Hi Juergen,
Thanks for your reply, actually, I've already extended the torque security
service as described by you. My question was: it doesn't seem that I can have
my own TURBINE_USER_GROUP_ROLE and ROLE_PERMISSION equivalent tables, because
these peer class were hard-coded in Turbine's TorqueSecurityService class,
e.g.: TurbineUserGroupRolePeer is hard-coded.
public synchronized void grant(User user, Group group, Role role)
throws DataBackendException, UnknownEntityException
{
boolean userExists = false;
boolean groupExists = false;
boolean roleExists = false;
try
{
lockExclusive();
userExists = TurbineSecurity.accountExists(user);
groupExists = checkExists(group);
roleExists = checkExists(role);
if (userExists && groupExists && roleExists)
{
Criteria criteria = new Criteria();
criteria.add(TurbineUserGroupRolePeer.USER_ID,
((Persistent) user).getPrimaryKey());
criteria.add(TurbineUserGroupRolePeer.GROUP_ID,
((Persistent) group).getPrimaryKey());
criteria.add(TurbineUserGroupRolePeer.ROLE_ID,
((Persistent) role).getPrimaryKey());
TurbineUserGroupRolePeer.doInsert(criteria);
return;
}
}
catch (Exception e)
{
throw new DataBackendException("grant(User,Group,Role) failed", e);
}
finally
{
unlockExclusive();
}
if (!userExists)
{
throw new UnknownEntityException("Unknown user '"
+ user.getName() + "'");
}
if (!groupExists)
{
throw new UnknownEntityException("Unknown group '"
+ group.getName() + "'");
}
if (!roleExists)
{
throw new UnknownEntityException("Unknown role '"
+ role.getName() + "'");
}
}
Does this mean I have to have TURBINE_USER_GROUP_ROLE and
TURBINE_ROLE_PERMISSION tables around?
Thanks very much!
David
-----Original Message-----
From: Jürgen Hoffmann [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 16, 2006 1:13 PM
To: 'Turbine Users List'
Subject: AW: How to create group and grant user?
Hi David,
this clears things out a bit. Ok you have extended the Torque Security
Service with your additional columns to the core tables.
I assume that you followed
http://jakarta.apache.org/turbine/turbine/turbine-2.3.2/services/torque-secu
rity-service.html
When you extended your tables. Turbine will still use its own Peer and OM
classes internally. This is why adding addition Columns to the existing
tables is recommended. Everything else is known to be error prone. Because
the same classes are used internally, there are three classes.
The Peer, the Implementation and the Persistent Object. When you extend the
TurbineUser for example, you create your own Peer and Object classes.
<table name="YOUR_USER" idMethod="idbroker">
<column name="USER_ID" required="true" primaryKey="true"
type="INTEGER"/>
<column name="LOGIN_NAME" required="true" size="64" type="VARCHAR"
javaName="UserName"/>
<column name="PASSWORD_VALUE" required="true" size="16" type="VARCHAR"
javaName="Password"/>
<column name="FIRST_NAME" required="true" size="64" type="VARCHAR"/>
<column name="LAST_NAME" required="true" size="64" type="VARCHAR"/>
<column name="EMAIL" size="64" type="VARCHAR"/>
<column name="CONFIRM_VALUE" size="16" type="VARCHAR"
javaName="Confirmed"/>
<column name="MODIFIED" type="TIMESTAMP"/>
<column name="CREATED" type="TIMESTAMP" javaName="CreateDate"/>
<column name="LAST_LOGIN" type="TIMESTAMP"/>
<column name="OBJECTDATA" type="VARBINARY"/>
<column name="TELEPHONE" size="32" type="VARCHAR" javaName="Phone" />
<column name="FAX" size="32" type="VARCHAR"/>
<unique>
<unique-column name="LOGIN_NAME"/>
</unique>
</table>
The Peer Class should be configured inside turbine-om.properties like so
services.SecurityService.torque.userPeer.class = YourUserPeer
Then you can Access your User Object using:
User user = TurbineSecurity.getUser("test");
String phone =
((YourUser)(((TorqueUser)user).getPersistentObj())).getPhone();
Or
User u2 = TurbineSecurity.getUser("test2");
TorqueUser tu2 = (TorqueUser) u2;
YourUser yu = (YourUser) u2.getPersistentObj();
String fax = yu.getFax();
Which is still very ugly. We recommend that you extend the TorqueUser
explicitely, which makes access to additional Properties easy.
public class ExtendedUser extends TorqueUser
{
public ExtendedUser()
{
super();
}
public ExtendedUser(Persistent obj)
{
super(obj);
}
public String getPhone()
{
return ((CustomUser) getPersistentObj()).getPhone();
}
public void setPhone(String phone)
{
((CustomUser) getPersistentObj()).setPhone(phone);
}
public String getFax()
{
return ((CustomUser) getPersistentObj()).getFax();
}
public void setFax(String fax)
{
((CustomUser) getPersistentObj()).setFax(fax);
}
}
TurbineResources.properties:
services.SecurityService.user.class = ExtendedUser
And then:
ExtendedUser eu = (ExtendedUser) TurbineSecurity.getUser("test");
String phone = eu.getPhone();
Did that answer your questions?
Kind regards
Juergen Hoffmann
-----Ursprüngliche Nachricht-----
Von: Zhao, David [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 16. August 2006 06:50
An: Turbine Users List; Turbine Users List
Betreff: RE: How to create group and grant user?
Hi Juergen,
My last post was little confusing, and I was very confused then, and still
kinda now. What I meant was:
I've extended Torque Security Service based upon "Torque Security Service
Howto" and threads on "Extending User", so I have our own sets of tables,
such as person (TURBINE_USER), group (TURBINE_GROUP), role (TURBINE_ROLE),
permission (TURBINE_PERMISSION), etc., so I can have additional columns in
those tables. However, when I tried to use TurbineSecurity's grant and
revoke methods, TURINBE_USER_GROUP_ROLE, and TURBINE_ROLE_PERMISSION are
hard-coded in turbine, so I have to use those two tables in Turbine Security
schema to store user_group_role and role_permission information, rather than
having my own set of tables, am I right on this?
I hope this makes sense, and please let me know if there is anything I've
done wrong.
Thanks,
David
-----Original Message-----
From: Jürgen Hoffmann [mailto:[EMAIL PROTECTED]
Sent: Tue 8/15/2006 12:30 PM
To: 'Turbine Users List'
Subject: AW: How to create group and grant user?
Hi David,
seriously, why were you implementing your own Security Service?
What Use Case made you do that?
Kind regards
Juergen Hoffmann
-----Ursprüngliche Nachricht-----
Von: Zhao, David [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 11. August 2006 19:08
An: Turbine Users List; [EMAIL PROTECTED]
Betreff: How to create group and grant user?
Hi there,
I've trying to implement the turbine security service to create group, grant
user with certain roles. I've successfully extended the torque security
service (I think), with our own set of tables for security, and had to
override several methods, such as revoke(User user, Group group, Role, role)
where UserGroupRolePeer is hard coded to use TURBINE_USER_GROUP_ROLE table
(please correct me if I'm wrong) in TorqueSecurityService. Now when I create
a group, and grant a user a role to the group, all entries will be written
to our own tables. Now the problem is, if I'm trying to grant the "manager"
role (existing role) to the user to this group by using
TurbineSecurity.grant(data.getUser(), new TorqueRole("manager")), the role
id is always inserted as 0. What's the best practice to do this? am I doing
something wrong here?
Thanks,
David
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.10.9/416 - Release Date: 8/10/2006
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
!EXCUBATOR:1,44dcb991114092093554714!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
!EXCUBATOR:1,44e2a416114092010815235!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
