portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From morci...@apache.org
Subject cvs commit: jakarta-jetspeed/xdocs changes.xml
Date Mon, 09 Jun 2003 22:06:58 GMT
morciuch    2003/06/09 15:06:58

  Modified:    src/java/org/apache/jetspeed/services/security/turbine
                        TurbineGroupManagement.java
                        TurbinePermissionManagement.java
                        TurbineRoleManagement.java
                        TurbineUserManagement.java
               webapp/WEB-INF/conf JetspeedSecurity.properties
                        JetspeedSecurity.template
               webapp/WEB-INF/templates/vm/portlets/html group-browser.vm
                        permission-browser.vm role-browser.vm
                        user-browser.vm
               xdocs    changes.xml
  Log:
  It is no longer possible to remove predefined system users/roles/groups/permissions (see
Bugzilla bug# 15684):
  
  users = admin,anon
  roles = admin,user
  groups=Jetspeed
  
  Revision  Changes    Path
  1.8       +12 -2     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineGroupManagement.java
  
  Index: TurbineGroupManagement.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineGroupManagement.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- TurbineGroupManagement.java	7 May 2003 15:16:53 -0000	1.7
  +++ TurbineGroupManagement.java	9 Jun 2003 22:06:57 -0000	1.8
  @@ -58,6 +58,7 @@
   import java.util.Iterator;
   import java.util.List;
   import java.util.HashMap;
  +import java.util.Vector;
   
   import javax.servlet.ServletConfig;
   
  @@ -122,8 +123,10 @@
       private final static String CONFIG_DEFAULT_ROLE = "role.default";
       String defaultRole = "user";
       private final static String CASCADE_DELETE = "programmatic.cascade.delete";
  +    private final static String CONFIG_SYSTEM_GROUPS = "system.groups";
       private final static boolean DEFAULT_CASCADE_DELETE = true;
       private boolean cascadeDelete;
  +    private Vector systemGroups = null;
   
       ///////////////////////////////////////////////////////////////////////////
       // Group Management Interfaces
  @@ -351,6 +354,12 @@
           Connection conn = null;
           try
           {
  +
  +            if (systemGroups.contains(groupname))
  +            {
  +                throw new GroupException("[" + groupname + "] is a system group and cannot
be removed");
  +            }
  +
               conn = Torque.getConnection();
               Group group = this.getGroup(groupname);
   
  @@ -391,7 +400,7 @@
               {
                   Torque.closeConnection(conn);
               }
  -            catch (Exception e)
  +            catch (Throwable e)
               {
                   Log.error( "Error closing Torque connection", e );
               }
  @@ -617,6 +626,7 @@
   
           defaultRole = serviceConf.getString(CONFIG_DEFAULT_ROLE, defaultRole);
           cascadeDelete = serviceConf.getBoolean( CASCADE_DELETE, DEFAULT_CASCADE_DELETE
);
  +        systemGroups = serviceConf.getVector( CONFIG_SYSTEM_GROUPS, new Vector() );
   
           setInit(true);
        }
  
  
  
  1.8       +12 -2     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbinePermissionManagement.java
  
  Index: TurbinePermissionManagement.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbinePermissionManagement.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- TurbinePermissionManagement.java	7 May 2003 15:16:53 -0000	1.7
  +++ TurbinePermissionManagement.java	9 Jun 2003 22:06:57 -0000	1.8
  @@ -58,6 +58,7 @@
   import java.util.Iterator;
   import java.util.List;
   import java.util.HashMap;
  +import java.util.Vector;
   
   import javax.servlet.ServletConfig;
   
  @@ -113,9 +114,11 @@
       private JetspeedRunDataService runDataService = null;
       private final static String CASCADE_DELETE = "programmatic.cascade.delete";
       private final static boolean DEFAULT_CASCADE_DELETE = true;
  +    private final static String CONFIG_SYSTEM_PERMISSIONS = "system.permissions";
       private boolean cascadeDelete;
       private final static String CACHING_ENABLE = "caching.enable";
       private boolean cachingEnable = true;
  +    private Vector systemPermissions = null;
   
       ///////////////////////////////////////////////////////////////////////////
       // Permission Management Interfaces
  @@ -300,6 +303,12 @@
           Connection conn = null;
           try
           {
  +
  +            if (systemPermissions.contains(permissionName))
  +            {
  +                throw new PermissionException("[" + permissionName + "] is a system permission
and cannot be removed");
  +            }
  +
               conn = Torque.getConnection();
               Permission permission = this.getPermission(permissionName);
   
  @@ -342,7 +351,7 @@
               {
                   Torque.closeConnection(conn);
               }
  -            catch (Exception e)
  +            catch (Throwable e)
               {
                   Log.error( "Error closing Torque connection", e );
               }
  @@ -584,6 +593,7 @@
   
           cascadeDelete = serviceConf.getBoolean( CASCADE_DELETE, DEFAULT_CASCADE_DELETE
);
           cachingEnable = serviceConf.getBoolean( CACHING_ENABLE, cachingEnable );
  +        systemPermissions = serviceConf.getVector( CONFIG_SYSTEM_PERMISSIONS, new Vector()
);
           setInit(true);
        }
   
  
  
  
  1.10      +12 -3     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineRoleManagement.java
  
  Index: TurbineRoleManagement.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineRoleManagement.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- TurbineRoleManagement.java	7 May 2003 15:16:53 -0000	1.9
  +++ TurbineRoleManagement.java	9 Jun 2003 22:06:57 -0000	1.10
  @@ -58,6 +58,7 @@
   import java.util.Iterator;
   import java.util.List;
   import java.util.HashMap;
  +import java.util.Vector;
   
   import javax.servlet.ServletConfig;
   
  @@ -123,10 +124,12 @@
   {
       private JetspeedRunDataService runDataService = null;
       private final static String CASCADE_DELETE = "programmatic.cascade.delete";
  +    private final static String CONFIG_SYSTEM_ROLES = "system.roles";
       private final static boolean DEFAULT_CASCADE_DELETE = true;
       private boolean cascadeDelete;
       private final static String CACHING_ENABLE = "caching.enable";
       private boolean cachingEnable = true;
  +    private Vector systemRoles = null;
   
   
       ///////////////////////////////////////////////////////////////////////////
  @@ -364,6 +367,11 @@
           Connection conn = null;
           try
           {
  +            if (systemRoles.contains(rolename))
  +            {
  +                throw new RoleException("[" + rolename + "] is a system role and cannot
be removed");
  +            }
  +
               conn = Torque.getConnection();
               Role role = this.getRole(rolename);
   
  @@ -412,9 +420,9 @@
               {
                   Torque.closeConnection(conn);
               }
  -            catch (Exception e)
  +            catch (Throwable t)
               {
  -                Log.error( "Error closing Torque connection", e );
  +                Log.error( "Error closing Torque connection", t );
               }
           }
   
  @@ -656,6 +664,7 @@
   
           cascadeDelete = serviceConf.getBoolean( CASCADE_DELETE, DEFAULT_CASCADE_DELETE
);
           cachingEnable = serviceConf.getBoolean( CACHING_ENABLE, cachingEnable );
  +        systemRoles = serviceConf.getVector( CONFIG_SYSTEM_ROLES, new Vector() );
   
           setInit(true);
        }
  
  
  
  1.10      +10 -1     jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java
  
  Index: TurbineUserManagement.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- TurbineUserManagement.java	7 May 2003 15:16:53 -0000	1.9
  +++ TurbineUserManagement.java	9 Jun 2003 22:06:57 -0000	1.10
  @@ -59,6 +59,7 @@
   import java.util.Date;
   import javax.servlet.ServletConfig;
   import java.security.Principal;
  +import java.util.Vector;
   
   // Torque
   import org.apache.torque.util.Criteria;
  @@ -122,9 +123,11 @@
   {
       private final static String CONFIG_SECURE_PASSWORDS_KEY = "secure.passwords";
       private final static String CONFIG_SECURE_PASSWORDS_ALGORITHM = "secure.passwords.algorithm";
  +    private final static String CONFIG_SYSTEM_USERS = "system.users";
   
       boolean securePasswords = false;
       String passwordsAlgorithm = "SHA";
  +    Vector systemUsers = null;
   
       private final static String CONFIG_NEWUSER_ROLES     = "newuser.roles";
       private final static String [] DEFAULT_CONFIG_NEWUSER_ROLES =
  @@ -380,6 +383,11 @@
       public void removeUser(Principal principal)
           throws JetspeedSecurityException
       {
  +        if (systemUsers.contains(principal.getName()))
  +        {
  +            throw new UserException("[" + principal.getName() + "] is a system user and
cannot be removed");
  +        }
  +
           JetspeedUser user = getUser(principal);
   
           Criteria criteria = new Criteria();
  @@ -555,6 +563,7 @@
                                                     securePasswords);
           passwordsAlgorithm = serviceConf.getString(CONFIG_SECURE_PASSWORDS_ALGORITHM,
                                                      passwordsAlgorithm);
  +        systemUsers = serviceConf.getVector(CONFIG_SYSTEM_USERS, new Vector());
   
          try
           {
  
  
  
  1.67      +35 -1     jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties
  
  Index: JetspeedSecurity.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v
  retrieving revision 1.66
  retrieving revision 1.67
  diff -u -r1.66 -r1.67
  --- JetspeedSecurity.properties	19 May 2003 23:19:15 -0000	1.66
  +++ JetspeedSecurity.properties	9 Jun 2003 22:06:57 -0000	1.67
  @@ -126,6 +126,40 @@
   #
   services.JetspeedSecurity.password.expiration.period=0
   
  +#
  +# Comma separated list of system users. System users cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: admin, anon
  +#
  +services.JetspeedSecurity.system.users = admin
  +services.JetspeedSecurity.system.users = anon
  +
  +#
  +# Comma separated list of system roles. System roles cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: user, admin
  +#
  +services.JetspeedSecurity.system.roles = user
  +services.JetspeedSecurity.system.roles = admin
  +
  +#
  +# Comma separated list of system groups. System groups cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: jetspeed
  +#
  +services.JetspeedSecurity.system.groups = Jetspeed
  +
  +#
  +# Comma separated list of system permissions. System permissions cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: <none>
  +#
  +services.JetspeedSecurity.system.permissions =
  +
   #########################################
   # Action buttons                        #
   #########################################
  
  
  
  1.12      +35 -1     jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.template
  
  Index: JetspeedSecurity.template
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.template,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- JetspeedSecurity.template	25 Mar 2003 19:35:21 -0000	1.11
  +++ JetspeedSecurity.template	9 Jun 2003 22:06:58 -0000	1.12
  @@ -126,6 +126,40 @@
   #
   services.JetspeedSecurity.password.expiration.period=0
   
  +#
  +# Comma separated list of system users. System users cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: admin, anon
  +#
  +services.JetspeedSecurity.system.users = admin
  +services.JetspeedSecurity.system.users = anon
  +
  +#
  +# Comma separated list of system roles. System roles cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: user, admin
  +#
  +services.JetspeedSecurity.system.roles = user
  +services.JetspeedSecurity.system.roles = admin
  +
  +#
  +# Comma separated list of system groups. System groups cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: jetspeed
  +#
  +services.JetspeedSecurity.system.groups = Jetspeed
  +
  +#
  +# Comma separated list of system permissions. System permissions cannot 
  +# be deleted because they are essential to security service.
  +#
  +# Default: <none>
  +#
  +services.JetspeedSecurity.system.permissions =
  +
   #########################################
   # Action buttons                        #
   #########################################
  
  
  
  1.6       +2 -2      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/group-browser.vm
  
  Index: group-browser.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/group-browser.vm,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- group-browser.vm	23 May 2003 17:03:17 -0000	1.5
  +++ group-browser.vm	9 Jun 2003 22:06:58 -0000	1.6
  @@ -22,7 +22,7 @@
           <tr>
             #entryCell ($group.Name)
             <td>
  -            #if ($group.Name != "Jetspeed")
  +            #if ($config.getVector("services.JetspeedSecurity.system.groups").contains($group.Name)
== false)
                 <a href="$jslink.getPaneByName("GroupForm").addPathInfo("entityid",$group.Name).addQueryData("mode","delete")">Remove</a>
               #else
                 &nbsp;
  
  
  
  1.5       +5 -1      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/permission-browser.vm
  
  Index: permission-browser.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/permission-browser.vm,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- permission-browser.vm	14 May 2002 04:37:19 -0000	1.4
  +++ permission-browser.vm	9 Jun 2003 22:06:58 -0000	1.5
  @@ -23,7 +23,11 @@
           <tr>
             #entryCell ($permission.Name)
             <td>
  +            #if ($config.getVector("services.JetspeedSecurity.system.permissions").contains($permission.Name)
== false)              
               <a href="$jslink.getPaneByName("PermissionForm").addPathInfo("entityid",$permission.Name).addQueryData("mode","delete")">Remove</a>
  +            #else
  +            &nbsp;
  +            #end
             </td>
           </tr>
           #end
  
  
  
  1.4       +5 -1      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/role-browser.vm
  
  Index: role-browser.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/role-browser.vm,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- role-browser.vm	14 May 2002 04:39:00 -0000	1.3
  +++ role-browser.vm	9 Jun 2003 22:06:58 -0000	1.4
  @@ -24,7 +24,11 @@
             #entryCell ($role.Name)
             <td>
                 <a href="$jslink.getPaneByName("RolePermissionForm").addPathInfo("entityid",$role.Name)">Permissions</a>
  +              #if ($config.getVector("services.JetspeedSecurity.system.roles").contains($role.Name)
== false)              
                 <a href="$jslink.getPaneByName("RoleForm").addPathInfo("entityid",$role.Name).addQueryData("mode","delete")">Remove</a>
  +              #else
  +              &nbsp;
  +              #end
             </td>
           </tr>
           #end
  
  
  
  1.9       +6 -1      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm
  
  Index: user-browser.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-browser.vm,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- user-browser.vm	6 Dec 2002 21:42:34 -0000	1.8
  +++ user-browser.vm	9 Jun 2003 22:06:58 -0000	1.9
  @@ -10,6 +10,7 @@
   #set ( $filter = $data.getRequest().getParameter("filter_value") )
   #set ( $filter_type = $data.getRequest().getParameter("filter_type") )
   #set ( $regexp = $data.getRequest().getParameter("filter_regexp") )
  +#set ( $systemUsers = $config.getVector("services.JetspeedSecurity.system.users"))
   
   #if ($pagelinks) <p align=right>$pagelinks</p> #end
   <form method="post">
  @@ -44,7 +45,11 @@
                 <a href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","update")">Edit</a>
&nbsp;
                 <a href="$jslink.getPaneByName("UserRoleForm").addPathInfo("entityid",$user.UserName)">Roles</a>
                 <a href="$jslink.getPaneByName("UserGroupForm").addPathInfo("entityid",$user.UserName)">Groups</a>
  +              #if ($systemUsers.contains($user.UserName) == false)
                 <a href="$jslink.getPaneByName("UserForm").addPathInfo("entityid",$user.UserName).addQueryData("mode","delete")">Remove</a>
  +              #else
  +              &nbsp;
  +              #end
             </td>
           </tr>
           #end
  
  
  
  1.169     +4 -1      jakarta-jetspeed/xdocs/changes.xml
  
  Index: changes.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v
  retrieving revision 1.168
  retrieving revision 1.169
  diff -u -r1.168 -r1.169
  --- changes.xml	6 Jun 2003 17:33:03 -0000	1.168
  +++ changes.xml	9 Jun 2003 22:06:58 -0000	1.169
  @@ -24,6 +24,9 @@
   </li>
   -->
   <li>
  +  Add -   Bug # 15684 - 2003/06/09 - It is no longer possible to remove predefined system
users/roles/groups/permissions (MO)
  +</li>
  +<li>
     Add -   Bug # 15413 - 2003/06/06 - Fix for deleting references in portlet set customizer
(MO)
   </li>
   <li>
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message