[exo-jcr-commits] exo-jcr SVN: r5501 - in core/trunk: exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap and 1 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Tue Jan 24 05:54:12 EST 2012
Author: dkuleshov
Date: 2012-01-24 05:54:11 -0500 (Tue, 24 Jan 2012)
New Revision: 5501
Modified:
core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/GroupDAOImpl.java
core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipDAOImpl.java
core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipTypeDAOImpl.java
core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserDAOImpl.java
core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserProfileDAOImpl.java
core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/GroupDAOImpl.java
core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java
core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipTypeDAOImpl.java
core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserDAOImpl.java
core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserProfileDAOImpl.java
core/trunk/exo.core.component.security.core/src/main/java/org/exoplatform/services/security/PermissionConstants.java
Log:
EXOJCR-1716: protected all the methods that register or unregister the organization service listeners
* added new RuntimePermission - manageListeners
* added permissions checks for Ldap and Hibernate organization services
Modified: core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/GroupDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/GroupDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/GroupDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -19,12 +19,14 @@
package org.exoplatform.services.organization.hibernate;
import org.exoplatform.commons.exception.UniqueObjectException;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.database.HibernateService;
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.GroupEventListener;
import org.exoplatform.services.organization.GroupEventListenerHandler;
import org.exoplatform.services.organization.GroupHandler;
import org.exoplatform.services.organization.impl.GroupImpl;
+import org.exoplatform.services.security.PermissionConstants;
import org.hibernate.Query;
import org.hibernate.Session;
@@ -82,6 +84,7 @@
*/
public void addGroupEventListener(GroupEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.add(listener);
}
@@ -90,6 +93,7 @@
*/
public void removeGroupEventListener(GroupEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -21,6 +21,7 @@
import org.exoplatform.commons.utils.IdentifierUtil;
import org.exoplatform.commons.utils.ListAccess;
import org.exoplatform.commons.utils.ListenerStack;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.database.HibernateService;
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.Membership;
@@ -31,6 +32,7 @@
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.User;
import org.exoplatform.services.organization.impl.MembershipImpl;
+import org.exoplatform.services.security.PermissionConstants;
import org.hibernate.Session;
import java.util.Collection;
@@ -88,6 +90,7 @@
*/
public void addMembershipEventListener(MembershipEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.add(listener);
}
@@ -96,6 +99,7 @@
*/
public void removeMembershipEventListener(MembershipEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipTypeDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipTypeDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/MembershipTypeDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -18,12 +18,14 @@
*/
package org.exoplatform.services.organization.hibernate;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.database.HibernateService;
import org.exoplatform.services.organization.MembershipType;
import org.exoplatform.services.organization.MembershipTypeEventListener;
import org.exoplatform.services.organization.MembershipTypeEventListenerHandler;
import org.exoplatform.services.organization.MembershipTypeHandler;
import org.exoplatform.services.organization.impl.MembershipTypeImpl;
+import org.exoplatform.services.security.PermissionConstants;
import org.hibernate.Session;
import java.util.ArrayList;
@@ -155,6 +157,7 @@
*/
public void addMembershipTypeEventListener(MembershipTypeEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -163,6 +166,7 @@
*/
public void removeMembershipTypeEventListener(MembershipTypeEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -20,6 +20,7 @@
import org.exoplatform.commons.utils.LazyPageList;
import org.exoplatform.commons.utils.ListAccess;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.cache.CacheService;
import org.exoplatform.services.cache.ExoCache;
import org.exoplatform.services.database.HibernateService;
@@ -33,6 +34,7 @@
import org.exoplatform.services.organization.UserHandler;
import org.exoplatform.services.organization.impl.UserImpl;
import org.exoplatform.services.security.PasswordEncrypter;
+import org.exoplatform.services.security.PermissionConstants;
import org.hibernate.Session;
import java.util.ArrayList;
@@ -75,6 +77,7 @@
*/
public void addUserEventListener(UserEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.add(listener);
}
@@ -83,6 +86,7 @@
*/
public void removeUserEventListener(UserEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserProfileDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserProfileDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.jdbc/src/main/java/org/exoplatform/services/organization/hibernate/UserProfileDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -18,6 +18,7 @@
*/
package org.exoplatform.services.organization.hibernate;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.cache.CacheService;
import org.exoplatform.services.cache.ExoCache;
import org.exoplatform.services.database.HibernateService;
@@ -27,6 +28,7 @@
import org.exoplatform.services.organization.UserProfileHandler;
import org.exoplatform.services.organization.impl.UserProfileData;
import org.exoplatform.services.organization.impl.UserProfileImpl;
+import org.exoplatform.services.security.PermissionConstants;
import org.hibernate.Session;
import java.util.ArrayList;
@@ -67,6 +69,7 @@
*/
public void addUserProfileEventListener(UserProfileEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.add(listener);
}
@@ -75,6 +78,7 @@
*/
public void removeUserProfileEventListener(UserProfileEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners_.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/GroupDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/GroupDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/GroupDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -18,6 +18,7 @@
*/
package org.exoplatform.services.organization.ldap;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
@@ -28,6 +29,7 @@
import org.exoplatform.services.organization.GroupEventListenerHandler;
import org.exoplatform.services.organization.GroupHandler;
import org.exoplatform.services.organization.impl.GroupImpl;
+import org.exoplatform.services.security.PermissionConstants;
import java.util.ArrayList;
import java.util.Collection;
@@ -89,6 +91,7 @@
*/
public void addGroupEventListener(GroupEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -97,6 +100,7 @@
*/
public void removeGroupEventListener(GroupEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -19,6 +19,7 @@
package org.exoplatform.services.organization.ldap;
import org.exoplatform.commons.utils.ListAccess;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
@@ -33,6 +34,7 @@
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.User;
import org.exoplatform.services.organization.impl.MembershipImpl;
+import org.exoplatform.services.security.PermissionConstants;
import java.util.ArrayList;
import java.util.Collection;
@@ -99,6 +101,7 @@
*/
public void addMembershipEventListener(MembershipEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -107,6 +110,7 @@
*/
public void removeMembershipEventListener(MembershipEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipTypeDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipTypeDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/MembershipTypeDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -18,6 +18,7 @@
*/
package org.exoplatform.services.organization.ldap;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
@@ -28,6 +29,7 @@
import org.exoplatform.services.organization.MembershipTypeEventListenerHandler;
import org.exoplatform.services.organization.MembershipTypeHandler;
import org.exoplatform.services.organization.impl.MembershipTypeImpl;
+import org.exoplatform.services.security.PermissionConstants;
import java.util.ArrayList;
import java.util.Collection;
@@ -373,6 +375,7 @@
*/
public void addMembershipTypeEventListener(MembershipTypeEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -381,6 +384,7 @@
*/
public void removeMembershipTypeEventListener(MembershipTypeEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -20,6 +20,7 @@
import org.exoplatform.commons.utils.LazyPageList;
import org.exoplatform.commons.utils.ListAccess;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.organization.CacheHandler;
import org.exoplatform.services.organization.CacheHandler.CacheType;
@@ -30,6 +31,7 @@
import org.exoplatform.services.organization.UserEventListenerHandler;
import org.exoplatform.services.organization.UserHandler;
import org.exoplatform.services.organization.impl.UserImpl;
+import org.exoplatform.services.security.PermissionConstants;
import java.util.ArrayList;
import java.util.Collections;
@@ -96,6 +98,7 @@
*/
public void addUserEventListener(UserEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -104,6 +107,7 @@
*/
public void removeUserEventListener(UserEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserProfileDAOImpl.java
===================================================================
--- core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserProfileDAOImpl.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.organization.ldap/src/main/java/org/exoplatform/services/organization/ldap/UserProfileDAOImpl.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -18,6 +18,7 @@
*/
package org.exoplatform.services.organization.ldap;
+import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
@@ -28,6 +29,7 @@
import org.exoplatform.services.organization.UserProfileHandler;
import org.exoplatform.services.organization.impl.UserProfileData;
import org.exoplatform.services.organization.impl.UserProfileImpl;
+import org.exoplatform.services.security.PermissionConstants;
import java.util.ArrayList;
import java.util.Collection;
@@ -254,6 +256,7 @@
*/
public void addUserProfileEventListener(UserProfileEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.add(listener);
}
@@ -262,6 +265,7 @@
*/
public void removeUserProfileEventListener(UserProfileEventListener listener)
{
+ SecurityHelper.validateSecurityPermissions(new RuntimePermission[]{PermissionConstants.MANAGE_LISTENERS});
listeners.remove(listener);
}
Modified: core/trunk/exo.core.component.security.core/src/main/java/org/exoplatform/services/security/PermissionConstants.java
===================================================================
--- core/trunk/exo.core.component.security.core/src/main/java/org/exoplatform/services/security/PermissionConstants.java 2012-01-24 10:52:48 UTC (rev 5500)
+++ core/trunk/exo.core.component.security.core/src/main/java/org/exoplatform/services/security/PermissionConstants.java 2012-01-24 10:54:11 UTC (rev 5501)
@@ -37,4 +37,9 @@
public static final RuntimePermission MODIFY_CONVERSATION_STATE_PERMISSION =
new RuntimePermission("modifyConversationState");
+ /**
+ * Permission to manage (i.e. register/unregister) {@link Listener}
+ */
+ public static final RuntimePermission MANAGE_LISTENERS = new RuntimePermission("manageListeners");
+
}
More information about the exo-jcr-commits
mailing list