You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by sg...@apache.org on 2002/06/17 11:19:48 UTC
cvs commit: jakarta-jetspeed/webapp/WEB-INF/db jetspeed.script
sgala 2002/06/17 02:19:47
Modified: build build.xml
src/java/org/apache/jetspeed/modules/actions
JetspeedSessionValidator.java
src/java/org/apache/jetspeed/modules/actions/controls
Minimize.java
src/java/org/apache/jetspeed/om/profile
BaseProfileLocator.java
src/java/org/apache/jetspeed/portal BasePortletSet.java
src/java/org/apache/jetspeed/services/security
JetspeedDBSecurityService.java
webapp/WEB-INF/db jetspeed.script
Log:
Changes for having the anonymous user as 'anon' in the db. I hope all needed files are here. The db will need to be modified to include a role 'guest', with wiew permissions, and a user 'anon', with 'guest' role in all groups.
Revision Changes Path
1.143 +7 -4 jakarta-jetspeed/build/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/build/build.xml,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -r1.142 -r1.143
--- build.xml 16 May 2002 19:58:50 -0000 1.142
+++ build.xml 17 Jun 2002 09:19:46 -0000 1.143
@@ -655,6 +655,7 @@
<test name="org.apache.jetspeed.modules.actions.TestJLoginUser"/>
<test name="org.apache.jetspeed.test.TestBasicSanity"/>
<test name="org.apache.jetspeed.util.template.TestJetspeedLink"/>
+ <test name="org.apache.jetspeed.util.TestMimeType"/>
</junit>
</target>
@@ -682,6 +683,7 @@
<test name="org.apache.jetspeed.modules.actions.TestJLoginUser"/>
<test name="org.apache.jetspeed.test.TestBasicSanity"/>
<test name="org.apache.jetspeed.util.template.TestJetspeedLink"/>
+ <test name="org.apache.jetspeed.util.TestMimeType"/>
</junit>
</target>
@@ -814,13 +816,14 @@
<test name="org.apache.jetspeed.services.psmlmanager.TestMarshalPsml"/>
<test name="org.apache.jetspeed.services.idgenerator.TestIdGenerator"/>
<test name="org.apache.jetspeed.services.registry.TestMarshallRegistry"/>
- <test name="org.apache.jetspeed.services.registry.TestRegistryCategories"/>
<!--
- <test name="org.apache.jetspeed.services.registry.TestRegistryPersistence"/>
+ <test name="org.apache.jetspeed.services.registry.TestRegistryCategories"/>
+ <test name="org.apache.jetspeed.services.registry.TestRegistryPersistence"/>
-->
<test name="org.apache.jetspeed.util.template.TestJetspeedLinkFactory"/>
- <test name="org.apache.jetspeed.util.rewriter.FrameRewriterTest"/>
- <test name="org.apache.jetspeed.services.profiler.TestProfilerService"/>
+ <test name="org.apache.jetspeed.util.rewriter.FrameRewriterTest"/>
+ <test name="org.apache.jetspeed.services.profiler.TestProfilerService"/>
+ <test name="org.apache.jetspeed.util.TestMimeType"/>
</junit>
</target>
1.18 +4 -1 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java
Index: JetspeedSessionValidator.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- JetspeedSessionValidator.java 7 May 2002 15:16:08 -0000 1.17
+++ JetspeedSessionValidator.java 17 Jun 2002 09:19:46 -0000 1.18
@@ -98,6 +98,9 @@
{
//first, invoke our superclass action to make sure
//we follow Turbine evolutions
+ //FIXME: if the user is not found (this can happen, for instance,
+ // if the anonymous user is not in the DB), it throws a terrible exception
+ // in the user's face
super.doPerform(data);
User user = data.getUser();
1.6 +4 -4 jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/controls/Minimize.java
Index: Minimize.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/controls/Minimize.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Minimize.java 22 Mar 2002 18:42:06 -0000 1.5
+++ Minimize.java 17 Jun 2002 09:19:47 -0000 1.6
@@ -80,10 +80,10 @@
public void doPerform( RunData rundata ) throws Exception
{
// Only logged in users can minmize
- if( rundata.getUser() == null || !rundata.getUser().hasLoggedIn() )
- {
- return;
- }
+ //if( rundata.getUser() == null || !rundata.getUser().hasLoggedIn() )
+ //{
+ // return;
+ //}
// Get jsp_peid parmameter. If it does not exist, then do nothing
String peid = rundata.getParameters().getString("js_peid");
1.12 +2 -12 jakarta-jetspeed/src/java/org/apache/jetspeed/om/profile/BaseProfileLocator.java
Index: BaseProfileLocator.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/profile/BaseProfileLocator.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- BaseProfileLocator.java 22 Apr 2002 02:42:22 -0000 1.11
+++ BaseProfileLocator.java 17 Jun 2002 09:19:47 -0000 1.12
@@ -273,17 +273,7 @@
{
try
{
- if (SecurityServiceRegistered())
- this.setUser( JetspeedSecurity.getAnonymousUser() );
- else
- {
- // warning: this ties us to turbine security
- // we could load class from TRP
- // (services.SecurityService.user.class)
- User user = new BaseJetspeedUser();
- user.setUserName("anon");
- this.setUser(user);
- }
+ this.setUser( JetspeedSecurity.getAnonymousUser() );
}
catch (UnknownEntityException e)
{
1.19 +6 -4 jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java
Index: BasePortletSet.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- BasePortletSet.java 29 Mar 2002 20:12:32 -0000 1.18
+++ BasePortletSet.java 17 Jun 2002 09:19:47 -0000 1.19
@@ -570,12 +570,12 @@
*/
public boolean allowCustomize( RunData rundata )
{
- if ( (rundata.getUser() == null) || !rundata.getUser().hasLoggedIn() )
+ /* if ( (rundata.getUser() == null) || !rundata.getUser().hasLoggedIn() )
{
return false; //No permission if user not logged in
- }
+ }*/
return (JetspeedSecurity.checkPermission(rundata,
- JetspeedSecurity.PERMISSION_INFO,
+ JetspeedSecurity.PERMISSION_CUSTOMIZE,
this));
}
@@ -619,6 +619,8 @@
{
// empty
}
+
+ //Portlet interface
/**
Retrieve a portlet attribute from persistent storage
1.20 +64 -4 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
Index: JetspeedDBSecurityService.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- JetspeedDBSecurityService.java 28 May 2002 23:04:55 -0000 1.19
+++ JetspeedDBSecurityService.java 17 Jun 2002 09:19:47 -0000 1.20
@@ -434,6 +434,60 @@
removeRole(role);
}
+ /**
+ * Returns an User object to represent an anonymous user of the application.
+ *
+ * We retrieve a "true" user, so that security can be handled the same
+ * whether the user has logged in or not.
+ *
+ * Also, we cache the user to avoid extra database accesses.
+ * This user is shared between all anonymous concurrent users, and it is not
+ * saved to the database.
+ *
+ * @return An anonymous Turbine User.
+ * @throws UnknownEntityException if the implementation of User interface
+ * could not be determined, or does not exist.
+ */
+ public User getAnonymousUser()
+ throws UnknownEntityException
+ {
+ try
+ {
+ User anonymousUser = getUser("anon");
+ return anonymousUser;
+ }
+ catch (DataBackendException dbe )
+ {
+ throw new UnknownEntityException( dbe.getMessage() );
+ }
+ }
+
+
+ /**
+ * Saves User's data in the permanent storage. The user account is required
+ * to exist in the storage.
+ * The anonymous user will not be saved.
+ *
+ * @exception UnknownEntityException if the user's account does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ */
+ public void saveUser( User user )
+ throws UnknownEntityException, DataBackendException
+ {
+ //Turbine does not offer any identity test for users. Bad.
+ //We assume here that getUserName() will return a user id.
+ if( !getAnonymousUser().getUserName().equals( user.getUserName() ) ) {
+ super.saveUser(user);
+ Log.debug("User " + user.getUserName() + "saved to permanent storage" );
+ } else {
+ Log.debug("Anonymous user not saved to permanent storage" );
+ }
+ }
+
+
+
private boolean checkDefaultPermission(RunData runData, String permission) {
String defaultPermissions[] = null;
ResourceService serviceConf = ((TurbineServices)TurbineServices.getInstance())
@@ -487,6 +541,12 @@
return username;
}
+ /**
+ * Convert a password string to appropriate casing, according to configuration.
+ *
+ * @param password The string to convert.
+ * @return password in the appropriate case.
+ */
public String convertPassword(String password)
{
if (caseInsensitivePassword)
@@ -576,7 +636,7 @@
* @param user the object describing account to be created.
* @throws DataBackendException if there was an error accessing the data backend.
* @throws EntityExistsException if the user account already exists.
- * @see convertPassword()
+ * @see #convertPassword(String)
*/
public void addUser( User user, String password )
throws DataBackendException, EntityExistsException
@@ -598,7 +658,7 @@
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
- * @see convertPassword()
+ * @see #convertPassword(String)
*/
public void changePassword( User user, String oldPassword, String newPassword )
throws PasswordMismatchException, UnknownEntityException,
@@ -622,7 +682,7 @@
* exist in the database.
* @exception DataBackendException if there is a problem accessing the
* storage.
- * @see convertPassword()
+ * @see #convertPassword(String)
*/
public void forcePassword( User user, String password )
throws UnknownEntityException, DataBackendException
1.14 +8 -2 jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script
Index: jetspeed.script
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- jetspeed.script 5 Apr 2002 21:10:07 -0000 1.13
+++ jetspeed.script 17 Jun 2002 09:19:47 -0000 1.14
@@ -95,10 +95,12 @@
INSERT INTO TURBINE_PERMISSION VALUES(8,'detach',NULL)
INSERT INTO TURBINE_ROLE VALUES(1,'user',NULL)
INSERT INTO TURBINE_ROLE VALUES(2,'admin',NULL)
+INSERT INTO TURBINE_ROLE VALUES(3,'guest',NULL)
INSERT INTO TURBINE_GROUP VALUES(1,'Jetspeed',NULL)
INSERT INTO TURBINE_GROUP VALUES(2,'apache',NULL)
INSERT INTO TURBINE_USER VALUES(0,'turbine','turbine','Tommy','Turbine','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:32.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b02000078700000007678')
INSERT INTO TURBINE_USER VALUES(1,'admin','jetspeed','Jetspeed','Admin','david@bluesunrise.com','CONFIRMED',NULL,NULL,'2001-11-11 18:45:41.671','F','aced0005737200136a6176612e7574696c2e486173687461626c6513bb0f25214ae4b803000246000a6c6f6164466163746f724900097468726573686f6c6478703f400000000000027708000000030000000174000f5f6163636573735f636f756e746572737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b0200007870000000a978')
+INSERT INTO TURBINE_USER VALUES(2,'anon','anon','Anon','Ymous','sgala@apache.org','CONFIRMED',NULL,NULL,NULL,'F','')
INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,1)
INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,2)
INSERT INTO TURBINE_ROLE_PERMISSION VALUES(1,3)
@@ -115,6 +117,11 @@
INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(0,1,1)
INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,1,1)
INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,1,2)
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(2,1,3)
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(0,3,1)
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,3,1)
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,3,2)
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(2,3,3)
INSERT INTO ID_TABLE VALUES(1,'TURBINE_PERMISSION',100,10)
INSERT INTO ID_TABLE VALUES(2,'TURBINE_ROLE',120,10)
INSERT INTO ID_TABLE VALUES(3,'TURBINE_GROUP',100,10)
@@ -137,5 +144,4 @@
INSERT INTO COFFEES VALUES('KenyanGrade',2,7.99,1,2)
INSERT INTO COFFEES VALUES('JoeGrade',3,7.99,1,2)
INSERT INTO COFFEES VALUES('CantThinkOfAnymoreGrade',4,7.99,1,2)
-/*C4*/CONNECT USER sa PASSWORD ""
-
+/*C1*/CONNECT USER sa PASSWORD ""
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>