Author: sohil.shah(a)jboss.com
Date: 2009-01-13 22:17:52 -0500 (Tue, 13 Jan 2009)
New Revision: 12492
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml
Log:
some transaction refactoring
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
===================================================================
---
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2009-01-13
21:34:32 UTC (rev 12491)
+++
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2009-01-14
03:17:52 UTC (rev 12492)
@@ -167,7 +167,7 @@
{
this.cmsSessionFactory = cmsSessionFactory;
}
-
+
//-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
/**
*
*/
@@ -218,7 +218,160 @@
return invocation.invokeNext();
}
}
+
+ /**
+ *
+ */
+ public void start() throws Exception
+ {
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
+ Transaction tx = session.beginTransaction();
+ try
+ {
+ log.info("AuthorizationManager initialized=" +
this.authorizationManager);
+
+ if (this.jndiName != null)
+ {
+ this.jndiBinding = new JNDI.Binding(jndiName, this);
+ this.jndiBinding.bind();
+ }
+
+
+ this.initRoleModule();
+
+ //check and see if cms permissions exist...if not, boot it with the default policy
+ //specified in the configuration
+ if (!this.isBootRequired())
+ {
+ return;
+ }
+
+ //go ahead and boot the cms access policy with default policy specified in the
configuration
+ this.storeBootPolicy();
+
+ tx.commit();
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+
+ if(tx != null)
+ {
+ tx.rollback();
+ }
+
+ throw e;
+ }
+ finally
+ {
+ if(session != null && session.isOpen())
+ {
+ session.close();
+ }
+ }
+ }
+ /** @throws Exception */
+ public void stop() throws Exception
+ {
+ if (this.jndiBinding != null)
+ {
+ this.jndiBinding.unbind();
+ this.jndiBinding = null;
+ }
+ }
+
+ /**
+ * This turns off acl security only for a particular thread. This is used by system
level operations that need to
+ * integrate with the CMS
+ * <p/>
+ * Example is: the workflow daemon that publishes a content as live when a manager
approves it. Without turning this
+ * off, the daemon thread is running in Anonymous mode which obviously does not have
the rights to publish the
+ * content
+ */
+ private static ThreadLocal turnOff = new ThreadLocal();
+
+ public static void turnOff()
+ {
+ ACLInterceptor.turnOff.set(new Boolean(true));
+ }
+
+ public static void turnOn()
+ {
+ ACLInterceptor.turnOff.set(null);
+ }
+
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+ private void initRoleModule() throws Exception
+ {
+ try
+ {
+ roleModule = (RoleModule)new
InitialContext().lookup("java:portal/RoleModule");
+ }
+ catch (NamingException e)
+ {
+ log.error("Cannot obtain RoleModule from JNDI: ", e);
+ throw e;
+ }
+ }
+
+ private void storeBootPolicy() throws Exception
+ {
+ InputStream is = null;
+ try
+ {
+ //process the specified defaultPolicy
+ is = new ByteArrayInputStream(this.defaultPolicy.getBytes());
+ Document document =
DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(is);
+
+ NodeList criteria = document.getElementsByTagName("criteria");
+ if (criteria != null)
+ {
+ for (int i = 0; i < criteria.getLength(); i++)
+ {
+ Element criteriaElem = (Element)criteria.item(i);
+ String name = criteriaElem.getAttribute("name");
+ String value = criteriaElem.getAttribute("value");
+
+ //permission setup
+ NodeList permissions =
criteriaElem.getElementsByTagName("permission");
+ if (permissions != null)
+ {
+ Session session = null;
+ Transaction tx = null;
+ Collection parsedPermissions =
this.parseDefaultPermissions(permissions);
+ try
+ {
+ session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
+ tx = session.beginTransaction();
+ for (Iterator itr = parsedPermissions.iterator(); itr.hasNext();)
+ {
+ Permission permission = (Permission)itr.next();
+ permission.addCriteria(new Criteria(name, value));
+ Set securityBinding = new HashSet();
+ securityBinding.add(permission);
+ this.authorizationManager.getProvider().setSecurityBindings(null,
securityBinding);
+ }
+ }
+ catch (Exception e)
+ {
+ if(tx != null)
+ {
+ tx.rollback();
+ }
+ }
+ }
+ }
+ }
+ }
+ finally
+ {
+ if (is != null)
+ {
+ is.close();
+ }
+ }
+ }
+
/**
* Filters any files/folders based on the user's access. The filter is applied to
folders/files returned by invoking
* a CMS command
@@ -302,106 +455,8 @@
return filteredResponse;
}
- /**
- *
- */
- public void start() throws Exception
- {
- log.info("AuthorizationManager initialized=" +
this.authorizationManager);
+
- if (this.jndiName != null)
- {
- this.jndiBinding = new JNDI.Binding(jndiName, this);
- this.jndiBinding.bind();
- }
-
-
- try
- {
- roleModule = (RoleModule)new
InitialContext().lookup("java:portal/RoleModule");
- }
- catch (NamingException e)
- {
- log.error("Cannot obtain RoleModule from JNDI: ", e);
- throw e;
- }
-
- //check and see if cms permissions exist...if not, boot it with the default policy
- //specified in the configuration
- if (!this.isBootRequired())
- {
- return;
- }
-
- //go ahead and boot the cms access policy with default policy specified in the
configuration
- InputStream is = null;
- try
- {
- //process the specified defaultPolicy
- is = new ByteArrayInputStream(this.defaultPolicy.getBytes());
- Document document =
DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(is);
-
- NodeList criteria = document.getElementsByTagName("criteria");
- if (criteria != null)
- {
- for (int i = 0; i < criteria.getLength(); i++)
- {
- Element criteriaElem = (Element)criteria.item(i);
- String name = criteriaElem.getAttribute("name");
- String value = criteriaElem.getAttribute("value");
-
- //permission setup
- NodeList permissions =
criteriaElem.getElementsByTagName("permission");
- if (permissions != null)
- {
- Session session = null;
- Transaction tx = null;
- Collection parsedPermissions =
this.parseDefaultPermissions(permissions);
- try
- {
- session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
- tx = session.beginTransaction();
- for (Iterator itr = parsedPermissions.iterator(); itr.hasNext();)
- {
- Permission permission = (Permission)itr.next();
- permission.addCriteria(new Criteria(name, value));
- Set securityBinding = new HashSet();
- securityBinding.add(permission);
- this.authorizationManager.getProvider().setSecurityBindings(null,
securityBinding);
- }
- tx.commit();
- }
- catch (Exception e)
- {
- tx.rollback();
- }
- finally
- {
- HibernateUtil.closeSession(session);
- }
- }
- }
- }
- }
- finally
- {
- if (is != null)
- {
- is.close();
- }
- }
- }
-
- /** @throws Exception */
- public void stop() throws Exception
- {
- if (this.jndiBinding != null)
- {
- this.jndiBinding.unbind();
- this.jndiBinding = null;
- }
- }
-
/**
* Parses and produces Permission objects for the default policy
*
@@ -450,30 +505,16 @@
* @return
*/
private Role getRole(String name) throws Exception
- {
- Role role = null;
-
- //since this is at app start up and not on user thread...need to create a
transaction context.
- InitialContext context = new InitialContext();
- SessionFactory sessionFactory =
(SessionFactory)context.lookup(this.identitySessionFactory);
- Session session = sessionFactory.openSession();
- Transaction tx = session.beginTransaction();
- try
- {
- role = this.roleModule.findRoleByName(name);
- tx.commit();
- }
- catch (Exception e)
- {
- tx.rollback();
- role = null;
- }
- finally
- {
- session.close();
- }
-
- return role;
+ {
+ try
+ {
+ return this.roleModule.findRoleByName(name);
+ }
+ catch(Exception e)
+ {
+ log.debug(this, e);
+ return null;
+ }
}
/**
@@ -486,7 +527,7 @@
boolean bootRequired = false;
String hsqlQuery = "select count(permission) from
org.jboss.portal.cms.security.Permission as permission";
- Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
Transaction tx = session.beginTransaction();
try
{
@@ -496,37 +537,15 @@
{
bootRequired = true;
}
- tx.commit();
}
catch(Exception e)
{
- tx.rollback();
- }
- finally
- {
- HibernateUtil.closeSession(session);
- }
+ if(tx != null)
+ {
+ tx.rollback();
+ }
+ }
return bootRequired;
- }
-
- /**
- * This turns off acl security only for a particular thread. This is used by system
level operations that need to
- * integrate with the CMS
- * <p/>
- * Example is: the workflow daemon that publishes a content as live when a manager
approves it. Without turning this
- * off, the daemon thread is running in Anonymous mode which obviously does not have
the rights to publish the
- * content
- */
- private static ThreadLocal turnOff = new ThreadLocal();
-
- public static void turnOff()
- {
- ACLInterceptor.turnOff.set(new Boolean(true));
- }
-
- public static void turnOn()
- {
- ACLInterceptor.turnOff.set(null);
- }
+ }
}
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
===================================================================
---
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2009-01-13
21:34:32 UTC (rev 12491)
+++
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2009-01-14
03:17:52 UTC (rev 12492)
@@ -234,27 +234,23 @@
if (adminUser == null)
{
- Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
Transaction tx = session.beginTransaction();
try
{
adminUser = this.userModule.findUserByUserName(this.cmsRootUserName);
- tx.commit();
}
catch(Exception e)
{
- tx.rollback();
+ if(tx != null)
+ {
+ tx.rollback();
+ }
throw new RuntimeException(e);
- }
- finally
- {
- HibernateUtil.closeSession(session);
- }
+ }
}
return adminUser;
-
-
}
/**
@@ -426,8 +422,7 @@
*/
private Collection findPermissionsByUser(String userId)
{
- Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
- Transaction tx = session.beginTransaction();
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
try
{
Collection permissions = new HashSet();
@@ -482,20 +477,13 @@
}
}
}
-
- tx.commit();
-
return permissions;
}
catch (Exception e)
{
- tx.rollback();
+ log.error(this, e);
throw new RuntimeException(e);
- }
- finally
- {
- HibernateUtil.closeSession(session);
- }
+ }
}
/**
@@ -510,8 +498,7 @@
String lookupByRole = "SELECT permission from Permission permission JOIN
permission.roleAssoc role WHERE role.roleId=?";
- Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
- Transaction tx = session.beginTransaction();
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
try
{
// perform lookup by explicitly specified users
@@ -519,19 +506,13 @@
roleQuery.setString(0, roleId);
roleQuery.setCacheable(true);
permissions.addAll(roleQuery.list());
-
- tx.commit();
}
catch (Exception e)
{
- tx.rollback();
+ log.error(this, e);
throw new RuntimeException(e);
}
- finally
- {
- HibernateUtil.closeSession(session);
- }
-
+
return permissions;
}
@@ -547,8 +528,7 @@
String lookupByCriteria = "SELECT permission from Permission permission JOIN
permission.criteria criteria WHERE criteria.name=? AND criteria.value=?";
- Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).openSession();
- Transaction tx = session.beginTransaction();
+ Session session =
HibernateUtil.getSessionFactory(this.cmsSessionFactory).getCurrentSession();
try
{
// perform lookup by explicitly specified users
@@ -557,18 +537,11 @@
criteriaQuery.setString(1, criteria.getValue());
criteriaQuery.setCacheable(true);
permissions.addAll(criteriaQuery.list());
-
- tx.commit();
}
catch (Exception e)
{
- tx.rollback();
throw new RuntimeException(e);
- }
- finally
- {
- HibernateUtil.closeSession(session);
- }
+ }
return permissions;
}
Modified: modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-13 21:34:32
UTC (rev 12491)
+++ modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-14 03:17:52
UTC (rev 12492)
@@ -6,10 +6,12 @@
<pojo>
<parameter name="datasources" value="datasources.xml"/>
<parameter name="dataSourceName">
- <value>hsqldb</value>
+ <value>hsqldb</value>
+ <!--
<value>oracle10g</value>
<value>mysql5</value>
<value>postgresql8</value>
+ -->
</parameter>
<parameter name="hibernateConfig"
value="hibernates.xml"/>
<test >
@@ -77,10 +79,12 @@
<pojo>
<parameter name="datasources" value="datasources.xml"/>
<parameter name="dataSourceName">
- <value>hsqldb</value>
+ <value>hsqldb</value>
+ <!--
<value>oracle10g</value>
<value>mysql5</value>
- <value>postgresql8</value>
+ <value>postgresql8</value>
+ -->
</parameter>
<parameter name="hibernateConfig"
value="hibernates.xml"/>
<parameter name="standardIdentityConfig"
value="standardidentity-config.xml"/>
@@ -103,13 +107,16 @@
<parameter name="datasources" value="datasources.xml"/>
<parameter name="dataSourceName">
<value>hsqldb</value>
+ <!--
<value>oracle10g</value>
<value>mysql5</value>
<value>postgresql8</value>
+ -->
</parameter>
<parameter name="hibernateConfig"
value="hibernates.xml"/>
<parameter name="standardIdentityConfig"
value="standardidentity-config.xml"/>
<parameter name="identityConfig" value="db-config.xml"/>
+
<test >
<class
name="org.jboss.portal.cms.test.workflow.TestApprovedPublish"/>
</test>