You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2001/06/07 09:28:53 UTC
cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/services/security AccessControl.java JetspeedDBSecurityService.java
taylor 01/06/07 00:28:53
Modified: src/java/org/apache/jetspeed/services JetspeedSecurity.java
src/java/org/apache/jetspeed/services/security
AccessControl.java JetspeedDBSecurityService.java
Log:
updated security service to support permission checks by portlet registry entry
Revision Changes Path
1.2 +18 -2 jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java
Index: JetspeedSecurity.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- JetspeedSecurity.java 2001/06/04 07:14:36 1.1
+++ JetspeedSecurity.java 2001/06/07 07:28:40 1.2
@@ -57,6 +57,7 @@
import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.jetspeed.services.security.*;
import org.apache.turbine.util.RunData;
+import org.apache.jetspeed.om.newregistry.PortletEntry;
import org.apache.jetspeed.portal.Portlet;
@@ -66,15 +67,23 @@
*
* @see org.apache.jetspeed.services.security.JetspeedSecurityService
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
- * @version $Id: JetspeedSecurity.java,v 1.1 2001/06/04 07:14:36 taylor Exp $
+ * @version $Id: JetspeedSecurity.java,v 1.2 2001/06/07 07:28:40 taylor Exp $
*/
abstract public class JetspeedSecurity extends TurbineSecurity
{
+ public static final String PERMISSION_VIEW = "view";
+ public static final String PERMISSION_CUSTOMIZE = "customize";
+ public static final String PERMISSION_MAXIMIZE = "maximize";
+ public static final String PERMISSION_MINIMIZE = "minimize";
+ public static final String PERMISSION_PERSONALIZE = "personalize";
+ public static final String PERMISSION_DETACH = "detach";
+ public static final String PERMISSION_CLOSE = "close";
+ public static final String PERMISSION_INFO = "info";
+
/**
* @see JetspeedSecurityService#checkPermission
*/
-
public static boolean checkPermission(RunData runData, String permission, Portlet portlet)
{
return ((JetspeedSecurityService)getService()).checkPermission(runData, permission, portlet);
@@ -83,7 +92,14 @@
/**
* @see JetspeedSecurityService#checkPermission
*/
+ public static boolean checkPermission(RunData runData, String permission, PortletEntry entry)
+ {
+ return ((JetspeedSecurityService)getService()).checkPermission(runData, permission, entry);
+ }
+ /**
+ * @see JetspeedSecurityService#checkPermission
+ */
public static boolean checkPermission(String user, String action, Portlet portlet)
{
return ((JetspeedSecurityService)getService()).checkPermission(user, action, portlet);
1.2 +3 -1 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/AccessControl.java
Index: AccessControl.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/AccessControl.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- AccessControl.java 2001/06/04 07:16:07 1.1
+++ AccessControl.java 2001/06/07 07:28:46 1.2
@@ -56,6 +56,7 @@
import org.apache.turbine.util.RunData;
import org.apache.jetspeed.portal.Portlet;
+import org.apache.jetspeed.om.newregistry.PortletEntry;
import org.apache.jetspeed.om.profile.Profile;
/**
@@ -64,12 +65,13 @@
*
* @see org.apache.jetspeed.services.security.JetspeedSecurityService
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
- * @version $Id: AccessControl.java,v 1.1 2001/06/04 07:16:07 taylor Exp $
+ * @version $Id: AccessControl.java,v 1.2 2001/06/07 07:28:46 taylor Exp $
*/
public interface AccessControl {
boolean checkPermission(RunData runData, String permission, Portlet portlet);
+ boolean checkPermission(RunData runData, String action, PortletEntry entry);
boolean checkPermission(String user, String action, Portlet portlet);
// TODO: get requirements for controlling access to other OM elements
1.3 +16 -2 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
Index: JetspeedDBSecurityService.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- JetspeedDBSecurityService.java 2001/06/07 06:24:39 1.2
+++ JetspeedDBSecurityService.java 2001/06/07 07:28:49 1.3
@@ -67,7 +67,7 @@
*
* @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
* @author <a href="mailto:sgala@hisitech.com">Santiago Gala</a>
- * @version $Id: JetspeedDBSecurityService.java,v 1.2 2001/06/07 06:24:39 taylor Exp $
+ * @version $Id: JetspeedDBSecurityService.java,v 1.3 2001/06/07 07:28:49 taylor Exp $
*/
@@ -98,7 +98,7 @@
/**
* given the rundata, checks if the currently logged on user has access to a given portlet for the given action
*
- * @param user the username.
+ * @param rundata the request rundata.
* @param permission the jetspeed-action (view, edit, customize, delete...) for which permission is being checked.
* @param portlet the portlet resource
* @exception Sends a RegistryException if the manager can't add
@@ -108,6 +108,20 @@
{
String portletName = portlet.getName();
PortletEntry entry = (PortletEntry)Registry.getEntry(Registry.PORTLET, portletName);
+ return checkPermission(runData, permission, entry);
+ }
+
+ /**
+ * given the rundata, checks if the currently logged on user has access to a given portlet for the given action
+ *
+ * @param rundata the request rundata.
+ * @param permission the jetspeed-action (view, edit, customize, delete...) for which permission is being checked.
+ * @param portlet the portlet entry from the registry.
+ * @exception Sends a RegistryException if the manager can't add
+ * the provided entry
+ */
+ public boolean checkPermission(RunData runData, String permission, PortletEntry entry)
+ {
Security security = entry.getSecurity();
if (null == security)
return true; // grant permission if no security role given
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org