paulsp 02/02/16 05:10:21 Modified: webapp/WEB-INF/conf JetspeedResources.properties src/java/org/apache/jetspeed/services/security JetspeedDBSecurityService.java xdocs changes.xml docs/site changes.html Log: Added configurable default security settings for logged-in and anonymous users Revision Changes Path 1.63 +11 -1 jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties Index: JetspeedResources.properties =================================================================== RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties,v retrieving revision 1.62 retrieving revision 1.63 diff -u -r1.62 -r1.63 --- JetspeedResources.properties 11 Feb 2002 08:17:53 -0000 1.62 +++ JetspeedResources.properties 16 Feb 2002 13:10:20 -0000 1.63 @@ -1,7 +1,7 @@ ################################################################################ # Jetspeed Configuration # Author: Kevin A. Burton ([EMAIL PROTECTED]) -# $Id: JetspeedResources.properties,v 1.62 2002/02/11 08:17:53 taylor Exp $ +# $Id: JetspeedResources.properties,v 1.63 2002/02/16 13:10:20 paulsp Exp $ ################################################################################ # This is the main file you will need to configuration Jetspeed. If there are # any secondary files they will be pointed to from this file. @@ -391,8 +391,18 @@ # Media types template to create for user. (comma separated) services.Profiler.newuser.media_types=html,wml +######################################### +# Template Jetspeed Security Service # +######################################### # Role(s) to assign to new user. Multiple Role must be comma separated. services.JetspeedSecurity.newuser.roles=user + +# Default permission(s) when object have no permissions defined +# The follow permissions are define in the default Jetspeed installation: +# view, customize, minimize, maximize, close +# * = All permissions +services.JetspeedSecurity.permission.default.anonymous=view +services.JetspeedSecurity.permission.default.loggedin=* ######################################### # Template Locator Service # 1.14 +28 -3 jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java Index: JetspeedDBSecurityService.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- JetspeedDBSecurityService.java 11 Feb 2002 08:05:12 -0000 1.13 +++ JetspeedDBSecurityService.java 16 Feb 2002 13:10:21 -0000 1.14 @@ -91,7 +91,7 @@ * * @author <a href="mailto:[EMAIL PROTECTED]">David Sean Taylor</a> * @author <a href="mailto:[EMAIL PROTECTED]">Santiago Gala</a> - * @version $Id: JetspeedDBSecurityService.java,v 1.13 2002/02/11 08:05:12 taylor Exp $ + * @version $Id: JetspeedDBSecurityService.java,v 1.14 2002/02/16 13:10:21 paulsp Exp $ */ @@ -99,6 +99,9 @@ implements JetspeedSecurityService { private final static String CONFIG_NEWUSER_ROLES = "newuser.roles"; + private final static String CONFIG_DEFAULT_PERMISSION_LOGGEDIN = "permission.default.loggedin"; + private final static String CONFIG_DEFAULT_PERMISSION_ANONYMOUS = "permission.default.anonymous"; + private final static String [] DEFAULT_PERMISSIONS = {""}; private final static String [] DEFAULT_CONFIG_NEWUSER_ROLES = { "user" }; String roles[] = null; @@ -196,10 +199,10 @@ { Security security = entry.getSecurity(); if (null == security) - return true; // grant permission if no security role given + return checkDefaultPermission( runData, permission); String securityRole = security.getRole(); if (null == securityRole) - return true; // grant permission if no security role given + return checkDefaultPermission( runData, permission); // determine if Portlet has specified role AccessControlList acl = runData.getACL(); @@ -390,4 +393,26 @@ removeRole(role); } + private boolean checkDefaultPermission(RunData runData, String permission) { + String defaultPermissions[] = null; + ResourceService serviceConf = ((TurbineServices)TurbineServices.getInstance()) + .getResources(JetspeedSecurityService.SERVICE_NAME); + + try { + if ( (runData.getUser() == null) || !runData.getUser().hasLoggedIn() ) { + defaultPermissions = serviceConf.getStringArray(CONFIG_DEFAULT_PERMISSION_ANONYMOUS); + } else { + defaultPermissions = serviceConf.getStringArray(CONFIG_DEFAULT_PERMISSION_LOGGEDIN); + } + } catch (Exception e) { + e.printStackTrace(); + } + for (int i = 0; i < defaultPermissions.length; i++) { + if (defaultPermissions[i].equals("*")) + return true; + if (defaultPermissions[i].equals(permission)) + return true; + } + return false; + } } 1.24 +4 -1 jakarta-jetspeed/xdocs/changes.xml Index: changes.xml =================================================================== RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v retrieving revision 1.23 retrieving revision 1.24 diff -u -r1.23 -r1.24 --- changes.xml 14 Feb 2002 03:38:17 -0000 1.23 +++ changes.xml 16 Feb 2002 13:10:21 -0000 1.24 @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="iso-8859-1"?> <!-- -$Id: changes.xml,v 1.23 2002/02/14 03:38:17 paulsp Exp $ +$Id: changes.xml,v 1.24 2002/02/16 13:10:21 paulsp Exp $ --> <document> <properties> @@ -164,6 +164,9 @@ </li> <li> Fix - 2002/02/13 - Bug 5630 - Redirect to home page when exiting the Customizer. (PS) +</li> +<li> + Add - 2002/02/16 - Default permissions for "logged in" and anonymous users is now configurable. (PS) </li> </ul> </section> 1.15 +3 -0 jakarta-jetspeed/docs/site/changes.html Index: changes.html =================================================================== RCS file: /home/cvs/jakarta-jetspeed/docs/site/changes.html,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- changes.html 14 Feb 2002 03:38:17 -0000 1.14 +++ changes.html 16 Feb 2002 13:10:21 -0000 1.15 @@ -269,6 +269,9 @@ <li> Fix - 2002/02/13 - Bug 5630 - Redirect to home page when exiting the Customizer. (PS) </li> +<li> + Add - 2002/02/16 - Default permissions for "logged in" and anonymous users is now configurable. (PS) +</li> </ul> </blockquote> </p>
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>