18,8 +18,11 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.ui.struts2.common.PingTargetEditBase;
@@ -38,8 +41,8 @@
}
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargets.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargets.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargets.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CommonPingTargets.java Tue Oct 9 06:43:02 2007
@@ -18,11 +18,14 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.pings.PingTargetManager;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.ui.struts2.common.PingTargetsBase;
@@ -41,8 +44,8 @@
}
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUser.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUser.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUser.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUser.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
import java.util.Locale;
import java.util.TimeZone;
import org.apache.commons.lang.CharSetUtils;
@@ -28,6 +30,7 @@
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.config.WebloggerConfig;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.ui.struts2.core.Register;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
@@ -52,8 +55,8 @@
// admin role required
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUserBean.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUserBean.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUserBean.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/CreateUserBean.java Tue Oct 9 06:43:02 2007
@@ -18,11 +18,11 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
import java.util.Locale;
-import java.util.logging.Level;
-import java.util.logging.Logger;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.User;
@@ -160,8 +160,11 @@
this.activationCode = dataHolder.getActivationCode();
try {
- this.administrator = WebloggerFactory.getWeblogger()
- .getUserManager().hasRole("admin", dataHolder);
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ this.administrator = WebloggerFactory.getWeblogger().getUserManager()
+ .checkPermission(adminPerm, dataHolder);
+
} catch (WebloggerException ex) {}
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalCommentManagement.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalCommentManagement.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalCommentManagement.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalCommentManagement.java Tue Oct 9 06:43:02 2007
@@ -31,6 +31,7 @@
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.WeblogEntryManager;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.WeblogEntryComment;
import org.apache.roller.weblogger.ui.struts2.pagers.CommentsPager;
import org.apache.roller.weblogger.ui.struts2.util.KeyValueObject;
@@ -74,8 +75,8 @@
// admin role required
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalConfig.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalConfig.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalConfig.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/GlobalConfig.java Tue Oct 9 06:43:02 2007
@@ -34,6 +34,7 @@
import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
import org.apache.roller.weblogger.config.runtime.ConfigDef;
import org.apache.roller.weblogger.config.runtime.RuntimeConfigDefs;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.RuntimeConfigProperty;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
import org.apache.struts2.interceptor.ParameterAware;
@@ -75,8 +76,8 @@
}
@Override
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -25,6 +27,7 @@
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.config.WebloggerConfig;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.ui.core.RollerContext;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
@@ -56,8 +59,8 @@
// admin role required
- public String requiredUserRole() {
- return "admin";
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
@@ -130,10 +133,16 @@
}
try {
+ boolean hasAdmin = false;
UserManager mgr = WebloggerFactory.getWeblogger().getUserManager();
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ if (mgr.checkPermission(adminPerm, getUser())) {
+ hasAdmin = true;
+ }
// grant/revoke admin role if needed
- if (mgr.hasRole("admin", getUser()) && !getBean().isAdministrator()) {
+ if (hasAdmin && !getBean().isAdministrator()) {
if (!isUserEditingSelf()) {
// revoke role
@@ -142,7 +151,7 @@
addError("userAdmin.cantChangeOwnRole");
}
- } else if(!mgr.hasRole("admin", getUser()) && getBean().isAdministrator()) {
+ } else if(!hasAdmin && getBean().isAdministrator()) {
if (!isUserEditingSelf()) {
// grant role
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/UserAdmin.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/UserAdmin.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/UserAdmin.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/UserAdmin.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,9 @@
package org.apache.roller.weblogger.ui.struts2.admin;
+import java.util.Collections;
+import java.util.List;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
@@ -34,9 +37,9 @@
}
- // admin role required
- public String requiredUserRole() {
- return "admin";
+ // admin role required
+ public List<String> requiredGlobalPermissionActions() {
+ return Collections.singletonList(GlobalPermission.ADMIN);
}
// no weblog required
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/admin-menu.xml Tue Oct 9 06:43:02 2007
@@ -10,40 +10,40 @@
<menu-item action="globalConfig"
name="tabbedmenu.admin.config"
- roles="admin" />
+ globalPerms="admin" />
<menu-item action="userAdmin"
name="tabbedmenu.admin.userAdmin"
- roles="admin"
+ globalPerms="admin"
subactions="createUser,modifyUser" />
<menu-item action="globalCommentManagement"
name="tabbedmenu.admin.commentManagement"
- roles="admin" />
+ globalPerms="admin" />
<menu-item action="commonPingTargets"
name="tabbedmenu.admin.pingTargets"
- roles="admin"
+ globalPerms="admin"
subactions="commonPingTargetAdd,commonPingTargetEdit" />
<menu-item action="cacheInfo"
name="tabbedmenu.admin.cacheInfo"
- roles="admin" />
+ globalPerms="admin" />
</menu>
<menu name="tabbedmenu.planet" roles="admin" enabledProperty="planet.aggregator.enabled">
<menu-item action="planetConfig"
name="tabbedmenu.admin.planetConfig"
- roles="admin" />
+ globalPerms="admin" />
<menu-item action="planetSubscriptions"
name="tabbedmenu.admin.planetSubscriptions"
- roles="admin" />
+ globalPerms="admin" />
<menu-item action="planetGroups"
name="tabbedmenu.admin.planetGroups"
- roles="admin" />
+ globalPerms="admin" />
</menu>
</menu-bar>
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java Tue Oct 9 06:43:02 2007
@@ -20,6 +20,8 @@
import java.net.MalformedURLException;
import java.net.URL;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -58,8 +60,8 @@
}
- public String requiredWeblogPermissions() {
- return WeblogPermission.ADMIN;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkEdit.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkEdit.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkEdit.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkEdit.java Tue Oct 9 06:43:02 2007
@@ -20,6 +20,8 @@
import java.net.MalformedURLException;
import java.net.URL;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -54,8 +56,8 @@
}
- public String requiredWeblogPermissions() {
- return WeblogPermission.ADMIN;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Bookmarks.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Bookmarks.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Bookmarks.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Bookmarks.java Tue Oct 9 06:43:02 2007
@@ -74,8 +74,8 @@
// admin perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.ADMIN;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarksImport.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarksImport.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarksImport.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarksImport.java Tue Oct 9 06:43:02 2007
@@ -23,7 +23,9 @@
import java.io.FileInputStream;
import java.io.InputStream;
import java.text.SimpleDateFormat;
+import java.util.Collections;
import java.util.Date;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.business.BookmarkManager;
@@ -58,8 +60,8 @@
// author perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Categories.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Categories.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Categories.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Categories.java Tue Oct 9 06:43:02 2007
@@ -69,8 +69,8 @@
// author perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryAdd.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryAdd.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryAdd.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryAdd.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.editor;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -56,8 +58,8 @@
// author perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryEdit.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryEdit.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryEdit.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryEdit.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.editor;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -53,8 +55,8 @@
// author perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryRemove.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryRemove.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryRemove.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CategoryRemove.java Tue Oct 9 06:43:02 2007
@@ -62,8 +62,8 @@
}
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Comments.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Comments.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Comments.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Comments.java Tue Oct 9 06:43:02 2007
@@ -84,8 +84,8 @@
@Override
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargetEdit.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargetEdit.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargetEdit.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargetEdit.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.editor;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.pojos.WeblogPermission;
@@ -40,8 +42,8 @@
// admin perms required
- public String requiredWeblogPermissions() {
- return WeblogPermission.ADMIN;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargets.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargets.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargets.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/CustomPingTargets.java Tue Oct 9 06:43:02 2007
@@ -18,6 +18,8 @@
package org.apache.roller.weblogger.ui.struts2.editor;
+import java.util.Collections;
+import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
@@ -48,8 +50,8 @@
return true;
}
- public String requiredWeblogPermissions() {
- return WeblogPermission.ADMIN;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.ADMIN);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Entries.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Entries.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Entries.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Entries.java Tue Oct 9 06:43:02 2007
@@ -68,8 +68,8 @@
@Override
- public String requiredWeblogPermissions() {
- return WeblogPermission.POST;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryAdd.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryAdd.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryAdd.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryAdd.java Tue Oct 9 06:43:02 2007
@@ -30,6 +30,7 @@
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.business.WeblogEntryManager;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.WeblogCategory;
import org.apache.roller.weblogger.pojos.WeblogPermission;
import org.apache.roller.weblogger.util.MailUtil;
@@ -59,8 +60,8 @@
@Override
- public String requiredWeblogPermissions() {
- return WeblogPermission.EDIT_DRAFT;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.EDIT_DRAFT);
}
@@ -135,13 +136,15 @@
}
// if user does not have author perms then force PENDING status
- if(!getActionWeblog().hasUserPermissions(getAuthenticatedUser(),WeblogPermission.POST)) {
+ if(!getActionWeblog().hasUserPermission(getAuthenticatedUser(),WeblogPermission.POST)) {
entry.setStatus(WeblogEntry.PENDING);
}
}
// if user is an admin then apply pinned to main value as well
- if (userMgr.hasRole("admin", getAuthenticatedUser())) {
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ if (userMgr.checkPermission(adminPerm, getAuthenticatedUser())) {
entry.setPinnedToMain(getBean().getPinnedToMain());
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryBase.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryBase.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryBase.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryBase.java Tue Oct 9 06:43:02 2007
@@ -202,7 +202,7 @@
public boolean isUserAnAuthor() {
- return getActionWeblog().hasUserPermissions(getAuthenticatedUser(),WeblogPermission.POST);
+ return getActionWeblog().hasUserPermission(getAuthenticatedUser(),WeblogPermission.POST);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryEdit.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryEdit.java?rev=583167&r1=583166&r2=583167&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryEdit.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/EntryEdit.java Tue Oct 9 06:43:02 2007
@@ -30,6 +30,7 @@
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.WeblogEntryManager;
+import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.WeblogCategory;
import org.apache.roller.weblogger.pojos.WeblogEntry;
import org.apache.roller.weblogger.pojos.WeblogPermission;
@@ -70,8 +71,8 @@
@Override
- public String requiredWeblogPermissions() {
- return WeblogPermission.EDIT_DRAFT;
+ public List<String> requiredWeblogPermissionActions() {
+ return Collections.singletonList(WeblogPermission.EDIT_DRAFT);
}
@@ -143,13 +144,15 @@
}
// if user does not have author perms then force PENDING status
- if(!getActionWeblog().hasUserPermissions(getAuthenticatedUser(),WeblogPermission.POST)) {
+ if(!getActionWeblog().hasUserPermission(getAuthenticatedUser(), WeblogPermission.POST)) {
entry.setStatus(WeblogEntry.PENDING);
}
}
// if user is an admin then apply pinned to main value as well
- if (WebloggerFactory.getWeblogger().getUserManager().hasRole("admin", getAuthenticatedUser())) {
+ GlobalPermission adminPerm =
+ new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
+ if (WebloggerFactory.getWeblogger().getUserManager().checkPermission(adminPerm, getAuthenticatedUser())) {
entry.setPinnedToMain(getBean().getPinnedToMain());
}