Author: chris.laprun(a)jboss.com
Date: 2009-05-16 17:26:07 -0400 (Sat, 16 May 2009)
New Revision: 13386
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/BaseRoleAction.java
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/CreateRoleAction.java
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/EditRoleAction.java
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity.properties
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity_fr.properties
Log:
- JBPORTAL-2391: completed validation of role names and display names.
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/BaseRoleAction.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/BaseRoleAction.java 2009-05-16
21:16:01 UTC (rev 13385)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/BaseRoleAction.java 2009-05-16
21:26:07 UTC (rev 13386)
@@ -23,10 +23,10 @@
package org.jboss.portal.core.identity.ui.actions;
+import org.jboss.portal.core.identity.ui.UIRole;
+import org.jboss.portal.core.identity.ui.common.IdentityRoleBean;
import org.jboss.portal.faces.gui.ManagedBean;
import org.jboss.portal.identity.IdentityException;
-import org.jboss.portal.core.identity.ui.UIRole;
-import org.jboss.portal.core.identity.ui.common.IdentityRoleBean;
/**
* @author <a href="mailto:chris.laprun@jboss.com">Chris
Laprun</a>
@@ -34,21 +34,37 @@
*/
public class BaseRoleAction extends ManagedBean
{
- /** .*/
+ /** . */
protected UIRole uiRole;
- /** .*/
+ /** . */
protected IdentityRoleBean identityRoleBean;
+ protected final PropertyValidator displayNameValidator = new DisplayNameValidator();
+ private static final String ROLE_DISPLAY_TYPE = "ROLE_DISPLAY_TYPE";
+ private static final String ROLE_TYPE = "ROLE_TYPE";
+
protected String getObjectTypeName()
{
- return "ROLE_TYPE";
+ return ROLE_TYPE;
}
public boolean isAlreadyExisting(String objectName)
{
+ return isAlreadyExisting(objectName, false);
+ }
+
+ protected boolean isAlreadyExisting(String objectName, boolean isDisplay)
+ {
try
{
- return identityRoleBean.getRoleModule().findRoleByName(objectName) != null;
+ if (isDisplay)
+ {
+ return identityRoleBean.getRoleModule().findRoleByDisplayName(objectName) !=
null;
+ }
+ else
+ {
+ return identityRoleBean.getRoleModule().findRoleByName(objectName) != null;
+ }
}
catch (IdentityException e)
{
@@ -68,6 +84,24 @@
}
}
+ private class DisplayNameValidator implements PropertyValidator
+ {
+ public boolean checkForDuplicates()
+ {
+ return true;
+ }
+
+ public String getObjectTypeName()
+ {
+ return ROLE_DISPLAY_TYPE;
+ }
+
+ public boolean isAlreadyExisting(String propertyName)
+ {
+ return BaseRoleAction.this.isAlreadyExisting(propertyName, true);
+ }
+ }
+
public UIRole getUiRole()
{
return uiRole;
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/CreateRoleAction.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/CreateRoleAction.java 2009-05-16
21:16:01 UTC (rev 13385)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/CreateRoleAction.java 2009-05-16
21:26:07 UTC (rev 13386)
@@ -40,8 +40,10 @@
String name = this.uiRole.getName();
String displayName = this.uiRole.getDisplayName();
name = checkNameValidity(name, "create-role-form:rolename");
- displayName = checkNameValidity(displayName,
"create-role-form:roledisplayname", false);
+ // check display name validity for XSS injection but check duplicate separately due
to limitation to how ManagedBean works
+ displayName = checkNameValidity(displayName,
"create-role-form:roledisplayname", displayNameValidator);
+
if (name != null && displayName != null)
{
try
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/EditRoleAction.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/EditRoleAction.java 2009-05-16
21:16:01 UTC (rev 13385)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/actions/EditRoleAction.java 2009-05-16
21:26:07 UTC (rev 13386)
@@ -23,6 +23,8 @@
package org.jboss.portal.core.identity.ui.actions;
import org.jboss.portal.common.text.FastURLDecoder;
+import org.jboss.portal.core.identity.ui.UIRole;
+import org.jboss.portal.identity.IdentityException;
/**
* @author <a href="mailto:emuckenh@redhat.com">Emanuel
Muckenhuber</a>
@@ -54,7 +56,24 @@
public String updateRole()
{
String roleDisplayName = this.uiRole.getDisplayName();
- roleDisplayName = checkNameValidity(roleDisplayName,
"edit-role-link:display-name", false); // do not check for duplicates
+
+ // Check that the new role is different from the old one
+ try
+ {
+ String roleName = uiRole.getName();
+ UIRole current = identityRoleBean.getUIRole(roleName);
+ if (!isOldAndNewDifferent(current.getDisplayName(), roleDisplayName))
+ {
+ // if the new and old display names are the same, just return
+ return "roleAdmin";
+ }
+ }
+ catch (IdentityException e)
+ {
+ log.error("Couldn't get current role " + roleDisplayName);
+ }
+
+ roleDisplayName = checkNameValidity(roleDisplayName,
"edit-role-link:display-name", displayNameValidator); // display names are
unique as well
if (roleDisplayName != null)
{
try
@@ -69,5 +88,4 @@
}
return null;
}
-
}
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity.properties
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity.properties 2009-05-16
21:16:01 UTC (rev 13385)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity.properties 2009-05-16
21:26:07 UTC (rev 13386)
@@ -177,6 +177,7 @@
IDENTITY_VALIDATION_ERROR_CAPTCHA_INCORRECT=Captcha incorrect
ROLE_TYPE=role
+ROLE_DISPLAY_TYPE=role display
INVALID_NAME_ERROR=''{0}'' is an invalid {1} name: Cannot be null, empty
or contain '\\', '<', '>', '(', ')',
'=' or '%5c'
DUPLICATE_ERROR=A {1} named ''{0}'' already exists!
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity_fr.properties
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity_fr.properties 2009-05-16
21:16:01 UTC (rev 13385)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-sar/conf/bundles/Identity_fr.properties 2009-05-16
21:26:07 UTC (rev 13386)
@@ -297,5 +297,6 @@
javax.faces.component.UIInput.REQUIRED=Valeur requise
ROLE_TYPE=r\u00f4le
+ROLE_DISPLAY_TYPE=affichage r\u00f4le
DUPLICATE_ERROR=Un {1} nomm\u00e9 ''{0}'' existe d\u00e9j\u00e0!
INVALID_NAME_ERROR=''{0}'' est un nom invalide pour un {1} : Ne peut pas
\u00eatre null, vide ou contenir '\\', '<', '>',
'(', ')', '=' ou '%5c'