Re: Patches+: Security additions to the peer app

[Eric Dobbs <er...@dobbse.net>]

Hi all.

I've done more work on the tdk sample app that I'd like to
share.  I have changed the code to use the pull model, and
included my earlier permission checks.  I have also added a
simple search function which includes criteria that does
where TITLE like '%foo%' or (AUTHOR like '%foo%') or ...

Here's how to take a peek at it.
from a freshly expanded tdk1.1a13 directory...
% ./newapp.sh peer
('newapp peer' on windows)
% cd webapps
% tar zxf peer.tar.gz
This will add my changes to the peer directory tree.
% cd peer/WEB-INF
% rm src/java/org/mycompany/newapp/modules/screens/Form.java
% rm src/java/org/mycompany/newapp/modules/screens/Index.java
(don't need these screens anymore thanks to PullService)

Modify WEB-INF/build/projects/peer.properties with your
platform and database changes.  Also copy your jdbc stuff
into WEB-INF/lib.

% cd build
% ./build-project.sh init
('build-project' init on windows)

start tomcat (tdk/bin/startup.sh or tdk\bin\startup)
point your browser to http://localhost:8080/peer/servlet/peer

Login with turbine, turbine.  You can use the flux stuff to
see the other users, groups and permissions that are already
in your system.  Each of them has a different set of
permissions that effects the options available to them.

Add several records to the system, and then try out the
search.  It searches against title,author,department,or body.

I think the changes would make a nice improvement for tdk14
in terms of providing a broader example.

Let me know what you think.
-Eric
<Attachment missing>