Author: nmalin
Date: Tue Feb 6 22:01:52 2018
New Revision: 1823397
URL: http://svn.apache.org/viewvc?rev=1823397&view=rev
Log:
Improved: Convert CommonPermissionServices.xml mini lang to groovy (OFBIZ-9993)
convert services genericBasePermissionCheck, commonGetAllCrudPermissions and
visualThemePermissionCheck from minilang to groovy.
The simple method genericBasePermissionCheck is maintain but indicate as
deprecated in log to don't break direct call from other mini-lang script.
Thanks to Dennis Balkir for this patch
Added:
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
(with props)
Modified:
ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml
Added:
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy?rev=1823397&view=auto
==============================================================================
---
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
(added)
+++
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
Tue Feb 6 22:01:52 2018
@@ -0,0 +1,115 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.ofbiz.base.util.UtilProperties
+
+
+def genericBasePermissionCheck() {
+ Map result = success()
+ // allow mainAction to be set from outside methods or direct to the service
+ String mainAction = parameters.mainAction
+ if (!mainAction) {
+ return
error(UtilProperties.getMessage("CommonUiLabels","CommonPermissionMainActionAttributeMissing",
parameters.locale))
+ }
+
+ // allow primary permission to be set from outside methods or direct to
the service
+ String primaryPermission = parameters.primaryPermission
+ if (!primaryPermission) {
+ return
error(UtilProperties.getMessage("CommonUiLabels","CommonPermissionPrimaryPermissionMissing",
parameters.locale))
+ }
+ logVerbose("Checking for primary permission
${primaryPermission}_${mainAction}")
+
+ // allow alt permission to be set from outside methods or direct to the
service
+ String altPermission = parameters.altPermission
+ String altPermissionList = ""
+ if (altPermission) {
+ logInfo("Checking for alternate permission
${altPermission}_${mainAction}")
+ altPermissionList = ", ${altPermission}_${mainAction},
${altPermission}_ADMIN"
+ }
+ // altPermission is not a required field; no need to add Error
+
+ // set up called service name
+ String resourceDescription = parameters.resourceDescription
+ if (!resourceDescription) {
+ resourceDescription = UtilProperties.getMessage("CommonUiLabels",
"CommonPermissionThisOperation", parameters.locale)
+ }
+
+ // check permission, permission checks include _ADMIN
+ if (security.hasEntityPermission(primaryPermission, "_${mainAction}",
parameters.userLogin)
+ || security.hasEntityPermission(altPermission, "_${mainAction}",
parameters.userLogin)) {
+ result.hasPermission = true
+ } else {
+ result.hasPermission = false
+ messageContext = [resourceDescription: resourceDescription,
+ primaryPermission: primaryPermission,
+ mainAction: mainAction,
+ altPermissionList: altPermissionList]
+ result.failMessage = UtilProperties.getMessage("CommonUiLabels",
"CommonGenericPermissionError", messageContext, parameters.locale)
+ }
+ return result
+}
+
+/**
+ * Get all CRUD and View Permissions
+ */
+def getAllCrudPermissions() {
+ Map result = success()
+ result.hasCreatePermission = false
+ result.hasUpdatePermission = false
+ result.hasDeletePermission = false
+ result.hasViewPermission = false
+ def primaryPermission = parameters.primaryPermission
+ if (!primaryPermission) {
+ return error(UtilProperties.getMessage("CommonUiLabels",
"CommonPermissionPrimaryPermissionMissing", parameters.locale))
+ }
+ logInfo("Getting all CRUD permissions for ${primaryPermission}")
+ result = hasCrudPermission(primaryPermission, result)
+
+ def altPermission = parameters.altPermission
+ if (altPermission) {
+ logInfo("Getting all CRUD permissions for ${altPermission}")
+ result = hasCrudPermission(altPermission, result)
+ }
+ return result
+}
+
+def hasCrudPermission(String perm, Map resultMap) {
+ if (security.hasEntityPermission(perm, "_CREATE", parameters.userLogin)) {
+ resultMap.hasCreatePermission = true
+ }
+ if (security.hasEntityPermission(perm, "_UPDATE", parameters.userLogin)) {
+ resultMap.hasUpdatePermission = true
+ }
+ if (security.hasEntityPermission(perm, "_DELETE", parameters.userLogin)) {
+ resultMap.hasDeletePermission = true
+ }
+ if (security.hasEntityPermission(perm, "_VIEW", parameters.userLogin)) {
+ resultMap.hasViewPermission = true
+ }
+ return resultMap
+}
+
+/**
+ * Visual Theme permission logic
+ */
+def visualThemePermissionCheck() {
+ parameters.primaryPermission = "VISUAL_THEME"
+ Map result = run service: "genericBasePermissionCheck", with: parameters
+ return result
+}
Propchange:
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
svn:keywords = Date Rev Author URL Id
Propchange:
ofbiz/ofbiz-framework/trunk/framework/common/groovyScripts/permission/CommonPermissionServices.groovy
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified:
ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml?rev=1823397&r1=1823396&r2=1823397&view=diff
==============================================================================
---
ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
(original)
+++
ofbiz/ofbiz-framework/trunk/framework/common/minilang/permission/CommonPermissionServices.xml
Tue Feb 6 22:01:52 2018
@@ -56,80 +56,15 @@ under the License.
<property-to-field resource="CommonUiLabels"
property="CommonPermissionThisOperation" field="resourceDescription"/>
</if-empty>
- <!-- check permission -->
- <if>
- <condition>
- <or>
- <!-- Permission checks include _ADMIN -->
- <if-has-permission permission="${primaryPermission}"
action="_${mainAction}"/>
- <if-has-permission permission="${altPermission}"
action="_${mainAction}"/>
- </or>
- </condition>
- <then>
- <set field="hasPermission" type="Boolean" value="true"/>
- <field-to-result field="hasPermission"/>
- </then>
- <else>
- <property-to-field resource="CommonUiLabels"
property="CommonGenericPermissionError" field="failMessage"/>
- <set field="hasPermission" type="Boolean" value="false"/>
- <field-to-result field="hasPermission"/>
- <field-to-result field="failMessage"/>
- </else>
- </if>
- </simple-method>
-
- <simple-method method-name="getAllCrudPermissions" short-description="Get
All CRUD and View Permissions">
- <if-empty field="primaryPermission">
- <set field="primaryPermission"
from-field="parameters.primaryPermission"/>
- <if-empty field="primaryPermission">
- <add-error><fail-property resource="CommonUiLabels"
property="CommonPermissionPrimaryPermissionMissing"/></add-error>
- </if-empty>
- </if-empty>
- <check-errors/>
- <set field="hasCreatePermission" value="false" type="Boolean"/>
- <set field="hasUpdatePermission" value="false" type="Boolean"/>
- <set field="hasDeletePermission" value="false" type="Boolean"/>
- <set field="hasViewPermission" value="false" type="Boolean"/>
- <log level="info" message="Getting all CRUD permissions for
${primaryPermission}"/>
- <if-has-permission permission="${primaryPermission}" action="_CREATE">
- <set field="hasCreatePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${primaryPermission}" action="_UPDATE">
- <set field="hasUpdatePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${primaryPermission}" action="_DELETE">
- <set field="hasDeletePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${primaryPermission}" action="_VIEW">
- <set field="hasViewPermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-empty field="altPermission">
- <set field="altPermission" from-field="parameters.altPermission"/>
- </if-empty>
- <if-not-empty field="altPermission">
- <log level="info" message="Getting all CRUD permissions for
${altPermission}"/>
- <if-has-permission permission="${altPermission}" action="_CREATE">
- <set field="hasCreatePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${altPermission}" action="_UPDATE">
- <set field="hasUpdatePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${altPermission}" action="_DELETE">
- <set field="hasDeletePermission" value="true" type="Boolean"/>
- </if-has-permission>
- <if-has-permission permission="${altPermission}" action="_VIEW">
- <set field="hasViewPermission" value="true" type="Boolean"/>
- </if-has-permission>
- </if-not-empty>
- <field-to-result field="hasCreatePermission"/>
- <field-to-result field="hasUpdatePermission"/>
- <field-to-result field="hasDeletePermission"/>
- <field-to-result field="hasViewPermission"/>
- </simple-method>
+ <log level="warning" message="This simple-method-call is deprecated!
Please use a service-call of genericBasePermissionCheck instead."/>
+ <set field="inParams.altPermission" from-field="altPermission"/>
+ <set field="inParams.mainAction" from-field="parameters.mainAction"/>
+ <set field="inParams.primaryPermission"
from-field="primaryPermission"/>
+ <set field="inParams.resourceDescription"
from-field="parameters.resourceDescription"/>
+ <call-service service-name="genericBasePermissionCheck"
in-map-name="inParams">
+ <result-to-field result-name="hasPermission"/>
+ </call-service>
+ <field-to-result field="hasPermission"/>
- <simple-method method-name="visualThemePermissionCheck"
short-description="Visual Theme permission logic">
- <set field="primaryPermission" value="VISUALTHEME"/>
- <call-simple-method method-name="genericBasePermissionCheck"/>
</simple-method>
-
</simple-methods>
Modified: ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml?rev=1823397&r1=1823396&r2=1823397&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml
(original)
+++ ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml Tue
Feb 6 22:01:52 2018
@@ -30,8 +30,8 @@ under the License.
<implements service="permissionInterface"/>
</service>
- <service name="commonGetAllCrudPermissions" engine="simple"
-
location="component://common/minilang/permission/CommonPermissionServices.xml"
invoke="getAllCrudPermissions" auth="false">
+ <service name="commonGetAllCrudPermissions" engine="groovy"
+
location="component://common/groovyScripts/permission/CommonPermissionServices.groovy"
invoke="getAllCrudPermissions" auth="false">
<description>Returns all CRUD and View Permissions</description>
<attribute name="primaryPermission" type="String" mode="IN"
optional="false"/>
<attribute name="altPermission" type="String" mode="IN"
optional="true"/>
@@ -424,8 +424,8 @@ under the License.
</service>
<!-- common permission services -->
- <service name="genericBasePermissionCheck" engine="simple"
-
location="component://common/minilang/permission/CommonPermissionServices.xml"
invoke="genericBasePermissionCheck">
+ <service name="genericBasePermissionCheck" engine="groovy"
+
location="component://common/groovyScripts/permission/CommonPermissionServices.groovy"
invoke="genericBasePermissionCheck">
<implements service="permissionInterface"/>
<attribute name="primaryPermission" type="String" mode="IN"
optional="false"/>
<attribute name="altPermission" type="String" mode="IN"
optional="true"/>
@@ -569,8 +569,8 @@ under the License.
</service>
<!-- ==============Permission Checking Service============= -->
- <service name="visualThemePermissionCheck" engine="simple"
-
location="component://common/minilang/permission/CommonPermissionServices.xml"
invoke="visualThemePermissionCheck">
+ <service name="visualThemePermissionCheck" engine="groovy"
+
location="component://common/groovyScripts/permission/CommonPermissionServices.groovy"
invoke="visualThemePermissionCheck">
<description>Visual Theme Permission Checking Logic</description>
<implements service="permissionInterface"/>
</service>
