[jboss-cvs] JBossBlog SVN: r209 - in trunk: resources/WEB-INF and 7 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Feb 12 10:48:56 EST 2008
Author: adamw
Date: 2008-02-12 10:48:56 -0500 (Tue, 12 Feb 2008)
New Revision: 209
Added:
trunk/src/action/org/jboss/blog/session/security/
trunk/src/action/org/jboss/blog/session/security/Authenticator.java
trunk/src/action/org/jboss/blog/session/security/DummySecurityManager.java
trunk/src/action/org/jboss/blog/session/security/FeedsSecurity.java
trunk/src/action/org/jboss/blog/session/security/GlobalSecurity.java
trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java
trunk/src/action/org/jboss/blog/session/security/SecurityManager.java
trunk/src/action/org/jboss/blog/session/security/TemplatesSecurity.java
trunk/src/model/org/jboss/blog/model/security/
trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java
trunk/view/security/
trunk/view/security/login.xhtml
Modified:
trunk/resources/WEB-INF/components.xml
trunk/resources/WEB-INF/pages.xml
trunk/resources/messages_en.properties
trunk/view/layout/menu.xhtml
Log:
Modified: trunk/resources/WEB-INF/components.xml
===================================================================
--- trunk/resources/WEB-INF/components.xml 2008-02-08 15:39:07 UTC (rev 208)
+++ trunk/resources/WEB-INF/components.xml 2008-02-12 15:48:56 UTC (rev 209)
@@ -63,5 +63,4 @@
<property name="serverAddress">http://localhost:8080</property>
<property name="contextName">blog</property>
</component>
-
</components>
Modified: trunk/resources/WEB-INF/pages.xml
===================================================================
--- trunk/resources/WEB-INF/pages.xml 2008-02-08 15:39:07 UTC (rev 208)
+++ trunk/resources/WEB-INF/pages.xml 2008-02-12 15:48:56 UTC (rev 209)
@@ -2,13 +2,14 @@
<pages xmlns="http://jboss.com/products/seam/pages"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.0.xsd"
-
no-conversation-view-id="/home.xhtml"
- login-view-id="/login.xhtml">
+ login-view-id="/security/login.xhtml">
- <page view-id="*">
- <navigation>
- <rule if-outcome="home">
+ <!-- Security -->
+
+ <page view-id="/security/login.xhtml">
+ <navigation from-action="#{identity.login}">
+ <rule if="#{identity.loggedIn}">
<redirect view-id="/home.xhtml"/>
</rule>
</navigation>
@@ -297,5 +298,4 @@
<message>Unexpected error, please try again</message>
</redirect>
</exception>
-
</pages>
Modified: trunk/resources/messages_en.properties
===================================================================
--- trunk/resources/messages_en.properties 2008-02-08 15:39:07 UTC (rev 208)
+++ trunk/resources/messages_en.properties 2008-02-12 15:48:56 UTC (rev 209)
@@ -110,10 +110,10 @@
blog.feed.aggregated.updated=Aggregated feed {0} changed.
-blog.feed.new.invalidname=Feed name may only contain small latin letters, numbers, _ and /.
+blog.feed.new.invalidname=Feed name may only contain small latin letters, numbers and _.
blog.feed.new.existingname=A feed with that name already exists.
-blog.group.invalidname=Group name may only contain small latin letters, numbers, _ and /.
+blog.group.invalidname=Group name may only contain small latin letters, numbers and _.
blog.group.existingname=A group with that name already exists.
blog.group.deleted=Group '{0}' ({1}) deleted.
blog.group.updated=Group '{0}' ({1}) updated.
Copied: trunk/src/action/org/jboss/blog/session/security/Authenticator.java (from rev 189, trunk/src/action/org/jboss/blog/session/Authenticator.java)
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/Authenticator.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/Authenticator.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,31 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.annotations.Logger;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.log.Log;
+import org.jboss.seam.security.Identity;
+import org.jboss.blog.model.security.SecurityRoles;
+
+ at Name("authenticator")
+public class Authenticator {
+ @Logger Log log;
+
+ @In Identity identity;
+
+ public boolean authenticate() {
+ log.info("authenticating #0", identity.getUsername());
+
+ if ("admin".equals(identity.getUsername())) {
+ identity.addRole(SecurityRoles.ADMIN.toString());
+ }
+ if ("bobs_group".equals(identity.getUsername())) {
+ identity.addRole(SecurityRoles.GROUP_ADMIN + "/bobs_group");
+ }
+ if ("sacha".equals(identity.getUsername())) {
+ identity.addRole(SecurityRoles.FEED_ADMIN + "/bobs_group/sacha");
+ }
+
+ return true;
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/DummySecurityManager.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/DummySecurityManager.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/DummySecurityManager.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,33 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.blog.model.Group;
+import org.jboss.blog.model.feed.Feed;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.ScopeType;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("securityManager")
+ at Scope(ScopeType.STATELESS)
+//@Install(precedence = Install.MOCK)
+ at Install(precedence = 15)
+public class DummySecurityManager extends SecurityManager {
+ public boolean hasAdminRole() {
+ return true;
+ }
+
+ public boolean hasGroupAdminRole(Group group) {
+ return true;
+ }
+
+ public boolean hasAnyGroupAdminRole() {
+ return true;
+ }
+
+ public boolean hasFeedAdminRole(Feed feed) {
+ return true;
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/FeedsSecurity.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/FeedsSecurity.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/FeedsSecurity.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,34 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+import org.jboss.blog.model.feed.Feed;
+import org.jboss.blog.model.Group;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("feedsSecurity")
+ at Scope(ScopeType.STATELESS)
+public class FeedsSecurity {
+ @In
+ private SecurityManager securityManager;
+
+ public boolean canAddFeed() {
+ return securityManager.hasAnyGroupAdminRole();
+ }
+
+ public boolean canAddFeed(Group group) {
+ return securityManager.hasGroupAdminRole(group);
+ }
+
+ public boolean canDeleteFeed(Feed feed) {
+ return securityManager.hasAdminRole();
+ }
+
+ public boolean canEditFeed(Feed feed) {
+ return securityManager.hasFeedAdminRole(feed);
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/GlobalSecurity.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/GlobalSecurity.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/GlobalSecurity.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,20 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("globalSecurity")
+ at Scope(ScopeType.STATELESS)
+public class GlobalSecurity {
+ @In
+ private SecurityManager securityManager;
+
+ public boolean canAdministrate() {
+ return securityManager.hasAdminRole();
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,34 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.security.Identity;
+import org.jboss.blog.model.Group;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("groupsSecurity")
+ at Scope(ScopeType.STATELESS)
+public class GroupsSecurity {
+ @In
+ private SecurityManager securityManager;
+
+ public boolean canAddGroup() {
+ return securityManager.hasAnyGroupAdminRole();
+ }
+
+ public boolean canDeleteGroup(Group group) {
+ return securityManager.hasAdminRole();
+ }
+
+ public boolean canEditGroup(Group group) {
+ return securityManager.hasAdminRole();
+ }
+
+ public boolean canEditGroupSecurity(Group group) {
+ return securityManager.hasGroupAdminRole(group);
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/SecurityManager.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/SecurityManager.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/SecurityManager.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,51 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.security.Identity;
+import org.jboss.blog.model.Group;
+import org.jboss.blog.model.security.SecurityRoles;
+import org.jboss.blog.model.feed.Feed;
+import org.jboss.blog.service.FeedsService;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("securityManager")
+ at Scope(ScopeType.STATELESS)
+public class SecurityManager {
+ @In
+ private Identity identity;
+
+ @In
+ private FeedsService feedsService;
+
+ public boolean hasAdminRole() {
+ return identity.hasRole(SecurityRoles.ADMIN.toString());
+ }
+
+ public boolean hasGroupAdminRole(Group group) {
+ return identity.hasRole(SecurityRoles.GROUP_ADMIN + "/" + group.getName()) || hasAdminRole();
+ }
+
+ public boolean hasAnyGroupAdminRole() {
+ if (hasAdminRole()) {
+ return true;
+ }
+
+ for (Group group : feedsService.getAllGroups()) {
+ if (identity.hasRole(SecurityRoles.GROUP_ADMIN + "/" + group.getName())) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ public boolean hasFeedAdminRole(Feed feed) {
+ return identity.hasRole(SecurityRoles.FEED_ADMIN + "/" + feed.getGroup().getName() + "/" + feed.getName()) ||
+ hasGroupAdminRole(feed.getGroup());
+ }
+}
Added: trunk/src/action/org/jboss/blog/session/security/TemplatesSecurity.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/TemplatesSecurity.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/TemplatesSecurity.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,29 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+import org.jboss.blog.model.Template;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("templatesSecurity")
+ at Scope(ScopeType.STATELESS)
+public class TemplatesSecurity {
+ @In
+ private SecurityManager securityManager;
+
+ public boolean canAddTemplate() {
+ return securityManager.hasAdminRole();
+ }
+
+ public boolean canDeleteTemplate(Template template) {
+ return securityManager.hasAdminRole();
+ }
+
+ public boolean canEditTemplate(Template template) {
+ return securityManager.hasAdminRole();
+ }
+}
Added: trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java
===================================================================
--- trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java (rev 0)
+++ trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,10 @@
+package org.jboss.blog.model.security;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+public enum SecurityRoles {
+ ADMIN,
+ GROUP_ADMIN,
+ FEED_ADMIN
+}
Modified: trunk/view/layout/menu.xhtml
===================================================================
--- trunk/view/layout/menu.xhtml 2008-02-08 15:39:07 UTC (rev 208)
+++ trunk/view/layout/menu.xhtml 2008-02-12 15:48:56 UTC (rev 209)
@@ -15,6 +15,7 @@
<div id='utilitynav'>
<h:form styleClass="nomargin" id="TopSearch">
<ul>
+ <li><s:link view="/security/login.xhtml" value="Login" />  |  </li>
<li><a href="https://www.redhat.com/apps/store/jboss/">Subscribe</a>  |  </li>
<li><a href="http://www.jboss.com/index.html?op=checkage&module=user">Register</a>  |  </li>
<li>
Copied: trunk/view/security/login.xhtml (from rev 189, trunk/view/login.xhtml)
===================================================================
--- trunk/view/security/login.xhtml (rev 0)
+++ trunk/view/security/login.xhtml 2008-02-12 15:48:56 UTC (rev 209)
@@ -0,0 +1,35 @@
+<!DOCTYPE composition PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<ui:composition xmlns="http://www.w3.org/1999/xhtml"
+ xmlns:s="http://jboss.com/products/seam/taglib"
+ xmlns:ui="http://java.sun.com/jsf/facelets"
+ xmlns:f="http://java.sun.com/jsf/core"
+ xmlns:h="http://java.sun.com/jsf/html"
+ xmlns:rich="http://richfaces.org/rich"
+ template="../layout/template.xhtml">
+ <ui:define name="header">
+ Login
+ </ui:define>
+
+ <ui:define name="body">
+ <div class="adminforms">
+ <h:form>
+ <h:panelGrid columns="2">
+ <h:outputLabel for="username">Username</h:outputLabel>
+ <h:inputText id="username" value="#{identity.username}"/>
+
+ <h:outputLabel for="password">Password</h:outputLabel>
+ <h:inputSecret id="password" value="#{identity.password}"/>
+ </h:panelGrid>
+
+ <div class="formbuttons">
+ <ul>
+ <li>
+ <h:commandButton value="Login" action="#{identity.login}" styleClass="submit" />
+ </li>
+ </ul>
+ </div>
+ </h:form>
+ </div>
+ </ui:define>
+</ui:composition>
More information about the jboss-cvs-commits
mailing list