Author: shane.bryzak(a)jboss.com
Date: 2008-05-04 03:33:26 -0400 (Sun, 04 May 2008)
New Revision: 8110
Added:
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AccountPermission.java
trunk/examples/seamspace/view/permissionmanager.xhtml
Modified:
trunk/examples/seamspace/resources/META-INF/security-rules.drl
trunk/examples/seamspace/resources/WEB-INF/components.xml
trunk/examples/seamspace/resources/WEB-INF/pages.xml
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/MemberImage.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/PictureSearch.java
trunk/examples/seamspace/view/pictures.xhtml
Log:
more permission management stuff
Modified: trunk/examples/seamspace/resources/META-INF/security-rules.drl
===================================================================
--- trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-05-04 07:33:03 UTC
(rev 8109)
+++ trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-05-04 07:33:26 UTC
(rev 8110)
@@ -116,6 +116,17 @@
check.grant();
end
+rule ManageImagePermissions
+ no-loop
+ activation-group "permissions"
+when
+ img: MemberImage()
+ check: PermissionCheck(target == img, action == "seam.read-permissions",
granted == false)
+ Role(name == "admin")
+then
+ check.grant();
+end
+
rule InsertMemberBlog
no-loop
activation-group "permissions"
Modified: trunk/examples/seamspace/resources/WEB-INF/components.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-05-04 07:33:03 UTC (rev
8109)
+++ trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-05-04 07:33:26 UTC (rev
8110)
@@ -4,6 +4,7 @@
xmlns:persistence="http://jboss.com/products/seam/persistence"
xmlns:security="http://jboss.com/products/seam/security"
xmlns:identity-management="http://jboss.com/products/seam/security/m...
+
xmlns:permission-management="http://jboss.com/products/seam/security...
xmlns:drools="http://jboss.com/products/seam/drools"
xmlns:captcha="http://jboss.com/products/seam/captcha"
xmlns:web="http://jboss.com/products/seam/web"
@@ -49,7 +50,7 @@
enabled-attribute="enabled"
/>
- <security:jpa-permission-store name="permissionStore"
permission-class="org.jboss.seam.example.seamspace.Permission"/>
+ <permission-management:jpa-permission-store
user-permission-class="org.jboss.seam.example.seamspace.AccountPermission"/>
<drools:rule-base name="securityRules">
<drools:rule-files>
Modified: trunk/examples/seamspace/resources/WEB-INF/pages.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-05-04 07:33:03 UTC (rev
8109)
+++ trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-05-04 07:33:26 UTC (rev
8110)
@@ -111,7 +111,7 @@
</navigation>
</page>
- <page view-id="/pictureupload.xhtml">
+ <page view-id="/pictureupload.xhtml"
login-required="true">
<navigation from-action="#{pictureAction.savePicture}">
<redirect view-id="/pictures.xhtml">
<param name="name"
value="#{authenticatedMember.memberName}"/>
Added:
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AccountPermission.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AccountPermission.java
(rev 0)
+++
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AccountPermission.java 2008-05-04
07:33:26 UTC (rev 8110)
@@ -0,0 +1,81 @@
+package org.jboss.seam.example.seamspace;
+
+import java.io.Serializable;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.Id;
+
+import org.jboss.seam.annotations.security.permission.PermissionAction;
+import org.jboss.seam.annotations.security.permission.PermissionDiscriminator;
+import org.jboss.seam.annotations.security.permission.PermissionRole;
+import org.jboss.seam.annotations.security.permission.PermissionTarget;
+import org.jboss.seam.annotations.security.permission.PermissionUser;
+
+@Entity
+public class AccountPermission implements Serializable
+{
+ private static final long serialVersionUID = -5628863031792429938L;
+
+ private Integer permissionId;
+ private String recipient;
+ private String target;
+ private String action;
+ private String discriminator;
+
+ @Id @GeneratedValue
+ public Integer getPermissionId()
+ {
+ return permissionId;
+ }
+
+ public void setPermissionId(Integer permissionId)
+ {
+ this.permissionId = permissionId;
+ }
+
+ @PermissionUser
+ @PermissionRole
+ public String getRecipient()
+ {
+ return recipient;
+ }
+
+ public void setRecipient(String recipient)
+ {
+ this.recipient = recipient;
+ }
+
+ @PermissionTarget
+ public String getTarget()
+ {
+ return target;
+ }
+
+ public void setTarget(String target)
+ {
+ this.target = target;
+ }
+
+ @PermissionAction
+ public String getAction()
+ {
+ return action;
+ }
+
+ public void setAction(String action)
+ {
+ this.action = action;
+ }
+
+ @PermissionDiscriminator
+ public String getDiscriminator()
+ {
+ return discriminator;
+ }
+
+ public void setDiscriminator(String discriminator)
+ {
+ this.discriminator = discriminator;
+ }
+}
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/MemberImage.java
===================================================================
---
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/MemberImage.java 2008-05-04
07:33:03 UTC (rev 8109)
+++
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/MemberImage.java 2008-05-04
07:33:26 UTC (rev 8110)
@@ -8,10 +8,8 @@
import javax.persistence.JoinColumn;
import javax.persistence.Lob;
import javax.persistence.ManyToOne;
-import javax.persistence.PostLoad;
import org.jboss.seam.annotations.Name;
-import org.jboss.seam.annotations.security.Restrict;
@Entity
@Name("memberImage")
Modified:
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/PictureSearch.java
===================================================================
---
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/PictureSearch.java 2008-05-04
07:33:03 UTC (rev 8109)
+++
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/PictureSearch.java 2008-05-04
07:33:26 UTC (rev 8110)
@@ -11,6 +11,7 @@
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.web.RequestParameter;
@Name("pictureSearch")
@Scope(EVENT)
@@ -26,6 +27,9 @@
@Out(required = false)
private List<MemberImage> memberImages;
+ @RequestParameter
+ private Integer imageId;
+
public String getMemberName()
{
return memberName;
@@ -36,6 +40,11 @@
this.memberName = memberName;
}
+ public MemberImage lookupImage()
+ {
+ return entityManager.find(MemberImage.class, imageId);
+ }
+
@SuppressWarnings("unchecked")
public void loadMemberPictures()
{
Added: trunk/examples/seamspace/view/permissionmanager.xhtml
===================================================================
--- trunk/examples/seamspace/view/permissionmanager.xhtml (rev 0)
+++ trunk/examples/seamspace/view/permissionmanager.xhtml 2008-05-04 07:33:26 UTC (rev
8110)
@@ -0,0 +1,33 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html
xmlns="http://www.w3.org/1999/xhtml"
+
xmlns:ui="http://java.sun.com/jsf/facelets"
+
xmlns:h="http://java.sun.com/jsf/html"
+
xmlns:f="http://java.sun.com/jsf/core"
+
xmlns:s="http://jboss.com/products/seam/taglib">
+
+ <ui:composition template="template.xhtml">
+
+ <ui:define name="head">
+ <link href="style/security.css" rel="stylesheet"
type="text/css"/>
+ </ui:define>
+
+ <ui:define name="content">
+
+ <script type="text/javascript">
+ function confirmDelete()
+ {
+ return confirm("Are you sure you wish to delete this permission? This
action cannot be undone.");
+ }
+ </script>
+
+ <div id="contentMain">
+
+ <h2>Permission Manager</h2>
+
+
+ </div>
+
+ </ui:define>
+
+ </ui:composition>
+</html>
Modified: trunk/examples/seamspace/view/pictures.xhtml
===================================================================
--- trunk/examples/seamspace/view/pictures.xhtml 2008-05-04 07:33:03 UTC (rev 8109)
+++ trunk/examples/seamspace/view/pictures.xhtml 2008-05-04 07:33:26 UTC (rev 8110)
@@ -45,7 +45,9 @@
<a href="content/images?id=#{img.imageId}"
rel="lightbox[pictureset]" title="#{img.caption}">
<h:graphicImage
value="/content/images?id=#{img.imageId}&width=90"
border="0"/>
</a>
- <s:button view="/permissions.seam"
styleClass="padlock"/>
+ <s:button view="/permissionmanager.seam"
action="#{permissionSearch.loadPermissions(pictureSearch.lookupImage())}"
styleClass="padlock">
+ <f:param name="imageId"
value="#{img.imageId}"/>
+ </s:button>
<s:button styleClass="trash"/>
</div>