[jboss-svn-commits] JBL Code SVN: r11160 - in labs/jbosslabs/branches/identity_integration/trunk/portal-extensions: jboss-forums and 4 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Fri Apr 20 10:58:20 EDT 2007
Author: sohil.shah at jboss.com
Date: 2007-04-20 10:58:20 -0400 (Fri, 20 Apr 2007)
New Revision: 11160
Added:
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/binaries/forums-authz-plugin.jar
Modified:
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/binaries/maven-repo-addons/jboss-sso/jars/jboss-acl.jar
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/maven.xml
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/src/application/META-INF/jboss-app.xml
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/maven.xml
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-mapping.xml
labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-permissions.xml
Log:
merged the security engine configuration used by the user management module and the forums module. Now there is a single service that provides the security for both these services, and other services that need
security in the future
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/binaries/maven-repo-addons/jboss-sso/jars/jboss-acl.jar
===================================================================
(Binary files differ)
Added: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/binaries/forums-authz-plugin.jar
===================================================================
(Binary files differ)
Property changes on: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/binaries/forums-authz-plugin.jar
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/maven.xml
===================================================================
--- labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/maven.xml 2007-04-20 14:39:18 UTC (rev 11159)
+++ labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/maven.xml 2007-04-20 14:58:20 UTC (rev 11160)
@@ -65,7 +65,9 @@
<ant:filename name="*.war" />
</ant:fileset>
<ant:fileset dir="binaries">
- <ant:filename name="*.sar" />
+ <ant:filename name="*.sar"/>
+ <!-- exclude portal-forums-authz-plugin.sar, instead the forge-security.sar will carry the security service for the forums -->
+ <ant:exclude name="portal-forums-authz-plugin.sar"/>
</ant:fileset>
</ant:copy>
</goal>
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/src/application/META-INF/jboss-app.xml
===================================================================
--- labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/src/application/META-INF/jboss-app.xml 2007-04-20 14:39:18 UTC (rev 11159)
+++ labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jboss-forums/src/application/META-INF/jboss-app.xml 2007-04-20 14:58:20 UTC (rev 11160)
@@ -11,11 +11,15 @@
</module>
<module>
<service>portal-forums.sar</service>
+ </module>
+ <module>
+ <service>jboss-service.xml</service>
</module>
+
+ <!-- exclude portal-forums-authz-plugin.sar, instead the forge-security.sar will carry the security service for the forums -->
+ <!--
<module>
<service>portal-forums-authz-plugin.sar</service>
</module>
- <module>
- <service>jboss-service.xml</service>
- </module>
+ -->
</jboss-app>
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/maven.xml
===================================================================
--- labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/maven.xml 2007-04-20 14:39:18 UTC (rev 11159)
+++ labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/maven.xml 2007-04-20 14:58:20 UTC (rev 11160)
@@ -74,6 +74,10 @@
/>
<ant:copy
todir="${local.deploy.dir}/user-admin.sar"
+ file="../binaries/maven-repo-addons/jboss-sso/jars/commons-jexl-1.0.jar"
+ />
+ <ant:copy
+ todir="${local.deploy.dir}/user-admin.sar"
file="../binaries/maven-repo-addons/ldap/jars/jdbcLdapJldap.jar"
/>
<ant:copy
@@ -99,6 +103,14 @@
<ant:copy
todir="${local.deploy.dir}/user-admin.sar"
file="../binaries/maven-repo-addons/el/jars/el-ri.jar"
+ />
+ <ant:copy
+ todir="${local.deploy.dir}/user-admin.sar"
+ file="../jboss-forums/binaries/portal-forums-ui.jar"
+ />
+ <ant:copy
+ todir="${local.deploy.dir}/user-admin.sar"
+ file="../jboss-forums/binaries/forums-authz-plugin.jar"
/>
<!-- copy the main jboss-service.xml -->
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-mapping.xml
===================================================================
--- labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-mapping.xml 2007-04-20 14:39:18 UTC (rev 11159)
+++ labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-mapping.xml 2007-04-20 14:58:20 UTC (rev 11160)
@@ -89,5 +89,316 @@
<params>org.jboss.website.user.bo.UserBean</params>
</resource>
</function>
+ </module>
+
+ <!-- Forums Admin Tool usecases -->
+ <module id="adminTool" name="AdminTool">
+ <function id="accessAdminTool" name="Access Admin Tool">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://accessAdminTool</id>
+ </resource>
+ </function>
+
+ <function id="viewCategory" name="View Category">
+ <!-- ui protection -->
+ <resource type="fragment" criteriaId="viewCategory://ui">
+ <id>acl://viewCategory</id>
+ </resource>
+ </function>
+
+ <function id="addCategory" name="Add Category">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://addCategory</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>addCategory</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ </function>
+
+ <function id="editCategory" name="Edit Category">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://editCategory</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction" criteriaId="editCategory://action">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>editCategory</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>addCategory</implies>
+ </function>
+
+ <function id="deleteCategory" name="Delete Category">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://deleteCategory</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction" criteriaId="deleteCategory://action">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>deleteCategory</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>addCategory</implies>
+ <implies>editCategory</implies>
+ </function>
+
+ <function id="viewForum" name="View Forum">
+ <!-- ui protection -->
+ <resource type="fragment" criteriaId="viewForum://ui">
+ <id>acl://viewForum</id>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ </function>
+
+ <function id="addForum" name="Add Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://addForum</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>addForum</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>viewForum</implies>
+ </function>
+
+ <function id="editForum" name="Edit Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://editForum</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction" criteriaId="editForum://action">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>editForum</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>viewForum</implies>
+ <implies>addForum</implies>
+ </function>
+
+ <function id="deleteForum" name="Delete Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://deleteForum</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction" criteriaId="deleteForum://action">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>deleteForum</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>viewForum</implies>
+ <implies>addForum</implies>
+ <implies>editForum</implies>
+ </function>
+ <function id="lockForum" name="Ability to Lock forums">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://lockForums</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>lockForum</method>
+ </resource>
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.AdminController</class>
+ <method>unlockForum</method>
+ </resource>
+ <implies>accessAdminTool</implies>
+ <implies>viewCategory</implies>
+ <implies>viewForum</implies>
+ <implies>editForum</implies>
+ </function>
+
+ </module>
+
+ <!-- Message Board usecases -->
+ <module id="messageBoard" name="Message Board">
+ <!-- messageBoard navigation related -->
+ <function id="readCategory" name="Read Category">
+ <!-- ui protection -->
+ <resource type="fragment" criteriaId="readCategory://ui">
+ <id>acl://readCategory</id>
+ </resource>
+ </function>
+ <function id="readForum" name="Read Forum">
+ <!-- ui protection -->
+ <resource type="fragment" criteriaId="readForum://ui">
+ <id>acl://readForum</id>
+ </resource>
+ <implies>readCategory</implies>
+ </function>
+
+ <!-- posting related -->
+ <function id="post" name="Post a Message">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://newTopic</id>
+ </resource>
+ <resource type="fragment">
+ <id>acl://reply</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.NewTopic</class>
+ <method>execute</method>
+ </resource>
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.ReplyTopic</class>
+ <method>execute</method>
+ </resource>
+ </function>
+ <function id="editPost" name="Edit a Post">
+ <!-- ui protection -->
+ <resource type="fragment" criteriaId="editPost://ui">
+ <id>acl://editPost</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction" criteriaId="editPost://action">
+ <class>org.jboss.portlet.forums.ui.action.EditPost</class>
+ <method>execute</method>
+ </resource>
+ <implies>post</implies>
+ </function>
+ <function id="deletePost" name="Delete a Post">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://deletePost</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.DeletePost</class>
+ <method>confirmDelete</method>
+ </resource>
+ <implies>post</implies>
+ <implies>editPost</implies>
+ </function>
+
+ <!-- post attachment related -->
+ <function id="managePostAttachments" name="Manage Post Attachments">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://managePostAttachments</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.PostAction</class>
+ <method>addAttachment</method>
+ </resource>
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.PostAction</class>
+ <method>deleteAttachment</method>
+ </resource>
+ </function>
+
+ <!-- post poll related -->
+ <function id="votePoll" name="Vote for a Poll">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://votePoll</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.PollController</class>
+ <method>vote</method>
+ </resource>
+ </function>
+ <function id="managePoll" name="Manage a Poll">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://managePoll</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.PostAction</class>
+ <method>deleteOption</method>
+ </resource>
+ <implies>votePoll</implies>
+ </function>
+ </module>
+
+ <!-- Moderator Tool usecases -->
+ <module id="moderatorTool" name="Moderator Tool">
+ <function id="moderateForum" name="Ability to Access the Moderator Tool">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://moderateForum</id>
+ </resource>
+ </function>
+ <function id="deleteTopics" name="Ability to Delete Topics in the Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://deleteTopics</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.ModeratorAction</class>
+ <method>deleteTopic</method>
+ </resource>
+ <implies>moderateForum</implies>
+ </function>
+ <function id="moveTopics" name="Ability to Move Topics in the Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://moveTopics</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.ModeratorAction</class>
+ <method>moveTopic</method>
+ </resource>
+ <implies>moderateForum</implies>
+ </function>
+ <function id="lockTopics" name="Ability to Lock Topics in the Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://lockTopics</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.ModeratorAction</class>
+ <method>lockTopic</method>
+ </resource>
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.ModeratorAction</class>
+ <method>unlockTopic</method>
+ </resource>
+ <implies>moderateForum</implies>
+ </function>
+ <!-- splitting a topic -->
+ <function id="splitTopic" name="Ability to Split a Topic in the Forum">
+ <!-- ui protection -->
+ <resource type="fragment">
+ <id>acl://splitTopic</id>
+ </resource>
+ <!-- action protection -->
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.SplitTopic</class>
+ <method>splitPosts</method>
+ </resource>
+ <resource type="jsfAction">
+ <class>org.jboss.portlet.forums.ui.action.SplitTopic</class>
+ <method>splitAfter</method>
+ </resource>
+ <implies>moderateForum</implies>
+ </function>
</module>
</acl>
Modified: labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-permissions.xml
===================================================================
--- labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-permissions.xml 2007-04-20 14:39:18 UTC (rev 11159)
+++ labs/jbosslabs/branches/identity_integration/trunk/portal-extensions/jbwebsite-user-admin/src/standalone/security/acl-permissions.xml 2007-04-20 14:58:20 UTC (rev 11160)
@@ -6,12 +6,39 @@
-->
<!-- Anonymous represents any non-authenticated user -->
<role name="Anonymous" id="anonymous">
- <permission action="createUser"/>
+ <permission action="createUser"/>
+
+ <!-- Forums Admin Tool permissions -->
+
+
+ <!-- Message Board permissions -->
+ <!-- giving anonymous users permission to view only the Unit Testing Category of Forums -->
+ <!--permission action="readCategory">
+ <criteria for="readCategory://ui">param[0].title.toLowerCase().startsWith('unit testing')</criteria>
+ </permission-->
+ <permission action="readForum"/>
+
+
+ <!-- Moderator Tool permissions -->
</role>
<!-- this role represents a regular registered user on the site -->
<role name="User" id="user">
- <permission action="userManagement"/>
+ <permission action="userManagement"/>
+
+ <!-- Forums Admin Tool permissions -->
+
+ <!-- Message Board permissions -->
+ <permission action="readForum"/>
+ <permission action="post"/>
+ <!-- permission to edit only my own posts -->
+ <permission action="editPost">
+ <criteria for="editPost://ui">param[0].poster.user.userName.equals(identity.identity.userName)</criteria>
+ <criteria for="editPost://action">target.post.poster.user.userName.equals(identity.identity.userName)</criteria>
+ </permission>
+
+
+ <!-- Moderator Tool permissions -->
</role>
<!-- Admin represents users that have Administrative privileges on the site -->
More information about the jboss-svn-commits
mailing list