To the committers/developers involved in the development of multitenant support: please review this commit and test it in the multitenant environment and confirm it works fine, thanks. I have seen a lot of bad code around the implementation of multitenancy and this is actually a first pass in the direction of cleaning it up. In the next few days I will ask for your review of some of the code decisions and will propose some refactorings that I will ask you to review/test.
Kind regards Jacopo Begin forwarded message: > From: jaco...@apache.org > Subject: svn commit: r1353681 - in /ofbiz/trunk: > applications/accounting/webapp/accounting/WEB-INF/ > applications/content/webapp/content/WEB-INF/ > applications/humanres/webapp/humanres/WEB-INF/ > applications/manufacturing/webapp/manufacturing/WEB-INF/ applications... > Date: June 25, 2012 7:46:09 PM GMT+02:00 > To: comm...@ofbiz.apache.org > Reply-To: dev@ofbiz.apache.org > > Author: jacopoc > Date: Mon Jun 25 17:46:07 2012 > New Revision: 1353681 > > URL: http://svn.apache.org/viewvc?rev=1353681&view=rev > Log: > Cleaned up some code that was adding the delegator/dispatcher/security/auth > objects in the user session rather than the request; > 1) removed the request-maps for changeDelegator from components' > controller.xml files: they were not used > 2) removed CoreEvents.changeDelegator(...): not used (apart from the > request-maps removed at #1) > 3) removed CoreEvents.changeDispatcher(...): not used > 4) cleaned up some code (related to multitenant development): now the objects > are set in the request rather than the session > > PS: as a consequence this will also fix the issue reported in OFBIZ-4289 > > Modified: > > ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml > ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml > ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml > > ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml > ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml > ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml > > ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/controller.xml > ofbiz/trunk/framework/bi/webapp/bi/WEB-INF/controller.xml > > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java > ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml > > ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/controller.xml > > Modified: > ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml > (original) > +++ > ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -42,12 +42,6 @@ under the License. > <response name="success" type="request" value="main"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="main"> > <security https="true" auth="true"/> > <response name="success" type="view" value="main"/> > > Modified: > ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml > (original) > +++ ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -52,13 +52,6 @@ under the License. > <response name="success" type="view" value="fonts.fo"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <security https="true" auth="true"/> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <!-- ================ Blog Requests ================= --> > <request-map uri="blogMain"> > <security https="true" auth="true"/> > > Modified: > ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml > (original) > +++ ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -46,12 +46,6 @@ under the License. > <response name="success" type="request" value="main"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="main"> > <security https="true" auth="true"/> > <response name="success" type="view" value="main"/> > > Modified: > ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml > (original) > +++ > ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -46,12 +46,6 @@ under the License. > <response name="success" type="request" value="main"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="main"> > <security https="true" auth="true"/> > <response name="success" type="view" value="main"/> > > Modified: > ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml > (original) > +++ > ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -45,13 +45,6 @@ under the License. > <request-map uri="view"><security https="true" auth="false"/><response > name="success" type="request" value="main"/></request-map> > <request-map uri="main"><security https="true" auth="true"/><response > name="success" type="view" value="main"/></request-map> > > - <request-map uri="changeDelegator"> > - <security https="true" auth="true"/> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <!-- =========== DataSource =========== --> > <request-map uri="FindDataSource"><security https="true" > auth="true"/><response name="success" type="view" > value="FindDataSource"/></request-map> > <request-map uri="EditDataSource"><security https="true" > auth="true"/><response name="success" type="view" > value="EditDataSource"/></request-map> > > Modified: > ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml > (original) > +++ ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -63,13 +63,6 @@ under the License. > <response name="success" type="view" value="FastLoadCache"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <security https="true" auth="true"/> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="advancedsearch"> > <security https="true" auth="true"/> > <response name="success" type="view" value="advancedsearch"/> > > Modified: > ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/controller.xml > (original) > +++ > ofbiz/trunk/applications/workeffort/webapp/workeffort/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -39,12 +39,6 @@ under the License. > > <!-- Request Mappings --> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="view"> > <security https="true" auth="true"/> > <response name="success" type="view" value="main"/> > > Modified: ofbiz/trunk/framework/bi/webapp/bi/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/bi/webapp/bi/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/framework/bi/webapp/bi/WEB-INF/controller.xml (original) > +++ ofbiz/trunk/framework/bi/webapp/bi/WEB-INF/controller.xml Mon Jun 25 > 17:46:07 2012 > @@ -30,12 +30,6 @@ > <response name="success" type="view" value="main"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="main"> > <security https="true" auth="true"/> > <response name="success" type="view" value="main"/> > > Modified: > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java > (original) > +++ > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ContextFilter.java > Mon Jun 25 17:46:07 2012 > @@ -317,10 +317,10 @@ public class ContextFilter implements Fi > LocalDispatcher dispatcher = > getDispatcher(config.getServletContext()); > > // set web context objects > - httpRequest.getSession().setAttribute("dispatcher", > dispatcher); > - httpRequest.getSession().setAttribute("security", > security); > + request.setAttribute("dispatcher", dispatcher); > + request.setAttribute("security", security); > > - httpRequest.setAttribute("tenantId", tenantId); > + request.setAttribute("tenantId", tenantId); > } > > // NOTE DEJ20101130: do NOT always put the delegator name in > the user's session because the user may > > Modified: > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > (original) > +++ > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > Mon Jun 25 17:46:07 2012 > @@ -474,35 +474,30 @@ public class LoginWorker { > return "error"; > } > } > + > private static void setWebContextObjects(HttpServletRequest request, > HttpServletResponse response, Delegator delegator, LocalDispatcher > dispatcher) { > HttpSession session = request.getSession(); > - > - // NOTE: we do NOT want to set this in the servletContet, only in > the request and session > - session.setAttribute("delegatorName", delegator.getDelegatorName()); > - > - request.setAttribute("delegator", delegator); > - session.setAttribute("delegator", delegator); > - > - request.setAttribute("dispatcher", dispatcher); > - session.setAttribute("dispatcher", dispatcher); > - > - // we also need to setup the security and authz objects since they > are dependent on the delegator > + // NOTE: we do NOT want to set this in the servletContext, only in > the request and session > + // We also need to setup the security and authz objects since they > are dependent on the delegator > + Security security = null; > try { > - Security security = SecurityFactory.getInstance(delegator); > - request.setAttribute("security", security); > - session.setAttribute("security", security); > + security = SecurityFactory.getInstance(delegator); > } catch (SecurityConfigurationException e) { > Debug.logError(e, module); > } > - > + Authorization authz = null; > try { > - Authorization authz = > AuthorizationFactory.getInstance(delegator); > - request.setAttribute("authz", authz); > - session.setAttribute("authz", authz); > + authz = AuthorizationFactory.getInstance(delegator); > } catch (SecurityConfigurationException e) { > Debug.logError(e, module); > } > > + session.setAttribute("delegatorName", delegator.getDelegatorName()); > + request.setAttribute("delegator", delegator); > + request.setAttribute("dispatcher", dispatcher); > + request.setAttribute("security", security); > + request.setAttribute("authz", authz); > + > // get rid of the visit info since it was pointing to the previous > database, and get a new one > session.removeAttribute("visitor"); > session.removeAttribute("visit"); > > Modified: > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java > (original) > +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java > Mon Jun 25 17:46:07 2012 > @@ -97,96 +97,6 @@ public class CoreEvents { > } > > /** > - * Change delegator event. Changes the delegator for the current session > - * @param request HttpServletRequest > - * @param response HttpServletResponse > - * @return Response code string > - */ > - public static String changeDelegator(HttpServletRequest request, > HttpServletResponse response) { > - String delegatorName = request.getParameter("delegator"); > - Authorization authz = (Authorization) request.getAttribute("authz"); > - Locale locale = UtilHttp.getLocale(request); > - > - if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", > null)) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.not_authorized_use_fct", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - if (delegatorName == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.delegator_not_passed", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - > - Delegator delegator = DelegatorFactory.getDelegator(delegatorName); > - > - if (delegator == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.no_delegator_name_defined", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - > - // now change the dispatcher to use this delegator > - LocalDispatcher dispatcher = (LocalDispatcher) > request.getAttribute("dispatcher"); > - DispatchContext dctx = dispatcher.getDispatchContext(); > - String dispatcherName = dispatcher.getName(); > - > - if (dispatcherName == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.dispatcher_name_null", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - if (dctx == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.dispatcher_context_null", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - > - dispatcher = GenericDispatcher.getLocalDispatcher(dispatcherName, > delegator); > - > - request.getSession().setAttribute("delegator", delegator); > - request.getSession().setAttribute("dispatcher", dispatcher); > - > - return "success"; > - } > - > - /** > - * Change dispatcher event. Changes the dispatch for the current session > - * @param request HttpServletRequest > - * @param response HttpServletResponse > - * @return Response code string > - */ > - public static String changeDispatcher(HttpServletRequest request, > HttpServletResponse response) { > - String dispatcherName = request.getParameter("dispatcher"); > - Authorization authz = (Authorization) request.getAttribute("authz"); > - Locale locale = UtilHttp.getLocale(request); > - > - if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", > null)) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.not_authorized_use_fct", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - if (dispatcherName == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.dispatcher_not_passed", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - > - Delegator delegator = (Delegator) request.getAttribute("delegator"); > - ServiceDispatcher sd = ServiceDispatcher.getInstance(dispatcherName, > delegator); > - > - if (sd == null) { > - String errMsg = > UtilProperties.getMessage(CoreEvents.err_resource, > "coreEvents.no_dispachter_name_registered", locale); > - request.setAttribute("_ERROR_MESSAGE_", errMsg); > - return "error"; > - } > - LocalDispatcher dispatcher = > sd.getLocalContext(dispatcherName).getDispatcher(); > - > - request.getSession().setAttribute("dispatcher", dispatcher); > - return "success"; > - } > - > - /** > * Schedule a service for a specific time or recurrence > * Request Parameters which are used for this service: > * > > Modified: > ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml > (original) > +++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml Mon > Jun 25 17:46:07 2012 > @@ -92,12 +92,6 @@ under the License. > <response name="success" type="url" value="http://www.yahoo.com"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="main"/> > - </request-map> > - > <request-map uri="view"> > <security https="true" auth="false"/> > <response name="success" type="view" value="main"/> > > Modified: > ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/controller.xml > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/controller.xml?rev=1353681&r1=1353680&r2=1353681&view=diff > ============================================================================== > --- > ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/controller.xml > (original) > +++ > ofbiz/trunk/specialpurpose/ecommerce/webapp/ecommerce/WEB-INF/controller.xml > Mon Jun 25 17:46:07 2012 > @@ -1193,13 +1193,6 @@ under the License. > <response name="error" type="view" value="login"/> > </request-map> > > - <request-map uri="changeDelegator"> > - <security https="false" auth="false"/> > - <event type="java" path="org.ofbiz.webapp.event.CoreEvents" > invoke="changeDelegator"/> > - <response name="success" type="view" value="main"/> > - <response name="error" type="view" value="error"/> > - </request-map> > - > <request-map uri="tellafriend"><security https="false" > auth="false"/><response name="success" type="view" > value="tellafriend"/></request-map> > <request-map uri="emailFriend"> > <security https="false" auth="false"/> > >