[seam-commits] Seam SVN: r7697 - in trunk/examples/seamspace: resources/META-INF and 2 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Tue Mar 25 20:43:27 EDT 2008
Author: shane.bryzak at jboss.com
Date: 2008-03-25 20:43:27 -0400 (Tue, 25 Mar 2008)
New Revision: 7697
Modified:
trunk/examples/seamspace/resources/META-INF/security-rules.drl
trunk/examples/seamspace/resources/WEB-INF/components.xml
trunk/examples/seamspace/resources/WEB-INF/pages.xml
trunk/examples/seamspace/resources/import.sql
trunk/examples/seamspace/resources/messages.properties
trunk/examples/seamspace/view/rolemanager.xhtml
trunk/examples/seamspace/view/usermanager.xhtml
Log:
security api updates
Modified: trunk/examples/seamspace/resources/META-INF/security-rules.drl
===================================================================
--- trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-03-26 00:43:27 UTC (rev 7697)
@@ -4,9 +4,8 @@
import java.security.Principal;
-import org.jboss.seam.security.management.SecurityContext;
import org.jboss.seam.security.management.UserAccount;
-import org.jboss.seam.security.PermissionCheck;
+import org.jboss.seam.security.permission.PermissionCheck;
import org.jboss.seam.security.Role;
import org.jboss.seam.example.seamspace.BlogComment;
@@ -16,10 +15,6 @@
import org.jboss.seam.example.seamspace.MemberFriend;
import org.jboss.seam.example.seamspace.MemberImage;
-function Member getAccountMember(UserAccount account) {
- return ((MemberAccount) account).getMember();
-}
-
rule ViewProfile
no-loop
activation-group "permissions"
@@ -76,9 +71,9 @@
no-loop
activation-group "permissions"
when
- ctx: SecurityContext()
- member: Member()
- check: PermissionCheck(target == member, action == "createBlog", granted == false, eval( member.equals(getAccountMember(ctx.userAccount))))
+ mbr: Member()
+ acct: MemberAccount(member == mbr)
+ check: PermissionCheck(target == mbr, action == "createBlog", granted == false)
then
check.grant();
end
@@ -87,8 +82,8 @@
no-loop
activation-group "permissions"
when
- ctx: SecurityContext()
- blog: MemberBlog(member : member, eval( member.equals(getAccountMember(ctx.userAccount))))
+ acct: MemberAccount()
+ blog: MemberBlog(member == acct.member)
check: PermissionCheck(target == blog, action == "insert", granted == false)
then
check.grant();
@@ -98,9 +93,9 @@
no-loop
activation-group "permissions"
when
- ctx: SecurityContext()
- member: Member()
- check: PermissionCheck(target == member, action == "createFriendComment", granted == false, eval( member.isFriend(getAccountMember(ctx.userAccount))))
+ acct: MemberAccount()
+ member: Member() //friends contains acct.member)
+ check: PermissionCheck(target == member, action == "createFriendComment", granted == false)
then
check.grant();
end
@@ -109,9 +104,9 @@
no-loop
activation-group "permissions"
when
- ctx: SecurityContext()
- member: Member()
- check: PermissionCheck(target == member, action == "createFriendRequest", granted == false, eval( !member.isFriend(getAccountMember(ctx.userAccount))) )
+ acct: MemberAccount()
+ member: Member() //friends not contains acct.member)
+ check: PermissionCheck(target == member, action == "createFriendRequest", granted == false)
then
check.grant();
end
Modified: trunk/examples/seamspace/resources/WEB-INF/components.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-03-26 00:43:27 UTC (rev 7697)
@@ -13,7 +13,7 @@
http://jboss.com/products/seam/persistence http://jboss.com/products/seam/persistence-2.1.xsd
http://jboss.com/products/seam/components http://jboss.com/products/seam/components-2.1.xsd
http://jboss.com/products/seam/security http://jboss.com/products/seam/security-2.1.xsd
- http://jboss.com/products/seam/security/management http://jboss.com/products/seam/identity-management-2.1.xsd
+ http://jboss.com/products/seam/security/management http://jboss.com/products/seam/security-2.1.xsd
http://jboss.com/products/seam/web http://jboss.com/products/seam/web-2.1.xsd
http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-2.1.xsd
http://jboss.com/products/seam/captcha http://jboss.com/products/seam/captcha-2.1.xsd">
@@ -26,8 +26,22 @@
<security:rule-based-permission-resolver security-rules="#{securityRules}"/>
- <identity-management:jpa-identity-store name="identityStore" account-class="org.jboss.seam.example.seamspace.MemberAccount"/>
+ <identity-management:jpa-identity-store name="identityStore" account-class="org.jboss.seam.example.seamspace.MemberAccount"/>
+ <!--security:ldap-identity-store name="identityStore"
+ server-address="60.241.32.50"
+ principal-DN-prefix="uid="
+ principal-DN-suffix=",ou=Person,dc=bryzak,dc=com"
+ bind-DN="cn=Manager,dc=bryzak,dc=com"
+ bind-credentials="secret"
+ user-context-DN="ou=Person,dc=bryzak,dc=com"
+ role-context-DN="ou=Roles,dc=bryzak,dc=com"
+ user-role-attribute="roles"
+ role-name-attribute="cn"
+ /-->
+
+ <security:jpa-permission-store name="accountPermissionStore" permission-class="org.jboss.seam.example.seamspace.Permission"/>
+
<drools:rule-base name="securityRules">
<drools:rule-files>
<value>/META-INF/security-rules.drl</value>
Modified: trunk/examples/seamspace/resources/WEB-INF/pages.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-03-26 00:43:27 UTC (rev 7697)
@@ -144,7 +144,7 @@
</navigation>
</page>
- <exception class="org.jboss.seam.security.NotLoggedInException" log="false">
+ <exception class="org.jboss.seam.security.NotLoggedInException" log="true" logLevel="info">
<redirect view-id="/register.xhtml">
<message severity="warn">You must be a member to use this feature</message>
</redirect>
Modified: trunk/examples/seamspace/resources/import.sql
===================================================================
--- trunk/examples/seamspace/resources/import.sql 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/resources/import.sql 2008-03-26 00:43:27 UTC (rev 7697)
@@ -5,7 +5,7 @@
insert into MemberAccount (accountid, username, enabled, accounttype, member_id) values (1, 'user', 1, 1, null);
insert into MemberAccount (accountid, username, enabled, accounttype, member_id) values (2, 'admin', 1, 1, null);
-insert into MemberAccount (accountid, username, passwordhash, enabled, accounttype, member_id) values (3, 'demo', 'ffd49efe97c77941fc149e1ab010fa8d', 1, 0, 1);
+insert into MemberAccount (accountid, username, passwordhash, enabled, accounttype, member_id) values (3, 'demo', '/9Se/pfHeUH8FJ4asBD6jQ==', 1, 0, 1);
insert into MemberAccount (accountid, username, passwordhash, enabled, accounttype, member_id) values (4, 'duke', '97291c29cc69a65890424d0f97db28f2', 1, 0, 2);
insert into MemberAccount (accountid, username, passwordhash, enabled, accounttype, member_id) values (5, 'shadowman', 'd76acda33fcfede62a8a6979df88e690', 1, 0, 3);
insert into MemberAccount (accountid, username, passwordhash, enabled, accounttype, member_id) values (6, 'mona', '0a7adfe58071398e15b5177f4ace8493', 1, 0, 4);
Modified: trunk/examples/seamspace/resources/messages.properties
===================================================================
--- trunk/examples/seamspace/resources/messages.properties 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/resources/messages.properties 2008-03-26 00:43:27 UTC (rev 7697)
@@ -1 +1 @@
-org.jboss.seam.loginSuccessful=Welcome, #{authenticatedMember.memberName}
\ No newline at end of file
+org.jboss.seam.loginSuccessful=Hi there, #{authenticatedMember.memberName}
\ No newline at end of file
Modified: trunk/examples/seamspace/view/rolemanager.xhtml
===================================================================
--- trunk/examples/seamspace/view/rolemanager.xhtml 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/view/rolemanager.xhtml 2008-03-26 00:43:27 UTC (rev 7697)
@@ -53,9 +53,9 @@
<s:fragment rendered="#{s:hasPermission('seam.account', 'update')}">
<s:link value="Edit" action="#{roleAction.editRole(roleSearch.selectedRole)}"/><span> | </span>
</s:fragment>
- <s:link value="Delete" action="#{identityManager.deleteAccount(roleSearch.selectedRole)}"
+ <s:link value="Delete" action="#{identityManager.deleteRole(roleSearch.selectedRole)}"
rendered="#{s:hasPermission('seam.account', 'delete')}"
- onclick="return confirmDelete()"/>
+ onclick="return confirmDelete()"/>
</rich:column>
</rich:dataTable>
</div>
Modified: trunk/examples/seamspace/view/usermanager.xhtml
===================================================================
--- trunk/examples/seamspace/view/usermanager.xhtml 2008-03-25 22:46:43 UTC (rev 7696)
+++ trunk/examples/seamspace/view/usermanager.xhtml 2008-03-26 00:43:27 UTC (rev 7697)
@@ -59,7 +59,7 @@
<s:fragment rendered="#{s:hasPermission('seam.account', 'update')}">
<s:link value="Edit" action="#{userAction.editUser(userSearch.selectedUser)}"/><span> | </span>
</s:fragment>
- <s:link value="Delete" action="#{identityManager.deleteAccount(userSearch.selectedUser)}"
+ <s:link value="Delete" action="#{identityManager.deleteUser(userSearch.selectedUser)}"
rendered="#{s:hasPermission('seam.account', 'delete')}"
onclick="return confirmDelete()"/>
</rich:column>
More information about the seam-commits
mailing list