gatein SVN: r3652 - portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/javascript.
by do-not-reply@jboss.org
Author: julien_viet
Date: 2010-07-19 05:12:49 -0400 (Mon, 19 Jul 2010)
New Revision: 3652
Modified:
portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/javascript/JavascriptListener.java
Log:
mark a class for removal
Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/javascript/JavascriptListener.java
===================================================================
--- portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/javascript/JavascriptListener.java 2010-07-19 08:29:06 UTC (rev 3651)
+++ portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/javascript/JavascriptListener.java 2010-07-19 09:12:49 UTC (rev 3652)
@@ -23,6 +23,8 @@
import javax.servlet.ServletContextListener;
/**
+ * julien : remove me if we can
+ *
* Created by The eXo Platform SAS
* Jan 19, 2007
*/
14 years, 5 months
gatein SVN: r3651 - portal/trunk/component/web/src/main/java/org/exoplatform/web/application.
by do-not-reply@jboss.org
Author: julien_viet
Date: 2010-07-19 04:29:06 -0400 (Mon, 19 Jul 2010)
New Revision: 3651
Modified:
portal/trunk/component/web/src/main/java/org/exoplatform/web/application/ApplicationSession.java
Log:
mark a class for removal
Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/application/ApplicationSession.java
===================================================================
--- portal/trunk/component/web/src/main/java/org/exoplatform/web/application/ApplicationSession.java 2010-07-19 08:20:45 UTC (rev 3650)
+++ portal/trunk/component/web/src/main/java/org/exoplatform/web/application/ApplicationSession.java 2010-07-19 08:29:06 UTC (rev 3651)
@@ -19,6 +19,9 @@
package org.exoplatform.web.application;
+/**
+ * todo (julien) : remove that class that seem useless
+ */
abstract public class ApplicationSession
{
abstract public Object getAttribute(String name) throws Exception;
14 years, 5 months
gatein SVN: r3650 - portal/trunk/testsuite/testdefinitions.
by do-not-reply@jboss.org
Author: hangnguyen
Date: 2010-07-19 04:20:45 -0400 (Mon, 19 Jul 2010)
New Revision: 3650
Modified:
portal/trunk/testsuite/testdefinitions/GateIn_v3.1.0_BasicPortlets_TestDefinition.ods
Log:
Update test case for GateIn_v3.1.0GA
Modified: portal/trunk/testsuite/testdefinitions/GateIn_v3.1.0_BasicPortlets_TestDefinition.ods
===================================================================
(Binary files differ)
14 years, 5 months
gatein SVN: r3649 - portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium.
by do-not-reply@jboss.org
Author: hangnguyen
Date: 2010-07-19 02:47:19 -0400 (Mon, 19 Jul 2010)
New Revision: 3649
Added:
portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated.html
Log:
TESTVN-1006: Create new GateIn Selenium
Added: portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated.html
===================================================================
--- portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated.html (rev 0)
+++ portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated.html 2010-07-19 06:47:19 UTC (rev 3649)
@@ -0,0 +1,257 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<link rel="selenium.base" href="" />
+<title>Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+<thead>
+<tr><td rowspan="1" colspan="3">Test_PRL_03_05_004_CheckRefreshMembershipInCaseThereIsNewMembershipCreated</td></tr>
+</thead><tbody>
+<tr>
+ <td>open</td>
+ <td>/portal/public/classic/</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Check Refresh membership list in case there's new membership created while adding user into group--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>windowMaximize</td>
+ <td></td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Sign in</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>username</td>
+ <td></td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>username</td>
+ <td>root</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>password</td>
+ <td>gtn</td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>//div[@id='UIPortalLoginFormAction']/div/div/div</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Go to user and group management --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Users and groups management</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Choose Group management--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Customers</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Customers</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForTextPresent</td>
+ <td>member manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>verifyTextPresent</td>
+ <td>member manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Add new membership</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[3]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[3]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>name</td>
+ <td></td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>name</td>
+ <td>Test_PRL_03_05_004</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>description</td>
+ <td>Test_PRL_03_05_004</td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Check After Add new membership</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Click Refrsh--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//form[@id='UIGroupMembershipForm']/div[2]/div/table/tbody/tr[2]/td[2]/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//form[@id='UIGroupMembershipForm']/div[2]/div/table/tbody/tr[2]/td[2]/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForTextPresent</td>
+ <td>member Test_PRL_03_05_004 manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>verifyTextPresent</td>
+ <td>member Test_PRL_03_05_004 manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Delete membership--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[3]/div[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[3]/div[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//tr[2]/td[5]/div/img[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//tr[2]/td[5]/div/img[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>assertConfirmation</td>
+ <td>Are you sure you want to delete this membership?</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Check after delete membership--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Group Management</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Group Management</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Click Refresh--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//form[@id='UIGroupMembershipForm']/div[2]/div/table/tbody/tr[2]/td[2]/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//form[@id='UIGroupMembershipForm']/div[2]/div/table/tbody/tr[2]/td[2]/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForTextPresent</td>
+ <td>member manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>verifyTextPresent</td>
+ <td>member manager validator</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Sign out</td>
+ <td></td>
+</tr>
+
+</tbody></table>
+</body>
+</html>
14 years, 5 months
gatein SVN: r3648 - portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium.
by do-not-reply@jboss.org
Author: hangnguyen
Date: 2010-07-19 00:50:20 -0400 (Mon, 19 Jul 2010)
New Revision: 3648
Added:
portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone.html
Log:
TESTVN-1006: Create new GateIn Selenium
Added: portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone.html
===================================================================
--- portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone.html (rev 0)
+++ portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone.html 2010-07-19 04:50:20 UTC (rev 3648)
@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<link rel="selenium.base" href="" />
+<title>Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+<thead>
+<tr><td rowspan="1" colspan="3">Test_PRL_03_05_001_AdduserIntoGroupWithoutSpecifyAnyone</td></tr>
+</thead><tbody>
+<tr>
+ <td>open</td>
+ <td>/portal/public/classic/</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Add user into group without specify anyone--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>windowMaximize</td>
+ <td></td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Sign in</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>username</td>
+ <td></td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>username</td>
+ <td>root</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>password</td>
+ <td>gtn</td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>//div[@id='UIPortalLoginFormAction']/div/div/div/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Go to User and Group Management --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Users and groups management</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Choose Group management --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Customers</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Customers</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>membership</td>
+ <td></td>
+</tr>
+<tr>
+ <td>select</td>
+ <td>membership</td>
+ <td>label=manager</td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForTextPresent</td>
+ <td>The field "User Name" is required. </td>
+ <td></td>
+</tr>
+<tr>
+ <td>verifyTextPresent</td>
+ <td>The field "User Name" is required. </td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[2]/div[2]/div/div[2]/div/div/div/div/div/div[3]/div/table/tbody/tr/td/div/div/div/div/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[2]/div[2]/div/div[2]/div/div/div/div/div/div[3]/div/table/tbody/tr/td/div/div/div/div/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Sign out</td>
+ <td></td>
+</tr>
+
+</tbody></table>
+</body>
+</html>
14 years, 5 months
gatein SVN: r3647 - portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium.
by do-not-reply@jboss.org
Author: hangnguyen
Date: 2010-07-19 00:30:28 -0400 (Mon, 19 Jul 2010)
New Revision: 3647
Added:
portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself.html
Log:
TESTVN-1006: Create new GateIn Selenium
Added: portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself.html
===================================================================
--- portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself.html (rev 0)
+++ portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself.html 2010-07-19 04:30:28 UTC (rev 3647)
@@ -0,0 +1,212 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<link rel="selenium.base" href="" />
+<title>Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+<thead>
+<tr><td rowspan="1" colspan="3">Test_PRL_03_04_008_DeleteGroupWhenItIsBeingUsedByHimself</td></tr>
+</thead><tbody>
+<tr>
+ <td>open</td>
+ <td>/portal/public/classic/</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Delete group when it is being used by himself--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>windowMaximize</td>
+ <td></td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Sign in</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>username</td>
+ <td></td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>username</td>
+ <td>root</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>password</td>
+ <td>gtn</td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>//div[@id='UIPortalLoginFormAction']/div/div/div/a</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Go to User and group management --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Users and groups management</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Choose Group management--</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[1]/div/div/div/div/div/div/a[2]/div[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Add new group --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[3]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[3]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>groupName</td>
+ <td></td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>groupName</td>
+ <td>Test_PRL_03_04_008</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>label</td>
+ <td>Test_PRL_03_04_008</td>
+</tr>
+<tr>
+ <td>type</td>
+ <td>description</td>
+ <td>Test_PRL_03_04_008</td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>link=Save</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Click edit group --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[2]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Delete this group when it is being used --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>assertConfirmation</td>
+ <td>Are you sure you want to delete this group?</td>
+ <td></td>
+</tr>
+<tr>
+ <td>verifyTextPresent</td>
+ <td>You can't delete this group because it is being used by an other program.</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[2]/div[2]/div/div[2]/div/div/div/div/div/div[3]/div/table/tbody/tr/td/div/div/div/div</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[2]/div[2]/div/div[2]/div/div/div/div/div/div[3]/div/table/tbody/tr/td/div/div/div/div</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//form[@id='UIGroupForm']/div[2]/div/div/table/tbody/tr/td/div[2]/div/div/div</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//form[@id='UIGroupForm']/div[2]/div/div/table/tbody/tr/td/div[2]/div/div/div</td>
+ <td></td>
+</tr>
+<tr>
+ <td>echo</td>
+ <td>-- Delete group --</td>
+ <td></td>
+</tr>
+<tr>
+ <td>waitForElementPresent</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>click</td>
+ <td>//div[@id='UIOrganizationPortlet']/div[2]/div[2]/div[1]/div[2]/div[1]/div[1]/a[1]</td>
+ <td></td>
+</tr>
+<tr>
+ <td>assertConfirmation</td>
+ <td>Are you sure you want to delete this group?</td>
+ <td></td>
+</tr>
+<tr>
+ <td>clickAndWait</td>
+ <td>link=Sign out</td>
+ <td></td>
+</tr>
+
+</tbody></table>
+</body>
+</html>
14 years, 5 months
gatein SVN: r3646 - portal/branches/portalsecurity/portal.
by do-not-reply@jboss.org
Author: sohil.shah(a)jboss.com
Date: 2010-07-17 18:14:47 -0400 (Sat, 17 Jul 2010)
New Revision: 3646
Modified:
portal/branches/portalsecurity/portal/
Log:
svn:ignore
Property changes on: portal/branches/portalsecurity/portal
___________________________________________________________________
Name: svn:ignore
- target
*.iml
.idea
+ target
*.iml
.idea
.classpath
.project
14 years, 5 months
gatein SVN: r3645 - in portal/branches/portalsecurity/portal: src/main/java/org/exoplatform/portal/config and 6 other directories.
by do-not-reply@jboss.org
Author: sohil.shah(a)jboss.com
Date: 2010-07-17 17:08:59 -0400 (Sat, 17 Jul 2010)
New Revision: 3645
Added:
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/CreatePortal.java
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoEnforcementPoint.java
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoPolicyProvisioner.java
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoRoles.java
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/JBossSecurityPlugin.java
portal/branches/portalsecurity/portal/src/main/resources/META-INF/
portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component-mustmatchall.properties
portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component.properties
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/AbstractSecurityTest.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/BaseSharedPageACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestBootstrapSecurityPlugin.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestCreatePortalACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestGroupPageACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPageNavACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalConfigACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalPageACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestUserPageACL.java
portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/User.java
Modified:
portal/branches/portalsecurity/portal/pom.xml
portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/UserACL.java
Log:
code backup
Modified: portal/branches/portalsecurity/portal/pom.xml
===================================================================
--- portal/branches/portalsecurity/portal/pom.xml 2010-07-17 20:57:42 UTC (rev 3644)
+++ portal/branches/portalsecurity/portal/pom.xml 2010-07-17 21:08:59 UTC (rev 3645)
@@ -1,154 +1,167 @@
-<!--
- Copyright (C) 2009 eXo Platform SAS.
-
- This is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation; either version 2.1 of
- the License, or (at your option) any later version.
-
- This software is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this software; if not, write to the Free
- Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ <!--
--->
+ Copyright (C) 2009 eXo Platform SAS. This is free software; you can
+ redistribute it and/or modify it under the terms of the GNU Lesser
+ General Public License as published by the Free Software Foundation;
+ either version 2.1 of the License, or (at your option) any later
+ version. This software is distributed in the hope that it will be
+ useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details. You should have
+ received a copy of the GNU Lesser General Public License along with
+ this software; if not, write to the Free Software Foundation, Inc., 51
+ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF
+ site: http://www.fsf.org.
+ -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component</artifactId>
- <version>3.2.0-Beta01-SNAPSHOT</version>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <artifactId>exo.portal.component.portal</artifactId>
- <packaging>jar</packaging>
- <name>GateIn Portal Component Portal Data</name>
-
- <dependencies>
- <dependency>
- <groupId>org.exoplatform.core</groupId>
- <artifactId>exo.core.component.organization.jdbc</artifactId>
- <scope>compile</scope>
- </dependency>
-
- <dependency>
- <groupId>org.exoplatform.jcr</groupId>
- <artifactId>exo.jcr.component.ext</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.common</artifactId>
- </dependency>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component</artifactId>
+ <version>3.2.0-Beta01-SNAPSHOT</version>
+ </parent>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.web</artifactId>
- </dependency>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>exo.portal.component.portal</artifactId>
+ <packaging>jar</packaging>
+ <name>GateIn Portal Component Portal Data</name>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.pc</artifactId>
- </dependency>
+ <dependencies>
+ <dependency>
+ <groupId>org.exoplatform.core</groupId>
+ <artifactId>exo.core.component.organization.jdbc</artifactId>
+ <scope>compile</scope>
+ </dependency>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.identity</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.exoplatform.jcr</groupId>
+ <artifactId>exo.jcr.component.ext</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.gatein.mop</groupId>
- <artifactId>mop-api</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.common</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.gatein.mop</groupId>
- <artifactId>mop-spi</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.web</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.gatein.mop</groupId>
- <artifactId>mop-core</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.pc</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.picketlink.idm</groupId>
- <artifactId>picketlink-idm-core</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.identity</artifactId>
+ </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- <scope>provided</scope>
- </dependency>
+ <dependency>
+ <groupId>org.gatein.mop</groupId>
+ <artifactId>mop-api</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.chromattic</groupId>
- <artifactId>chromattic.core</artifactId>
- <scope>test</scope>
- </dependency>
+ <dependency>
+ <groupId>org.gatein.mop</groupId>
+ <artifactId>mop-spi</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.test.core</artifactId>
- <scope>test</scope>
- </dependency>
+ <dependency>
+ <groupId>org.gatein.mop</groupId>
+ <artifactId>mop-core</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.test.jcr</artifactId>
- <scope>test</scope>
- </dependency>
+ <dependency>
+ <groupId>org.picketlink.idm</groupId>
+ <artifactId>picketlink-idm-core</artifactId>
+ </dependency>
- <dependency>
- <groupId>org.exoplatform.portal</groupId>
- <artifactId>exo.portal.component.test.organization</artifactId>
- <scope>test</scope>
- </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.jibx</groupId>
- <artifactId>maven-jibx-plugin</artifactId>
- <version>${org.jibx.version}</version>
- <configuration>
- <directory>src/main/resources</directory>
- <includes>
- <includes>binding.xml</includes>
- </includes>
- </configuration>
- <executions>
- <execution>
- <goals>
- <goal>bind</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
+ <dependency>
+ <groupId>org.chromattic</groupId>
+ <artifactId>chromattic.core</artifactId>
+ <scope>test</scope>
+ </dependency>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>test-jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.test.core</artifactId>
+ <scope>test</scope>
+ </dependency>
- </plugins>
- </build>
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.test.jcr</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.exoplatform.portal</groupId>
+ <artifactId>exo.portal.component.test.organization</artifactId>
+ <scope>test</scope>
+ </dependency>
+
+ <!-- Authz Security component -->
+ <dependency>
+ <groupId>org.jboss.gatein.authz.service</groupId>
+ <artifactId>gatein.security.service</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>policy-server</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.security.authz</groupId>
+ <artifactId>agent</artifactId>
+ <version>trunk-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.jibx</groupId>
+ <artifactId>maven-jibx-plugin</artifactId>
+ <version>${org.jibx.version}</version>
+ <configuration>
+ <directory>src/main/resources</directory>
+ <includes>
+ <includes>binding.xml</includes>
+ </includes>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>bind</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>test-jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
+ </plugins>
+ </build>
</project>
Modified: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/UserACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/UserACL.java 2010-07-17 20:57:42 UTC (rev 3644)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/UserACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -25,6 +25,7 @@
import org.exoplatform.portal.config.model.Page;
import org.exoplatform.portal.config.model.PageNavigation;
import org.exoplatform.portal.config.model.PortalConfig;
+import org.exoplatform.portal.config.security.plugin.JBossSecurityPlugin;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.security.ConversationState;
@@ -68,6 +69,9 @@
private String adminGroups;
private String adminMSType;
+
+ //Authz Security Framework integration
+ private JBossSecurityPlugin securityPlugin;
@SuppressWarnings("unchecked")
public UserACL(InitParams params)
@@ -151,6 +155,10 @@
allGroups = md.getPortalCreateGroups();
}
portalCreatorGroups_ = defragmentPermission(allGroups);
+
+ //Start the Authz Security service
+ //this.securityPlugin = new JBossSecurityPlugin();
+ //this.securityPlugin.start();
}
// TODO: unnecessary to keep potalACLPlugin
Added: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/CreatePortal.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/CreatePortal.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/CreatePortal.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,46 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.exoplatform.portal.config.security.plugin;
+
+import org.jboss.security.authz.component.Component;
+import org.jboss.security.authz.component.ComponentType;
+import org.jboss.security.authz.component.ComponentCategory;
+
+import org.jboss.security.authz.components.action.Operation;
+
+/**
+ * Read represents a "read" action that can be performed on a Resource
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+@Component(
+ name="createPortal",
+ type=ComponentType.TARGET,
+ category=ComponentCategory.ACTION
+)
+public class CreatePortal extends Operation
+{
+ public CreatePortal()
+ {
+ this.name = "createPortal";
+ }
+}
Added: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoEnforcementPoint.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoEnforcementPoint.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoEnforcementPoint.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,275 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Collection;
+
+import org.apache.log4j.Logger;
+
+import org.exoplatform.portal.config.model.PortalConfig;
+import org.exoplatform.portal.config.model.PageNavigation;
+import org.exoplatform.portal.config.model.Page;
+import org.exoplatform.services.security.MembershipEntry;
+
+import org.jboss.security.authz.agent.enforcement.EnforcementContext;
+import org.jboss.security.authz.agent.enforcement.EnforcementResponse;
+import org.jboss.security.authz.agent.enforcement.PolicyEnforcementPoint;
+import org.jboss.security.authz.agent.enforcement.EnforcementException;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+import org.jboss.security.authz.components.subject.Identity;
+
+/**
+ * This EnforcementPoint is ok for the first phase of integration. This can be made much more flexible and much more decoupled from
+ * any direct knowledge of the Resource and Action Security Components. This clean decoupling is possible with an interceptor approach
+ *
+ * This will do the job and then more later
+ *
+ * @author soshah
+ *
+ */
+public final class ExoEnforcementPoint
+{
+ private static Logger log = Logger.getLogger(ExoEnforcementPoint.class);
+
+ private PolicyEnforcementPoint enforcer;
+ private ExoPolicyProvisioner policyProvisioner;
+
+ public ExoEnforcementPoint()
+ {
+
+ }
+
+ public void start()
+ {
+ log.debug("----------------------------------------------------------------");
+ log.debug("Exo-JBoss Policy Enforcement Point successfully started..............."+this.enforcer);
+ log.debug("----------------------------------------------------------------");
+ }
+
+ public void stop()
+ {
+
+ }
+
+ public PolicyEnforcementPoint getEnforcer()
+ {
+ return enforcer;
+ }
+
+ public void setEnforcer(PolicyEnforcementPoint enforcer)
+ {
+ this.enforcer = enforcer;
+ }
+
+ public ExoPolicyProvisioner getPolicyProvisioner()
+ {
+ return policyProvisioner;
+ }
+
+ public void setPolicyProvisioner(ExoPolicyProvisioner policyProvisioner)
+ {
+ this.policyProvisioner = policyProvisioner;
+ }
+ //-----------------------------------------------------------------------------------------------------------------------------------------
+ public boolean checkCreatePortalAccess(org.exoplatform.services.security.Identity user) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ CreatePortal action = new CreatePortal();
+ EnforcementContext context = this.generateEnforcementContext(user, action.getName());
+
+ context.setAttribute("action", action);
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkReadAccess(org.exoplatform.services.security.Identity user, PortalConfig portal) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "portal://"+portal.getName());
+
+ context.setAttribute("action", new Read());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkWriteAccess(org.exoplatform.services.security.Identity user, PortalConfig portal) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "portal://"+portal.getName());
+
+ context.setAttribute("action", new Write());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkReadAccess(org.exoplatform.services.security.Identity user, PageNavigation nav) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "pagenav://"+nav.getId());
+
+ context.setAttribute("action", new Read());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkWriteAccess(org.exoplatform.services.security.Identity user, PageNavigation nav) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "pagenav://"+nav.getId());
+
+ context.setAttribute("action", new Write());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkReadAccess(org.exoplatform.services.security.Identity user, Page page) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "page://"+page.getName());
+
+ context.setAttribute("action", new Read());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+
+ public boolean checkWriteAccess(org.exoplatform.services.security.Identity user, Page page) throws EnforcementException
+ {
+ try
+ {
+ // Create an EnforcementContext
+ EnforcementContext context = this.generateEnforcementContext(user, "page://"+page.getName());
+
+ context.setAttribute("action", new Write());
+
+ //Perform the access check and assert the response
+ EnforcementResponse response = this.enforcer.checkAccess(context);
+
+ return response.isAccessGranted();
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new EnforcementException(uriexception);
+ }
+ }
+ //----------------------------------------------------------------------------------------------------------------------------------------------
+ private EnforcementContext generateEnforcementContext(org.exoplatform.services.security.Identity user,
+ String resourceUri) throws URISyntaxException
+ {
+ EnforcementContext context = new EnforcementContext();
+
+ // Create Resource
+ URIResource portalRes = new URIResource();
+ portalRes.setUri(new URI(resourceUri));
+ context.setAttribute("resource", portalRes);
+
+ if(user != null && user.getUserId() != null)
+ {
+ // Create Identity
+ Identity identity = new Identity();
+ identity.setName(user.getUserId());
+ context.setAttribute("identity", identity);
+
+ // Create Roles
+ ExoRoles roles = new ExoRoles();
+ Collection<MembershipEntry> memberships = user.getMemberships();
+ if (memberships != null && !memberships.isEmpty())
+ {
+ for (MembershipEntry membership : memberships)
+ {
+ String roleName = membership.toString();
+ if(!this.policyProvisioner.isGuestGroup(roleName))
+ {
+ roles.addName(roleName);
+ }
+ else
+ {
+ roles.clear();
+ roles.addName(roleName);
+ break;
+ }
+ }
+ }
+
+ roles.addName("Everyone");
+ context.setAttribute("roles", roles);
+ }
+ else
+ {
+ ExoRoles roles = new ExoRoles();
+
+ // This is a guest user
+ roles.addName("*:"+this.policyProvisioner.getGuestGroup());
+ roles.addName(ExoRoles.ANONYMOUS);
+
+ roles.addName("Everyone");
+ context.setAttribute("roles", roles);
+ }
+
+ return context;
+ }
+}
Added: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoPolicyProvisioner.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoPolicyProvisioner.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoPolicyProvisioner.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,426 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.log4j.Logger;
+
+import org.exoplatform.portal.config.UserACL;
+import org.exoplatform.portal.config.model.PortalConfig;
+import org.exoplatform.portal.config.model.PageNavigation;
+import org.exoplatform.portal.config.model.Page;
+
+import org.jboss.security.authz.agent.provisioning.PolicyProvisioner;
+import org.jboss.security.authz.agent.provisioning.ProvisioningException;
+import org.jboss.security.authz.agent.services.CompositionContext;
+import org.jboss.security.authz.components.action.Read;
+import org.jboss.security.authz.components.action.Write;
+import org.jboss.security.authz.components.resource.URIResource;
+import org.jboss.security.authz.components.subject.Identity;
+import org.jboss.security.authz.model.Effect;
+import org.jboss.security.authz.model.Policy;
+
+/**
+ * @author soshah
+ *
+ */
+public final class ExoPolicyProvisioner
+{
+ private static Logger log = Logger.getLogger(ExoPolicyProvisioner.class);
+
+ private PolicyProvisioner policyProvisioner;
+
+ //Some static system configuration
+ private String superuser;
+ private List<String> portalCreatorGroups;
+ private String guestGroup;
+ private String navigationCreatorMembershipType;
+
+ public ExoPolicyProvisioner()
+ {
+
+ }
+
+ public void start()
+ {
+ log.debug("----------------------------------------------------------------");
+ log.debug("Exo-JBoss Policy Provisioner successfully started..............."+this.policyProvisioner);
+ log.debug("----------------------------------------------------------------");
+ }
+
+ public void stop()
+ {
+
+ }
+
+ public void debug()
+ {
+ this.printPolicyRepository();
+ }
+
+ public void initialize()
+ {
+ this.initializePolicyRepository();
+ }
+ //----------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public PolicyProvisioner getPolicyProvisioner()
+ {
+ return policyProvisioner;
+ }
+
+ public void setPolicyProvisioner(PolicyProvisioner policyProvisioner)
+ {
+ this.policyProvisioner = policyProvisioner;
+ }
+
+ public String getSuperuser()
+ {
+ return superuser;
+ }
+
+ public void setSuperuser(String superuser)
+ {
+ this.superuser = superuser;
+ }
+
+ public List<String> getPortalCreatorGroups()
+ {
+ return portalCreatorGroups;
+ }
+
+ public void setPortalCreatorGroups(List<String> portalCreatorGroups)
+ {
+ this.portalCreatorGroups = portalCreatorGroups;
+ }
+
+
+ public String getGuestGroup()
+ {
+ return guestGroup;
+ }
+
+ public void setGuestGroup(String guestGroup)
+ {
+ this.guestGroup = guestGroup;
+ }
+
+ public String getNavigationCreatorMembershipType()
+ {
+ return navigationCreatorMembershipType;
+ }
+
+ public void setNavigationCreatorMembershipType(
+ String navigationCreatorMembershipType)
+ {
+ this.navigationCreatorMembershipType = navigationCreatorMembershipType;
+ }
+ //---------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ public void provision(PortalConfig portal) throws ProvisioningException
+ {
+ try
+ {
+ CompositionContext context = new CompositionContext();
+
+ // SetUp Portal Resource to be protected
+ URIResource target = new URIResource();
+ target.setUri(new URI("portal://"+portal.getName()));
+ context.setPolicyTarget(target);
+
+ // Super User Rule
+ org.jboss.security.authz.components.subject.Identity superuser = new org.jboss.security.authz.components.subject.Identity();
+ superuser.setName(this.superuser);
+ context.addPolicyRule(Effect.PERMIT, new Write(), superuser);
+
+ // Read Access
+ if (portal.getAccessPermissions() != null
+ && portal.getAccessPermissions().length > 0)
+ {
+ ExoRoles readRoles = new ExoRoles();
+ String[] accessPermissions = portal.getAccessPermissions();
+ for (String accessPermission : accessPermissions)
+ {
+ if(!this.isGuestGroup(accessPermission))
+ {
+ readRoles.addName(accessPermission);
+ }
+ else
+ {
+ readRoles.addName("*:"+this.guestGroup);
+ }
+ }
+ if(!readRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, new Read(), readRoles,
+ "allowExpression");
+ }
+ }
+
+ // Write Access
+ String editPermission = portal.getEditPermission();
+ if (editPermission != null && editPermission.trim().length() > 0)
+ {
+ ExoRoles writeRoles = new ExoRoles();
+
+ if(!this.isGuestGroup(editPermission))
+ {
+ writeRoles.addName(editPermission);
+ }
+ else
+ {
+ //Guest
+ writeRoles.addName("*:"+this.guestGroup);
+ }
+ if(!writeRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, new Write(), writeRoles,
+ "allowExpression");
+ }
+ }
+
+ //Provision the Policy for this Portal
+ this.policyProvisioner.deploy(context);
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new ProvisioningException(uriexception);
+ }
+ }
+
+ public void provision(Page page) throws ProvisioningException
+ {
+ try
+ {
+ CompositionContext context = new CompositionContext();
+
+ // SetUp Resource
+ URIResource target = new URIResource();
+ target.setUri(new URI("page://"+page.getName()));
+ context.setPolicyTarget(target);
+
+ if(!page.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ //SuperUser Access
+ org.jboss.security.authz.components.subject.Identity superuser = new org.jboss.security.authz.components.subject.Identity();
+ superuser.setName(this.superuser);
+ context.addPolicyRule(Effect.PERMIT, new Write(), superuser);
+
+ // Read Access
+ if (page.getAccessPermissions() != null
+ && page.getAccessPermissions().length > 0)
+ {
+ ExoRoles readRoles = new ExoRoles();
+ String[] accessPermissions = page.getAccessPermissions();
+ for (String accessPermission : accessPermissions)
+ {
+ if(!this.isGuestGroup(accessPermission))
+ {
+ readRoles.addName(accessPermission);
+ }
+ else
+ {
+ //GuestGroup
+ readRoles.addName("*:"+this.guestGroup);
+ }
+ }
+ if(!readRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, new Read(), readRoles,
+ "allowExpression");
+ }
+ }
+
+ // Write Access
+ String editPermission = page.getEditPermission();
+ if (editPermission != null && editPermission.trim().length() > 0)
+ {
+ ExoRoles writeRoles = new ExoRoles();
+
+ if(!this.isGuestGroup(editPermission))
+ {
+ writeRoles.addName(editPermission);
+ }
+ else
+ {
+ //Guest
+ writeRoles.addName("*:"+this.guestGroup);
+ }
+ if(!writeRoles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, new Write(), writeRoles,
+ "allowExpression");
+ }
+ }
+ }
+ else
+ {
+ Identity identity = new Identity();
+ identity.setName(page.getOwnerId());
+ context.addPolicyRule(Effect.PERMIT, identity, identity);
+ }
+
+ this.policyProvisioner.deploy(context);
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new ProvisioningException(uriexception);
+ }
+ }
+
+ public void provision(PageNavigation pageNavigation) throws ProvisioningException
+ {
+ try
+ {
+ // Setup the Context for the Composition with these components
+ CompositionContext context = new CompositionContext();
+
+ // SetUp Resource
+ URIResource target = new URIResource();
+ target.setUri(new URI("pagenav://"+pageNavigation.getId()));
+ context.setPolicyTarget(target);
+
+ // Super User
+ org.jboss.security.authz.components.subject.Identity superuser = new org.jboss.security.authz.components.subject.Identity();
+ superuser.setName(this.superuser);
+ context.addPolicyRule(Effect.PERMIT, new Write(), superuser);
+
+ if(pageNavigation.getOwnerType().equals(PortalConfig.GROUP_TYPE))
+ {
+ ExoRoles roles = new ExoRoles();
+ StringBuilder buffer = new StringBuilder(this.navigationCreatorMembershipType+":");
+ if(pageNavigation.getOwnerId().startsWith("/"))
+ {
+ buffer.append(pageNavigation.getOwnerId());
+ }
+ else
+ {
+ buffer.append("/"+pageNavigation.getOwnerId());
+ }
+ String roleName = buffer.toString();
+
+ if(!this.isGuestGroup(roleName))
+ {
+ roles.addName(roleName);
+ }
+ else
+ {
+ //Guest
+ roles.addName("*:"+this.guestGroup);
+ }
+ if(!roles.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, new Write(), roles,
+ "allowExpression");
+ }
+ }
+ else if(pageNavigation.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ Identity identity = new Identity();
+ identity.setName(pageNavigation.getOwnerId());
+ context.addPolicyRule(Effect.PERMIT, new Write(), identity);
+ }
+
+ this.policyProvisioner.deploy(context);
+ }
+ catch(URISyntaxException uriexception)
+ {
+ throw new ProvisioningException(uriexception);
+ }
+ }
+
+ public boolean isGuestGroup(String accessStr)
+ {
+ UserACL.Permission permission = new UserACL.Permission();
+ permission.setPermissionExpression(accessStr);
+
+ if(permission.getGroupId().equals(this.guestGroup))
+ {
+ return true;
+ }
+
+ if(accessStr.indexOf('*') == -1 && accessStr.equals(this.guestGroup))
+ {
+ return true;
+ }
+
+
+ return false;
+ }
+ //----------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private void initializePolicyRepository()
+ {
+ try
+ {
+ //TODO: first introspect the PolicyRepository to make sure the CreatePortal policy is not already provisioned
+
+ CompositionContext context = new CompositionContext();
+
+ //Using the custom "CreatePortal" "Security Component"
+ CreatePortal action = new CreatePortal();
+ URIResource resource = new URIResource();
+ resource.setUri(new URI(action.getName()));
+ context.setPolicyTarget(resource);
+
+ // Super User... Supers Users have access to everything
+ org.jboss.security.authz.components.subject.Identity superuser = new org.jboss.security.authz.components.subject.Identity();
+ superuser.setName(this.superuser);
+ context.addPolicyRule(Effect.PERMIT, action, superuser);
+
+ // PortalCreators Group....
+ if(this.portalCreatorGroups != null && !this.portalCreatorGroups.isEmpty())
+ {
+ ExoRoles portalCreators = new ExoRoles();
+
+ for(String portalCreatorGroup: this.portalCreatorGroups)
+ {
+ if(portalCreatorGroup != null && portalCreatorGroup.trim().length()!=0)
+ {
+ portalCreators.addName(portalCreatorGroup);
+ }
+ }
+
+ if(!portalCreators.isEmpty())
+ {
+ context.addPolicyRule(Effect.PERMIT, action, portalCreators,
+ "allowExpression");
+ }
+ }
+
+ this.policyProvisioner.deploy(context);
+ }
+ catch(Throwable t)
+ {
+ log.error(this, t);
+ throw new RuntimeException(t);
+ }
+ }
+
+ private void printPolicyRepository()
+ {
+ try
+ {
+ //Assert Policy State of the Server
+ Set<Policy> policies = this.policyProvisioner.readAllPolicies();
+
+ if(policies != null)
+ {
+ log.info("------------------------------------------------------------------------------");
+ for(Policy storedPolicy: policies)
+ {
+ log.info(storedPolicy.generateSystemPolicy());
+ }
+ }
+ }
+ catch(Throwable t)
+ {
+ log.error(this, t);
+ throw new RuntimeException(t);
+ }
+ }
+}
+
+
Added: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoRoles.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoRoles.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/ExoRoles.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,181 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.io.IOException;
+
+import org.jboss.security.authz.component.Component;
+import org.jboss.security.authz.component.ComponentCategory;
+import org.jboss.security.authz.component.ComponentType;
+import org.jboss.security.authz.component.BooleanExpression;
+
+import org.jboss.security.authz.components.subject.Roles;
+
+import org.jboss.security.authz.tools.GeneralTool;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+@Component(name = "exo-roles", type = ComponentType.LOGIC, category = ComponentCategory.SUBJECT)
+public class ExoRoles extends Roles
+{
+ private static String logicExpression;
+ private static String logicExpressionMustMatchAll;
+
+ static
+ {
+ ExoRoles.loadLogicExpression();
+ ExoRoles.loadLogicExpressionMustMatchAll();
+ }
+
+ public ExoRoles()
+ {
+ }
+
+ @BooleanExpression
+ public String[] allowExpression()
+ {
+ String ruleReference = "roles://allowRule/"
+ + GeneralTool.generateUniqueId();
+
+ // Generate a Drools Rule Expression
+ String ruleLogic = this.generateRuleLogic();
+ ruleLogic = ruleLogic.replaceAll("<ruleReference>", ruleReference);
+
+ return new String[] { ruleReference, ruleLogic };
+ }
+
+ @BooleanExpression
+ public String[] denyExpression()
+ {
+ String ruleReference = "roles://denyRule/"
+ + GeneralTool.generateUniqueId();
+
+ // Generate a Drools Rule Expression
+ String ruleLogic = this.generateRuleLogic();
+ ruleLogic = ruleLogic.replaceAll("<ruleReference>", ruleReference);
+
+ return new String[] { ruleReference, ruleLogic };
+ }
+
+ private String generateRuleLogic()
+ {
+ // Generate a Drools Rule Expression
+ StringBuilder buffer = new StringBuilder();
+ for (String role : this.getNames())
+ {
+ buffer.append("\"" + role.toLowerCase() + "\"");
+ buffer.append(",");
+ }
+ String roleList = buffer.toString().trim();
+ roleList = roleList.substring(0, roleList.lastIndexOf(','));
+
+ String ruleLogic = null;
+ if (!this.mustMatchAll)
+ {
+ ruleLogic = this.logicExpression.replaceAll("<roleList>", roleList);
+ }
+ else
+ {
+ ruleLogic = this.logicExpressionMustMatchAll.replaceAll("<roleList>",
+ roleList);
+ }
+ return ruleLogic;
+ }
+
+ // -------------------------------------------------------------------------------------------------------------------------------------------
+ private static void loadLogicExpression()
+ {
+ BufferedReader reader = null;
+ try
+ {
+ reader = new BufferedReader(new InputStreamReader(Thread.currentThread()
+ .getContextClassLoader().getResourceAsStream(
+ "META-INF/exo-roles-component.properties")));
+ String buffer = null;
+ StringBuilder builder = new StringBuilder();
+ while ((buffer = reader.readLine()) != null)
+ {
+ builder.append(buffer);
+ builder.append("\n");
+ }
+
+ logicExpression = builder.toString().trim();
+ }
+ catch (IOException ioe)
+ {
+ throw new RuntimeException(ioe);
+ }
+ finally
+ {
+ if (reader != null)
+ {
+ try
+ {
+ reader.close();
+ }
+ catch (IOException ioe)
+ {
+ }
+ }
+ }
+ }
+
+ private static void loadLogicExpressionMustMatchAll()
+ {
+ BufferedReader reader = null;
+ try
+ {
+ reader = new BufferedReader(new InputStreamReader(Thread.currentThread()
+ .getContextClassLoader().getResourceAsStream(
+ "META-INF/exo-roles-component-mustmatchall.properties")));
+ String buffer = null;
+ StringBuilder builder = new StringBuilder();
+ while ((buffer = reader.readLine()) != null)
+ {
+ builder.append(buffer);
+ builder.append("\n");
+ }
+
+ logicExpressionMustMatchAll = builder.toString().trim();
+ }
+ catch (IOException ioe)
+ {
+ throw new RuntimeException(ioe);
+ }
+ finally
+ {
+ if (reader != null)
+ {
+ try
+ {
+ reader.close();
+ }
+ catch (IOException ioe)
+ {
+ }
+ }
+ }
+ }
+}
Added: portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/JBossSecurityPlugin.java
===================================================================
--- portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/JBossSecurityPlugin.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/java/org/exoplatform/portal/config/security/plugin/JBossSecurityPlugin.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,79 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2010, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.exoplatform.portal.config.security.plugin;
+
+import org.jboss.gatein.authz.service.SecurityService;
+
+//TODO: register this service with the kernel
+//For now just use it as a static singleton
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public final class JBossSecurityPlugin
+{
+ private static SecurityService securityService;
+
+ private ExoEnforcementPoint exoEnforcer;
+ private ExoPolicyProvisioner exoProvisioner;
+
+ static
+ {
+ securityService = new SecurityService();
+ }
+
+ public JBossSecurityPlugin()
+ {
+
+ }
+
+ public void start()
+ {
+ securityService.start();
+
+ //initialize the exo policy provisioner
+ this.exoProvisioner = new ExoPolicyProvisioner();
+ this.exoProvisioner.setPolicyProvisioner(securityService.getProvisioner());
+
+ //initialize the exo enforcement point
+ this.exoEnforcer = new ExoEnforcementPoint();
+ this.exoEnforcer.setEnforcer(securityService.getEnforcer());
+ this.exoEnforcer.setPolicyProvisioner(this.exoProvisioner);
+ }
+
+ public void stop()
+ {
+ securityService.stop();
+ }
+ //-------------------------------------------------------------------------------------------------------------------------------------------------------
+ public ExoEnforcementPoint getExoEnforcementPoint()
+ {
+ return this.exoEnforcer;
+ }
+
+ public ExoPolicyProvisioner getExoPolicyProvisioner()
+ {
+ return this.exoProvisioner;
+ }
+}
Added: portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component-mustmatchall.properties
===================================================================
--- portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component-mustmatchall.properties (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component-mustmatchall.properties 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,71 @@
+import java.util.Set
+import java.util.HashSet
+
+function boolean <function>(Set userRoles)
+{
+ String[] allowedRoles = new String[]{<roleList>};
+
+ for(Object local: userRoles)
+ {
+ String userRole = (String)local;
+ String[] userSplit = userRole.split(":");
+ String userMembershipType = null;
+ String userGroup = null;
+ if(userSplit.length < 2)
+ {
+ userMembershipType = "*";
+ userGroup = userRole;
+ }
+ else
+ {
+ userMembershipType = userSplit[0].trim();
+ userGroup = userSplit[1].trim();
+ }
+
+ for(String allowedRole: allowedRoles)
+ {
+ String[] allowedSplit = allowedRole.split(":");
+ String allowedMembershipType = null;
+ String allowedGroup = null;
+ if(allowedSplit.length < 2)
+ {
+ allowedMembershipType = "*";
+ allowedGroup = allowedRole;
+ }
+ else
+ {
+ allowedMembershipType = allowedSplit[0].trim();
+ allowedGroup = allowedSplit[1].trim();
+ }
+
+ if(userMembershipType.equals("*") || allowedMembershipType.equals("*"))
+ {
+ if(!userGroup.equals(allowedGroup))
+ {
+ return false;
+ }
+ }
+ else
+ {
+ if(!userMembershipType.equals(allowedMembershipType) || !userGroup.equals(allowedGroup))
+ {
+ return false;
+ }
+ }
+ }
+ }
+
+ return true;
+}
+
+rule "<ruleReference>"
+
+when
+$ruleName: String()
+$roles: HashSet()
+eval($ruleName.contains("<ruleReference>"))
+eval(<function>($roles))
+
+then
+insert(Boolean.TRUE);
+end
\ No newline at end of file
Added: portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component.properties
===================================================================
--- portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component.properties (rev 0)
+++ portal/branches/portalsecurity/portal/src/main/resources/META-INF/exo-roles-component.properties 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,71 @@
+import java.util.Set
+import java.util.HashSet
+
+function boolean <function>(Set userRoles)
+{
+ String[] allowedRoles = new String[]{<roleList>};
+
+ for(Object local: userRoles)
+ {
+ String userRole = (String)local;
+ String[] userSplit = userRole.split(":");
+ String userMembershipType = null;
+ String userGroup = null;
+ if(userSplit.length < 2)
+ {
+ userMembershipType = "*";
+ userGroup = userRole;
+ }
+ else
+ {
+ userMembershipType = userSplit[0].trim();
+ userGroup = userSplit[1].trim();
+ }
+
+ for(String allowedRole: allowedRoles)
+ {
+ String[] allowedSplit = allowedRole.split(":");
+ String allowedMembershipType = null;
+ String allowedGroup = null;
+ if(allowedSplit.length < 2)
+ {
+ allowedMembershipType = "*";
+ allowedGroup = allowedRole;
+ }
+ else
+ {
+ allowedMembershipType = allowedSplit[0].trim();
+ allowedGroup = allowedSplit[1].trim();
+ }
+
+ if(userMembershipType.equals("*") || allowedMembershipType.equals("*"))
+ {
+ if(userGroup.equals(allowedGroup))
+ {
+ return true;
+ }
+ }
+ else
+ {
+ if(userMembershipType.equals(allowedMembershipType) && userGroup.equals(allowedGroup))
+ {
+ return true;
+ }
+ }
+ }
+ }
+
+ return false;
+}
+
+rule "<ruleReference>"
+
+when
+$ruleName: String()
+$roles: HashSet()
+eval($ruleName.contains("<ruleReference>"))
+eval(<function>($roles))
+
+then
+insert(Boolean.TRUE);
+end
\ No newline at end of file
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/AbstractSecurityTest.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/AbstractSecurityTest.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/AbstractSecurityTest.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,239 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2010, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.exoplatform.portal.config.security.plugin;
+
+import org.apache.log4j.Logger;
+
+import org.exoplatform.portal.config.UserACL;
+import org.exoplatform.portal.config.UserACLMetaData;
+import org.exoplatform.portal.config.model.Page;
+import org.exoplatform.portal.config.model.PageNavigation;
+import org.exoplatform.portal.config.model.PortalConfig;
+import org.exoplatform.services.security.ConversationState;
+
+import junit.framework.TestCase;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public abstract class AbstractSecurityTest extends TestCase
+{
+ private static Logger log = Logger.getLogger(AbstractSecurityTest.class);
+
+ protected JBossSecurityPlugin securityPlugin;
+
+ User root, administrator, manager, user, guest;
+ UserACL ua;
+
+ @Override
+ protected void setUp() throws Exception
+ {
+ securityPlugin = new JBossSecurityPlugin();
+ securityPlugin.start();
+
+ // Setting up the initial state of data used during enforcement decisions
+ // Setup the UserACL instance
+ UserACLMetaData md = new UserACLMetaData();
+
+ // Super User and Guest configuration
+ md.setSuperUser("root");
+ md.setGuestsGroups("/platform/guests");
+
+ md.setPortalCreateGroups("*:/platform/administrators,*:/organization/management/executive-board");
+
+ md.setNavigationCreatorMembershipType("manager");
+
+ // Initializes the UserACL instance
+ this.ua = new UserACL(md);
+
+
+ // SetUp the mock identities
+ this.root = new User(this.ua.getSuperUser());
+
+ this.administrator = new User("administrator");
+ this.administrator.addMembership("whatever", "/platform/administrators");
+
+ this.manager = new User("manager");
+ this.manager.addMembership("manager", "/manageable");
+
+ this.user = new User("user");
+
+ this.guest = new User(null);
+ }
+
+ @Override
+ protected void tearDown() throws Exception
+ {
+ }
+
+ protected void checkCreatePortalAccess(User user, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasCreatePortalPermission();
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+
+ protected void checkReadAccess(User user, PortalConfig portal, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasPermission(portal);
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+
+ protected void checkWriteAccess(User user, PortalConfig portal, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasEditPermission(portal);
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+
+ protected void checkWriteAccess(User user, PageNavigation nav, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasEditPermission(nav);
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+
+ protected void checkReadAccess(User user, Page page, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasPermission(page);
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+
+ protected void checkWriteAccess(User user, Page page, boolean mustBePermitted) throws Exception
+ {
+ ConversationState.setCurrent(new ConversationState(user.getIdentity()));
+ try
+ {
+ boolean access = this.ua.hasEditPermission(page);
+
+ log.info("-----------------------------------");
+ log.info("Decision="+access);
+
+ if(mustBePermitted)
+ {
+ assertTrue("Access must be granted!!!", access);
+ }
+ else
+ {
+ assertFalse("Access must be denied!!!", access);
+ }
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/BaseSharedPageACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/BaseSharedPageACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/BaseSharedPageACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,450 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.Page;
+import org.exoplatform.portal.config.model.PortalConfig;
+
+/**
+ * @author soshah
+ *
+ */
+public abstract class BaseSharedPageACL extends AbstractSecurityTest
+{
+ protected abstract String getOwnerType();
+
+ public void testPage() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[0]);
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageAccessibleByEveryone() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[] { "Everyone" });
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page,false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page,true);
+ this.checkReadAccess(this.manager, page, true);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageEditableByEveryone() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[0]);
+ page.setEditPermission("Everyone");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, true);
+ this.checkWriteAccess(this.manager, page, true);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, true);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, true);
+ this.checkReadAccess(this.manager, page, true);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageAccessibleByGuests() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[]{exoPolicyProvisioner.getGuestGroup()});
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageEditableByGuests() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[0]);
+ page.setEditPermission(exoPolicyProvisioner.getGuestGroup());
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, true);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageAccessibleByEveryOneAndGuests() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[]{"Everyone", exoPolicyProvisioner.getGuestGroup()});
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, true);
+ this.checkReadAccess(this.manager, page, true);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageAccessibleByGuestsOnly() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[]{exoPolicyProvisioner.getGuestGroup()});
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ // Assert
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, true);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageWithAccessPermission() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[]{"*:/manageable"});
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, true);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+
+ public void testPageWithEditPermission() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ Page page = new Page();
+ page.setName("index");
+ page.setOwnerType(this.getOwnerType());
+ page.setOwnerId("user");
+ page.setAccessPermissions(new String[0]);
+ page.setEditPermission("*:/manageable");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(page);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ if(!this.getOwnerType().equals(PortalConfig.USER_TYPE))
+ {
+ this.checkWriteAccess(this.root, page, true);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, true);
+ this.checkWriteAccess(this.user, page, false);
+ this.checkWriteAccess(this.guest, page, false);
+
+ this.checkReadAccess(this.root, page, true);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, true);
+ this.checkReadAccess(this.user, page, false);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ else
+ {
+ this.checkWriteAccess(this.root, page, false);
+ this.checkWriteAccess(this.administrator, page, false);
+ this.checkWriteAccess(this.manager, page, false);
+ this.checkWriteAccess(this.user, page, true);
+ this.checkWriteAccess(this.guest, page, false);
+
+
+ this.checkReadAccess(this.root, page, false);
+ this.checkReadAccess(this.administrator, page, false);
+ this.checkReadAccess(this.manager, page, false);
+ this.checkReadAccess(this.user, page, true);
+ this.checkReadAccess(this.guest, page, false);
+ }
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestBootstrapSecurityPlugin.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestBootstrapSecurityPlugin.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestBootstrapSecurityPlugin.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,36 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2010, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.exoplatform.portal.config.security.plugin;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class TestBootstrapSecurityPlugin extends AbstractSecurityTest
+{
+ public void testBootstrap() throws Exception
+ {
+ assertNotNull(this.securityPlugin.getExoEnforcementPoint().getEnforcer());
+ assertNotNull(this.securityPlugin.getExoPolicyProvisioner().getPolicyProvisioner());
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestCreatePortalACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestCreatePortalACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestCreatePortalACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2003-2007 eXo Platform SAS.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Affero General Public License
+ * as published by the Free Software Foundation; either version 3
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see<http://www.gnu.org/licenses/>.
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+/**
+ * @author soshah
+ *
+ */
+public class TestCreatePortalACL extends AbstractSecurityTest
+{
+ public void testCreatePortal() throws Exception
+ {
+ // Generate an EnforcementContext to see if the superuser and administrator
+ // are allowed to create a Portal...Result: They should be
+ this.checkCreatePortalAccess(this.root, true);
+ this.checkCreatePortalAccess(this.administrator, true);
+
+ // Generate an EnforcementContext to see if a standard manager and a regular
+ // user are allowed to create a Portal..Result: They shouldn't be
+ this.checkCreatePortalAccess(this.manager, false);
+ this.checkCreatePortalAccess(this.user, false);
+ this.checkCreatePortalAccess(this.guest, false);
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestGroupPageACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestGroupPageACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestGroupPageACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,18 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.PortalConfig;
+
+/**
+ * @author soshah
+ *
+ */
+public class TestGroupPageACL extends BaseSharedPageACL
+{
+ public String getOwnerType()
+ {
+ return PortalConfig.GROUP_TYPE;
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPageNavACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPageNavACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPageNavACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,111 @@
+/*
+ * Copyright (C) 2003-2007 eXo Platform SAS.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Affero General Public License
+ * as published by the Free Software Foundation; either version 3
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see<http://www.gnu.org/licenses/>.
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.PageNavigation;
+import org.exoplatform.portal.config.model.PortalConfig;
+
+
+/**
+ *
+ * @author soshah
+ *
+ */
+public class TestPageNavACL extends AbstractSecurityTest
+{
+
+ public void testNavEditByManagerGroup() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ PageNavigation nav = new PageNavigation();
+ nav.setOwnerType(PortalConfig.GROUP_TYPE);
+ nav.setOwnerId("manageable");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(nav);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, nav, true);
+ this.checkWriteAccess(this.administrator, nav, false);
+ this.checkWriteAccess(this.manager, nav, true);
+ this.checkWriteAccess(this.user, nav, false);
+ this.checkWriteAccess(this.guest, nav, false);
+ }
+
+ public void testNavEditByFooGroup() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PageNavigation nav = new PageNavigation();
+ nav.setOwnerType(PortalConfig.GROUP_TYPE);
+ nav.setOwnerId("foo");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(nav);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, nav, true);
+ this.checkWriteAccess(this.administrator, nav, false);
+ this.checkWriteAccess(this.manager, nav, false);
+ this.checkWriteAccess(this.user, nav, false);
+ this.checkWriteAccess(this.guest, nav, false);
+ }
+
+ public void testNavEditByUser() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PageNavigation nav = new PageNavigation();
+ nav.setOwnerType(PortalConfig.USER_TYPE);
+ nav.setOwnerId("user");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(nav);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, nav, true);
+ this.checkWriteAccess(this.administrator, nav, false);
+ this.checkWriteAccess(this.manager, nav, false);
+ this.checkWriteAccess(this.user, nav, true);
+ this.checkWriteAccess(this.guest, nav, false);
+ }
+
+ public void testNavEditByGuest() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PageNavigation nav = new PageNavigation();
+ nav.setOwnerType(PortalConfig.GROUP_TYPE);
+ nav.setOwnerId(exoPolicyProvisioner.getGuestGroup());
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(nav);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, nav, true);
+ this.checkWriteAccess(this.administrator, nav, false);
+ this.checkWriteAccess(this.manager, nav, false);
+ this.checkWriteAccess(this.user, nav, false);
+ this.checkWriteAccess(this.guest, nav, true);
+ }
+}
\ No newline at end of file
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalConfigACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalConfigACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalConfigACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,144 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.PortalConfig;
+
+/**
+ * @author soshah
+ *
+ */
+public class TestPortalConfigACL extends AbstractSecurityTest
+{
+ public void testPortalRootAccessOnly() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+
+ PortalConfig portal = new PortalConfig();
+ portal.setName("foo");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(portal);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, portal, true);
+ this.checkWriteAccess(this.administrator, portal, false);
+ this.checkWriteAccess(this.manager, portal,false);
+ this.checkWriteAccess(this.user, portal, false);
+ this.checkWriteAccess(this.guest, portal, false);
+
+ this.checkReadAccess(this.root, portal, true);
+ this.checkReadAccess(this.administrator, portal,false);
+ this.checkReadAccess(this.manager, portal, false);
+ this.checkReadAccess(this.user, portal, false);
+ this.checkReadAccess(this.guest, portal, false);
+ }
+
+ public void testPortalOnlyReadAccess() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PortalConfig portal = new PortalConfig();
+ portal.setName("foo");
+ portal.setAccessPermissions(new String[] { "manager:/manageable" });
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(portal);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, portal, true);
+ this.checkWriteAccess(this.administrator, portal, false);
+ this.checkWriteAccess(this.manager, portal,false);
+ this.checkWriteAccess(this.user, portal, false);
+ this.checkWriteAccess(this.guest, portal, false);
+
+ this.checkReadAccess(this.root, portal, true);
+ this.checkReadAccess(this.administrator, portal,false);
+ this.checkReadAccess(this.manager, portal, true);
+ this.checkReadAccess(this.user, portal, false);
+ this.checkReadAccess(this.guest, portal, false);
+ }
+
+ public void testPortalEditableAndReadImplied() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PortalConfig portal = new PortalConfig();
+ portal.setName("foo");
+ portal.setEditPermission("manager:/manageable");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(portal);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, portal, true);
+ this.checkWriteAccess(this.administrator, portal, false);
+ this.checkWriteAccess(this.manager, portal, true);
+ this.checkWriteAccess(this.user, portal, false);
+ this.checkWriteAccess(this.guest, portal, false);
+
+ this.checkReadAccess(this.root, portal, true);
+ this.checkReadAccess(this.administrator, portal,false);
+ this.checkReadAccess(this.manager, portal, true);
+ this.checkReadAccess(this.user, portal, false);
+ this.checkReadAccess(this.guest, portal, false);
+ }
+
+ public void testPortalReadAndEditableExplicit() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PortalConfig portal = new PortalConfig();
+ portal.setName("foo");
+ portal.setAccessPermissions(new String[] { "manager:/manageable" });
+ portal.setEditPermission("manager:/manageable");
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(portal);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, portal, true);
+ this.checkWriteAccess(this.administrator, portal, false);
+ this.checkWriteAccess(this.manager, portal, true);
+ this.checkWriteAccess(this.user, portal, false);
+ this.checkWriteAccess(this.guest, portal, false);
+
+ this.checkReadAccess(this.root, portal, true);
+ this.checkReadAccess(this.administrator, portal,false);
+ this.checkReadAccess(this.manager, portal, true);
+ this.checkReadAccess(this.user, portal, false);
+ this.checkReadAccess(this.guest, portal, false);
+ }
+
+ public void testGuestAllowedEdit() throws Exception
+ {
+ ExoPolicyProvisioner exoPolicyProvisioner = this.securityPlugin.getExoPolicyProvisioner();
+ PortalConfig portal = new PortalConfig();
+ portal.setName("foo");
+ portal.setEditPermission(exoPolicyProvisioner.getGuestGroup());
+
+ //Provision the Policy for this Resource
+ exoPolicyProvisioner.provision(portal);
+
+ //Debug
+ exoPolicyProvisioner.debug();
+
+ this.checkWriteAccess(this.root, portal, true);
+ this.checkWriteAccess(this.administrator, portal, false);
+ this.checkWriteAccess(this.manager, portal, false);
+ this.checkWriteAccess(this.user, portal, false);
+ this.checkWriteAccess(this.guest, portal, true);
+
+ this.checkReadAccess(this.root, portal, true);
+ this.checkReadAccess(this.administrator, portal,false);
+ this.checkReadAccess(this.manager, portal, false);
+ this.checkReadAccess(this.user, portal, false);
+ this.checkReadAccess(this.guest, portal, true);
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalPageACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalPageACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestPortalPageACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,18 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.PortalConfig;
+
+/**
+ * @author soshah
+ *
+ */
+public class TestPortalPageACL extends BaseSharedPageACL
+{
+ public String getOwnerType()
+ {
+ return PortalConfig.PORTAL_TYPE;
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestUserPageACL.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestUserPageACL.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/TestUserPageACL.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,18 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import org.exoplatform.portal.config.model.PortalConfig;
+
+/**
+ * @author soshah
+ *
+ */
+public class TestUserPageACL extends BaseSharedPageACL
+{
+ public String getOwnerType()
+ {
+ return PortalConfig.USER_TYPE;
+ }
+}
Added: portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/User.java
===================================================================
--- portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/User.java (rev 0)
+++ portal/branches/portalsecurity/portal/src/test/java/org/exoplatform/portal/config/security/plugin/User.java 2010-07-17 21:08:59 UTC (rev 3645)
@@ -0,0 +1,100 @@
+/**
+ *
+ */
+package org.exoplatform.portal.config.security.plugin;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import org.exoplatform.services.security.ConversationState;
+import org.exoplatform.services.security.Identity;
+import org.exoplatform.services.security.MembershipEntry;
+
+/**
+ * @author soshah
+ *
+ */
+class User
+{
+ private final Identity identity;
+
+ User(String id)
+ {
+ if (id != null)
+ {
+ Collection<String> roles = Collections.emptySet();
+ Set<MembershipEntry> memberships = new HashSet<MembershipEntry>();
+ identity = new Identity(id, memberships, roles);
+ }
+ else
+ {
+ identity = null;
+ }
+ }
+
+ public Identity getIdentity()
+ {
+ return this.identity;
+ }
+
+ public String getId()
+ {
+ return identity != null ? identity.getUserId() : null;
+ }
+
+ public void addMembership(String type, String group)
+ {
+ identity.getMemberships().add(new MembershipEntry(group, type));
+ }
+
+ public void removeMembership(String type, String group)
+ {
+ for (Iterator<MembershipEntry> i = identity.getMemberships().iterator(); i
+ .hasNext();)
+ {
+ MembershipEntry membership = i.next();
+ if (type == null || type.equals(membership.getMembershipType()))
+ {
+ if (group == null || group.equals(membership.getGroup()))
+ {
+ i.remove();
+ }
+ }
+ }
+ }
+
+ public Collection<MembershipEntry> getMemberships()
+ {
+ if (this.identity != null)
+ {
+ return this.identity.getMemberships();
+ }
+ return null;
+ }
+
+ public void removeMembershipByType(String type)
+ {
+ removeMembership(type, null);
+ }
+
+ public void removeMembershipByGroup(String group)
+ {
+ removeMembership(null, group);
+ }
+
+ public void run(Runnable runnable)
+ {
+ ConversationState.setCurrent(new ConversationState(identity));
+ try
+ {
+ runnable.run();
+ }
+ finally
+ {
+ ConversationState.setCurrent(null);
+ }
+ }
+}
14 years, 5 months
gatein SVN: r3644 - portal/branches/portalsecurity.
by do-not-reply@jboss.org
Author: sohil.shah(a)jboss.com
Date: 2010-07-17 16:57:42 -0400 (Sat, 17 Jul 2010)
New Revision: 3644
Added:
portal/branches/portalsecurity/portal/
Log:
portal security poc
Copied: portal/branches/portalsecurity/portal (from rev 3643, portal/trunk/component/portal)
14 years, 5 months
gatein SVN: r3643 - portal/branches.
by do-not-reply@jboss.org
Author: sohil.shah(a)jboss.com
Date: 2010-07-17 16:55:16 -0400 (Sat, 17 Jul 2010)
New Revision: 3643
Added:
portal/branches/portalsecurity/
Log:
portal security poc
14 years, 5 months