You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by mb...@apache.org on 2017/12/19 19:39:14 UTC

svn commit: r1818708 - in /ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service: ModelPermission.java ModelServiceReader.java

Author: mbrohl
Date: Tue Dec 19 19:39:14 2017
New Revision: 1818708

URL: http://svn.apache.org/viewvc?rev=1818708&view=rev
Log:
Improved: Incomplete RoleMember Permission Checks for ROLE_MEMBER in 
ModelPermission#evalRoleMember.
(OFBIZ-9636)

Thanks Dennis Balkir for reporting and providing the patch.

Modified:
    ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelPermission.java
    ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelServiceReader.java

Modified: ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelPermission.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelPermission.java?rev=1818708&r1=1818707&r2=1818708&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelPermission.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelPermission.java Tue Dec 19 19:39:14 2017
@@ -19,13 +19,11 @@
 package org.apache.ofbiz.service;
 
 import java.io.Serializable;
-import java.util.List;
 import java.util.Map;
 
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.UtilValidate;
 import org.apache.ofbiz.entity.GenericValue;
-import org.apache.ofbiz.entity.util.EntityUtil;
 import org.apache.ofbiz.security.Security;
 
 /**
@@ -38,7 +36,6 @@ public class ModelPermission implements
 
     public static final int PERMISSION = 1;
     public static final int ENTITY_PERMISSION = 2;
-    public static final int ROLE_MEMBER = 3;
     public static final int PERMISSION_SERVICE = 4;
 
     public ModelService serviceModel = null;
@@ -62,8 +59,6 @@ public class ModelPermission implements
                 return evalSimplePermission(security, userLogin);
             case ENTITY_PERMISSION:
                 return evalEntityPermission(security, userLogin);
-            case ROLE_MEMBER:
-                return evalRoleMember(userLogin);
             case PERMISSION_SERVICE:
                 return evalPermissionService(serviceModel, dctx, context);
             default:
@@ -91,22 +86,6 @@ public class ModelPermission implements
         return security.hasEntityPermission(nameOrRole, action, userLogin);
     }
 
-    private boolean evalRoleMember(GenericValue userLogin) {
-        if (nameOrRole == null) {
-            Debug.logWarning("Null role type name passed for evaluation", module);
-            return false;
-        }
-        List<GenericValue> partyRoles = null;
-
-        if (UtilValidate.isNotEmpty(partyRoles)) {
-            partyRoles = EntityUtil.filterByDate(partyRoles);
-            if (UtilValidate.isNotEmpty(partyRoles)) {
-                return true;
-            }
-        }
-        return false;
-    }
-
     private boolean evalPermissionService(ModelService origService, DispatchContext dctx, Map<String, ? extends Object> context) {
         ModelService permission;
         if (permissionServiceName == null) {

Modified: ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelServiceReader.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelServiceReader.java?rev=1818708&r1=1818707&r2=1818708&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelServiceReader.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/service/src/main/java/org/apache/ofbiz/service/ModelServiceReader.java Tue Dec 19 19:39:14 2017
@@ -339,14 +339,6 @@ public class ModelServiceReader implemen
             group.permissions.add(perm);
         }
 
-        // create the role member permissions
-        for (Element element: UtilXml.childElementList(baseElement, "check-role-member")) {
-            ModelPermission perm = new ModelPermission();
-            perm.permissionType = ModelPermission.ROLE_MEMBER;
-            perm.nameOrRole = element.getAttribute("role-type").intern();
-            perm.serviceModel = service;
-            group.permissions.add(perm);
-        }
         // Create the permissions based on permission services
         for (Element element : UtilXml.childElementList(baseElement, "permission-service")) {
             ModelPermission perm = new ModelPermission();