You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Andrew Zeneski (JIRA)" <ji...@apache.org> on 2009/04/29 07:01:31 UTC
[jira] Created: (OFBIZ-2381) Implementation of new Authorization
API
Implementation of new Authorization API
---------------------------------------
Key: OFBIZ-2381
URL: https://issues.apache.org/jira/browse/OFBIZ-2381
Project: OFBiz
Issue Type: Sub-task
Components: framework
Affects Versions: SVN trunk
Reporter: Andrew Zeneski
Assignee: Andrew Zeneski
Fix For: SVN trunk
Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski edited comment on OFBIZ-2381 at 5/1/09 2:56 PM:
---------------------------------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
Revision 770407 - Fixed themes to work the the API change
Revision 770771 - Fixed issue w/ ThreadLocal not being cleared by a thread pool
Revision 770836 - Renamed AbtractAuthorization to AbstractAuthorization as it should have been in the first place
was (Author: jaz):
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
Revision 770407 - Fixed themes to work the the API change
Revision 770771 - Fixed issue w/ ThreadLocal not being cleared by a thread pool
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (OFBIZ-2381) Implementation of new Authorization API
Posted by "Bruno Busco (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bruno Busco closed OFBIZ-2381.
------------------------------
Changed from "Resolved" to "Closed" since we do not use the "Resolved" issue status
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski edited comment on OFBIZ-2381 at 4/30/09 12:33 PM:
-----------------------------------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
Revision 770407 - Fixed themes to work the the API change
was (Author: jaz):
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (OFBIZ-2381) Implementation of new Authorization
API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Zeneski resolved OFBIZ-2381.
-----------------------------------
Resolution: Fixed
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (OFBIZ-2381) Implementation of new Authorization
API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski commented on OFBIZ-2381:
---------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 24h
> Remaining Estimate: 24h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski edited comment on OFBIZ-2381 at 4/29/09 11:24 PM:
-----------------------------------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
was (Author: jaz):
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski edited comment on OFBIZ-2381 at 5/1/09 10:50 AM:
----------------------------------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
Revision 770407 - Fixed themes to work the the API change
Revision 770771 - Fixed issue w/ ThreadLocal not being cleared by a thread pool
was (Author: jaz):
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
Revision 770407 - Fixed themes to work the the API change
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12704374#action_12704374 ]
Andrew Zeneski edited comment on OFBIZ-2381 at 4/30/09 12:15 PM:
-----------------------------------------------------------------
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
Revision 770401 - Removed 'expanded' parameter from API; included new findMatchingPermissions() method
was (Author: jaz):
*Commit History*
Revision 769928 - Base API - not enabled will not effect anything
Revision 769929 - Ext. API + Test Cases - Effects only when running tests
Revision 769936 - Service Engine Integration - dispatchContext.getAuthz() - used in check-permission tags
Revision 769937 - Controller Integration - use request.getAttribute("authz") - ACTIVE IN CoreEvents.java
Revision 769943 - Widget Integration - enabled when NOT using an action="" element
Revision 769944 - Themes Integration - uses both APIs for checking permission
Revision 769963 - Fix for infinite looping when using hasPermission from service based DA implementations
Revision 769965 - MiniLang (Simple Method) integration - enabled when NOT using an action="" element
Revision 770036 - Added license header
Revision 770076 - Bug fixes, changed groovy context name to permissionContext
Revision 770077 - Integrated (in context setup) with Webslinger
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Work logged: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#action_10856 ]
Andrew Zeneski logged work on OFBIZ-2381:
-----------------------------------------
Author: Andrew Zeneski
Created on: 29/Apr/09 11:21 PM
Start Date: 29/Apr/09 11:21 PM
Worklog Time Spent: 24h
Issue Time Tracking
-------------------
Time Spent: 48h (was: 24h)
Remaining Estimate: 0h (was: 24h)
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 48h
> Remaining Estimate: 0h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (OFBIZ-2381) Implementation of new Authorization
API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Zeneski updated OFBIZ-2381:
----------------------------------
Attachment: security_2_0-api.patch
Initial implementation of the new Authorization API. Includes Dynamic Access Handlers for:
1. Objects implementing the DynamicAccess interface
2. Groovy scripts (using component:// locations)
3. Groovy scripts (on the classpath or compiled)
4. Services (part of securityext)
Adds new table for AutoGrant permission; adds new field to SecurityPermission to set the dynamicAccess implementation.
Adds test cases for testing the functionality
This implementation is almost ready for checkin, but I am going to spend more time testing first. Here is a preview.
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Attachments: security_2_0-api.patch
>
> Original Estimate: 48h
> Time Spent: 24h
> Remaining Estimate: 24h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Work logged: (OFBIZ-2381) Implementation of new
Authorization API
Posted by "Andrew Zeneski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-2381?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#action_10855 ]
Andrew Zeneski logged work on OFBIZ-2381:
-----------------------------------------
Author: Andrew Zeneski
Created on: 28/Apr/09 10:00 PM
Start Date: 28/Apr/09 10:00 PM
Worklog Time Spent: 24h
Issue Time Tracking
-------------------
Time Spent: 24h
Remaining Estimate: 24h (was: 48h)
> Implementation of new Authorization API
> ---------------------------------------
>
> Key: OFBIZ-2381
> URL: https://issues.apache.org/jira/browse/OFBIZ-2381
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Affects Versions: SVN trunk
> Reporter: Andrew Zeneski
> Assignee: Andrew Zeneski
> Fix For: SVN trunk
>
> Original Estimate: 48h
> Time Spent: 24h
> Remaining Estimate: 24h
>
> Implementation of Authorization API (see documentation on parent task)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.