Menu
▾
▴
[Hyperic-hq-discuss] hq r13898 - in trunk/src/org/hyperic/hq: authz/shared events/server/session
|
From: <dcr...@hy...> - 2009-10-23 00:56:07
|
Author: dcrutchf Date: 2009-10-22 17:24:29 -0700 (Thu, 22 Oct 2009) New Revision: 13898 URL: http://svn.hyperic.org/?view=rev&root=Hyperic+HQ&revision=13898 Modified: trunk/src/org/hyperic/hq/authz/shared/PermissionManager.java trunk/src/org/hyperic/hq/authz/shared/PermissionManagerImpl.java trunk/src/org/hyperic/hq/events/server/session/EventLogDAO.java Log: [HQ-1499] - User with no alerting access can view alerts/events in Event Center Modified: trunk/src/org/hyperic/hq/authz/shared/PermissionManager.java =================================================================== --- trunk/src/org/hyperic/hq/authz/shared/PermissionManager.java 2009-10-22 21:36:42 UTC (rev 13897) +++ trunk/src/org/hyperic/hq/authz/shared/PermissionManager.java 2009-10-23 00:24:29 UTC (rev 13898) @@ -206,12 +206,14 @@ public interface RolePermNativeSQL { String getSQL(); - Query bindParams(Query q, AuthzSubject subject, List operations); + Query bindParams(Query q, AuthzSubject subject, List viewResourcesOperations, List manageAlertOperations); } public abstract RolePermNativeSQL - getRolePermissionNativeSQL(String resourceVar, String subjectParam, - String opListParam); + getRolePermissionNativeSQL(String resourceVar, String eventLogVar, + String subjectParam, + String opListViewResourcesParam, + String opListManageAlertsParam); public abstract String getAlertsHQL(boolean inEscalation, boolean notFixed, Modified: trunk/src/org/hyperic/hq/authz/shared/PermissionManagerImpl.java =================================================================== --- trunk/src/org/hyperic/hq/authz/shared/PermissionManagerImpl.java 2009-10-22 21:36:42 UTC (rev 13897) +++ trunk/src/org/hyperic/hq/authz/shared/PermissionManagerImpl.java 2009-10-23 00:24:29 UTC (rev 13898) @@ -368,15 +368,17 @@ } public RolePermNativeSQL getRolePermissionNativeSQL(String resourceVar, + String eventLogVar, String subjectParam, - String opListParam) + String opListViewResourcesParam, + String opListManageAlertsParam) { return new RolePermNativeSQL() { public String getSQL() { return ""; } - public Query bindParams(Query q, AuthzSubject subject, List ops) { + public Query bindParams(Query q, AuthzSubject subject, List opsViewResources, List opsManageAlerts) { return q; } }; Modified: trunk/src/org/hyperic/hq/events/server/session/EventLogDAO.java =================================================================== --- trunk/src/org/hyperic/hq/events/server/session/EventLogDAO.java 2009-10-22 21:36:42 UTC (rev 13897) +++ trunk/src/org/hyperic/hq/events/server/session/EventLogDAO.java 2009-10-23 00:24:29 UTC (rev 13898) @@ -67,9 +67,17 @@ AuthzConstants.platformOpViewPlatform, AuthzConstants.serverOpViewServer, AuthzConstants.serviceOpViewService, - AuthzConstants.groupOpViewResourceGroup, + AuthzConstants.groupOpViewResourceGroup }); + private static final List MANAGE_ALERT_PERMISSIONS = + Arrays.asList(new String[] { + AuthzConstants.platformOpManageAlerts, + AuthzConstants.serverOpManageAlerts, + AuthzConstants.serviceOpManageAlerts, + AuthzConstants.groupOpManageAlerts + }); + public EventLogDAO(DAOFactory f) { super(EventLog.class, f); } @@ -143,7 +151,7 @@ RolePermNativeSQL roleSql = PermissionManagerFactory .getInstance() - .getRolePermissionNativeSQL("r", "subject", "opList"); + .getRolePermissionNativeSQL("r", "e", "subject", "opListVR", "opListMA"); if (inGroups == null || inGroups.isEmpty()) @@ -194,7 +202,7 @@ .setLong("begin", begin) .setLong("end", end) .setInteger("maxStatus", maxStatus.getCode()); - roleSql.bindParams(q, subject, VIEW_PERMISSIONS); + roleSql.bindParams(q, subject, VIEW_PERMISSIONS, MANAGE_ALERT_PERMISSIONS); if (typeClass != null) { q.setString("type", typeClass); |
