Menu
▾
▴
[Jboss-svn-commits] JBL Code SVN: r4391 - in labs/jbossforums/trunk: forums forums/src/main/org/jboss/portlet/forums forums/src/main/org/jboss/portlet/forums/auth forums/src/main/org/jboss/portlet/forums/ui forums/src/main/org/jboss/portlet/forums/ui/action forums/src/resources/portal-forums-sar/META-INF forums/src/resources/portal-forums-war/WEB-INF forums/src/resources/portal-forums-war/views/admin thirdparty thirdparty/facelets thirdparty/facelets/lib tools/etc/buildfragments
Author: soh...@jb... Date: 2006-05-23 22:27:13 -0400 (Tue, 23 May 2006) New Revision: 4391 Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLTagHandler.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/Authorization.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContext.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContextImpl.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationInterface.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationListener.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFActionContext.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFSecurityContext.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFUIContext.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/SecurityContext.java labs/jbossforums/trunk/thirdparty/facelets/ labs/jbossforums/trunk/thirdparty/facelets/lib/ labs/jbossforums/trunk/thirdparty/facelets/lib/el-api.jar labs/jbossforums/trunk/thirdparty/facelets/lib/jsf-facelets.jar Modified: labs/jbossforums/trunk/forums/build.xml labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/PortalUtil.java labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/action/AdminController.java labs/jbossforums/trunk/forums/src/resources/portal-forums-sar/META-INF/jboss-service.xml labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/editCategory.xhtml labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/index.xhtml labs/jbossforums/trunk/tools/etc/buildfragments/libraries.ent Log: 1) Integrate an Authorization SPI into the Forums - http://www.jboss.com/index.html?module=bb&op=viewtopic&t=82310 Modified: labs/jbossforums/trunk/forums/build.xml =================================================================== --- labs/jbossforums/trunk/forums/build.xml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/build.xml 2006-05-24 02:27:13 UTC (rev 4391) @@ -80,6 +80,7 @@ <path refid="apache.myfaces.classpath"/> <path refid="jboss.hibernate.classpath"/> <path refid="jbportal.classpath"/> + <path refid="facelets.classpath"/> </path> <!-- Configure modules --> Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLTagHandler.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLTagHandler.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/ACLTagHandler.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,161 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +//core java +import java.io.IOException; +import java.util.StringTokenizer; + + +//jsf +import javax.faces.context.FacesContext; +import javax.faces.FacesException; +import javax.faces.component.UIComponent; + +//logging +import org.apache.log4j.Logger; +import org.jboss.portlet.forums.ui.PortalUtil; + +//servlet +import javax.el.ELException; +import javax.el.ExpressionFactory; +import javax.el.ValueExpression; + + +//facelets +import com.sun.facelets.FaceletContext; +import com.sun.facelets.tag.TagConfig; +import com.sun.facelets.tag.TagHandler; +import com.sun.facelets.tag.TagAttribute; +import com.sun.facelets.el.ELAdaptor; + + +/** + * + * @author Sohil Shah - soh...@jb... - Mar 29, 2006 + * + */ +public class ACLTagHandler extends TagHandler +{ + /** + * + */ + private static final Logger log = Logger.getLogger(ACLTagHandler.class); + + //possible attributes + private TagAttribute fragment = null; //required + private TagAttribute contextData = null; //optional + + /** + * @param config + */ + public ACLTagHandler(TagConfig config) + { + super(config); + + // helper method for getting a required attribute + this.fragment = this.getRequiredAttribute("fragment"); + + // helper method, optional attribute + this.contextData = this.getAttribute("contextData"); + } + + /** + * Threadsafe Method for controlling evaluation of + * its child tags, represented by "nextHandler" + */ + public void apply(FaceletContext ctx, UIComponent parent) + throws IOException,FacesException,ELException + { + FacesContext facesContext = ctx.getFacesContext(); + + //make sure an authorization provider has been hooked in + try + { + if(Authorization.getProvider()==null) + { + //no authorization will be enforced + this.nextHandler.apply(ctx, parent); + return; + } + } + catch(Exception e) + { + throw new FacesException(e); + } + + //an authorization provider is hooked in....go ahead and perform authorization + try + { + String resource = this.fragment.getValue(); + String contextStr = null; + + if(this.contextData!=null) + { + contextStr = this.contextData.getValue(); + } + + //resourcesetup + Object[] runtime = null; + if(contextStr!=null && contextStr.trim().length()>0) + { + StringTokenizer st = new StringTokenizer(contextStr,","); + runtime = new Object[st.countTokens()]; + int i=0; + while(st.hasMoreTokens()) + { + String parameter = st.nextToken(); + Object parameterValue = null; + + //evaluate this expression to a value + ExpressionFactory f = ctx.getExpressionFactory(); + ValueExpression expr = f.createValueExpression(ctx,parameter,Object.class); + parameterValue = expr.getValue(ELAdaptor.getELContext(facesContext)); + + runtime[i++] = parameterValue; + } + } + + //check access here + JSFUIContext securityContext = new JSFUIContext(PortalUtil.getUser(),facesContext); + securityContext.setFragment(resource); + securityContext.setContextData(runtime); + + //feed this context to the Authorization system which will decide whether + //access should be granted or not + boolean isAccessAllowed = Authorization.getProvider().hasAccess(securityContext); + + if(isAccessAllowed) + { + this.nextHandler.apply(ctx, parent); + } + } + catch(NoSuchMethodException nsme) + { + throw new FacesException(nsme); + } + catch(Exception e) + { + throw new FacesException(e); + } + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/Authorization.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/Authorization.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/Authorization.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,70 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +//jmx related +import javax.management.MBeanServer; +import javax.management.ObjectName; + +import org.jboss.mx.util.MBeanProxy; +import org.jboss.mx.util.MBeanServerLocator; + +/* + * Created on May 19, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public class Authorization +{ + static AuthorizationContext cachedContext = null; + + /** + * look this jmx service up and make this service available to clients of this system + * also cache this provider so that jmx lookup is only required once during the life-time of this application + * + */ + public static AuthorizationContext getContext() throws Exception + { + if(Authorization.cachedContext==null) + { + //get the registered cms service mbean + MBeanServer mbeanServer = MBeanServerLocator.locateJBoss(); + Authorization.cachedContext = (AuthorizationContext)MBeanProxy.get(AuthorizationContext.class, + new ObjectName("portal.forums:service=AuthorizationContext"), + mbeanServer); + } + return Authorization.cachedContext; + } + + /** + * + * + */ + public static AuthorizationInterface getProvider() throws Exception + { + AuthorizationInterface provider = null; + + provider = getContext().getProvider(); + + return provider; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContext.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContext.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContext.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,36 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +/* + * Created on May 19, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public interface AuthorizationContext +{ + /** + * + * + */ + public AuthorizationInterface getProvider(); +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContextImpl.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContextImpl.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationContextImpl.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,103 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +//logging related +import org.apache.log4j.Logger; + + +/* + * Created on May 19, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public class AuthorizationContextImpl implements AuthorizationContext +{ + /** + * + */ + private static final Logger log = Logger.getLogger(AuthorizationContextImpl.class); + + /** + * + */ + private AuthorizationInterface provider = null; + private String providerImpl = null; + + /** + * + * + */ + public AuthorizationContextImpl() + { + } + + + /** + * @param providerImpl The providerImpl to set. + */ + public void setProviderImpl(String providerImpl) + { + this.providerImpl = providerImpl; + } + + //----AuthorizationContext implementation------------------------------------------------------------------------------------------------ + /** + * @return Returns the provider. + */ + public AuthorizationInterface getProvider() + { + return provider; + } + //------jmx mbean related operations------------------------------------------------------------------------------------------------------- + /** + * + * + */ + public void start() + { + try + { + this.provider = (AuthorizationInterface)Class.forName(this.providerImpl).newInstance(); + //reset the cachedContext + Authorization.cachedContext = null; + log.info(AuthorizationContextImpl.class.getName()+" successfully started......"); + } + catch(Exception e) + { + this.stop(); + log.error(this,e); + log.info(AuthorizationContextImpl.class.getName()+" failed to start......"); + } + } + + /** + * + * + */ + public void stop() + { + this.provider = null; + this.providerImpl = null; + Authorization.cachedContext = null; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationInterface.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationInterface.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationInterface.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,32 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +/* + * Created on May 18, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public interface AuthorizationInterface +{ + public boolean hasAccess(SecurityContext context); +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationListener.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationListener.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/AuthorizationListener.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,167 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +//core java api +import java.lang.reflect.Method; +import java.security.AccessControlException; + +//jsf api +import javax.faces.FacesException; +import javax.faces.context.FacesContext; +import javax.faces.application.Application; +import javax.faces.component.ActionSource; +import javax.faces.event.AbortProcessingException; +import javax.faces.event.ActionEvent; +import javax.faces.el.MethodBinding; +import javax.faces.el.VariableResolver; + + +//myfaces integration +import org.apache.myfaces.application.ActionListenerImpl; + +//jsf forums classes +import org.jboss.portlet.forums.ui.JSFUtil; +import org.jboss.portlet.forums.ui.PortalUtil; + + +/* + * Created on May 17, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public class AuthorizationListener extends ActionListenerImpl +{ + /** + * + */ + public AuthorizationListener() throws Exception + { + } + + /* + */ + public void processAction(ActionEvent actionEvent) throws AbortProcessingException + { + FacesContext facesContext = FacesContext.getCurrentInstance(); + + //make sure an authorization provider has been hooked in + try + { + if(Authorization.getProvider()==null) + { + //no authorization will be enforced + super.processAction(actionEvent); + return; + } + } + catch(Exception e) + { + throw new FacesException("Error calling action method of component with id " + actionEvent.getComponent().getClientId(facesContext), e); + } + + + //an authorization provider is hooked in, go ahead and enforce authorization + boolean isAccessAllowed = this.isAccessAllowed(actionEvent); + + if(isAccessAllowed) + { + //make method call + super.processAction(actionEvent); + } + else + { + AccessControlException ace = new AccessControlException("Access Denied"); + JSFUtil.handleException(ace); + throw new AbortProcessingException(ace); + } + } + + /** + * + * + */ + private boolean isAccessAllowed(ActionEvent actionEvent) + { + boolean isAccessAllowed = false; + FacesContext facesContext = FacesContext.getCurrentInstance(); + Application application = facesContext.getApplication(); + + //enforce authorization security + try + { + ActionSource actionSource = (ActionSource)actionEvent.getComponent(); + MethodBinding methodBinding = actionSource.getAction(); + Method businessAction = null; + Object managedBean = null; + if(methodBinding!=null) + { + //this means a business action is going to be called...this needs to be authorized + VariableResolver variableResolver = application.getVariableResolver(); + String expression = methodBinding.getExpressionString(); + String[] methodInfo = this.parseExpression(expression); + + managedBean = variableResolver.resolveVariable(facesContext,methodInfo[0]); + businessAction = managedBean.getClass().getMethod(methodInfo[1],null); + } + + //start building the SecurityContext here for the Authorization System + JSFActionContext securityContext = new JSFActionContext(PortalUtil.getUser(),facesContext); + securityContext.setBusinessAction(businessAction); + securityContext.setManagedBean(managedBean); + + //feed this context to the Authorization system which will decide whether + //access should be granted or not + isAccessAllowed = Authorization.getProvider().hasAccess(securityContext); + } + catch(NoSuchMethodException nsme) + { + throw new FacesException("Error calling action method of component with id " + actionEvent.getComponent().getClientId(facesContext), nsme); + } + catch(Exception e) + { + throw new FacesException("Error calling action method of component with id " + actionEvent.getComponent().getClientId(facesContext), e); + } + return isAccessAllowed; + } + + /** + * + * Created on May 18, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ + private String[] parseExpression(String expression) + { + String[] values = new String[2]; + + int startIndex = expression.indexOf('{') + 1; + int endIndex = expression.trim().length()-1; + int dotIndex = expression.indexOf('.'); + + + values[0] = expression.substring(startIndex,dotIndex).trim(); + values[1] = expression.substring(dotIndex+1,endIndex).trim(); + + return values; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFActionContext.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFActionContext.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFActionContext.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,90 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +import java.lang.reflect.Method; + +import javax.faces.context.FacesContext; + +/* + * Created on May 23, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public class JSFActionContext extends JSFSecurityContext +{ + /** + * this is the action method on a JSF Managed Bean that is being called + * and needs to be authorized access to + */ + private Method businessAction = null; + + /** + * This is the JSF Managed Bean that is being used + */ + private Object managedBean = null; + + /** + * + * + */ + public JSFActionContext(Object identity,FacesContext facesContext) + { + super(identity,facesContext); + } + + /** + * + * + */ + public Method getBusinessAction() + { + return this.businessAction; + } + + /** + * + * + */ + public void setBusinessAction(Method businessAction) + { + this.businessAction = businessAction; + } + + /** + * + * + */ + public Object getManagedBean() + { + return this.managedBean; + } + + /** + * + * + */ + public void setManagedBean(Object managedBean) + { + this.managedBean = managedBean; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFSecurityContext.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFSecurityContext.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFSecurityContext.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,87 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +import java.lang.reflect.Method; + +import javax.faces.context.FacesContext; + + + +/* + * Created on May 19, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public abstract class JSFSecurityContext implements SecurityContext +{ + /** + * + */ + private FacesContext facesContext = null; + + + /** + * this is current user that needs to be authorized.. + * left the type of this identity open ended.. + * the actual provider can then cast it based on what it expects it to be + */ + private Object identity = null; + + + /** + * + * + */ + public JSFSecurityContext(Object identity,FacesContext facesContext) + { + this.facesContext = facesContext; + this.identity = identity; + } + + + + /** + * @return Returns the identity. + */ + public Object getIdentity() + { + return this.identity; + } + + /** + * @param identity The identity to set. + */ + public void setIdentity(Object identity) + { + this.identity = identity; + } + + /** + * + * + */ + public FacesContext getFacesContext() + { + return this.facesContext; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFUIContext.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFUIContext.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/JSFUIContext.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,78 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +import javax.faces.context.FacesContext; + +/* + * Created on May 23, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public class JSFUIContext extends JSFSecurityContext +{ + /** + * + * + */ + private String fragment = null; + private Object[] contextData = null; + + /** + * + * + */ + public JSFUIContext(Object identity,FacesContext facesContext) + { + super(identity,facesContext); + } + + + /** + * @return Returns the contextData. + */ + public Object[] getContextData() + { + return contextData; + } + /** + * @param contextData The contextData to set. + */ + public void setContextData(Object[] contextData) + { + this.contextData = contextData; + } + /** + * @return Returns the fragment. + */ + public String getFragment() + { + return fragment; + } + /** + * @param fragment The fragment to set. + */ + public void setFragment(String fragment) + { + this.fragment = fragment; + } +} Added: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/SecurityContext.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/SecurityContext.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/auth/SecurityContext.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -0,0 +1,32 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.portlet.forums.auth; + +/* + * Created on May 18, 2006 + * + * @author <a href="mailto:soh...@jb...">Sohil Shah</a> + */ +public interface SecurityContext +{ + public Object getIdentity(); +} Modified: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/PortalUtil.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/PortalUtil.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/PortalUtil.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -227,10 +227,12 @@ { User user = null; String userName = - FacesContext.getCurrentInstance().getExternalContext().getRemoteUser(); - UserModule userModule = - (UserModule) new InitialContext().lookup(ModuleConstants.USERMODULE_JNDINAME); - user = userModule.findUserByUserName(userName); + FacesContext.getCurrentInstance().getExternalContext().getRemoteUser(); + if(userName!=null && userName.trim().length()>0) + { + UserModule userModule = (UserModule) new InitialContext().lookup(ModuleConstants.USERMODULE_JNDINAME); + user = userModule.findUserByUserName(userName); + } return user; } Modified: labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/action/AdminController.java =================================================================== --- labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/action/AdminController.java 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/main/org/jboss/portlet/forums/ui/action/AdminController.java 2006-05-24 02:27:13 UTC (rev 4391) @@ -44,7 +44,6 @@ * */ private String categoryName = null; //this is used by the create new category usecase - private Category category = null; //this is used in the edit category usecase /** * ui data associated with "Forum" information @@ -59,7 +58,7 @@ */ public String getCategoryName() { - return categoryName; + return this.categoryName; } /** * @param categoryName The categoryName to set. @@ -67,22 +66,8 @@ public void setCategoryName(String categoryName) { this.categoryName = categoryName; - } + } /** - * @return Returns the category. - */ - public Category getCategory() - { - return category; - } - /** - * @param category The category to set. - */ - public void setCategory(Category category) - { - this.category = category; - } - /** * @return Returns the forumDescription. */ public String getForumDescription() @@ -129,7 +114,8 @@ } if(categoryId!=-1) { - this.category = BaseController.getForumsModule().findCategoryById(new Integer(categoryId)); + Category category = BaseController.getForumsModule().findCategoryById(new Integer(categoryId)); + this.categoryName = category.getTitle(); } } catch(Exception e) @@ -177,8 +163,19 @@ String navState = null; boolean success = false; try - { - JSFUtil.setMessage(Constants.FEEDBACK,"The Category \""+this.category.getTitle()+"\" was successfully updated."); + { + int categoryId = -1; + String cour = ForumUtil.getParameter(Constants.p_categoryId); + if(cour!=null && cour.trim().length()>0) + { + categoryId = Integer.parseInt(cour); + } + + //grab the category from the module and set the title + Category category = BaseController.getForumsModule().findCategoryById(new Integer(categoryId)); + category.setTitle(this.categoryName); + + JSFUtil.setMessage(Constants.FEEDBACK,"The Category \""+this.categoryName+"\" was successfully updated."); navState = Constants.EDIT_CATEGORY; success = true; } @@ -191,7 +188,7 @@ if(success) { //cleanup the state - this.category = null; + this.categoryName = null; } } return navState; Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-sar/META-INF/jboss-service.xml =================================================================== --- labs/jbossforums/trunk/forums/src/resources/portal-forums-sar/META-INF/jboss-service.xml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/resources/portal-forums-sar/META-INF/jboss-service.xml 2006-05-24 02:27:13 UTC (rev 4391) @@ -19,5 +19,35 @@ <attribute name="FromAddress">po...@ex...</attribute> <attribute name="JNDIName">java:portal/ForumsModule</attribute> <depends optional-attribute-name="Hibernate" proxy-type="attribute">portal.forums:service=Hibernate</depends> - </mbean> + </mbean> + <!-- configure the AuthorizationContext for this application --> + <mbean name="portal.forums:service=AuthorizationContext" + code="org.jboss.portlet.forums.auth.AuthorizationContextImpl" + xmbean-dd="" + > + <!-- plug-in an AuthorizationProvider that implements the AuthorizationInterface here --> + <attribute name="providerImpl">org.jboss.forums.security.AuthorizationProvider</attribute> + <xmbean> + <class>org.jboss.portlet.forums.auth.AuthorizationContextImpl</class> + <constructor> + <name>org.jboss.portlet.forums.auth.AuthorizationContextImpl</name> + </constructor> + <attribute access="write" setMethod="setProviderImpl"> + <name>providerImpl</name> + <type>java.lang.String</type> + </attribute> + <attribute access="read" getMethod="getProvider"> + <name>provider</name> + <type>org.jboss.portlet.forums.auth.AuthorizationInterface</type> + </attribute> + <operation> + <description>The start lifecycle operation</description> + <name>start</name> + </operation> + <operation> + <description>The stop lifecycle operation</description> + <name>stop</name> + </operation> + </xmbean> + </mbean> </server> \ No newline at end of file Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml =================================================================== --- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums-config.xml 2006-05-24 02:27:13 UTC (rev 4391) @@ -15,6 +15,9 @@ <!-- standalone facelets integration --> <view-handler>com.sun.facelets.FaceletViewHandler</view-handler> + <!-- custom action listener with integrated authorization checking --> + <action-listener>org.jboss.portlet.forums.auth.AuthorizationListener</action-listener> + <!-- internationalization --> <locale-config> <default-locale>en</default-locale> @@ -29,7 +32,7 @@ <!-- starts before restoreView --> <phase-listener>org.jboss.portlet.forums.ui.event.BeginTransactionListener</phase-listener> <!-- starts after renderResponse --> - <phase-listener>org.jboss.portlet.forums.ui.event.EndTransactionListener</phase-listener> + <phase-listener>org.jboss.portlet.forums.ui.event.EndTransactionListener</phase-listener> </lifecycle> Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml =================================================================== --- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/WEB-INF/forums.taglib.xml 2006-05-24 02:27:13 UTC (rev 4391) @@ -94,13 +94,20 @@ <function-name>folderTypeURL</function-name> <function-class>org.jboss.portlet.forums.ui.ThemeHelper</function-class> <function-signature>java.lang.String getFolderTypeURL(org.jboss.portlet.forums.model.Topic,boolean)</function-signature> - </function> - <!-- + </function> + + <!-- function to get folderType --> <function> <function-name>folderType</function-name> <function-class>org.jboss.portlet.forums.ui.ThemeHelper</function-class> <function-signature>java.lang.String getFolderType(org.jboss.portlet.forums.model.Topic)</function-signature> - </function> + </function> + + <!-- access control tag --> + <tag> + <tag-name>isAllowed</tag-name> + <handler-class>org.jboss.portlet.forums.auth.ACLTagHandler</handler-class> + </tag> </facelet-taglib> \ No newline at end of file Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/editCategory.xhtml =================================================================== --- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/editCategory.xhtml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/editCategory.xhtml 2006-05-24 02:27:13 UTC (rev 4391) @@ -45,9 +45,10 @@ </tr> <tr> <td class="row1">${resource.Category}</td> - <td class="row2"> - <h:inputText id="Category" styleClass="post" size="25" value="#{adminController.category.title}" required="true"/> - &nbsp;<h:message for="Category" style="color:red" styleClass="liteoption"/>&nbsp; + <td class="row2"> + <h:inputText id="Category" styleClass="post" size="25" + value="#{adminController.categoryName}" required="true"/> + &nbsp;<h:message for="Category" style="color:red" styleClass="liteoption"/>&nbsp; </td> </tr> <tr> Modified: labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/index.xhtml =================================================================== --- labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/index.xhtml 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/forums/src/resources/portal-forums-war/views/admin/index.xhtml 2006-05-24 02:27:13 UTC (rev 4391) @@ -57,12 +57,15 @@ </span> </td> <td class="cat" align="center" valign="middle"> - <span class="gen"> - <h:outputLink value="#{forums:outputLink('/views/admin/editCategory.jsf',true)}"> - <f:param name="c" value="#{category.id}"/> - <h:outputText value="${resource.Edit}"/> - </h:outputLink> - </span> + <!-- security check to make sure this link should be displayed or not --> + <forums:isAllowed fragment="acl://editCategory/editLink"> + <span class="gen"> + <h:outputLink value="#{forums:outputLink('/views/admin/editCategory.jsf',true)}"> + <f:param name="c" value="#{category.id}"/> + <h:outputText value="${resource.Edit}"/> + </h:outputLink> + </span> + </forums:isAllowed> </td> <td class="cat" align="center" valign="middle"> <span class="gen"> Added: labs/jbossforums/trunk/thirdparty/facelets/lib/el-api.jar =================================================================== (Binary files differ) Property changes on: labs/jbossforums/trunk/thirdparty/facelets/lib/el-api.jar ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Added: labs/jbossforums/trunk/thirdparty/facelets/lib/jsf-facelets.jar =================================================================== (Binary files differ) Property changes on: labs/jbossforums/trunk/thirdparty/facelets/lib/jsf-facelets.jar ___________________________________________________________________ Name: svn:mime-type + application/octet-stream Modified: labs/jbossforums/trunk/tools/etc/buildfragments/libraries.ent =================================================================== --- labs/jbossforums/trunk/tools/etc/buildfragments/libraries.ent 2006-05-24 00:58:31 UTC (rev 4390) +++ labs/jbossforums/trunk/tools/etc/buildfragments/libraries.ent 2006-05-24 02:27:13 UTC (rev 4391) @@ -117,6 +117,13 @@ <filelist dir="${apache.myfaces.lib}" files="myfaces-api.jar,myfaces-impl.jar,tomahawk.jar"/> </path> + <!-- Facelets --> + <property name="facelets.root" value="${project.thirdparty}/facelets"/> + <property name="facelets.lib" value="${facelets.root}/lib"/> + <path id="facelets.classpath"> + <filelist dir="${facelets.lib}" files="jsf-facelets.jar,el-api.jar"/> + </path> + <!-- Hibernate --> <property name="jboss.hibernate.root" value="${project.thirdparty}/jboss-hibernate"/> <property name="jboss.hibernate.lib" value="${jboss.hibernate.root}/lib"/> |
