Menu
▾
▴
[Cobricks-cvscommit] cobricks2/src/org/cobricks/user AccessPermission.java User.java UserAccessHandler.java UserManagerImpl.java UserPresenter.java UserroleAccessHandler.java
|
From: Michael K. <ko...@us...> - 2005-12-20 18:10:33
|
Update of /cvsroot/cobricks/cobricks2/src/org/cobricks/user In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23729/cobricks/user Modified Files: AccessPermission.java User.java UserAccessHandler.java UserManagerImpl.java UserPresenter.java UserroleAccessHandler.java Log Message: Index: UserPresenter.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/UserPresenter.java,v retrieving revision 1.29 retrieving revision 1.30 diff -u -d -r1.29 -r1.30 --- UserPresenter.java 21 Oct 2005 15:56:46 -0000 1.29 +++ UserPresenter.java 20 Dec 2005 18:10:24 -0000 1.30 @@ -21,6 +21,7 @@ import org.cobricks.core.CobricksException; import org.cobricks.core.ComponentDirectory; import org.cobricks.core.CoreManager; +import org.cobricks.core.DataObject; import org.cobricks.core.Ontology; import org.cobricks.core.OntologyClass; import org.cobricks.core.OntologyClassAttr; @@ -129,6 +130,28 @@ /** + * + */ + public String checkPermission(String userid, String domain, + String action, DataObject o) + { + logger.info("checkPermission(" + userid + "," + domain + "," + action + + "," + o.toString() + ")"); + + try { + int useridint = Integer.parseInt(userid); + Map attrsmap = o.getAttributes(); + return (userManager.checkPermission(useridint, domain, action, + attrsmap) ? "true" + : "false"); + } catch (Exception e) { + logger.error(LogUtil.exception("Failed parsing parameters.", e)); + } + return "false"; + } + + + /** * Check if a user has a particular role - the role can either be specified * by its roleid (an Integer) or by its name. */ Index: AccessPermission.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/AccessPermission.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- AccessPermission.java 4 Nov 2004 17:36:05 -0000 1.3 +++ AccessPermission.java 20 Dec 2005 18:10:24 -0000 1.4 @@ -1,14 +1,10 @@ -/** - * - * @author mic...@ac... - * @version $Date$ - * - * Copyright (c) 2003 Cobricks Group. All rights reserved. +/* + * Copyright (c) 2004-2005 Cobricks Group. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted under the terms of the Cobricks Software * License, either version 1.0 of the License, or (at your option) any - * later version (see www.cobricks.de). + * later version (see www.cobricks.org). * * The above copyright notice and this permission notice shall be * included in all copies or substantial portions of the Software. @@ -16,10 +12,16 @@ package org.cobricks.user; -import java.util.*; +import java.util.Iterator; +import java.util.Map; -import org.apache.log4j.*; +import org.apache.log4j.Logger; +/** + * + * @author mic...@ac... + * @version $Date$ + */ public class AccessPermission implements Comparable @@ -134,21 +136,38 @@ return domain.compareTo(((AccessPermission)o).getDomain()); } - public boolean contains(String dom, String ac, Map att) + public boolean contains(User user, String dom, String ac, Map objattrs) { + // wrong domain if (!this.domain.equals(dom)) return false; + // wrong action if (!(this.action.equals(ac) || this.action.equals("*"))) return false; - // tbd: compare attributes ... or should this be done in the access handlers? + // domain and action match - now we have to compare the + // restricting attributes ... + + // ... the simplest case is if there are no restricting attributes if (attrs == null) return true; + Iterator i = attrs.keySet().iterator(); while (i.hasNext()) { String aname = (String)i.next(); String avalue = (String)attrs.get(aname); + // handle special keywords + if (avalue.equalsIgnoreCase("ownuserid")) + avalue = Integer.toString(user.getUserId()); + if (avalue.equalsIgnoreCase("ownuserclass")) + avalue = user.getUserClass(); + if (avalue.equalsIgnoreCase("ownuserlogin")) + avalue = user.getUserLogin(); + // check attribute - String avalueaccess = (String)att.get(aname); - if (avalueaccess != null) { + Object o = objattrs.get(aname); + if (o != null) { + String avalueaccess = (String)o.toString(); + // TBD compare sets, wildcards + if (!avalueaccess.equalsIgnoreCase(avalue)) return false; } } Index: UserroleAccessHandler.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/UserroleAccessHandler.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- UserroleAccessHandler.java 26 Oct 2004 00:46:35 -0000 1.3 +++ UserroleAccessHandler.java 20 Dec 2005 18:10:24 -0000 1.4 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004 Cobricks Group. All rights reserved. + * Copyright (c) 2003-2005 Cobricks Group. All rights reserved. * * This file is part of a free software package; you can redistribute * it and/or modify it under the terms of the Cobricks Software Licence; @@ -119,12 +119,13 @@ // get permissions of user AccessControl ac = userManager.getAccessControl(); List permissions = ac.getAccessPermissionsByUser(userid); + User user = userManager.getUser(userid); Iterator i = permissions.iterator(); while (i.hasNext()) { AccessPermission perm = (AccessPermission)i.next(); // check if this is the requested permission - if (perm.contains(domain, action, attrs)) return true; + if (perm.contains(user, domain, action, attrs)) return true; } return false; Index: UserManagerImpl.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/UserManagerImpl.java,v retrieving revision 1.53 retrieving revision 1.54 diff -u -d -r1.53 -r1.54 --- UserManagerImpl.java 7 Dec 2005 14:01:46 -0000 1.53 +++ UserManagerImpl.java 20 Dec 2005 18:10:24 -0000 1.54 @@ -1301,11 +1301,11 @@ createAccessRole("user", "Default user", AccessRole.ROLETYPE_AUTH, u); Map myattrs = new HashMap(); - myattrs.put("userid", "own"); + myattrs.put("userid", "ownuserid"); accessControl. addAccessPermission(roleid, "user", "*", myattrs); myattrs = new HashMap(); - myattrs.put("creator", "own"); + myattrs.put("creator", "ownuserid"); accessControl. addAccessPermission(roleid, "item", "create", null); accessControl. Index: User.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/User.java,v retrieving revision 1.27 retrieving revision 1.28 diff -u -d -r1.27 -r1.28 --- User.java 18 Oct 2005 23:54:19 -0000 1.27 +++ User.java 20 Dec 2005 18:10:24 -0000 1.28 @@ -36,8 +36,10 @@ static Logger logger = Logger.getLogger(User.class); - public static final String PASSWORDCRYPT = "basic.credentials.password.crypt"; - public final static String PASSWORDBASE64 = "basic.credentials.password.base64"; + public static final String PASSWORDCRYPT = + "basic.credentials.password.crypt"; + public final static String PASSWORDBASE64 = + "basic.credentials.password.base64"; public static final String LASTLOGIN = "history.org.cobricks.lastlogin"; public static final String FIRSTNAME = "basic.personal.firstname"; @@ -45,10 +47,12 @@ public static final String USERCLASS = "userclass"; public static final String EMAIL = "basic.contact-work.online.email"; - public static final String EMAILBOUNCED = "basic.contact-work.online.emailbounced"; + public static final String EMAILBOUNCED = + "basic.contact-work.online.emailbounced"; public static final String URI = "basic.contact-work.online.uri"; public static final String IMAGEURI = "basic.personal.imageuri"; - public static final String TELECOMMOBILE = "basic.contact-work.telecom.mobile"; + public static final String TELECOMMOBILE = + "basic.contact-work.telecom.mobile"; public static final String REGTIME = "history.org.cobricks.regtime"; public static final String USERLOGIN = "userlogin"; public static final String GLOBALID = "globalid"; Index: UserAccessHandler.java =================================================================== RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/user/UserAccessHandler.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- UserAccessHandler.java 26 Oct 2004 00:46:35 -0000 1.3 +++ UserAccessHandler.java 20 Dec 2005 18:10:24 -0000 1.4 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004 Cobricks Group. All rights reserved. + * Copyright (c) 2003-2005 Cobricks Group. All rights reserved. * * This file is part of a free software package; you can redistribute * it and/or modify it under the terms of the Cobricks Software Licence; @@ -115,12 +115,13 @@ // get permissions of user AccessControl ac = userManager.getAccessControl(); List permissions = ac.getAccessPermissionsByUser(userid); + User user = userManager.getUser(userid); Iterator i = permissions.iterator(); while (i.hasNext()) { AccessPermission perm = (AccessPermission)i.next(); // check if this is the requested permission - if (perm.contains(domain, action, attrs)) return true; + if (perm.contains(user, domain, action, attrs)) return true; } return false; |
