You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@hivemind.apache.org by "Ing. Stefano Girotti" <ic...@hotpop.com> on 2006/05/19 10:55:06 UTC

Re: Best pratice - CRUD Security - Tapestry 4.0

"Brian K. Wallace" 
<<m...@transmorphix.com> ha scritto 
nel messaggio
<ne...@transmorphix.com>news:4469F3A9.70709@transmorphix.com...
 > -----BEGIN PGP SIGNED MESSAGE-----
 > Hash: SHA1
 >
 > This is where I stick with ACEGI being unobtrusive. Not discounting any
 > other method of doing it at all, but I found that with ACEGI I add a
 > hook into "login/logout" pages and there's no other intrusion into my
 > Tapestry applications outside the configuration file (aka: no
 > "isUserInRole("...")" of any kind.
 >
 > Again - one size doesn't fit all - especially with security. Take the
 > "easiest way for you" as long as it foots the bill and you're usually
 > alright.

i'm looking for a Searchable Security:
for example:
for the current user i have to find what special offers can buy....
and again.... the classic Access Control List have read - write - delete or
admin properties....  i'd like to extend it... for example a special offer
is avaible from date to date... or by special code...

i had a look to ACEGI  and seems to me that is not what i'm looking for :(




---------------------------------------------------------------------
To unsubscribe, e-mail: hivemind-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: hivemind-user-help@jakarta.apache.org

Re: Best pratice - CRUD Security - Tapestry 4.0

Posted by "Steve \"Ice Cube\" Lombardi" <ic...@bigfoot.com>.

At 13.28 19/05/2006, Andrea Chiumenti wrote:
>Hi Stefano,
>I think you need something link the one I've developed, currently 
>I've no much time to explain the code, I hope u understand it,
>
>package org.jfly.cedi.security;
>
>import java.util.Collection;
>import java.util.HashMap;
>import java.util.Iterator;
>import java.util.Map;
>import java.util.Set;
>import java.util.TreeSet;
>
>import org.jfly.model.AClientH;
>import org.jfly.model.CLocationRoleH;
>import org.jfly.model.CRoleH;
>import org.jfly.security.JFlyPrincipal;
>import org.jfly.utils.CommonUtils;

FIrst, I'm italian, From Bologna and you? so we can mail in italian language!!!
Then where i can download all the code??? i try google but i don't 
find anything.... just a mail archive

http://www.mail-archive.com/hivemind-user@jakarta.apache.org/msg01697.html


where i found:

I've registered <http://www.jfly.org>www.jfly.org but I have some problems:

can u make avaiable at least some code/small example?

Thanks in advice
Stefano 



---------------------------------------------------------------------
To unsubscribe, e-mail: hivemind-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: hivemind-user-help@jakarta.apache.org

Re: Best pratice - CRUD Security - Tapestry 4.0

Posted by Andrea Chiumenti <ki...@gmail.com>.

Hi Stefano,
I think you need something link the one I've developed, currently I've no
much time to explain the code, I hope u understand it,

package org.jfly.cedi.security;

import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;

import org.jfly.model.AClientH;
import org.jfly.model.CLocationRoleH;
import org.jfly.model.CRoleH;
import org.jfly.security.JFlyPrincipal;
import org.jfly.utils.CommonUtils;

public class CEDIPrincipal extends JFlyPrincipal {

    private Map locationRoles;
    private String mainLocation;
//    ---------------- constructor -------------------------
    public CEDIPrincipal() {
        this("","",new TreeSet());
    }
    public CEDIPrincipal(String name, String fullName, Collection roles) {
        super(name, fullName, roles);
        locationRoles = new HashMap();
    }
//    ---------------- getters -------------------------
    public Map getLocationRoles() {
        return locationRoles;
    }
    public String getMainLocation() {
        return mainLocation;
    }
//    ---------------- setters -------------------------
    public void setLocationRoles(Map locationRoles) {
        this.locationRoles=locationRoles;
    }
    public void setMainLocation(String mainLocation) {
        this.mainLocation=mainLocation;
    }
//    ---------------- methods -------------------------
    public Set getRolesOnLocation(String location) {
        return (Set)getLocationRoles().get(location);
    }

    public void addMainLocationRole(AClientH location, Collection roles) {
        locationRoles.put(location.getClientKey(),
                getRoles(roles));

    }

    public void addLocationRole(CLocationRoleH locationRole) {
        locationRoles.put(locationRole.getLocation().getClientKey(),
                getRoles(locationRole.getCRoleSet()));

    }

    public boolean isUserInRole(String location, String role) {
        boolean result = false;
        Set locationRoles = getRolesOnLocation(location);
        if (!CommonUtils.nullOrEmpty(locationRoles)) {
            result = locationRoles.contains(role);
        }
        return result;
    }


    public boolean isUserInRole(String location, Collection roles) {
        boolean result = false;
        Set locationRoles = getRolesOnLocation(location);
        if (!CommonUtils.nullOrEmpty(locationRoles)) {
            Iterator iRoles = roles.iterator();
            while (iRoles.hasNext() && !result) {
                String role = (String)iRoles.next();
                result = locationRoles.contains(role);
            }

        }
        return result;
    }

    public Set getLocations() {
        return getLocationRoles().keySet();
    }

    public boolean hasLocation(String location) {
        return getLocationRoles().keySet().contains(location);
    }
//    ---------------- helpers -------------------------
    private Set getRoles(Collection roles) {
        Set result = new TreeSet();
        Iterator iter = roles.iterator();
        while (iter.hasNext()) {
            String role = ((CRoleH)iter.next()).getRoleId();
            result.add(role);
        }
        return result;
    }



}




CEDIPrincipal has to be built on user logon, then put in session
Ciao,
Andrea Chiumenti

On 5/19/06, Ing. Stefano Girotti <ic...@hotpop.com> wrote:
>
>
> "Brian K. Wallace"
> <<m...@transmorphix.com> ha scritto
> nel messaggio
> <ne...@transmorphix.com>news:4469F3A9.70709@transmorphix.com
> ...
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > This is where I stick with ACEGI being unobtrusive. Not discounting any
> > other method of doing it at all, but I found that with ACEGI I add a
> > hook into "login/logout" pages and there's no other intrusion into my
> > Tapestry applications outside the configuration file (aka: no
> > "isUserInRole("...")" of any kind.
> >
> > Again - one size doesn't fit all - especially with security. Take the
> > "easiest way for you" as long as it foots the bill and you're usually
> > alright.
>
> i'm looking for a Searchable Security:
> for example:
> for the current user i have to find what special offers can buy....
> and again.... the classic Access Control List have read - write - delete
> or
> admin properties....  i'd like to extend it... for example a special offer
> is avaible from date to date... or by special code...
>
> i had a look to ACEGI  and seems to me that is not what i'm looking for :(
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: hivemind-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: hivemind-user-help@jakarta.apache.org
>
>