Changeset 301
- Timestamp:
- 03/25/06 22:20:01
- Files:
-
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/AccessUtil.java (modified) (2 diffs)
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Calendars.java (modified) (1 diff)
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/CalintfHelper.java (modified) (2 diffs)
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/CalintfImpl.java (modified) (11 diffs)
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/EventProperties.java (modified) (3 diffs)
- trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java (modified) (3 diffs)
- trunk/calendar3/calFacade/src/org/bedework/calfacade/base/CalintfBase.java (modified) (5 diffs)
- trunk/calendar3/calFacade/src/org/bedework/calfacade/ifs/Calintf.java (modified) (2 diffs)
- trunk/calendar3/caldav/src/edu/rpi/cct/uwcal/caldav/CaldavBWIntf.java (modified) (2 diffs)
- trunk/calendar3/caldavClientApi/src/org/bedework/caldav/client/CalintfCaldavImpl.java (modified) (1 diff)
- trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java (modified) (8 diffs)
- trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcI.java (modified) (1 diff)
- trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcIPars.java (modified) (9 diffs)
- trunk/calendar3/synchml/src/edu/rpi/cct/uwcal/synchml/common/Synchml.java (modified) (2 diffs)
- trunk/calendar3/test/src/org/bedework/tests/calsvc/CalSvcTestWrapper.java (modified) (1 diff)
- trunk/calendar3/timers/src/org/bedework/timers/service/DbPollerTimerService.java (modified) (2 diffs)
- trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java (modified) (11 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/AccessUtil.java
r27 r301 108 108 * ==================================================================== */ 109 109 110 AccessUtil(boolean superUser, boolean debug) throws CalFacadeException { 111 this.superUser = superUser; 110 AccessUtil(boolean debug) throws CalFacadeException { 112 111 this.debug = debug; 113 112 try { … … 118 117 } 119 118 119 void setSuperUser(boolean val) { 120 superUser = val; 121 } 122 123 boolean getSuperUser() { 124 return superUser; 125 } 126 120 127 void setAuthUser(BwUser val) { 121 128 authUser = val; trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Calendars.java
r299 r301 80 80 */ 81 81 public Calendars(Calintf cal, AccessUtil access, 82 int currentMode, boolean ignoreCreator, booleandebug)82 int currentMode, boolean debug) 83 83 throws CalFacadeException { 84 super(cal, access, currentMode, ignoreCreator,debug);84 super(cal, access, currentMode, debug); 85 85 86 86 publicCalendarRootPath = "/" + getSyspars().getPublicCalendarRoot(); trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/CalintfHelper.java
r299 r301 78 78 79 79 protected int currentMode = CalintfUtil.guestMode; 80 81 protected boolean ignoreCreator;82 80 83 81 private transient Logger log; … … 91 89 */ 92 90 public CalintfHelper(Calintf cal, AccessUtil access, 93 int currentMode, boolean ignoreCreator,91 int currentMode, 94 92 boolean debug) { 95 93 this.cal = cal; 96 94 this.access = access; 97 95 this.currentMode = currentMode; 98 this.ignoreCreator = ignoreCreator;99 96 this.debug = debug; 100 97 } trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/CalintfImpl.java
r299 r301 170 170 private EventProperties sponsors; 171 171 172 /** True if this is superuser access173 */174 private boolean superUser;175 176 172 private int currentMode = CalintfUtil.guestMode; 177 173 … … 183 179 */ 184 180 //sprivate boolean readOnly; 185 186 /** Ignore owner for superuser187 */188 private boolean ignoreCreator;189 181 190 182 /** Current hibernate session - exists only across one user interaction … … 231 223 String user, 232 224 boolean publicAdmin, 233 boolean superUser,234 225 Groups groups, 235 226 String synchId, … … 238 229 boolean userCreated = false; 239 230 240 if (authenticatedUser == null) {241 this.superUser = false; // be safe242 }243 244 231 BwUser authUser; 245 232 246 233 try { 247 access = new AccessUtil( superUser,debug);234 access = new AccessUtil(debug); 248 235 249 236 objTimestamp = new Timestamp(System.currentTimeMillis()); 250 237 251 this.superUser = superUser;252 238 this.synchId = synchId; 253 239 log = Logger.getLogger(getClass()); … … 263 249 user = authenticatedUser; 264 250 } 265 266 ignoreCreator = false;267 251 268 252 if (authenticatedUser == null) { … … 296 280 getLogger().info("Authenticated user " + authenticatedUser + 297 281 " logged on"); 298 ignoreCreator = superUser;299 282 300 283 if (authenticatedUser.equals(user)) { … … 311 294 access.setAuthUser(authUser); 312 295 313 events = new Events(this, access, currentMode, 314 ignoreCreator, debug); 315 316 calendars = new Calendars(this, access, currentMode, 317 ignoreCreator, debug); 296 events = new Events(this, access, currentMode, debug); 297 298 calendars = new Calendars(this, access, currentMode, debug); 318 299 319 300 categories = new EventProperties(this, access, currentMode, 320 ignoreCreator,321 301 "word", BwCategory.class.getName(), 322 302 "getCategoryRefs", 323 303 -1, debug); 324 304 locations = new EventProperties(this, access, currentMode, 325 ignoreCreator,326 305 "address", BwLocation.class.getName(), 327 306 "getLocationRefs", 328 307 CalFacadeDefs.maxReservedLocationId, debug); 329 308 sponsors = new EventProperties(this, access, currentMode, 330 ignoreCreator,331 309 "name", BwSponsor.class.getName(), 332 310 "getSponsorRefs", … … 340 318 } 341 319 return userCreated; 320 } 321 322 public void setSuperUser(boolean val) { 323 access.setSuperUser(val); 324 } 325 326 public boolean getSuperUser() { 327 return access.getSuperUser(); 342 328 } 343 329 … … 718 704 BwTimeZone tz = new BwTimeZone(); 719 705 720 if (currentMode == CalintfUtil.publicAdminMode) {721 requireSuper();722 }723 724 706 if (currentMode == CalintfUtil.guestMode) { 725 707 throw new CalFacadeAccessException(); … … 795 777 public void clearPublicTimezones() throws CalFacadeException { 796 778 checkOpen(); 797 requireSuper();798 779 799 780 /* Delete all public timezones */ … … 1329 1310 getLogger().debug(msg); 1330 1311 } 1331 1332 /* Ensure the current user has super user access.1333 */1334 private void requireSuper() throws CalFacadeException {1335 if ((currentMode == CalintfUtil.publicAdminMode) && superUser) {1336 return;1337 }1338 1339 throw new CalFacadeAccessException();1340 }1341 1312 } 1342 1313 trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/EventProperties.java
r299 r301 96 96 */ 97 97 public EventProperties(Calintf cal, AccessUtil access, 98 int currentMode, boolean ignoreCreator,98 int currentMode, 99 99 String keyFieldName, 100 100 String className, … … 102 102 int minId, 103 103 boolean debug) { 104 super(cal, access, currentMode, ignoreCreator,debug);104 super(cal, access, currentMode, debug); 105 105 106 106 this.keyFieldName = keyFieldName; … … 189 189 qstr.append(" ent where "); 190 190 boolean setUser = CalintfUtil.appendPublicOrCreatorTerm(qstr, "ent", 191 currentMode, ignoreCreator);191 currentMode, cal.getSuperUser()); 192 192 qstr.append(" and ent.id=:id"); 193 193 trunk/calendar3/calCore/src/org/bedework/calcore/hibernate/Events.java
r299 r301 105 105 */ 106 106 public Events(Calintf cal, AccessUtil access, 107 int currentMode, boolean ignoreCreator, booleandebug) {108 super(cal, access, currentMode, ignoreCreator,debug);107 int currentMode, boolean debug) { 108 super(cal, access, currentMode, debug); 109 109 } 110 110 … … 600 600 601 601 boolean setUser = doCalendarClause(sb, qevName, calendar, 602 currentMode, ignoreCreator);602 currentMode, cal.getSuperUser()); 603 603 604 604 sb.append(") "); … … 650 650 651 651 Collection rs = getLimitedRecurrences(calendar, filter, startDate, endDate, 652 currentMode, ignoreCreator,652 currentMode, cal.getSuperUser(), 653 653 recurRetrieval); 654 654 if (rs != null) { trunk/calendar3/calFacade/src/org/bedework/calfacade/base/CalintfBase.java
r207 r301 109 109 private boolean isOpen; 110 110 111 /** True if this is superuser access - probably doesn't mean anything.112 */113 private boolean superUser;114 115 111 /** Ignore owner for superuser 116 112 */ … … 129 125 String user, 130 126 boolean publicAdmin, 131 boolean superUser,132 127 Groups groups, 133 128 String synchId, … … 136 131 boolean userCreated = false; 137 132 138 if (authenticatedUser == null) {139 this.superUser = false; // be safe140 }141 142 133 try { 143 134 objTimestamp = new Timestamp(System.currentTimeMillis()); 144 135 145 this.superUser = superUser;146 136 this.synchId = synchId; 147 137 … … 158 148 159 149 return userCreated; 150 } 151 152 public void setSuperUser(boolean val) { 153 } 154 155 public boolean getSuperUser() { 156 return false; 160 157 } 161 158 … … 898 895 } 899 896 900 /* Ensure the current user has super user access.901 */902 protected void requireSuper() throws CalFacadeException {903 if ((currentMode == CalintfDefs.publicAdminMode) && superUser) {904 return;905 }906 907 throw new CalFacadeAccessException();908 }909 910 897 /* Ensure the current user is not a guest. 911 898 */ trunk/calendar3/calFacade/src/org/bedework/calfacade/ifs/Calintf.java
r207 r301 96 96 * @param user String user we are acting as. If null we use authUser 97 97 * @param publicAdmin boolean true if this is a public events admin app 98 * @param superUser boolean true if this is a super user99 98 * @param groups Object allowing interface to determine user groups. 100 99 * @param synchId non-null if this is for synchronization. Identifies the … … 107 106 String user, 108 107 boolean publicAdmin, 109 boolean superUser,110 108 Groups groups, 111 109 String synchId, 112 110 boolean debug) throws CalFacadeException; 111 112 /** Called after init to flag this user as a super user. 113 * 114 * @param val true for a super user 115 */ 116 public void setSuperUser(boolean val); 117 118 /** Called after init to flag this user as a super user. 119 * 120 * @return boolean true if super user 121 */ 122 public boolean getSuperUser(); 113 123 114 124 /** Get the current system (not db) stats trunk/calendar3/caldav/src/edu/rpi/cct/uwcal/caldav/CaldavBWIntf.java
r297 r301 61 61 import org.bedework.calfacade.CalFacadeException; 62 62 import org.bedework.calfacade.svc.EventInfo; 63 import org.bedework.calfacade.svc.UserAuth;64 63 import org.bedework.calsvc.CalSvc; 65 64 import org.bedework.calsvci.CalSvcI; … … 1181 1180 * user, if non-null, is the user calendar we want to access. 1182 1181 */ 1183 CalSvcIPars pars = new CalSvcIPars(account, UserAuth.noPrivileges,1182 CalSvcIPars pars = new CalSvcIPars(account, 1184 1183 account, 1185 1184 envPrefix, trunk/calendar3/caldavClientApi/src/org/bedework/caldav/client/CalintfCaldavImpl.java
r2 r301 109 109 String user, 110 110 boolean publicAdmin, 111 boolean superUser,112 111 Groups groups, 113 112 String synchId, 114 113 boolean debug) throws CalFacadeException { 115 114 boolean userAdded = super.init(authenticatedUser, user, publicAdmin, 116 superUser,groups, synchId, debug);115 groups, synchId, debug); 117 116 118 117 if (httpManager == null) { trunk/calendar3/calsvc/src/org/bedework/calsvc/CalSvc.java
r297 r301 126 126 127 127 private boolean open; 128 129 private boolean superUser; 128 130 129 131 //private BwFilter currentFilter; … … 302 304 throw new CalFacadeException(t); 303 305 } 306 } 307 308 public void setSuperUser(boolean val) { 309 superUser = val; 310 } 311 312 public boolean getSuperUser() { 313 return superUser; 304 314 } 305 315 … … 567 577 public void saveTimeZone(String tzid, VTimeZone vtz) 568 578 throws CalFacadeException { 579 // Not sure we want this. public admins may want to add timezones 580 if (isPublicAdmin() && !isSuper()) { 581 throw new CalFacadeAccessException(); 582 } 583 569 584 timezones.saveTimeZone(tzid, vtz); 570 585 } … … 584 599 585 600 public void clearPublicTimezones() throws CalFacadeException { 601 if (isPublicAdmin() && !isSuper()) { 602 throw new CalFacadeAccessException(); 603 } 604 586 605 timezones.clearPublicTimezones(); 587 606 } … … 1243 1262 */ 1244 1263 public boolean addLocation(BwLocation val) throws CalFacadeException { 1264 setupSharableEntity(val); 1265 1245 1266 updateOK(val); 1246 1247 setupSharableEntity(val);1248 1267 1249 1268 if (findLocation(val) != null) { … … 1348 1367 1349 1368 public boolean addSponsor(BwSponsor val) throws CalFacadeException { 1369 setupSharableEntity(val); 1370 1350 1371 updateOK(val); 1351 1352 setupSharableEntity(val);1353 1372 1354 1373 if (findSponsor(val) != null) { … … 1995 2014 pars.getUser(), 1996 2015 pars.getPublicAdmin(), 1997 pars.isSuperUser(),1998 2016 getGroups(), 1999 2017 pars.getSynchId(), … … 2105 2123 */ 2106 2124 private boolean isSuper() throws CalFacadeException { 2107 return pars.getPublicAdmin() && pars.isSuperUser();2125 return pars.getPublicAdmin() && superUser; 2108 2126 } 2109 2127 trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcI.java
r212 r301 107 107 public abstract void init(CalSvcIPars pars) throws CalFacadeException; 108 108 109 /** Called after init to flag this user as a super user. 110 * 111 * @param val true for a super user 112 */ 113 public abstract void setSuperUser(boolean val); 114 115 /** Called after init to flag this user as a super user. 116 * 117 * @return boolean true if super user 118 */ 119 public abstract boolean getSuperUser(); 120 109 121 /** Get the current stats 110 122 * trunk/calendar3/calsvci/src/org/bedework/calsvci/CalSvcIPars.java
r293 r301 55 55 package org.bedework.calsvci; 56 56 57 import org.bedework.calfacade.svc.UserAuth;58 59 57 import java.io.Serializable; 60 58 … … 68 66 private String authUser; 69 67 70 private int rights;71 72 68 /** The current user - null for guest 73 69 */ … … 97 93 * 98 94 * @param authUser String authenticated user of the application 99 * @param rights int rights as defined in100 * org.bedework.calfacade.svc.UserAuth101 95 * @param user String user to act as 102 96 * @param enzPrefix String Environment properties prefix … … 108 102 */ 109 103 public CalSvcIPars(String authUser, 110 int rights,111 104 String user, 112 105 String envPrefix, … … 116 109 boolean debug) { 117 110 this.authUser = authUser; 118 this.rights = rights;119 111 this.user = user; 120 112 this.envPrefix = envPrefix; … … 133 125 134 126 /** 135 * @return int rights136 */137 public int getRights() {138 return rights;139 }140 141 /**142 127 * @param val String user to run as 143 128 */ … … 195 180 } 196 181 197 /** Check for public events owner user198 *199 * @return boolean true for public events owner user200 */201 public boolean isOwnerUser() {202 return (rights & UserAuth.publicEventUser) != 0;203 }204 205 /** Check for content admin user206 *207 * @return boolean true for content admin user208 */209 public boolean isContentAdminUser() {210 return (rights & UserAuth.contentAdminUser) != 0;211 }212 213 /** Check for priv user214 *215 * @return boolean true for super user216 */217 public boolean isSuperUser() {218 return (rights & UserAuth.superUser) != 0;219 }220 221 182 /** 222 183 * @return boolean true for guest … … 231 192 sb.append("authUser="); 232 193 sb.append(getAuthUser()); 233 sb.append(", rights=");234 sb.append(getRights());235 194 sb.append(", user="); 236 195 sb.append(getUser()); … … 250 209 public Object clone() { 251 210 CalSvcIPars pars = new CalSvcIPars(getAuthUser(), 252 getRights(),253 211 getUser(), 254 212 getEnvPrefix(), trunk/calendar3/synchml/src/edu/rpi/cct/uwcal/synchml/common/Synchml.java
r293 r301 64 64 import org.bedework.calfacade.CalFacadeUtil; 65 65 import org.bedework.calfacade.svc.EventInfo; 66 import org.bedework.calfacade.svc.UserAuth;67 66 import org.bedework.calsvc.CalSvc; 68 67 import org.bedework.calsvci.CalSvcI; … … 123 122 this.deviceId = deviceId; 124 123 this.debug = debug; 125 CalSvcIPars pars = new CalSvcIPars(account, UserAuth.noPrivileges,124 CalSvcIPars pars = new CalSvcIPars(account, 126 125 account, 127 126 null, // XXX Requires an env prefix trunk/calendar3/test/src/org/bedework/tests/calsvc/CalSvcTestWrapper.java
r293 r301 130 130 } 131 131 132 CalSvcIPars pars = new CalSvcIPars(user, access,user,132 CalSvcIPars pars = new CalSvcIPars(user, user, 133 133 envPrefix, 134 134 publicEvents, trunk/calendar3/timers/src/org/bedework/timers/service/DbPollerTimerService.java
r293 r301 55 55 package org.bedework.timers.service; 56 56 57 58 import org.bedework.calfacade.svc.UserAuth;59 57 import org.bedework.calsvc.CalSvc; 60 58 import org.bedework.calsvci.CalSvcI; … … 140 138 private void init() throws Throwable { 141 139 svci = new CalSvc(); 142 CalSvcIPars pars = new CalSvcIPars(account, UserAuth.superUser,140 CalSvcIPars pars = new CalSvcIPars(account, 143 141 account, 144 142 null, // XXX needs envPrefix trunk/calendar3/webcommon/src/org/bedework/webcommon/BwAbstractAction.java
r293 r301 706 706 * @throws Throwable 707 707 */ 708 p ublicsynchronized BwSession getState(HttpServletRequest request,709 BwActionFormBase form,710 MessageResources messages,711 String adminUserId,712 boolean admin) throws Throwable {708 private synchronized BwSession getState(HttpServletRequest request, 709 BwActionFormBase form, 710 MessageResources messages, 711 String adminUserId, 712 boolean admin) throws Throwable { 713 713 BwSession s = BwWebUtil.getState(request); 714 714 HttpSession sess = request.getSession(false); … … 798 798 getPublicAdmin(form), false, debug); 799 799 800 /** Somewhere up there we may have to do more for user auth in the 801 session. This is where we can figure out this is a first call. 802 */ 803 800 /* 804 801 UserAuth ua = null; 805 802 UserAuthPar par = new UserAuthPar(); … … 821 818 return null; 822 819 } 820 */ 823 821 824 822 return s; … … 843 841 * @throws CalFacadeException 844 842 */ 845 pr otectedboolean checkSvci(HttpServletRequest request,846 847 848 849 850 851 852 843 private boolean checkSvci(HttpServletRequest request, 844 BwActionFormBase form, 845 BwSession sess, 846 int access, 847 String user, 848 boolean publicAdmin, 849 boolean canSwitch, 850 boolean debug) throws CalFacadeException { 853 851 /** Do some checks first 854 852 */ … … 883 881 svci.getUser()); 884 882 } 883 884 // XXX access - disable use of roles 885 access = svci.getUserAuth().getUsertype(); 885 886 } else { 886 887 if (debug) { … … 902 903 } 903 904 904 CalSvcIPars pars = new CalSvcIPars(user, access, runAsUser, 905 CalSvcIPars pars = new CalSvcIPars(user, //access, 906 runAsUser, 905 907 form.getEnv().getAppPrefix(), 906 908 publicAdmin, … … 915 917 916 918 cb.in(true); 919 920 UserAuth ua = null; 921 UserAuthPar par = new UserAuthPar(); 922 par.svlt = servlet; 923 par.req = request; 924 925 try { 926 ua = svci.getUserAuth(user, par); 927 928 form.assignAuthorisedUser(ua.getUsertype() != UserAuth.noPrivileges); 929 svci.setSuperUser((ua.getUsertype() & UserAuth.superUser) != 0); 930 931 // XXX access - disable use of roles 932 access = ua.getUsertype(); 933 934 if (debug) { 935 debugMsg("UserAuth says that current user has the type: " + 936 ua.getUsertype()); 937 } 938 } catch (Throwable t) { 939 form.getErr().emit("org.bedework.client.error.exc", t.getMessage()); 940 form.getErr().emit(t); 941 return false; 942 } 917 943 } catch (CalFacadeException cfe) { 918 944 throw cfe; … … 921 947 } 922 948 } 923 949 924 950 form.assignUserVO((BwUser)svci.getUser().clone()); 925 951 … … 957 983 * 958 984 * <p>They are there because some servlet containers (jetty for one) 959 * appear to be broken. Role mapping does not appear to work reliably.960 * Th siseems to have something to do with jetty doing internal redirects985 * appeared to be broken. Role mapping does not appear to work reliably. 986 * This seems to have something to do with jetty doing internal redirects 961 987 * to handle login. In the process it seems to lose the appropriate servlet 962 988 * context and with it the mapping of roles. … … 967 993 * @throws CalFacadeException 968 994 */ 969 protected int getAccess(HttpServletRequest req, 970 MessageResources messages) 971 throws CalFacadeException { 995 private int getAccess(HttpServletRequest req, 996 MessageResources messages) throws CalFacadeException { 972 997 int access = 0; 973 998 … … 994 1019 } 995 1020 996 /** This is how it ou t to look1021 /** This is how it ought to look 997 1022 if (req.isUserInRole("admin")) { 998 1023 access += UserAuth.superUser;
