You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ja...@apache.org on 2009/04/29 23:11:35 UTC

svn commit: r769936 - in /ofbiz/trunk/framework/service/src/org/ofbiz/service: DispatchContext.java GenericAbstractDispatcher.java LocalDispatcher.java ModelPermission.java ServiceDispatcher.java

Author: jaz
Date: Wed Apr 29 21:11:35 2009
New Revision: 769936

URL: http://svn.apache.org/viewvc?rev=769936&view=rev
Log:
Integration with new Authz API - JIRA OFBIZ-2381

Modified:
    ofbiz/trunk/framework/service/src/org/ofbiz/service/DispatchContext.java
    ofbiz/trunk/framework/service/src/org/ofbiz/service/GenericAbstractDispatcher.java
    ofbiz/trunk/framework/service/src/org/ofbiz/service/LocalDispatcher.java
    ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java
    ofbiz/trunk/framework/service/src/org/ofbiz/service/ServiceDispatcher.java

Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/DispatchContext.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/DispatchContext.java?rev=769936&r1=769935&r2=769936&view=diff
==============================================================================
--- ofbiz/trunk/framework/service/src/org/ofbiz/service/DispatchContext.java (original)
+++ ofbiz/trunk/framework/service/src/org/ofbiz/service/DispatchContext.java Wed Apr 29 21:11:35 2009
@@ -39,6 +39,7 @@
 import org.ofbiz.base.util.cache.UtilCache;
 import org.ofbiz.entity.GenericDelegator;
 import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
 import org.ofbiz.service.config.ServiceConfigUtil;
 import org.ofbiz.service.eca.ServiceEcaUtil;
 
@@ -247,9 +248,18 @@
     }
 
     /**
+     * Gets the Authorization object associated with this dispatcher
+     * @return Authorization object associated with this dispatcher
+     */
+    public Authorization getAuthorization() {
+        return dispatcher.getAuthorization();
+    }
+    
+    /**
      * Gets the Security object associated with this dispatcher
      * @return Security object associated with this dispatcher
      */
+    @Deprecated
     public Security getSecurity() {
         return dispatcher.getSecurity();
     }

Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/GenericAbstractDispatcher.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/GenericAbstractDispatcher.java?rev=769936&r1=769935&r2=769936&view=diff
==============================================================================
--- ofbiz/trunk/framework/service/src/org/ofbiz/service/GenericAbstractDispatcher.java (original)
+++ ofbiz/trunk/framework/service/src/org/ofbiz/service/GenericAbstractDispatcher.java Wed Apr 29 21:11:35 2009
@@ -26,6 +26,7 @@
 import org.ofbiz.service.calendar.RecurrenceRule;
 import org.ofbiz.entity.GenericDelegator;
 import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
 import org.ofbiz.service.jms.JmsListenerFactory;
 import org.ofbiz.service.job.JobManager;
 import org.ofbiz.service.job.JobManagerException;
@@ -184,8 +185,16 @@
     }
 
     /**
+     * @see org.ofbiz.service.LocalDispatcher#getAuthorization()
+     */    
+    public Authorization getAuthorization() {
+        return dispatcher.getAuthorization();
+    }
+    
+    /**
      * @see org.ofbiz.service.LocalDispatcher#getSecurity()
      */
+    @Deprecated
     public Security getSecurity() {
         return dispatcher.getSecurity();
     }

Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/LocalDispatcher.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/LocalDispatcher.java?rev=769936&r1=769935&r2=769936&view=diff
==============================================================================
--- ofbiz/trunk/framework/service/src/org/ofbiz/service/LocalDispatcher.java (original)
+++ ofbiz/trunk/framework/service/src/org/ofbiz/service/LocalDispatcher.java Wed Apr 29 21:11:35 2009
@@ -22,6 +22,7 @@
 
 import org.ofbiz.entity.GenericDelegator;
 import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
 import org.ofbiz.service.jms.JmsListenerFactory;
 import org.ofbiz.service.job.JobManager;
 
@@ -319,9 +320,16 @@
     public GenericDelegator getDelegator();
 
     /**
+     * Gets the Authorization object associated with this dispatcher
+     * @return Authorization object associated with this dispatcher
+     */
+    public Authorization getAuthorization();
+    
+    /**
      * Gets the Security object associated with this dispatcher
      * @return Security object associated with this dispatcher
      */
+    @Deprecated
     public Security getSecurity();
 
     /**

Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java?rev=769936&r1=769935&r2=769936&view=diff
==============================================================================
--- ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java (original)
+++ ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java Wed Apr 29 21:11:35 2009
@@ -29,6 +29,7 @@
 import org.ofbiz.entity.GenericValue;
 import org.ofbiz.entity.util.EntityUtil;
 import org.ofbiz.security.Security;
+import org.ofbiz.security.authz.Authorization;
 
 /**
  * Service Permission Model Class
@@ -49,6 +50,7 @@
 
     public boolean evalPermission(DispatchContext dctx, Map<String, ? extends Object> context) {
         GenericValue userLogin = (GenericValue) context.get("userLogin");
+        Authorization authz = dctx.getAuthorization();
         Security security = dctx.getSecurity();
         if (userLogin == null) {
             Debug.logInfo("Secure service requested with no userLogin object", module);
@@ -56,7 +58,7 @@
         }
         switch (permissionType) {
             case PERMISSION:
-                return evalSimplePermission(security, userLogin);
+                return evalAuthzPermission(authz, userLogin, context);
             case ENTITY_PERMISSION:
                 return evalEntityPermission(security, userLogin);
             case ROLE_MEMBER:
@@ -67,12 +69,12 @@
         }
     }
 
-    private boolean evalSimplePermission(Security security, GenericValue userLogin) {
+    private boolean evalAuthzPermission(Authorization authz, GenericValue userLogin, Map<String, ? extends Object> context) {
         if (nameOrRole == null) {
             Debug.logWarning("Null permission name passed for evaluation", module);
             return false;
         }
-        return security.hasPermission(nameOrRole, userLogin);
+        return authz.hasPermission(userLogin.getString("userLoginId"), nameOrRole, context, false);
     }
 
     private boolean evalEntityPermission(Security security, GenericValue userLogin) {
@@ -93,11 +95,13 @@
         }
         GenericDelegator delegator = userLogin.getDelegator();
         List<GenericValue> partyRoles = null;
+        /** (jaz) THIS IS NOT SECURE AT ALL
         try {
             partyRoles = delegator.findByAnd("PartyRole", "roleTypeId", nameOrRole, "partyId", userLogin.get("partyId"));
         } catch (GenericEntityException e) {
             Debug.logError(e, "Unable to lookup PartyRole records", module);
         }
+        **/
 
         if (UtilValidate.isNotEmpty(partyRoles)) {
             partyRoles = EntityUtil.filterByDate(partyRoles);

Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ServiceDispatcher.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/ServiceDispatcher.java?rev=769936&r1=769935&r2=769936&view=diff
==============================================================================
--- ofbiz/trunk/framework/service/src/org/ofbiz/service/ServiceDispatcher.java (original)
+++ ofbiz/trunk/framework/service/src/org/ofbiz/service/ServiceDispatcher.java Wed Apr 29 21:11:35 2009
@@ -21,8 +21,6 @@
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Set;
-
 import javax.transaction.Transaction;
 
 import javolution.util.FastList;
@@ -45,6 +43,8 @@
 import org.ofbiz.security.Security;
 import org.ofbiz.security.SecurityConfigurationException;
 import org.ofbiz.security.SecurityFactory;
+import org.ofbiz.security.authz.Authorization;
+import org.ofbiz.security.authz.AuthorizationFactory;
 import org.ofbiz.service.config.ServiceConfigUtil;
 import org.ofbiz.service.eca.ServiceEcaRule;
 import org.ofbiz.service.eca.ServiceEcaUtil;
@@ -74,6 +74,7 @@
 
     protected GenericDelegator delegator = null;
     protected GenericEngineFactory factory = null;
+    protected Authorization authz = null;
     protected Security security = null;
     protected Map<String, DispatchContext> localContext = null;
     protected Map<String, List<GenericServiceCallback>> callbacks = null;
@@ -92,6 +93,7 @@
 
         if (delegator != null) {
             try {
+                this.authz = AuthorizationFactory.getInstance(delegator);
                 this.security = SecurityFactory.getInstance(delegator);
             } catch (SecurityConfigurationException e) {
                 Debug.logError(e, "[ServiceDispatcher.init] : No instance of security implementation found.", module);
@@ -797,9 +799,18 @@
     }
 
     /**
+     * Gets the Authorization object associated with this dispatcher
+     * @return Authorization object associated with this dispatcher
+     */
+    public Authorization getAuthorization() {
+        return this.authz;
+    }
+    
+    /**
      * Gets the Security object associated with this dispatcher
      * @return Security object associated with this dispatcher
      */
+    @Deprecated
     public Security getSecurity() {
         return this.security;
     }