You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ad...@apache.org on 2009/08/27 04:57:34 UTC
svn commit: r808261 - in /ofbiz/branches/executioncontext20090812: ./
framework/api/config/ framework/api/src/org/ofbiz/api/authorization/
Author: adrianc
Date: Thu Aug 27 02:57:34 2009
New Revision: 808261
URL: http://svn.apache.org/viewvc?rev=808261&view=rev
Log:
Added security-aware Freemarker transform.
Added:
ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties (with props)
ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java (with props)
Modified:
ofbiz/branches/executioncontext20090812/BranchReadMe.txt
ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
Modified: ofbiz/branches/executioncontext20090812/BranchReadMe.txt
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/BranchReadMe.txt?rev=808261&r1=808260&r2=808261&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/BranchReadMe.txt (original)
+++ ofbiz/branches/executioncontext20090812/BranchReadMe.txt Thu Aug 27 02:57:34 2009
@@ -43,3 +43,10 @@
action, change the settings in api.properties. You'll see info
messages in the console log.
+2009-08-26: Added security-aware Freemarker transform. Template
+sections can be controlled with:
+
+<@ofbizSecurity permission="view" artifactId="thisTemplate">Some text</...@ofbizSecurity>
+
+If the user has permission to view the artifact, then "Some text"
+will be rendered.
Added: ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties?rev=808261&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties (added)
+++ ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties Thu Aug 27 02:57:34 2009
@@ -0,0 +1,24 @@
+###############################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+###############################################################################
+### FreeMarker transforms ###
+#############################
+
+# entries are in the form: key=transform name, property=transform class name
+
+ofbizSecurity=org.ofbiz.api.authorization.OfbizSecurityTransform
Propchange: ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20090812/framework/api/config/freemarkerTransforms.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java?rev=808261&r1=808260&r2=808261&view=diff
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java (original)
+++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/BasicPermissions.java Thu Aug 27 02:57:34 2009
@@ -19,15 +19,31 @@
package org.ofbiz.api.authorization;
import java.security.Permission;
+import java.util.Map;
+
+import javolution.util.FastMap;
/**
* A collection of basic permissions.
*/
public class BasicPermissions {
+
public static final Permission Access = new BasicPermission("access=true");
public static final Permission Admin = new AdminPermission();
public static final Permission Create = new BasicPermission("create=true");
public static final Permission Delete = new BasicPermission("delete=true");
public static final Permission Update = new BasicPermission("update=true");
public static final Permission View = new BasicPermission("view=true");
+ public static final Map<String, Permission> ConversionMap = createConversionMap();
+
+ protected static Map<String, Permission> createConversionMap() {
+ Map<String, Permission> conversionMap = FastMap.newInstance();
+ conversionMap.put("ACCESS", Access);
+ conversionMap.put("ADMIN", Admin);
+ conversionMap.put("CREATE", Create);
+ conversionMap.put("DELETE", Delete);
+ conversionMap.put("UPDATE", Update);
+ conversionMap.put("VIEW", View);
+ return conversionMap;
+ }
}
Added: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java?rev=808261&view=auto
==============================================================================
--- ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java (added)
+++ ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java Thu Aug 27 02:57:34 2009
@@ -0,0 +1,84 @@
+/*******************************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *******************************************************************************/
+package org.ofbiz.api.authorization;
+
+import java.io.IOException;
+import java.security.AccessControlException;
+import java.security.Permission;
+import java.util.Map;
+
+import org.ofbiz.api.context.ExecutionContext;
+import org.ofbiz.api.context.GenericExecutionArtifact;
+import org.ofbiz.base.util.Debug;
+
+import freemarker.core.Environment;
+import freemarker.ext.beans.BeanModel;
+import freemarker.template.SimpleScalar;
+import freemarker.template.Template;
+import freemarker.template.TemplateDirectiveBody;
+import freemarker.template.TemplateException;
+import freemarker.template.TemplateModel;
+import freemarker.template.TemplateDirectiveModel;
+
+/**
+ * OfbizSecurityTransform - Security-aware Freemarker transform.
+ */
+public class OfbizSecurityTransform implements TemplateDirectiveModel {
+
+ public final static String module = OfbizSecurityTransform.class.getName();
+
+ @SuppressWarnings("unchecked")
+ public void execute(Environment env, Map params, TemplateModel[] loopVars, TemplateDirectiveBody body) throws TemplateException, IOException {
+ if (body == null) {
+ return;
+ }
+ SimpleScalar obj = (SimpleScalar) params.get("artifactId");
+ if (obj == null) {
+ Debug.logError("artifactId parameter not found, unable to execute transform", module);
+ return;
+ }
+ String artifactId = obj.getAsString();
+ obj = (SimpleScalar) params.get("permission");
+ if (obj == null) {
+ Debug.logError("permission parameter not found, unable to execute transform", module);
+ return;
+ }
+ String permStr = obj.getAsString();
+ Permission permission = BasicPermissions.ConversionMap.get(permStr.toUpperCase());
+ if (permission == null) {
+ Debug.logError("Unkown permission \"" + permStr + "\", unable to execute transform", module);
+ return;
+ }
+ BeanModel contextBean = (BeanModel)env.getVariable("executionContext");
+ if (contextBean == null) {
+ Debug.logError("ExecutionContext not found, unable to execute transform", module);
+ return;
+ }
+ Template template = env.getTemplate();
+ String location = template.getName();
+ ExecutionContext executionContext = (ExecutionContext) contextBean.getWrappedObject();
+ executionContext.pushExecutionArtifact(new GenericExecutionArtifact(location, artifactId));
+ AccessController<?> accessController = executionContext.getAccessController();
+ try {
+ accessController.checkPermission(permission);
+ body.render(env.getOut());
+ } catch (AccessControlException e) {}
+ executionContext.popExecutionArtifact();
+ }
+}
Propchange: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"
Propchange: ofbiz/branches/executioncontext20090812/framework/api/src/org/ofbiz/api/authorization/OfbizSecurityTransform.java
------------------------------------------------------------------------------
svn:mime-type = text/plain