Seam SVN: r7443 - in trunk/examples/wiki: src/main/org/jboss/seam/wiki/util and 2 other directories.
by seam-commits@lists.jboss.org
Author: christian.bauer(a)jboss.com
Date: 2008-02-19 08:42:58 -0500 (Tue, 19 Feb 2008)
New Revision: 7443
Modified:
trunk/examples/wiki/src/etc/i18n/messages_en.properties
trunk/examples/wiki/src/main/org/jboss/seam/wiki/util/WikiUtil.java
trunk/examples/wiki/view/includes/ownerSelector.xhtml
trunk/examples/wiki/view/userList_d.xhtml
Log:
Do not show supersecret e-mail addresses to non-admins
Modified: trunk/examples/wiki/src/etc/i18n/messages_en.properties
===================================================================
--- trunk/examples/wiki/src/etc/i18n/messages_en.properties 2008-02-19 13:42:29 UTC (rev 7442)
+++ trunk/examples/wiki/src/etc/i18n/messages_en.properties 2008-02-19 13:42:58 UTC (rev 7443)
@@ -689,7 +689,7 @@
lacewiki.preferences.wiki.FeedTitlePrefix=Feed title prefix
lacewiki.preferences.wiki.PurgeFeedEntriesAfterDays=Feed entries are purged after days
lacewiki.preferences.wiki.AtSymbolReplacement=Replace @ symbol in e-mail addresses with
-lacewiki.preferences.wiki.ShowEmailToLoggedInOnly=Show e-mail addresses only to logged-in users
+lacewiki.preferences.wiki.ShowEmailToLoggedInOnly=Show e-mail addresses only to logged-in admins
lacewiki.preferences.wiki.MainMenuLevels=Main menu is flattened to levels (0 for unlimited visible levels)
lacewiki.preferences.wiki.MainMenuDepth=Main menu maximum depth of directories
lacewiki.preferences.wiki.MainMenuShowAdminOnly=Main menu includes only directories owned by system administrator
Modified: trunk/examples/wiki/src/main/org/jboss/seam/wiki/util/WikiUtil.java
===================================================================
--- trunk/examples/wiki/src/main/org/jboss/seam/wiki/util/WikiUtil.java 2008-02-19 13:42:29 UTC (rev 7442)
+++ trunk/examples/wiki/src/main/org/jboss/seam/wiki/util/WikiUtil.java 2008-02-19 13:42:58 UTC (rev 7443)
@@ -23,6 +23,7 @@
import java.math.BigDecimal;
import java.net.URLEncoder;
import java.net.URLDecoder;
+import java.net.URI;
import java.text.SimpleDateFormat;
import java.util.Collection;
import java.util.Collections;
@@ -119,7 +120,10 @@
}
public static boolean showEmailAddress() {
- if (Preferences.getInstance(WikiPreferences.class).isShowEmailToLoggedInOnly() && Identity.instance().isLoggedIn()) {
+ Integer accessLevel = (Integer)Component.getInstance("currentAccessLevel");
+ if (Preferences.getInstance(WikiPreferences.class).isShowEmailToLoggedInOnly()
+ && Identity.instance().isLoggedIn()
+ && accessLevel == Role.ADMINROLE_ACCESSLEVEL) {
return true;
} else if (!Preferences.getInstance(WikiPreferences.class).isShowEmailToLoggedInOnly()) {
return true;
@@ -313,4 +317,24 @@
return FacesContext.getCurrentInstance().getMessages(namingContainer.replaceAll("\\\\", "") + ":" + componentId).hasNext();
}
+ /**
+ * Calculate an RFC 2822 compliant message identifier from a numeric + string identifier. Given
+ * the same numeric and string identifier, the same message id will be generated.
+ */
+ public static String calculateMessageId(Long id, String s) {
+
+ WikiPreferences prefs = Preferences.getInstance(WikiPreferences.class);
+ Hash hash = (Hash)Component.getInstance(Hash.class);
+ String domain;
+ try {
+ URI uri = new URI(prefs.getBaseUrl());
+ domain = uri.getHost();
+ } catch (Exception ex) {
+ throw new RuntimeException("Could not parse preferences value baseUrl into a host name", ex);
+ }
+ StringBuilder msgId = new StringBuilder();
+ msgId.append("<").append(hash.hash(id+s)).append("@").append(domain).append(">");
+ return msgId.toString();
+ }
+
}
Modified: trunk/examples/wiki/view/includes/ownerSelector.xhtml
===================================================================
--- trunk/examples/wiki/view/includes/ownerSelector.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
+++ trunk/examples/wiki/view/includes/ownerSelector.xhtml 2008-02-19 13:42:58 UTC (rev 7443)
@@ -50,8 +50,10 @@
</h:panelGroup>
<h:panelGroup>
- <h:outputText styleClass="label" value="#{messages['lacewiki.label.userList.Email']}:"/> 
- <h:inputText id="email" value="#{userSearch.exampleUser.email}" maxlength="35" size="10" tabindex="20"/>
+ <s:fragment rendered="#{wiki:showEmailAddress()}">
+ <h:outputText styleClass="label" value="#{messages['lacewiki.label.userList.Email']}:"/> 
+ <h:inputText id="email" value="#{userSearch.exampleUser.email}" maxlength="35" size="10" tabindex="20"/>
+ </s:fragment>
</h:panelGroup>
<a:commandLink id="find" styleClass="buttonNonpersistent sessionEventTrigger" reRender="dialogOwnerSelectionContent"
Modified: trunk/examples/wiki/view/userList_d.xhtml
===================================================================
--- trunk/examples/wiki/view/userList_d.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
+++ trunk/examples/wiki/view/userList_d.xhtml 2008-02-19 13:42:58 UTC (rev 7443)
@@ -64,8 +64,10 @@
</h:panelGroup>
<h:panelGroup>
- <h:outputText styleClass="label" value="#{messages['lacewiki.label.userList.Email']}:"/> 
- <h:inputText id="email" value="#{userSearch.exampleUser.email}" maxlength="35" size="8" tabindex="1"/>
+ <s:fragment rendered="#{wiki:showEmailAddress()}">
+ <h:outputText styleClass="label" value="#{messages['lacewiki.label.userList.Email']}:"/> 
+ <h:inputText id="email" value="#{userSearch.exampleUser.email}" maxlength="35" size="8" tabindex="1"/>
+ </s:fragment>
</h:panelGroup>
<h:panelGroup>
16 years, 2 months
Seam SVN: r7442 - in trunk/examples/seamspace: resources/WEB-INF and 2 other directories.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-02-19 08:42:29 -0500 (Tue, 19 Feb 2008)
New Revision: 7442
Modified:
trunk/examples/seamspace/resources/META-INF/security-rules.drl
trunk/examples/seamspace/resources/WEB-INF/components.xml
trunk/examples/seamspace/resources/WEB-INF/pages.xml
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AuthenticationEvents.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/BlogAction.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/FriendAction.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/Member.java
trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/UserSearch.java
trunk/examples/seamspace/view/blog.xhtml
trunk/examples/seamspace/view/blogentry.xhtml
trunk/examples/seamspace/view/profile.xhtml
trunk/examples/seamspace/view/rolemanager.xhtml
trunk/examples/seamspace/view/template.xhtml
trunk/examples/seamspace/view/usermanager.xhtml
Log:
updated with security api changes
Modified: trunk/examples/seamspace/resources/META-INF/security-rules.drl
===================================================================
--- trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/resources/META-INF/security-rules.drl 2008-02-19 13:42:29 UTC (rev 7442)
@@ -1,21 +1,41 @@
package SeamSpacePermissions;
+dialect 'mvel'
+
import java.security.Principal;
+import org.jboss.seam.security.management.SecurityContext;
+import org.jboss.seam.security.management.UserAccount;
import org.jboss.seam.security.PermissionCheck;
import org.jboss.seam.security.Role;
+import org.jboss.seam.example.seamspace.BlogComment;
import org.jboss.seam.example.seamspace.Member;
+import org.jboss.seam.example.seamspace.MemberAccount;
import org.jboss.seam.example.seamspace.MemberBlog;
import org.jboss.seam.example.seamspace.MemberFriend;
import org.jboss.seam.example.seamspace.MemberImage;
+function Member getAccountMember(UserAccount account) {
+ return ((MemberAccount) account).getMember();
+}
+
+rule ViewProfile
+ no-loop
+ activation-group "permissions"
+when
+ check: PermissionCheck(name == "/profile.xhtml", action == "render", granted == false)
+ Role(name == "admin")
+then
+ check.grant();
+end
+
rule ViewImage
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "memberImage", action == "view", granted == false)
image: MemberImage()
+ check: PermissionCheck(target == image, action == "view", granted == false)
eval( image.getMember().getPicture() == image )
then
check.grant();
@@ -31,11 +51,22 @@
check.grant();
end
+rule CanCreateBlogComment
+ no-loop
+ activation-group "permissions"
+when
+ blog: MemberBlog()
+ check: PermissionCheck(target == blog, action == "create", granted == false)
+ Role(name == "user")
+then
+ check.grant();
+end
+
rule CreateBlogComment
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "blog", action == "createComment", granted == false)
+ check: PermissionCheck(target == "blogComment", action == "create", granted == false)
Role(name == "user")
then
check.grant();
@@ -45,9 +76,9 @@
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "blog", action == "create", granted == false)
+ ctx: SecurityContext()
member: Member()
- not Member(mbrId : memberId -> (!mbrId.equals(member.getMemberId())))
+ check: PermissionCheck(target == member, action == "createBlog", granted == false, eval( member.equals(getAccountMember(ctx.userAccount))))
then
check.grant();
end
@@ -56,9 +87,9 @@
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "memberBlog", action == "insert", granted == false)
- MemberBlog(member : member)
- not Member(mbrId : memberId -> (!mbrId.equals(member.getMemberId())))
+ ctx: SecurityContext()
+ blog: MemberBlog(member : member, eval( member.equals(getAccountMember(ctx.userAccount))))
+ check: PermissionCheck(target == blog, action == "insert", granted == false)
then
check.grant();
end
@@ -67,9 +98,9 @@
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "friendComment", action == "create", granted == false)
- MemberFriend(authorized == true, f : friend)
- not Member(mbrId : memberId -> (!mbrId.equals(f.getMemberId())))
+ ctx: SecurityContext()
+ member: Member()
+ check: PermissionCheck(target == member, action == "createFriendComment", granted == false, eval( member.isFriend(getAccountMember(ctx.userAccount))))
then
check.grant();
end
@@ -78,9 +109,9 @@
no-loop
activation-group "permissions"
when
- check: PermissionCheck(name == "friendRequest", action == "create", granted == false)
+ ctx: SecurityContext()
member: Member()
- not MemberFriend(f : friend -> (f.getMemberId().equals(member.getMemberId())))
+ check: PermissionCheck(target == member, action == "createFriendRequest", granted == false, eval( !member.isFriend(getAccountMember(ctx.userAccount))) )
then
check.grant();
end
@@ -95,6 +126,12 @@
check.grant();
end
+/*****************************************************************************************
+
+ The Following Rules are for Identity Management
+
+******************************************************************************************/
+
rule ReadAccount
no-loop
activation-group "permissions"
Modified: trunk/examples/seamspace/resources/WEB-INF/components.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/resources/WEB-INF/components.xml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -24,7 +24,7 @@
concurrent-request-timeout="500"
conversation-id-parameter="cid"/>
- <security:identity security-rules="#{securityRules}"/>
+ <security:rule-based-permission-resolver security-rules="#{securityRules}"/>
<identity-management:jpa-identity-store name="identityStore" account-class="org.jboss.seam.example.seamspace.MemberAccount"/>
Modified: trunk/examples/seamspace/resources/WEB-INF/pages.xml
===================================================================
--- trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/resources/WEB-INF/pages.xml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -4,7 +4,7 @@
xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.1.xsd"
login-view-id="/home.xhtml">
- <page view-id="/home.xhtml" action="#{identity.logout}">
+ <page view-id="/home.xhtml">
<navigation from-action="#{identity.login}">
<rule if-outcome="loggedIn">
<redirect view-id="/profile.xhtml"/>
@@ -62,7 +62,7 @@
</page>
<page view-id="/usermanager.xhtml" action="#{userSearch.loadUsers}">
- <restrict>#{s:hasPermission('seam.account', 'read', null)}</restrict>
+ <restrict>#{s:hasPermission('seam.account', 'read')}</restrict>
<navigation from-action="#{userAction.createUser}">
<redirect view-id="/userdetail.xhtml"/>
@@ -74,7 +74,7 @@
</page>
<page view-id="/rolemanager.xhtml" action="#{roleSearch.loadRoles}">
- <restrict>#{s:hasPermission('seam.account', 'read', null)}</restrict>
+ <restrict>#{s:hasPermission('seam.account', 'read')}</restrict>
<navigation from-action="#{roleAction.createRole}">
<redirect view-id="/roledetail.xhtml"/>
@@ -144,17 +144,17 @@
</navigation>
</page>
- <!--exception class="org.jboss.seam.security.NotLoggedInException" log="false">
+ <exception class="org.jboss.seam.security.NotLoggedInException" log="false">
<redirect view-id="/register.xhtml">
<message severity="warn">You must be a member to use this feature</message>
</redirect>
- </exception-->
+ </exception>
- <!--exception class="org.jboss.seam.security.AuthorizationException">
+ <exception class="org.jboss.seam.security.AuthorizationException">
<end-conversation/>
<redirect view-id="/security_error.xhtml">
<message severity="error">You do not have permission to do this</message>
</redirect>
- </exception-->
+ </exception>
</pages>
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AuthenticationEvents.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AuthenticationEvents.java 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/AuthenticationEvents.java 2008-02-19 13:42:29 UTC (rev 7442)
@@ -3,8 +3,6 @@
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Observer;
import org.jboss.seam.contexts.Contexts;
-import org.jboss.seam.security.Identity;
-import org.jboss.seam.security.RuleBasedIdentity;
import org.jboss.seam.security.management.JpaIdentityStore;
@Name("authenticationEvents")
@@ -14,6 +12,5 @@
public void loginSuccessful(MemberAccount account)
{
Contexts.getSessionContext().set("authenticatedMember", account.getMember());
- ((RuleBasedIdentity) Identity.instance()).getSecurityContext().insert(account.getMember());
}
}
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/BlogAction.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/BlogAction.java 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/BlogAction.java 2008-02-19 13:42:29 UTC (rev 7442)
@@ -15,7 +15,7 @@
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Out;
import org.jboss.seam.annotations.Scope;
-import org.jboss.seam.annotations.security.Restrict;
+import org.jboss.seam.annotations.security.Insert;
@Scope(CONVERSATION)
@Name("blog")
@@ -54,11 +54,9 @@
catch (NoResultException ex) { }
}
- @Factory("comment") @Restrict @Begin(join = true)
+ @Factory("comment") @Insert(BlogComment.class) @Begin(join = true)
public void createComment()
- {
- System.out.println("Params - blogId: " + blogId + " name: " + name);
-
+ {
comment = new BlogComment();
comment.setCommentor(authenticatedMember);
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/FriendAction.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/FriendAction.java 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/FriendAction.java 2008-02-19 13:42:29 UTC (rev 7442)
@@ -49,7 +49,7 @@
.getSingleResult();
Contexts.getMethodContext().set("friends", member.getFriends());
- Identity.instance().checkRestriction("#{s:hasPermission('friendComment', 'create', friends)}");
+ Identity.instance().checkPermission(member, "createFriendComment");
friendComment = new FriendComment();
friendComment.setFriend(authenticatedMember);
@@ -79,7 +79,7 @@
.getSingleResult();
Contexts.getMethodContext().set("friends", member.getFriends());
- Identity.instance().checkRestriction("#{s:hasPermission('friendRequest', 'create', friends)}");
+ Identity.instance().checkPermission(member, "createFriendRequest");
friendRequest = new MemberFriend();
friendRequest.setFriend(authenticatedMember);
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/Member.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/Member.java 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/Member.java 2008-02-19 13:42:29 UTC (rev 7442)
@@ -217,10 +217,21 @@
public void setFriends(Set<MemberFriend> friends)
{
- this.friends = friends;
+ this.friends = friends;
}
@Transient
+ public boolean isFriend(Member member)
+ {
+ for (MemberFriend f : friends)
+ {
+ if (f.getFriend().getMemberId().equals(member.getMemberId())) return true;
+ }
+
+ return false;
+ }
+
+ @Transient
public String getAge()
{
Calendar birthday = new GregorianCalendar();
Modified: trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/UserSearch.java
===================================================================
--- trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/UserSearch.java 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/src/org/jboss/seam/example/seamspace/UserSearch.java 2008-02-19 13:42:29 UTC (rev 7442)
@@ -8,12 +8,15 @@
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Synchronized;
import org.jboss.seam.annotations.datamodel.DataModel;
import org.jboss.seam.annotations.datamodel.DataModelSelection;
+
import org.jboss.seam.security.management.IdentityManager;
@Name("userSearch")
@Scope(SESSION)
+@Synchronized
public class UserSearch implements Serializable
{
private static final long serialVersionUID = 8592034786339372510L;
Modified: trunk/examples/seamspace/view/blog.xhtml
===================================================================
--- trunk/examples/seamspace/view/blog.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/blog.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -39,7 +39,7 @@
#{memberBlog.commentCount} Comment#{memberBlog.commentCount != 1 ? "s" : ""}
</s:link>]
- <s:span rendered="#{s:hasPermission('blog','createComment', null)}">
+ <s:span rendered="#{s:hasPermission('blog','createComment')}">
[<s:link view="/comment.seam" value="Add Comment" propagation="none">
<f:param name="name" value="#{selectedMember.memberName}"/>
<f:param name="blogId" value="#{memberBlog.blogId}"/>
Modified: trunk/examples/seamspace/view/blogentry.xhtml
===================================================================
--- trunk/examples/seamspace/view/blogentry.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/blogentry.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -31,7 +31,7 @@
<div class="blogTitle">#{selectedBlog.title}</div>
<div class="blogText"><s:formattedText value="#{selectedBlog.text}"/></div>
<div class="blogFooter">
- <s:span rendered="#{s:hasPermission('blog','createComment', null)}">
+ <s:span rendered="#{s:hasPermission(selectedBlog, 'create')}">
[<s:link view="/comment.seam" value="Add Comment" propagation="none">
<f:param name="name" value="#{selectedMember.memberName}"/>
<f:param name="blogId" value="#{selectedBlog.blogId}"/>
Modified: trunk/examples/seamspace/view/profile.xhtml
===================================================================
--- trunk/examples/seamspace/view/profile.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/profile.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -52,7 +52,7 @@
<f:param name="name" value="#{selectedMember.memberName}"/>
</s:link>]
- <s:span rendered="#{s:hasPermission('blog', 'create', selectedMember)}">
+ <s:span rendered="#{s:hasPermission(selectedMember, 'createBlog')}">
[<s:link action="#{blog.createEntry}" value="Create new blog entry" propagation="none"/>]
</s:span>
</s:div>
@@ -74,7 +74,7 @@
<br class="clear"/>
- <s:span rendered="#{selectedMember.memberId != authenticatedMember.memberId and s:hasPermission('friendRequest', 'create', selectedMember.friends)}">
+ <s:span rendered="#{selectedMember.memberId != authenticatedMember.memberId and s:hasPermission(selectedMember, 'createFriendRequest')}">
[<s:link view="/friendrequest.seam" value="Send a friend request" propagation="none"/>]
</s:span>
@@ -102,7 +102,7 @@
</table>
</ui:repeat>
- <s:span rendered="#{s:hasPermission('friendComment', 'create', selectedMember.friends)}">
+ <s:span rendered="#{s:hasPermission(selectedMember, 'createFriendComment')}">
[<s:link view="/friendcomment.seam" value="Add Comment"/>]
</s:span>
</s:div>
Modified: trunk/examples/seamspace/view/rolemanager.xhtml
===================================================================
--- trunk/examples/seamspace/view/rolemanager.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/rolemanager.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -50,11 +50,11 @@
#{roleSearch.getRoleMemberships(role)}
</rich:column>
<rich:column width="auto">
- <s:fragment rendered="#{s:hasPermission('seam.account', 'update', null)}">
+ <s:fragment rendered="#{s:hasPermission('seam.account', 'update')}">
<s:link value="Edit" action="#{roleAction.editRole(roleSearch.selectedRole)}"/><span> | </span>
</s:fragment>
<s:link value="Delete" action="#{identityManager.deleteAccount(roleSearch.selectedRole)}"
- rendered="#{s:hasPermission('seam.account', 'delete', null)}"
+ rendered="#{s:hasPermission('seam.account', 'delete')}"
onclick="return confirmDelete()"/>
</rich:column>
</rich:dataTable>
Modified: trunk/examples/seamspace/view/template.xhtml
===================================================================
--- trunk/examples/seamspace/view/template.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/template.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -40,8 +40,8 @@
<s:link view="/home.xhtml" value="Home" propagation="none"/>|
<s:link value="Browse" onclick="javascript:alert('This feature coming soon!');return false"/>|
<s:link value="Blog" onclick="javascript:alert('This feature coming soon!');return false"/>|
- <s:link value="Music" onclick="javascript:alert('This feature coming soon!');return false"/><s:fragment rendered="#{s:hasPermission('seam.account', 'read', null)}">|
- <s:link view="/usermanager.xhtml" value="User Manager" propagation="none"/></s:fragment>
+ <s:link value="Music" onclick="javascript:alert('This feature coming soon!');return false"/><s:fragment rendered="#{s:hasPermission('seam.account', 'read')}">|
+ <s:link view="/usermanager.xhtml" value="User Manager" propagation="none"/></s:fragment>
</div>
<div id="content">
Modified: trunk/examples/seamspace/view/usermanager.xhtml
===================================================================
--- trunk/examples/seamspace/view/usermanager.xhtml 2008-02-19 13:36:02 UTC (rev 7441)
+++ trunk/examples/seamspace/view/usermanager.xhtml 2008-02-19 13:42:29 UTC (rev 7442)
@@ -21,7 +21,7 @@
<h2>User Manager</h2>
- <s:button action="#{userAction.createUser}" styleClass="newuser" rendered="#{s:hasPermission('seam.account', 'create', null)}"/>
+ <s:button action="#{userAction.createUser}" styleClass="newuser" rendered="#{s:hasPermission('seam.account', 'create')}"/>
<s:link view="/rolemanager.xhtml" value="--> Manage Roles" propagation="none"/>
<rich:dataTable
@@ -56,11 +56,11 @@
<div class="#{identityManager.isUserEnabled(user) ? 'checkmark' : 'cross'}"/>
</rich:column>
<rich:column width="auto">
- <s:fragment rendered="#{s:hasPermission('seam.account', 'update', null)}">
+ <s:fragment rendered="#{s:hasPermission('seam.account', 'update')}">
<s:link value="Edit" action="#{userAction.editUser(userSearch.selectedUser)}"/><span> | </span>
</s:fragment>
<s:link value="Delete" action="#{identityManager.deleteAccount(userSearch.selectedUser)}"
- rendered="#{s:hasPermission('seam.account', 'delete', null)}"
+ rendered="#{s:hasPermission('seam.account', 'delete')}"
onclick="return confirmDelete()"/>
</rich:column>
</rich:dataTable>
16 years, 2 months
Seam SVN: r7441 - trunk/src/main/org/jboss/seam/annotations/security.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-02-19 08:36:02 -0500 (Tue, 19 Feb 2008)
New Revision: 7441
Added:
trunk/src/main/org/jboss/seam/annotations/security/Delete.java
trunk/src/main/org/jboss/seam/annotations/security/Insert.java
trunk/src/main/org/jboss/seam/annotations/security/Read.java
trunk/src/main/org/jboss/seam/annotations/security/Update.java
Log:
permission action annotations
Added: trunk/src/main/org/jboss/seam/annotations/security/Delete.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/Delete.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/Delete.java 2008-02-19 13:36:02 UTC (rev 7441)
@@ -0,0 +1,23 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ *
+ *
+ * @author Shane Bryzak
+ */
+@Target({METHOD})
+@Documented
+@Retention(RUNTIME)
+@Inherited
+@PermissionAction("delete")
+public @interface Delete {
+ Class value();
+}
Added: trunk/src/main/org/jboss/seam/annotations/security/Insert.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/Insert.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/Insert.java 2008-02-19 13:36:02 UTC (rev 7441)
@@ -0,0 +1,23 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ *
+ *
+ * @author Shane Bryzak
+ */
+@Target({METHOD})
+@Documented
+@Retention(RUNTIME)
+@Inherited
+@PermissionAction("insert")
+public @interface Insert {
+ Class value();
+}
Added: trunk/src/main/org/jboss/seam/annotations/security/Read.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/Read.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/Read.java 2008-02-19 13:36:02 UTC (rev 7441)
@@ -0,0 +1,23 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ *
+ *
+ * @author Shane Bryzak
+ */
+@Target({METHOD})
+@Documented
+@Retention(RUNTIME)
+@Inherited
+@PermissionAction("read")
+public @interface Read {
+ Class value();
+}
Added: trunk/src/main/org/jboss/seam/annotations/security/Update.java
===================================================================
--- trunk/src/main/org/jboss/seam/annotations/security/Update.java (rev 0)
+++ trunk/src/main/org/jboss/seam/annotations/security/Update.java 2008-02-19 13:36:02 UTC (rev 7441)
@@ -0,0 +1,23 @@
+package org.jboss.seam.annotations.security;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+/**
+ *
+ *
+ * @author Shane Bryzak
+ */
+@Target({METHOD})
+@Documented
+@Retention(RUNTIME)
+@Inherited
+@PermissionAction("update")
+public @interface Update {
+ Class value();
+}
16 years, 2 months
Seam SVN: r7440 - in trunk/src/main/org/jboss/seam: security and 1 other directories.
by seam-commits@lists.jboss.org
Author: shane.bryzak(a)jboss.com
Date: 2008-02-19 08:31:28 -0500 (Tue, 19 Feb 2008)
New Revision: 7440
Added:
trunk/src/main/org/jboss/seam/security/DynamicPermissionResolver.java
trunk/src/main/org/jboss/seam/security/PermissionMapper.java
trunk/src/main/org/jboss/seam/security/ResolverChain.java
trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java
trunk/src/main/org/jboss/seam/security/management/SecurityContext.java
Removed:
trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
Modified:
trunk/src/main/org/jboss/seam/el/SeamFunctionMapper.java
trunk/src/main/org/jboss/seam/security/Identity.java
trunk/src/main/org/jboss/seam/security/PermissionCheck.java
trunk/src/main/org/jboss/seam/security/SecurityFunctions.java
trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java
trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
Log:
permission resolver implementation
Modified: trunk/src/main/org/jboss/seam/el/SeamFunctionMapper.java
===================================================================
--- trunk/src/main/org/jboss/seam/el/SeamFunctionMapper.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/el/SeamFunctionMapper.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -1,11 +1,14 @@
package org.jboss.seam.el;
import java.lang.reflect.Method;
+import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import javax.el.FunctionMapper;
+import org.jboss.el.lang.ExtendedFunctionMapper;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
import org.jboss.seam.security.SecurityFunctions;
@@ -16,12 +19,12 @@
*
* @author Shane Bryzak
*/
-public class SeamFunctionMapper extends FunctionMapper
+public class SeamFunctionMapper extends ExtendedFunctionMapper
{
- private static Map<String,Method> methodCache = new HashMap<String,Method>();
+ private static Map<String,List<Method>> methodCache = new HashMap<String,List<Method>>();
private static final LogProvider log = Logging.getLogProvider(SeamFunctionMapper.class);
-
+
private FunctionMapper functionMapper;
public SeamFunctionMapper(FunctionMapper functionMapper)
@@ -33,6 +36,8 @@
{
cacheMethod("hasPermission", SecurityFunctions.class, "hasPermission",
new Class[] {String.class, String.class, Object.class});
+ cacheMethod("hasPermission", SecurityFunctions.class, "hasPermission",
+ new Class[] {Object.class, String.class});
cacheMethod("hasRole", SecurityFunctions.class, "hasRole",
new Class[] { String.class });
}
@@ -42,7 +47,8 @@
{
if ( "s".equals(prefix) )
{
- return methodCache.get(localName);
+ List<Method> methods = methodCache.get(localName);
+ return methods != null ? methods.get(0) : null;
}
else if (functionMapper != null)
{
@@ -54,12 +60,50 @@
}
}
+ @Override
+ public Method resolveFunction(String prefix, String localName, int paramCount)
+ {
+ if ( "s".equals(prefix) )
+ {
+ List<Method> methods = methodCache.get(localName);
+ if (methods != null)
+ {
+ for (Method m : methods)
+ {
+ if (m.getParameterTypes().length == paramCount) return m;
+ }
+ }
+
+ return null;
+ }
+ else if (functionMapper != null)
+ {
+ return functionMapper.resolveFunction(prefix, localName);
+ }
+ else
+ {
+ return null;
+ }
+ }
+
private static void cacheMethod(String localName, Class cls, String name, Class[] params)
{
try
{
Method m = cls.getMethod(name, params);
- methodCache.put(localName, m);
+
+ List<Method> methods;
+ if (methodCache.containsKey(localName))
+ {
+ methods = methodCache.get(localName);
+ }
+ else
+ {
+ methods = new ArrayList<Method>();
+ methodCache.put(localName, methods);
+ }
+
+ methods.add(m);
}
catch (NoSuchMethodException ex)
{
Added: trunk/src/main/org/jboss/seam/security/DynamicPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/DynamicPermissionResolver.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/DynamicPermissionResolver.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -0,0 +1,15 @@
+package org.jboss.seam.security;
+
+/**
+ * Resolves permissions dynamically assigned in a peristent store, such as a
+ * database, for example.
+ *
+ * @author Shane Bryzak
+ */
+public class DynamicPermissionResolver implements PermissionResolver
+{
+ public boolean hasPermission(Object target, String action)
+ {
+ return true;
+ }
+}
Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -25,6 +25,7 @@
import org.jboss.seam.ScopeType;
import org.jboss.seam.Seam;
import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
@@ -90,6 +91,8 @@
private List<String> preAuthenticationRoles = new ArrayList<String>();
+ private PermissionMapper permissionMapper;
+
/**
* Flag that indicates we are in the process of authenticating
*/
@@ -99,6 +102,7 @@
public void create()
{
subject = new Subject();
+ permissionMapper = (PermissionMapper) Component.getInstance(PermissionMapper.class);
}
public static boolean isSecurityEnabled()
@@ -494,6 +498,25 @@
}
}
}
+
+ public void checkPermission(Object target, String action)
+ {
+ isLoggedIn(true);
+
+ if ( !hasPermission(target, action) )
+ {
+ if ( !isLoggedIn() )
+ {
+ if (Events.exists()) Events.instance().raiseEvent(EVENT_NOT_LOGGED_IN);
+ throw new NotLoggedInException();
+ }
+ else
+ {
+ throw new AuthorizationException(String.format(
+ "Authorization check failed for permission[%s,%s]", target, action));
+ }
+ }
+ }
/**
* Performs a permission check for the specified name and action
@@ -505,9 +528,31 @@
*/
public boolean hasPermission(String name, String action, Object...arg)
{
- return !securityEnabled;
+ if (!securityEnabled)
+ {
+ return true;
+ }
+
+ if (arg != null)
+ {
+ return permissionMapper.resolvePermission(arg[0], action);
+ }
+ else
+ {
+ return permissionMapper.resolvePermission(name, action);
+ }
}
+ public boolean hasPermission(Object target, String action)
+ {
+ if (!securityEnabled)
+ {
+ return true;
+ }
+
+ return permissionMapper.resolvePermission(target, action);
+ }
+
/**
* Creates a callback handler that can handle a standard username/password
* callback, using the username and password properties.
@@ -676,7 +721,7 @@
{
if (Strings.isEmpty(restrict.value()))
{
- checkPermission(name, action.toString(), entity);
+ checkPermission(entity, action.toString());
}
else
{
Modified: trunk/src/main/org/jboss/seam/security/PermissionCheck.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/PermissionCheck.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/PermissionCheck.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -9,39 +9,54 @@
*/
public class PermissionCheck
{
- private String name;
- private String action;
- private boolean granted;
+ private Object target;
- public PermissionCheck(String name, String action)
- {
- this.name = name;
- this.action = action;
- this.granted = false;
- }
+ @Deprecated
+ private String name;
- public String getName()
- {
- return name;
- }
+ private String action;
+ private boolean granted;
+
+ public PermissionCheck(Object target, String action)
+ {
+ if (target instanceof String)
+ {
+ this.name = (String) target;
+ }
+
+ this.target = target;
+ this.action = action;
+ granted = false;
+ }
+
+ public Object getTarget()
+ {
+ return target;
+ }
- public String getAction()
- {
- return action;
- }
+ @Deprecated
+ public String getName()
+ {
+ return name;
+ }
- public void grant()
- {
- this.granted = true;
- }
-
- public void revoke()
- {
- this.granted = false;
- }
+ public String getAction()
+ {
+ return action;
+ }
- public boolean isGranted()
- {
- return granted;
- }
+ public void grant()
+ {
+ this.granted = true;
+ }
+
+ public void revoke()
+ {
+ this.granted = false;
+ }
+
+ public boolean isGranted()
+ {
+ return granted;
+ }
}
Added: trunk/src/main/org/jboss/seam/security/PermissionMapper.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/PermissionMapper.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/PermissionMapper.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -0,0 +1,118 @@
+package org.jboss.seam.security;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+import static org.jboss.seam.annotations.Install.BUILT_IN;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.jboss.seam.Component;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Startup;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.contexts.Contexts;
+import org.jboss.seam.core.Init;
+
+/**
+ * Maps permission checks to resolver chains
+ *
+ * @author Shane Bryzak
+ */
+@Scope(APPLICATION)
+@Name("org.jboss.seam.security.permissionMapper")
+@Install(precedence = BUILT_IN)
+@BypassInterceptors
+@Startup
+public class PermissionMapper
+{
+ private Map<Class,Map<String,String>> resolverChains = new HashMap<Class,Map<String,String>>();
+
+ private String defaultResolverChain;
+
+ private static final String DEFAULT_RESOLVER_CHAIN = "org.jboss.seam.security.defaultResolverChain";
+
+ private ResolverChain getResolverChain(Object target, String action)
+ {
+ Class targetClass = null;
+
+ if (target instanceof Class)
+ {
+ targetClass = (Class) target;
+ }
+ else
+ {
+ // TODO target may be a component name, or an object, or a view name (or arbitrary name) -
+ // we need to deal with all of these possibilities
+ }
+
+ if (targetClass != null)
+ {
+ Map<String,String> chains = resolverChains.get(target);
+ if (chains != null && chains.containsKey(action))
+ {
+ return (ResolverChain) Component.getInstance(chains.get(action), true);
+ }
+ }
+
+ if (defaultResolverChain != null && !"".equals(defaultResolverChain))
+ {
+ return (ResolverChain) Component.getInstance(defaultResolverChain, true);
+ }
+
+ return createDefaultResolverChain();
+ }
+
+ public boolean resolvePermission(Object target, String action)
+ {
+ ResolverChain chain = getResolverChain(target, action);
+ for (PermissionResolver resolver : chain.getResolvers())
+ {
+ if (resolver.hasPermission(target, action))
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ private ResolverChain createDefaultResolverChain()
+ {
+ ResolverChain chain = (ResolverChain) Contexts.getSessionContext().get(DEFAULT_RESOLVER_CHAIN);
+
+ if (chain == null)
+ {
+ chain = new ResolverChain();
+
+ for (String resolverName : Init.instance().getPermissionResolvers())
+ {
+ chain.getResolvers().add((PermissionResolver) Component.getInstance(resolverName, true));
+ }
+
+ Contexts.getSessionContext().set(DEFAULT_RESOLVER_CHAIN, chain);
+ }
+
+ return chain;
+ }
+
+ public static PermissionMapper instance()
+ {
+ if ( !Contexts.isApplicationContextActive() )
+ {
+ throw new IllegalStateException("No active application context");
+ }
+
+ PermissionMapper instance = (PermissionMapper) Component.getInstance(
+ PermissionMapper.class, ScopeType.APPLICATION);
+
+ if (instance == null)
+ {
+ throw new IllegalStateException("No PermissionMapper could be created");
+ }
+
+ return instance;
+ }
+}
Added: trunk/src/main/org/jboss/seam/security/ResolverChain.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/ResolverChain.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/ResolverChain.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -0,0 +1,26 @@
+package org.jboss.seam.security;
+
+import static org.jboss.seam.ScopeType.SESSION;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+
+@Scope(SESSION)
+@BypassInterceptors
+public class ResolverChain
+{
+ private List<PermissionResolver> resolvers = new ArrayList<PermissionResolver>();
+
+ public List<PermissionResolver> getResolvers()
+ {
+ return resolvers;
+ }
+
+ public void setResolvers(List<PermissionResolver> resolvers)
+ {
+ this.resolvers = resolvers;
+ }
+}
Deleted: trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -1,226 +0,0 @@
-package org.jboss.seam.security;
-
-import static org.jboss.seam.ScopeType.SESSION;
-import static org.jboss.seam.annotations.Install.FRAMEWORK;
-
-import java.security.Principal;
-import java.security.acl.Group;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Enumeration;
-import java.util.Iterator;
-import java.util.List;
-
-import org.drools.FactHandle;
-import org.drools.RuleBase;
-import org.drools.StatefulSession;
-import org.drools.base.ClassObjectFilter;
-import org.jboss.seam.Component;
-import org.jboss.seam.annotations.Install;
-import org.jboss.seam.annotations.Name;
-import org.jboss.seam.annotations.Scope;
-import org.jboss.seam.annotations.Startup;
-import org.jboss.seam.annotations.intercept.BypassInterceptors;
-import org.jboss.seam.log.LogProvider;
-import org.jboss.seam.log.Logging;
-
-/**
- * Identity implementation that supports permission
- * checking via a Drools rulebase.
- *
- * @author Shane Bryzak
- *
- */
-@Name("org.jboss.seam.security.identity")
-@Scope(SESSION)
-@BypassInterceptors
-@Install(precedence=FRAMEWORK, classDependencies="org.drools.WorkingMemory")
-@Startup
-public class RuleBasedIdentity extends Identity
-{
- private static final long serialVersionUID = -2798083003251077858L;
-
- public static final String RULES_COMPONENT_NAME = "securityRules";
-
- private static final LogProvider log = Logging.getLogProvider(RuleBasedIdentity.class);
-
- private StatefulSession securityContext;
-
- private RuleBase securityRules;
-
- @Override
- public void create()
- {
- super.create();
- initSecurityContext();
- }
-
- protected void initSecurityContext()
- {
- if (getSecurityRules() == null)
- {
- setSecurityRules((RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true));
- }
-
- if (getSecurityRules() != null)
- {
- setSecurityContext(getSecurityRules().newStatefulSession(false));
- }
-
- if (getSecurityContext() == null)
- {
- log.warn("no security rule base available - please install a RuleBase with the name '" +
- RULES_COMPONENT_NAME + "' if permission checks are required.");
- }
- }
-
- @Override
- protected void postAuthenticate()
- {
- super.postAuthenticate();
-
- if (getSecurityContext() != null)
- {
- getSecurityContext().insert(getPrincipal());
- }
- }
-
- /**
- * Performs a permission check for the specified name and action
- *
- * @param name String The permission name
- * @param action String The permission action
- * @param arg Object Optional object parameter used to make a permission decision
- * @return boolean True if the user has the specified permission
- */
- @Override
- public boolean hasPermission(String name, String action, Object...arg)
- {
- if (!securityEnabled) return true;
-
- StatefulSession securityContext = getSecurityContext();
-
- if (securityContext == null) return false;
-
- List<FactHandle> handles = new ArrayList<FactHandle>();
-
- PermissionCheck check = new PermissionCheck(name, action);
-
- synchronized( securityContext )
- {
- synchronizeContext();
-
- handles.add( securityContext.insert(check) );
-
- for (int i = 0; i < arg.length; i++)
- {
- if (i == 0 && arg[0] instanceof Collection)
- {
- for (Object value : (Collection) arg[i])
- {
- if ( securityContext.getFactHandle(value) == null )
- {
- handles.add( securityContext.insert(value) );
- }
- }
- }
- else
- {
- handles.add( securityContext.insert(arg[i]) );
- }
- }
-
- securityContext.fireAllRules();
-
- for (FactHandle handle : handles)
- securityContext.retract(handle);
- }
-
- return check.isGranted();
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public void unAuthenticate()
- {
- super.unAuthenticate();
- if (getSecurityContext() != null)
- {
- getSecurityContext().dispose();
- setSecurityContext(null);
- }
- initSecurityContext();
- }
-
- /**
- * Synchronizes the state of the security context with that of the subject
- */
- private void synchronizeContext()
- {
- if (getSecurityContext() != null)
- {
- for ( Group sg : getSubject().getPrincipals(Group.class) )
- {
- if ( ROLES_GROUP.equals( sg.getName() ) )
- {
- Enumeration e = sg.members();
- while (e.hasMoreElements())
- {
- Principal role = (Principal) e.nextElement();
-
- boolean found = false;
- Iterator<Role> iter = getSecurityContext().iterateObjects(new ClassObjectFilter(Role.class));
- while (iter.hasNext())
- {
- Role r = iter.next();
- if (r.getName().equals(role.getName()))
- {
- found = true;
- break;
- }
- }
-
- if (!found)
- {
- getSecurityContext().insert(new Role(role.getName()));
- }
-
- }
- }
- }
-
- Iterator<Role> iter = getSecurityContext().iterateObjects(new ClassObjectFilter(Role.class));
- while (iter.hasNext())
- {
- Role r = iter.next();
- if (!super.hasRole(r.getName()))
- {
- FactHandle fh = getSecurityContext().getFactHandle(r);
- getSecurityContext().retract(fh);
- }
- }
- }
- }
-
-
- public StatefulSession getSecurityContext()
- {
- return securityContext;
- }
-
- public void setSecurityContext(StatefulSession securityContext)
- {
- this.securityContext = securityContext;
- }
-
-
- public RuleBase getSecurityRules()
- {
- return securityRules;
- }
-
- public void setSecurityRules(RuleBase securityRules)
- {
- this.securityRules = securityRules;
- }
-}
Added: trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -0,0 +1,248 @@
+package org.jboss.seam.security;
+
+import static org.jboss.seam.ScopeType.SESSION;
+import static org.jboss.seam.annotations.Install.FRAMEWORK;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.List;
+
+import org.drools.FactHandle;
+import org.drools.RuleBase;
+import org.drools.StatefulSession;
+import org.drools.base.ClassObjectFilter;
+import org.jboss.seam.Component;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.Seam;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Observer;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Startup;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.contexts.Contexts;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
+import org.jboss.seam.security.management.JpaIdentityStore;
+import org.jboss.seam.security.management.SecurityContext;
+import org.jboss.seam.security.management.UserAccount;
+
+@Name("org.jboss.seam.security.ruleBasedPermissionResolver")
+@Scope(SESSION)
+@BypassInterceptors
+@Install(precedence=FRAMEWORK, classDependencies="org.drools.WorkingMemory")
+@Startup
+public class RuleBasedPermissionResolver implements PermissionResolver
+{
+ public static final String RULES_COMPONENT_NAME = "securityRules";
+
+ private static final LogProvider log = Logging.getLogProvider(RuleBasedPermissionResolver.class);
+
+ private StatefulSession securityContext;
+
+ private RuleBase securityRules;
+
+ @Create
+ public boolean create()
+ {
+ initSecurityContext();
+ return getSecurityContext() != null;
+ }
+
+ protected void initSecurityContext()
+ {
+ if (getSecurityRules() == null)
+ {
+ setSecurityRules((RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true));
+ }
+
+ if (getSecurityRules() != null)
+ {
+ setSecurityContext(getSecurityRules().newStatefulSession(false));
+ }
+
+ if (getSecurityContext() == null)
+ {
+ log.warn("no security rule base available - please install a RuleBase with the name '" +
+ RULES_COMPONENT_NAME + "' if permission checks are required.");
+ }
+ }
+
+ @Observer(Identity.EVENT_POST_AUTHENTICATE)
+ public void postAuthenticate()
+ {
+ if (getSecurityContext() != null)
+ {
+ getSecurityContext().insert(Identity.instance().getPrincipal());
+ }
+ }
+
+ /**
+ * Performs a permission check for the specified name and action
+ *
+ * @param target Object The target of the permission check
+ * @param action String The action to be performed on the target
+ * @return boolean True if the user has the specified permission
+ */
+ public boolean hasPermission(Object target, String action)
+ {
+ StatefulSession securityContext = getSecurityContext();
+
+ if (securityContext == null) return false;
+
+ List<FactHandle> handles = new ArrayList<FactHandle>();
+
+ if (!(target instanceof String) && !(target instanceof Class))
+ {
+ handles.add( securityContext.insert(target) );
+ }
+
+ if (target instanceof Class)
+ {
+ String componentName = Seam.getComponentName((Class) target);
+ target = componentName != null ? componentName : ((Class) target).getName();
+ }
+
+ PermissionCheck check = new PermissionCheck(target, action);
+
+ synchronized( securityContext )
+ {
+ synchronizeContext();
+
+ handles.add( securityContext.insert(check) );
+
+ securityContext.fireAllRules();
+
+ for (FactHandle handle : handles)
+ securityContext.retract(handle);
+ }
+
+ return check.isGranted();
+ }
+
+ @SuppressWarnings("unchecked")
+ @Observer(Identity.EVENT_LOGGED_OUT)
+ public void unAuthenticate()
+ {
+ if (getSecurityContext() != null)
+ {
+ getSecurityContext().dispose();
+ setSecurityContext(null);
+ }
+ initSecurityContext();
+ }
+
+ /**
+ * Synchronises the state of the security context with that of the subject
+ */
+ private void synchronizeContext()
+ {
+ Identity identity = Identity.instance();
+
+ getSecurityContext().insert(identity.getPrincipal());
+
+ if (getSecurityContext() != null)
+ {
+ for ( Group sg : identity.getSubject().getPrincipals(Group.class) )
+ {
+ if ( Identity.ROLES_GROUP.equals( sg.getName() ) )
+ {
+ Enumeration e = sg.members();
+ while (e.hasMoreElements())
+ {
+ Principal role = (Principal) e.nextElement();
+
+ boolean found = false;
+ Iterator<Role> iter = getSecurityContext().iterateObjects(new ClassObjectFilter(Role.class));
+ while (iter.hasNext())
+ {
+ Role r = iter.next();
+ if (r.getName().equals(role.getName()))
+ {
+ found = true;
+ break;
+ }
+ }
+
+ if (!found)
+ {
+ getSecurityContext().insert(new Role(role.getName()));
+ }
+
+ }
+ }
+ }
+
+ Iterator<Role> iter = getSecurityContext().iterateObjects(new ClassObjectFilter(Role.class));
+ while (iter.hasNext())
+ {
+ Role r = iter.next();
+ if (!identity.hasRole(r.getName()))
+ {
+ FactHandle fh = getSecurityContext().getFactHandle(r);
+ getSecurityContext().retract(fh);
+ }
+ }
+ }
+ }
+
+
+ public StatefulSession getSecurityContext()
+ {
+ return securityContext;
+ }
+
+ public void setSecurityContext(StatefulSession securityContext)
+ {
+ this.securityContext = securityContext;
+ }
+
+
+ public RuleBase getSecurityRules()
+ {
+ return securityRules;
+ }
+
+ public void setSecurityRules(RuleBase securityRules)
+ {
+ this.securityRules = securityRules;
+ }
+
+ public static RuleBasedPermissionResolver instance()
+ {
+ if ( !Contexts.isSessionContextActive() )
+ {
+ throw new IllegalStateException("No active session context");
+ }
+
+ RuleBasedPermissionResolver instance = (RuleBasedPermissionResolver) Component.getInstance(
+ RuleBasedPermissionResolver.class, ScopeType.SESSION);
+
+ if (instance == null)
+ {
+ throw new IllegalStateException("No RuleBasedPermissionResolver could be created");
+ }
+
+ return instance;
+ }
+
+ /**
+ * If we were authenticated with the JpaIdentityStore, then insert the authenticated
+ * UserAccount into the security context.
+ */
+ @Observer(Identity.EVENT_POST_AUTHENTICATE)
+ public void setUserAccountInSecurityContext()
+ {
+ if (Contexts.isEventContextActive() && Contexts.isSessionContextActive() &&
+ Contexts.getEventContext().isSet(JpaIdentityStore.AUTHENTICATED_USER))
+ {
+ SecurityContext context = new SecurityContext();
+ context.setUserAccount((UserAccount) Contexts.getEventContext().get(JpaIdentityStore.AUTHENTICATED_USER));
+ getSecurityContext().insert(context);
+ }
+ }
+}
Modified: trunk/src/main/org/jboss/seam/security/SecurityFunctions.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/SecurityFunctions.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/SecurityFunctions.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -23,4 +23,9 @@
return Identity.instance().hasPermission(name, action);
}
}
+
+ public static boolean hasPermission(Object target, String action)
+ {
+ return Identity.instance().hasPermission(target, action);
+ }
}
Modified: trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/SecurityInterceptor.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -60,7 +60,7 @@
}
else if (target != null && action != null)
{
- // TODO implement the security check
+ Identity.instance().checkPermission(target, action);
}
}
}
@@ -162,7 +162,7 @@
*/
private String createDefaultExpr(Method method)
{
- return String.format( "#{s:hasPermission('%s','%s', null)}",
+ return String.format( "#{s:hasPermission('%s','%s')}",
getComponent().getName(), method.getName() );
}
}
Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-02-19 13:07:47 UTC (rev 7439)
+++ trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -15,9 +15,12 @@
import org.jboss.seam.Component;
import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Observer;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.core.Events;
+import org.jboss.seam.security.Identity;
import org.jboss.seam.security.management.UserAccount.AccountType;
import org.jboss.seam.util.Hex;
@@ -30,6 +33,8 @@
@BypassInterceptors
public class JpaIdentityStore implements IdentityStore
{
+ public static final String AUTHENTICATED_USER = "org.jboss.seam.security.management.authenticatedUser";
+
public static final String EVENT_ACCOUNT_CREATED = "org.jboss.seam.security.management.accountCreated";
public static final String EVENT_ACCOUNT_AUTHENTICATED = "org.jboss.seam.security.management.accountAuthenticated";
@@ -355,15 +360,30 @@
}
boolean success = hashPassword(password, username).equals(account.getPasswordHash());
-
+
if (success && Events.exists())
{
+ if (Contexts.isEventContextActive())
+ {
+ Contexts.getEventContext().set(AUTHENTICATED_USER, account);
+ }
+
Events.instance().raiseEvent(EVENT_ACCOUNT_AUTHENTICATED, account);
}
return success;
}
+ @Observer(Identity.EVENT_POST_AUTHENTICATE)
+ public void setUserAccountForSession()
+ {
+ if (Contexts.isEventContextActive() && Contexts.isSessionContextActive())
+ {
+ Contexts.getSessionContext().set(AUTHENTICATED_USER,
+ Contexts.getEventContext().get(AUTHENTICATED_USER));
+ }
+ }
+
protected UserAccount validateAccount(String name)
{
try
Added: trunk/src/main/org/jboss/seam/security/management/SecurityContext.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/SecurityContext.java (rev 0)
+++ trunk/src/main/org/jboss/seam/security/management/SecurityContext.java 2008-02-19 13:31:28 UTC (rev 7440)
@@ -0,0 +1,21 @@
+package org.jboss.seam.security.management;
+
+/**
+ * A wrapper that is inserted into the working memory for rule-based permissions.
+ *
+ * @author Shane Bryzak
+ */
+public class SecurityContext
+{
+ private UserAccount userAccount;
+
+ public UserAccount getUserAccount()
+ {
+ return userAccount;
+ }
+
+ public void setUserAccount(UserAccount userAccount)
+ {
+ this.userAccount = userAccount;
+ }
+}
16 years, 2 months
Seam SVN: r7439 - trunk/ui/src/main/java/org/jboss/seam/ui/facelet.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-02-19 08:07:47 -0500 (Tue, 19 Feb 2008)
New Revision: 7439
Modified:
trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java
Log:
cleanup
Modified: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java 2008-02-19 13:07:02 UTC (rev 7438)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java 2008-02-19 13:07:47 UTC (rev 7439)
@@ -19,16 +19,9 @@
import org.jboss.seam.util.Reflections;
import com.sun.facelets.FaceletViewHandler;
-import com.sun.facelets.TemplateClient;
import com.sun.facelets.compiler.TagLibraryConfig;
-import com.sun.facelets.el.LegacyELContext;
import com.sun.facelets.impl.DefaultFaceletFactory;
import com.sun.facelets.tag.jsf.ComponentHandler;
-import com.sun.facelets.tag.jsf.core.ViewHandler;
-import com.sun.facelets.tag.ui.CompositionHandler;
-import com.sun.facelets.tag.ui.DecorateHandler;
-import com.sun.facelets.util.Classpath;
-import com.sun.facelets.util.DevTools;
import com.sun.facelets.util.Resource;
@Name("org.jboss.seam.ui.facelet.faceletsJBossLogging")
16 years, 2 months
Seam SVN: r7438 - trunk/ui/src/main/java/org/jboss/seam/ui/facelet.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-02-19 08:07:02 -0500 (Tue, 19 Feb 2008)
New Revision: 7438
Added:
trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java
trunk/ui/src/main/java/org/jboss/seam/ui/facelet/Log4JConversionFilter.java
Log:
Facelets jdk logging -> log4j bridge for jboss
Added: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java (rev 0)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java 2008-02-19 13:07:02 UTC (rev 7438)
@@ -0,0 +1,129 @@
+package org.jboss.seam.ui.facelet;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+import static org.jboss.seam.annotations.Install.BUILT_IN;
+
+import java.lang.reflect.Field;
+import java.util.logging.Filter;
+import java.util.logging.Logger;
+
+import org.apache.log4j.Level;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Startup;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.log.LogProvider;
+import org.jboss.seam.log.Logging;
+import org.jboss.seam.util.Reflections;
+
+import com.sun.facelets.FaceletViewHandler;
+import com.sun.facelets.TemplateClient;
+import com.sun.facelets.compiler.TagLibraryConfig;
+import com.sun.facelets.el.LegacyELContext;
+import com.sun.facelets.impl.DefaultFaceletFactory;
+import com.sun.facelets.tag.jsf.ComponentHandler;
+import com.sun.facelets.tag.jsf.core.ViewHandler;
+import com.sun.facelets.tag.ui.CompositionHandler;
+import com.sun.facelets.tag.ui.DecorateHandler;
+import com.sun.facelets.util.Classpath;
+import com.sun.facelets.util.DevTools;
+import com.sun.facelets.util.Resource;
+
+@Name("org.jboss.seam.ui.facelet.faceletsJBossLogging")
+@Scope(APPLICATION)
+@Install(classDependencies={"com.sun.facelets.Facelet", "org.jboss.logging.Logger", "org.apache.log4j.Logger"}, precedence=BUILT_IN)
+@Startup
+@BypassInterceptors
+public class FaceletsJBossLogging
+{
+
+ private LogProvider log = Logging.getLogProvider(FaceletsJBossLogging.class);
+
+ public static void setLevel(java.util.logging.Logger julLogger)
+ {
+ org.apache.log4j.Logger log4jLogger =
+ org.apache.log4j.Logger.getLogger(julLogger.getName());
+
+ julLogger.setLevel(java.util.logging.Level.OFF);
+
+ if (log4jLogger.isEnabledFor(Level.FATAL))
+ julLogger.setLevel(java.util.logging.Level.SEVERE);
+
+ if (log4jLogger.isEnabledFor(Level.ERROR))
+ julLogger.setLevel(java.util.logging.Level.SEVERE);
+
+ if (log4jLogger.isEnabledFor(Level.WARN))
+ julLogger.setLevel(java.util.logging.Level.WARNING);
+
+ if (log4jLogger.isEnabledFor(Level.INFO))
+ julLogger.setLevel(java.util.logging.Level.INFO);
+
+ if (log4jLogger.isEnabledFor(Level.DEBUG))
+ julLogger.setLevel(java.util.logging.Level.FINE);
+
+ if (log4jLogger.isEnabledFor(Level.DEBUG))
+ julLogger.setLevel(java.util.logging.Level.FINEST);
+
+ if (log4jLogger.isEnabledFor(Level.ALL))
+ julLogger.setLevel(java.util.logging.Level.ALL);
+ }
+
+ @SuppressWarnings("deprecation")
+ @Create
+ public void create()
+ {
+ try
+ {
+ Filter conversionFilter = new org.jboss.seam.ui.facelet.Log4JConversionFilter();
+
+ java.util.logging.Logger julLogger;
+
+ // Gah have to do this by reflection as the loggers are protected
+
+ // And some aren't static, so this really is best effort
+
+ julLogger = getPrivateStaticLogger(TagLibraryConfig.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(com.sun.facelets.compiler.Compiler.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(DefaultFaceletFactory.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(TagLibraryConfig.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(ComponentHandler.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(Resource.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ julLogger = getPrivateStaticLogger(FaceletViewHandler.class, "log");
+ setLevel(julLogger);
+ julLogger.setFilter(conversionFilter);
+
+ }
+ catch (Exception e)
+ {
+ log.warn("Unable to wrap Facelets JDK logging in Log4j logging", e);
+ }
+ }
+
+ private Logger getPrivateStaticLogger(Class clazz, String fieldName)
+ {
+ Field field = Reflections.getField(clazz, fieldName);
+ field.setAccessible(true);
+ return (Logger) Reflections.getAndWrap(field, new Object());
+ }
+
+}
Property changes on: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsJBossLogging.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Added: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/Log4JConversionFilter.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/facelet/Log4JConversionFilter.java (rev 0)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/facelet/Log4JConversionFilter.java 2008-02-19 13:07:02 UTC (rev 7438)
@@ -0,0 +1,167 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.seam.ui.facelet;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.logging.Filter;
+import java.util.logging.Formatter;
+import java.util.logging.Level;
+import java.util.logging.LogRecord;
+import java.util.logging.SimpleFormatter;
+import org.jboss.logging.Logger;
+
+/**
+ * This filter is used to convert java.util.logging messages to Log4J messages.
+ *
+ * @author Stan Silvert
+ * @author Pete Muir
+ */
+public class Log4JConversionFilter implements Filter
+{
+
+ // cache Logger instances. Logger.getLogger() is known to be slow.
+ // See http://www.qos.ch/logging/thinkAgain.jsp
+ private Map<String, Logger> loggerCache = new HashMap<String, Logger>();
+
+ private Formatter formatter = new SimpleFormatter();
+
+ /**
+ * If the message should be logged, convert the JDK 1.4
+ * LogRecord to a Log4J message.
+ *
+ * @return <code>false</code> because JDK 1.4 logging should not happen
+ * for JSF if this filter is active.
+ */
+ public boolean isLoggable(LogRecord record)
+ {
+ Logger logger = getLogger(record);
+
+ if (record.getThrown() != null)
+ {
+ logWithThrowable(logger, record);
+ }
+ else
+ {
+ logWithoutThrowable(logger, record);
+ }
+
+ return false;
+ }
+
+ private void logWithThrowable(Logger logger, LogRecord record)
+ {
+ int loggedLevel = record.getLevel().intValue();
+ Object message = formatter.formatMessage(record);
+ Throwable throwable = record.getThrown();
+
+ if (loggedLevel == Level.SEVERE.intValue())
+ {
+ logger.error(message, throwable);
+ return;
+ }
+
+ if (loggedLevel == Level.WARNING.intValue())
+ {
+ logger.warn(message, throwable);
+ return;
+ }
+
+ if ((loggedLevel == Level.INFO.intValue()) ||
+ (loggedLevel == Level.CONFIG.intValue()))
+ {
+ logger.info(message, throwable);
+ return;
+ }
+
+ if (loggedLevel == Level.FINE.intValue())
+ {
+ logger.debug(message, throwable);
+ return;
+ }
+
+ if ((loggedLevel == Level.FINER.intValue()) ||
+ (loggedLevel == Level.FINEST.intValue()))
+ {
+ logger.trace(message, throwable);
+ return;
+ }
+
+ logger.info(message, throwable);
+ }
+
+ private void logWithoutThrowable(Logger logger, LogRecord record)
+ {
+ int loggedLevel = record.getLevel().intValue();
+ Object message = formatter.formatMessage(record);
+
+ if (loggedLevel == Level.SEVERE.intValue())
+ {
+ logger.error(message);
+ return;
+ }
+
+ if (loggedLevel == Level.WARNING.intValue())
+ {
+ logger.warn(message);
+ return;
+ }
+
+ if ((loggedLevel == Level.INFO.intValue()) ||
+ (loggedLevel == Level.CONFIG.intValue()))
+ {
+ logger.info(message);
+ return;
+ }
+
+ if (loggedLevel == Level.FINE.intValue())
+ {
+ logger.debug(message);
+ return;
+ }
+
+ if ((loggedLevel == Level.FINER.intValue()) ||
+ (loggedLevel == Level.FINEST.intValue()))
+ {
+ logger.trace(message);
+ return;
+ }
+
+ logger.info(message);
+ }
+
+ // get the Log4J logger corresponding to the java.util.logger.LogRecord
+ private Logger getLogger(LogRecord record)
+ {
+ String loggerName = record.getLoggerName();
+ Logger logger = loggerCache.get(loggerName);
+ if (logger == null)
+ {
+ logger = Logger.getLogger(loggerName);
+ loggerCache.put(loggerName, logger);
+ }
+
+ return logger;
+ }
+
+}
Property changes on: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/Log4JConversionFilter.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
16 years, 2 months
Seam SVN: r7436 - trunk/src/main/org/jboss/seam/exception.
by seam-commits@lists.jboss.org
Author: christian.bauer(a)jboss.com
Date: 2008-02-19 04:17:50 -0500 (Tue, 19 Feb 2008)
New Revision: 7436
Modified:
trunk/src/main/org/jboss/seam/exception/Exceptions.java
Log:
Minor, different log messages for handled exceptions
Modified: trunk/src/main/org/jboss/seam/exception/Exceptions.java
===================================================================
--- trunk/src/main/org/jboss/seam/exception/Exceptions.java 2008-02-18 21:22:28 UTC (rev 7435)
+++ trunk/src/main/org/jboss/seam/exception/Exceptions.java 2008-02-19 09:17:50 UTC (rev 7436)
@@ -80,22 +80,22 @@
switch (eh.getLogLevel())
{
case fatal:
- log.fatal("uncaught exception", e);
+ log.fatal("handled and logged exception", e);
break;
case error:
- log.error("uncaught exception", e);
+ log.error("handled and logged exception", e);
break;
case warn:
- log.warn("uncaught exception", e);
+ log.warn("handled and logged exception", e);
break;
case info:
- log.info("uncaught exception", e);
+ log.info("handled and logged exception", e);
break;
case debug:
- log.debug("uncaught exception", e);
+ log.debug("handled and logged exception", e);
break;
case trace:
- log.trace("uncaught exception", e);
+ log.trace("handled and logged exception", e);
}
}
16 years, 2 months
Seam SVN: r7435 - trunk/examples/wicket/src/web/org/jboss/seam/example/wicket.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-02-18 16:22:28 -0500 (Mon, 18 Feb 2008)
New Revision: 7435
Modified:
trunk/examples/wicket/src/web/org/jboss/seam/example/wicket/Main.html
Log:
minor
Modified: trunk/examples/wicket/src/web/org/jboss/seam/example/wicket/Main.html
===================================================================
--- trunk/examples/wicket/src/web/org/jboss/seam/example/wicket/Main.html 2008-02-18 18:26:15 UTC (rev 7434)
+++ trunk/examples/wicket/src/web/org/jboss/seam/example/wicket/Main.html 2008-02-18 21:22:28 UTC (rev 7435)
@@ -107,7 +107,7 @@
Check out date
</th>
<th>
- Confirmation number
+ Conf number
</th>
<th>
Action
16 years, 2 months
Seam SVN: r7434 - trunk/ui/src/main/java/org/jboss/seam/ui/facelet.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-02-18 13:26:15 -0500 (Mon, 18 Feb 2008)
New Revision: 7434
Added:
trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletCompiler.java
Modified:
trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsRenderer.java
Log:
JBSEAM-2625
Added: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletCompiler.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletCompiler.java (rev 0)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletCompiler.java 2008-02-18 18:26:15 UTC (rev 7434)
@@ -0,0 +1,50 @@
+package org.jboss.seam.ui.facelet;
+
+import static org.jboss.seam.ScopeType.APPLICATION;
+
+import org.jboss.seam.Component;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.AutoCreate;
+import org.jboss.seam.annotations.Create;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Unwrap;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.contexts.Contexts;
+
+import com.sun.facelets.compiler.Compiler;
+import com.sun.facelets.compiler.SAXCompiler;
+
+@Name("org.jboss.seam.ui.facelet.faceletCompiler")
+@Scope(APPLICATION)
+@BypassInterceptors
+@AutoCreate
+@Install(value = true, precedence = Install.BUILT_IN, classDependencies="com.sun.facelets.Facelet")
+public class FaceletCompiler
+{
+
+ private Compiler compiler;
+
+ @Create
+ public void create()
+ {
+ compiler = new SAXCompiler();
+ }
+
+ @Unwrap
+ public Compiler unwrap()
+ {
+ return compiler;
+ }
+
+ public static Compiler instance()
+ {
+ if ( !Contexts.isApplicationContextActive() )
+ {
+ throw new IllegalStateException("No active application scope");
+ }
+ return (Compiler) Component.getInstance(FaceletCompiler.class, ScopeType.APPLICATION);
+ }
+
+}
Property changes on: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletCompiler.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsRenderer.java
===================================================================
--- trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsRenderer.java 2008-02-18 15:23:50 UTC (rev 7433)
+++ trunk/ui/src/main/java/org/jboss/seam/ui/facelet/FaceletsRenderer.java 2008-02-18 18:26:15 UTC (rev 7434)
@@ -21,7 +21,6 @@
import org.jboss.seam.ui.util.JSF;
import com.sun.facelets.Facelet;
-import com.sun.facelets.compiler.SAXCompiler;
import com.sun.facelets.impl.DefaultFaceletFactory;
import com.sun.facelets.impl.DefaultResourceResolver;
@@ -192,7 +191,7 @@
*/
protected Facelet faceletForURL(URL url) throws IOException
{
- return new DefaultFaceletFactory(new SAXCompiler(), new DefaultResourceResolver())
+ return new DefaultFaceletFactory(FaceletCompiler.instance(), new DefaultResourceResolver())
.getFacelet(url);
}
16 years, 2 months
Seam SVN: r7433 - in trunk: src/mail/org/jboss/seam/mail/ui and 1 other directory.
by seam-commits@lists.jboss.org
Author: pete.muir(a)jboss.org
Date: 2008-02-18 10:23:50 -0500 (Mon, 18 Feb 2008)
New Revision: 7433
Modified:
trunk/doc/reference/en/modules/mail.xml
trunk/src/mail/org/jboss/seam/mail/ui/UIMessage.java
Log:
Support for explicit message id
Modified: trunk/doc/reference/en/modules/mail.xml
===================================================================
--- trunk/doc/reference/en/modules/mail.xml 2008-02-18 07:21:56 UTC (rev 7432)
+++ trunk/doc/reference/en/modules/mail.xml 2008-02-18 15:23:50 UTC (rev 7433)
@@ -567,6 +567,11 @@
<literal><h:graphicImage></literal> in your emails.
</para>
</listitem>
+ <listitem>
+ <para>
+ <literal>messageId</literal> — Sets the Message-ID explicitly
+ </para>
+ </listitem>
</itemizedlist>
</listitem>
</varlistentry>
Modified: trunk/src/mail/org/jboss/seam/mail/ui/UIMessage.java
===================================================================
--- trunk/src/mail/org/jboss/seam/mail/ui/UIMessage.java 2008-02-18 07:21:56 UTC (rev 7432)
+++ trunk/src/mail/org/jboss/seam/mail/ui/UIMessage.java 2008-02-18 15:23:50 UTC (rev 7433)
@@ -1,5 +1,7 @@
package org.jboss.seam.mail.ui;
+import static org.jboss.seam.util.Strings.isEmpty;
+
import java.io.IOException;
import javax.faces.FacesException;
@@ -45,6 +47,8 @@
private String urlBase;
private String charset;
+
+ private String messageId;
/**
* Get the JavaMail Session to use. If not set the default session is used
@@ -74,7 +78,23 @@
{
if (mimeMessage == null)
{
- mimeMessage = new MimeMessage(getMailSession());
+ if (!isEmpty(getMessageId()))
+ {
+ mimeMessage = new MimeMessage(getMailSession())
+ {
+
+ @Override
+ protected void updateMessageID() throws MessagingException
+ {
+ setHeader("Message-ID", getMessageId());
+ }
+
+ };
+ }
+ else
+ {
+ mimeMessage = new MimeMessage(getMailSession());
+ }
Multipart root = new MimeMultipart();
mimeMessage.setContent(root);
}
@@ -259,5 +279,22 @@
{
this.charset = charset;
}
+
+ public String getMessageId()
+ {
+ if (messageId == null)
+ {
+ return getString("messageId");
+ }
+ else
+ {
+ return messageId;
+ }
+ }
+
+ public void setMessageId(String messageId)
+ {
+ this.messageId = messageId;
+ }
}
16 years, 2 months