Skip to content

Codecrew / Moya

Go to a project
Commit cee10bf0 by Tuomas Riihimäki
Options

Meged stuff...

2 parents 66ef9bc6 c18ecf36
Inline Side-by-side
Showing with 503 additions and 194 deletions
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SecurityBean.java
package fi.insomnia.bortal.beans; package fi.insomnia.bortal.beans;
import java.util.Calendar;
import javax.ejb.EJB;
import javax.ejb.Stateless; import javax.ejb.Stateless;
import org.hibernate.validator.util.LoggerFactory;
import org.slf4j.Logger;
import fi.insomnia.bortal.facade.LogEntryFacade;
import fi.insomnia.bortal.facade.LogEntryTypeFacade;
import fi.insomnia.bortal.model.LogEntry;
import fi.insomnia.bortal.model.LogEntryType;
import fi.insomnia.bortal.model.User;
/** /**
* Session Bean implementation class SercurityBean * Session Bean implementation class SercurityBean
...@@ -9,17 +20,65 @@ import javax.ejb.Stateless; ...@@ -9,17 +20,65 @@ import javax.ejb.Stateless;
@Stateless @Stateless
public class SecurityBean implements SecurityBeanLocal { public class SecurityBean implements SecurityBeanLocal {
private final Logger logger = org.slf4j.LoggerFactory.getLogger(SecurityBean.class);
@EJB
LogEntryTypeFacade typeFacade;
@EJB
LogEntryFacade entryFacade;
/** /**
* Default constructor. * Default constructor.
*/ */
public SecurityBean() { public SecurityBean() {
// TODO Auto-generated constructor stub // TODO Auto-generated constructor stub
} }
@Override @Override
public void log(Exception permissionDeniedException) { public void logPermissionDenied(User user, Exception exception) {
// TODO Auto-generated method stub LogEntryType type = typeFacade.findOrCreate(SecurityLogType.permissionDenied);
LogEntry entry = new LogEntry();
entry.setType(type);
entry.setTime(Calendar.getInstance());
entry.setDescription(exception.getMessage());
entry.setUser(user);
logger.debug(entry.toString(), exception);
entryFacade.create(entry);
}
public void logException(User user, Exception exception) {
LogEntryType type = typeFacade.findOrCreate(SecurityLogType.unknownException);
LogEntry entry = new LogEntry();
entry.setType(type);
entry.setTime(Calendar.getInstance());
entry.setDescription(exception.getMessage());
entry.setUser(user);
logger.debug(entry.toString(), exception);
entryFacade.create(entry);
}
public void logMessage(User user, String description) {
logMessage(SecurityLogType.genericMessage, user, description);
} }
public void logMessage(SecurityLogType paramType, User user, String description) {
LogEntryType type = typeFacade.findOrCreate(paramType);
LogEntry entry = new LogEntry();
entry.setType(type);
entry.setTime(Calendar.getInstance());
entry.setDescription(description);
entry.setUser(user);
entryFacade.create(entry);
}
public void logMessage(String description) {
logMessage(SecurityLogType.genericMessage, description);
}
public void logMessage(SecurityLogType type, String description) {
logMessage(type, null, description);
}
} }
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBean.java
package fi.insomnia.bortal.beans; package fi.insomnia.bortal.beans;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Set; import java.util.Set;
import javax.annotation.Resource; import javax.annotation.Resource;
...@@ -13,7 +12,9 @@ import javax.servlet.http.HttpSession; ...@@ -13,7 +12,9 @@ import javax.servlet.http.HttpSession;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import fi.insomnia.bortal.facade.AccessRightFacade;
import fi.insomnia.bortal.facade.UserFacade; import fi.insomnia.bortal.facade.UserFacade;
import fi.insomnia.bortal.model.AccessRight;
import fi.insomnia.bortal.model.Role; import fi.insomnia.bortal.model.Role;
import fi.insomnia.bortal.model.RoleRight; import fi.insomnia.bortal.model.RoleRight;
import fi.insomnia.bortal.model.User; import fi.insomnia.bortal.model.User;
...@@ -24,14 +25,12 @@ import fi.insomnia.bortal.model.User; ...@@ -24,14 +25,12 @@ import fi.insomnia.bortal.model.User;
@Stateless @Stateless
public class SessionHandlerBean implements SessionHandlerBeanLocal { public class SessionHandlerBean implements SessionHandlerBeanLocal {
private static final Logger logger = LoggerFactory.getLogger(SessionHandlerBean.class);
@EJB @EJB
private UserFacade userfacade; private UserFacade userfacade;
private static final Logger logger = LoggerFactory.getLogger(SessionHandlerBean.class); @EJB
private AccessRightFacade accessRightFacade;
@Resource
private SessionContext sctx;
/** /**
* Default constructor. * Default constructor.
*/ */
...@@ -42,10 +41,13 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal { ...@@ -42,10 +41,13 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
@Override @Override
public boolean hasPermission(String target, User user, RolePermission permission) { public boolean hasPermission(String target, User user, RolePermission permission) {
AccessRight expectedRight = accessRightFacade.findOrCreateByName(target);
User dbusr = userfacade.find(user.getId()); User dbusr = userfacade.find(user.getId());
Set<Role> checkedRoles = new HashSet<Role>(); Set<Role> checkedRoles = new HashSet<Role>();
for (Role r : dbusr.getRoles()) { for (Role r : dbusr.getRoles()) {
if (getRights(r, target, permission, checkedRoles)) { if (getRights(r, expectedRight, permission, checkedRoles)) {
return true; return true;
} }
...@@ -54,14 +56,14 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal { ...@@ -54,14 +56,14 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
return false; return false;
} }
private static boolean getRights(Role role, String target, RolePermission permission, Set<Role> checkedRoles) { private static boolean getRights(Role role, AccessRight expectedRight, RolePermission permission, Set<Role> checkedRoles) {
if (checkedRoles.contains(role)) { if (checkedRoles.contains(role)) {
return false; return false;
} }
for (RoleRight rr : role.getRoleRights()) { for (RoleRight rr : role.getRoleRights()) {
if (rr.getAccessRight().getAccessRight().equals(target)) { if (rr.getAccessRight().equals(expectedRight)) {
switch (permission) { switch (permission) {
case READ: case READ:
if (rr.getRead()) { if (rr.getRead()) {
...@@ -83,7 +85,7 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal { ...@@ -83,7 +85,7 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
checkedRoles.add(role); checkedRoles.add(role);
for (Role r : role.getParents()) { for (Role r : role.getParents()) {
if (getRights(r, target, permission, checkedRoles)) { if (getRights(r, expectedRight, permission, checkedRoles)) {
return true; return true;
} }
...@@ -91,4 +93,18 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal { ...@@ -91,4 +93,18 @@ public class SessionHandlerBean implements SessionHandlerBeanLocal {
return false; return false;
} }
public User tryLogin(String username, String password) {
User user = userfacade.findByLogin(username.trim());
if(User.hashPassword(password).equals(user.getPassword())) {
return user;
}
return null;
}
public User getDefaultUser() {
throw new UnsupportedOperationException("Not supported yet.");
}
} }
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java
...@@ -31,30 +31,30 @@ public class UserBean implements UserBeanLocal { ...@@ -31,30 +31,30 @@ public class UserBean implements UserBeanLocal {
* Default constructor. * Default constructor.
*/ */
public UserBean() { public UserBean() {
// TODO Auto-generated constructor stub // TODO Auto-generated constructor stub
} }
@Override @Override
public User createNewUser(String nick, String password) { public User createNewUser(String nick, String password) {
User returnUser = new User(); User returnUser = new User();
returnUser.setNick(nick); returnUser.setNick(nick);
// TODO: Hash function.... // TODO: Hash function....
returnUser.setPassword(password); returnUser.setPassword(password);
// Tallennetaan olio kantaan... // Tallennetaan olio kantaan...
userFacade.create(returnUser); userFacade.create(returnUser);
return returnUser; return returnUser;
} }
public List<User> getUsers() { public List<User> getUsers() {
List<User> ret = userFacade.findAll(); List<User> ret = userFacade.findAll();
logger.info("Found {} users from database ", ret.size()); logger.info("Found {} users from database ", ret.size());
return ret; return ret;
} }
@Override @Override
public void mergeChanges(User user) { public void mergeChanges(User user) {
userFacade.merge(user); userFacade.merge(user);
} }
public User getUser(String nick) { public User getUser(String nick) {
......
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccessRightFacade.java
...@@ -4,7 +4,11 @@ import javax.ejb.LocalBean; ...@@ -4,7 +4,11 @@ import javax.ejb.LocalBean;
import javax.ejb.Stateless; import javax.ejb.Stateless;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext; import javax.persistence.PersistenceContext;
import javax.persistence.TypedQuery;
import fi.insomnia.bortal.beans.SecurityLogType;
import fi.insomnia.bortal.model.AccessRight; import fi.insomnia.bortal.model.AccessRight;
import fi.insomnia.bortal.model.LogEntryType;
@Stateless @Stateless
@LocalBean @LocalBean
...@@ -21,4 +25,19 @@ public class AccessRightFacade extends GenericFacade<AccessRight> { ...@@ -21,4 +25,19 @@ public class AccessRightFacade extends GenericFacade<AccessRight> {
return em; return em;
} }
public AccessRight findOrCreateByName(String target) {
// Fetch access right by name
TypedQuery<AccessRight> q = em.createNamedQuery("AccessRight.findByName", AccessRight.class);
q.setParameter("name", target);
AccessRight right = q.getSingleResult();
// Might not exist yet -> create
if (right == null) {
right = new AccessRight();
em.persist(right);
}
return right;
}
} }
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LogEntryTypeFacade.java
...@@ -4,6 +4,9 @@ import javax.ejb.LocalBean; ...@@ -4,6 +4,9 @@ import javax.ejb.LocalBean;
import javax.ejb.Stateless; import javax.ejb.Stateless;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext; import javax.persistence.PersistenceContext;
import javax.persistence.TypedQuery;
import fi.insomnia.bortal.beans.SecurityLogType;
import fi.insomnia.bortal.model.LogEntryType; import fi.insomnia.bortal.model.LogEntryType;
@Stateless @Stateless
...@@ -21,4 +24,21 @@ public class LogEntryTypeFacade extends GenericFacade<LogEntryType> { ...@@ -21,4 +24,21 @@ public class LogEntryTypeFacade extends GenericFacade<LogEntryType> {
return em; return em;
} }
public LogEntryType findOrCreate(SecurityLogType type) {
// Fetch log entry type
TypedQuery<LogEntryType> q = em.createNamedQuery("LogEntryType.findByName", LogEntryType.class);
q.setParameter("login", type.name());
LogEntryType logEntryType = q.getSingleResult();
// Might not exist yet
if (logEntryType == null) {
logEntryType = new LogEntryType();
logEntryType.setName(type.name());
em.persist(logEntryType);
}
return logEntryType;
}
} }
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityBeanLocal.java
...@@ -2,9 +2,19 @@ package fi.insomnia.bortal.beans; ...@@ -2,9 +2,19 @@ package fi.insomnia.bortal.beans;
import javax.ejb.Local; import javax.ejb.Local;
import fi.insomnia.bortal.model.User;
@Local @Local
public interface SecurityBeanLocal { public interface SecurityBeanLocal {
void log(Exception permissionDeniedException); void logPermissionDenied(User user, Exception exception);
void logException(User user, Exception exception);
void logMessage(User user, String description);
void logMessage(SecurityLogType type, User user, String description);
void logMessage(String description);
void logMessage(SecurityLogType type, String description);
} }
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SecurityLogType.java 0 → 100644
package fi.insomnia.bortal.beans;
public enum SecurityLogType {
permissionDenied,
unknownException,
genericMessage
}
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/SessionHandlerBeanLocal.java
...@@ -9,5 +9,13 @@ public interface SessionHandlerBeanLocal { ...@@ -9,5 +9,13 @@ public interface SessionHandlerBeanLocal {
boolean hasPermission(String target, User user, RolePermission permission); boolean hasPermission(String target, User user, RolePermission permission);
/**
*
* @param username
* @param password
* @return User on success, null on fail
*/
User tryLogin(String username, String password);
User getDefaultUser();
} }
code/LanBortalDatabase/src/fi/insomnia/bortal/model/LogEntryType.java
...@@ -24,15 +24,18 @@ import javax.persistence.Version; ...@@ -24,15 +24,18 @@ import javax.persistence.Version;
@Table(name = "event_log_types") @Table(name = "event_log_types")
@NamedQueries( { @NamedQueries( {
@NamedQuery(name = "LogEntryType.findAll", query = "SELECT l FROM LogEntryType l"), @NamedQuery(name = "LogEntryType.findAll", query = "SELECT l FROM LogEntryType l"),
@NamedQuery(name = "LogEntryType.findByName", query = "SELECT l FROM LogEntryType l WHERE l.name = :name"),
@NamedQuery(name = "LogEntryType.findByDescription", query = "SELECT l FROM LogEntryType l WHERE l.description = :description") }) @NamedQuery(name = "LogEntryType.findByDescription", query = "SELECT l FROM LogEntryType l WHERE l.description = :description") })
public class LogEntryType implements EventChildInterface{ public class LogEntryType implements EventChildInterface {
private static final long serialVersionUID = 1L; private static final long serialVersionUID = 1L;
@EmbeddedId @EmbeddedId
private EventPk id; private EventPk id;
@Column(name = "event_type_name", nullable = false)
private String name;
@Lob @Lob
@Column(name = "event_type_description", nullable = false) @Column(name = "event_type_description", nullable = false)
private String description; private String description;
...@@ -132,4 +135,12 @@ public class LogEntryType implements EventChildInterface{ ...@@ -132,4 +135,12 @@ public class LogEntryType implements EventChildInterface{
public void setJpaVersionField(int jpaVersionField) { public void setJpaVersionField(int jpaVersionField) {
this.jpaVersionField = jpaVersionField; this.jpaVersionField = jpaVersionField;
} }
public void setName(String name) {
this.name = name;
}
public String getName() {
return name;
}
} }
code/LanBortalDatabase/src/fi/insomnia/bortal/model/User.java
...@@ -520,4 +520,9 @@ public class User implements ModelInterface<Integer>{ ...@@ -520,4 +520,9 @@ public class User implements ModelInterface<Integer>{
public void setEventSettings(List<EventSettings> eventSettings) { public void setEventSettings(List<EventSettings> eventSettings) {
this.eventSettings = eventSettings; this.eventSettings = eventSettings;
} }
public static String hashPassword(String plainPassword) {
throw new UnsupportedOperationException("TÄLLE EI SAA TEHDÄ TESTIMETODIA, KOSKA SE KUITENKIN UNOGTUU TÄNNE");
}
} }
code/LanBortalWeb/WebContent/WEB-INF/faces-config.xml
<?xml version="1.0"?> <?xml version="1.0"?>
<faces-config <faces-config
xmlns="http://java.sun.com/xml/ns/javaee" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd" http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
version="2.0" version="2.0"
> >
<application> <application>
<resource-bundle> <resource-bundle>
<base-name>i18n</base-name> <base-name>resources.i18n</base-name>
<var>i18n</var> <var>i18n</var>
</resource-bundle> </resource-bundle>
<message-bundle>resources.i18n</message-bundle> <message-bundle>resources.i18n</message-bundle>
<!-- Legal Country codes: http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code_elements.htm --> <!-- Legal Country codes: http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code_elements.htm -->
<!-- Assigned Country codes: --> <!-- Assigned Country codes: -->
<!-- Insomnia: IN (INDIA) --> <!-- Insomnia: IN (INDIA) -->
<!-- Stream: ST (SAO TOME AND PRINCIPE ) --> <!-- Stream: ST (SAO TOME AND PRINCIPE ) -->
<!-- Vector VE (VENEZUELA, BOLIVARIAN REPUBLIC OF) --> <!-- Vector VE (VENEZUELA, BOLIVARIAN REPUBLIC OF) -->
<locale-config> <locale-config>
<default-locale>fi</default-locale> <default-locale>fi</default-locale>
<supported-locale>fi_IN_XII</supported-locale> <supported-locale>fi_IN_XII</supported-locale>
<supported-locale>en_ST_v7</supported-locale> <supported-locale>en_ST_v7</supported-locale>
</locale-config>
</application> </locale-config>
<navigation-rule> </application>
<from-view-id>*</from-view-id>
<navigation-case> <navigation-rule>
<from-outcome>permissionDenied</from-outcome> <from-view-id>/user/list.xhtml</from-view-id>
<to-view-id>/permissionDenied.xhtml</to-view-id> <navigation-case>
</navigation-case> <from-outcome>userEdit</from-outcome>
</navigation-rule> <to-view-id>/NotImplementedYet.xhtml</to-view-id>
<navigation-rule> </navigation-case>
<from-view-id>/user/list.xhtml</from-view-id> </navigation-rule>
<navigation-case> <navigation-rule>
<from-outcome>userEdit</from-outcome> <from-view-id>/user/edit.xhtml</from-view-id>
<to-view-id>/NotImplementedYet.xhtml</to-view-id> <navigation-case>
</navigation-case> <from-outcome>userSave</from-outcome>
</navigation-rule> <to-view-id>/NotImplementedYet.xhtml</to-view-id>
<navigation-rule> </navigation-case>
<from-view-id>/user/edit.xhtml</from-view-id> </navigation-rule>
<navigation-case> <navigation-rule>
<from-outcome>userSave</from-outcome> <from-view-id>/resources/tools/user/list.xhtml</from-view-id>
<to-view-id>/NotImplementedYet.xhtml</to-view-id> <navigation-case>
</navigation-case> <from-outcome>userEdit</from-outcome>
</navigation-rule> <to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
<navigation-rule> </navigation-case>
<from-view-id>/resources/tools/user/list.xhtml</from-view-id> </navigation-rule>
<navigation-case> <navigation-rule>
<from-outcome>userEdit</from-outcome> <from-view-id>/resources/tools/user/edit.xhtml</from-view-id>
<to-view-id>/modulePossibleReturnValues.xhtml</to-view-id> <navigation-case>
</navigation-case> <from-outcome>userSave</from-outcome>
</navigation-rule> <to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
<navigation-rule> </navigation-case>
<from-view-id>/resources/tools/user/edit.xhtml</from-view-id> </navigation-rule>
<navigation-case> <navigation-rule>
<from-outcome>userSave</from-outcome> <from-view-id>/resources/tools/role/list.xhtml</from-view-id>
<to-view-id>/modulePossibleReturnValues.xhtml</to-view-id> <navigation-case>
</navigation-case> <from-outcome>roleEdit</from-outcome>
</navigation-rule> <to-view-id>/modulePossibleReturnValues.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
<navigation-rule>
<from-view-id>*</from-view-id>
<navigation-case>
<from-outcome>permissionDenied</from-outcome>
<to-view-id>/permissionDenied.xhtml</to-view-id>
</navigation-case>
<navigation-case>
<from-outcome>logout</from-outcome>
<to-view-id>/NotImplementedYet.xhtml</to-view-id>
</navigation-case>
<navigation-case>
<from-outcome>loginSuccess</from-outcome>
<to-view-id>/NotImplementedYet.xhtml</to-view-id>
</navigation-case>
<navigation-case>
<from-outcome>loginFailed</from-outcome>
<to-view-id>/NotImplementedYet.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
</faces-config> </faces-config>
code/LanBortalWeb/WebContent/layout/default-template.xhtml
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
<html xmlns="http://www.w3.org/1999/xhtml" <html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html" xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core" xmlns:f="http://java.sun.com/jsf/core"
xmlns:tools="http://java.sun.com/jsf/composite/tools"
xmlns:ui="http://java.sun.com/jsf/facelets"> xmlns:ui="http://java.sun.com/jsf/facelets">
<f:view locale="#{userView.locale}"> <f:view locale="#{userView.locale}">
<h:head> <h:head>
...@@ -77,6 +78,9 @@ ...@@ -77,6 +78,9 @@
</div> </div>
<div id="column2"> <div id="column2">
<h:messages globalOnly="true"/> <h:messages globalOnly="true"/>
<tools:loginLogout /><br />
<ui:insert name="content"> <ui:insert name="content">
Default content.. Default content..
</ui:insert> </ui:insert>
......
code/LanBortalWeb/WebContent/resources/tools/login/login.xhtml 0 → 100644
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core">
<composite:interface>
<composite:attribute name="isOneliner" required="false" />
</composite:interface>
<composite:implementation>
<h:form>
<c:choose>
<c:when test="#{not empty cc.attrs.isOneliner}">
<h:inputText value="#{sessionHandler.username}" />
<h:inputSecret value="#{sessionHandler.password}" />
<h:commandButton value="#{i18n['login.submit']}" action="#{sessionHandler.login}" />
</c:when>
<c:otherwise>
<h:panelGrid columns="2">
<h:outputText value="#{i18n['login.username']}" /> <h:inputText value="#{sessionHandler.username}" />
<h:outputText value="#{i18n['login.password']}" /> <h:inputSecret value="#{sessionHandler.password}" />
<h:commandButton value="#{i18n['login.submit']}" action="#{sessionHandler.login}" />
</h:panelGrid>
</c:otherwise>
</c:choose>
</h:form>
</composite:implementation>
</html>
\ No newline at end of file
code/LanBortalWeb/WebContent/resources/tools/login/logout.xhtml 0 → 100644
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core">
<composite:interface>
</composite:interface>
<composite:implementation>
<h:form>
<h:commandButton action="#{sessionHandler.logout}" value="#{i18n['logout']}" />
</h:form>
</composite:implementation>
</html>
\ No newline at end of file
code/LanBortalWeb/WebContent/resources/tools/loginLogout.xhtml 0 → 100644
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:login="http://java.sun.com/jsf/composite/tools/login"
xmlns:tools="http://java.sun.com/jsf/composite/tools">
<composite:interface>
</composite:interface>
<composite:implementation>
<tools:canRead target="login">
<f:facet name="errorMessage">
<login:logout />
</f:facet>
<login:login isOneliner="true" />
</tools:canRead>
</composite:implementation>
</html>
\ No newline at end of file
code/LanBortalWeb/WebContent/resources/tools/role/list.xhtml
...@@ -2,82 +2,56 @@ ...@@ -2,82 +2,56 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html <html
xmlns="http://www.w3.org/1999/xhtml" xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html" xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core" xmlns:f="http://java.sun.com/jsf/core"
xmlns:composite="http://java.sun.com/jsf/composite" xmlns:composite="http://java.sun.com/jsf/composite"
xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:c="http://java.sun.com/jsp/jstl/core" xmlns:c="http://java.sun.com/jsp/jstl/core"
xmlns:tools="http://java.sun.com/jsf/composite/tools"> xmlns:tools="http://java.sun.com/jsf/composite/tools">
<composite:interface> <composite:interface>
</composite:interface> </composite:interface>
<composite:implementation> <composite:implementation>
<tools:authorization>
<h:form>
<h:dataTable
border="1"
id="user"
value="#{userView.users}"
var="user">
<h:column>
<f:facet name="header">
<h:outputText value="Id" />
</f:facet>
<h:outputText value="#{user.id}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Real name" />
</f:facet>
<h:outputText value="#{user.firstnames}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Address" />
</f:facet>
<h:outputText value="#{user.address}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Town" />
</f:facet>
<h:outputText value="#{user.town}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Zip" />
</f:facet>
<h:outputText value="#{user.zip}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Phone number" />
</f:facet>
<h:outputText value="#{user.phone}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Sex" />
</f:facet>
<h:outputText value="#{user.female}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="Edit" />
</f:facet>
<h:commandButton
action="#{userView.edit()}"
value="Edit" />
</h:column>
</h:dataTable>
</h:form>
</tools:authorization>
<h:form>
<tools:canRead target="roleManagement">
<h:dataTable
border="1"
id="user"
value="#{roleView.roles}"
var="role">
<h:column>
<f:facet name="header">
<h:outputText value="#" />
</f:facet>
<h:outputText value="#{role.id}" />
</h:column>
<h:column>
<f:facet name="header">
<h:outputText value="#{i18n['role.name']}" />
</f:facet>
<h:outputText value="#{role.name}" />
</h:column>
<tools:canWrite target="roleManagement">
<h:column>
<f:facet name="header">
<h:outputText value="Edit" />
</f:facet>
<h:commandButton
action="#{roleView.edit()}"
value="Edit" />
</h:column>
</tools:canWrite>
</h:dataTable>
</tools:canRead>
</h:form>
</tools:authorization>
</composite:implementation>
</composite:implementation>
</html> </html>
code/LanBortalWeb/src/accessRightTargets
userManagement userManagement
\ No newline at end of file roleManagement
login
\ No newline at end of file
code/LanBortalWeb/src/fi/insomnia/bortal/exceptions/PermissionDeniedException.java
package fi.insomnia.bortal.exceptions; package fi.insomnia.bortal.exceptions;
import fi.insomnia.bortal.beans.SecurityBeanLocal; import fi.insomnia.bortal.beans.SecurityBeanLocal;
import fi.insomnia.bortal.model.User;
public class PermissionDeniedException extends RuntimeException { public class PermissionDeniedException extends RuntimeException {
public PermissionDeniedException(String message, SecurityBeanLocal bean) { public PermissionDeniedException(SecurityBeanLocal bean, User user, String message) {
super(message); super(message);
bean.log(this); bean.logPermissionDenied(user, this);
} }
/** /**
......
code/LanBortalWeb/src/fi/insomnia/bortal/handler/BortalSessionHandler.java
...@@ -3,7 +3,6 @@ ...@@ -3,7 +3,6 @@
* To change this template, choose Tools | Templates * To change this template, choose Tools | Templates
* and open the template in the editor. * and open the template in the editor.
*/ */
package fi.insomnia.bortal.handler; package fi.insomnia.bortal.handler;
import javax.ejb.EJB; import javax.ejb.EJB;
...@@ -16,6 +15,7 @@ import fi.insomnia.bortal.HostnameFilter; ...@@ -16,6 +15,7 @@ import fi.insomnia.bortal.HostnameFilter;
import fi.insomnia.bortal.beans.RolePermission; import fi.insomnia.bortal.beans.RolePermission;
import fi.insomnia.bortal.beans.SessionHandlerBeanLocal; import fi.insomnia.bortal.beans.SessionHandlerBeanLocal;
import fi.insomnia.bortal.model.User; import fi.insomnia.bortal.model.User;
import javax.faces.bean.SessionScoped;
/** /**
* *
...@@ -27,22 +27,25 @@ public class BortalSessionHandler { ...@@ -27,22 +27,25 @@ public class BortalSessionHandler {
@EJB @EJB
private SessionHandlerBeanLocal handlerbean; private SessionHandlerBeanLocal handlerbean;
private User user; private User user = null;
private String username = "";
private String password = "";
/** Creates a new instance of SessionHandler */ /** Creates a new instance of SessionHandler */
public BortalSessionHandler() { public BortalSessionHandler() {
} }
public boolean hasPermission(String target, String permission) { public boolean hasPermission(String target, String permission) {
RolePermission perm = RolePermission.READ; RolePermission perm = null;
if (permission.equals("write")) { if (permission.equalsIgnoreCase("read")) {
perm = RolePermission.READ;
} else if (permission.equals("write")) {
perm = RolePermission.WRITE; perm = RolePermission.WRITE;
} else if (permission.equals("execute")) { } else if (permission.equals("execute")) {
perm = RolePermission.EXECUTE; perm = RolePermission.EXECUTE;
} }
return hasPermission(target, perm); return hasPermission(target, perm);
} }
public String getHostname() public String getHostname()
...@@ -75,9 +78,56 @@ public class BortalSessionHandler { ...@@ -75,9 +78,56 @@ public class BortalSessionHandler {
} }
public User getUser() { public User getUser() {
if (user == null) {
user = handlerbean.getDefaultUser();
}
return user; return user;
} }
public String logout() {
user = null;
return "logout";
}
public String login() {
user = handlerbean.tryLogin(username, password);
if (user == null) {
return "loginFailed";
} else {
return "loginSuccess";
}
}
/**
* @return the username
*/
public String getUsername() {
return username;
}
/**
* @param username the username to set
*/
public void setUsername(String username) {
this.username = username;
}
/**
* @return the password
*/
public String getPassword() {
return password;
}
/**
* @param password the password to set
*/
public void setPassword(String password) {
this.password = password;
}
} }
code/LanBortalWeb/src/fi/insomnia/bortal/view/RoleView.java
...@@ -21,7 +21,7 @@ import org.slf4j.LoggerFactory; ...@@ -21,7 +21,7 @@ import org.slf4j.LoggerFactory;
* *
* @author tuukka * @author tuukka
*/ */
@ManagedBean(name="RoleView") @ManagedBean(name="roleView")
@SessionScoped @SessionScoped
public class RoleView { public class RoleView {
...@@ -41,6 +41,12 @@ public class RoleView { ...@@ -41,6 +41,12 @@ public class RoleView {
} }
public String edit() {
role = items.getRowData();
return "roleEdit";
}
/** Creates a new instance of RoleView */ /** Creates a new instance of RoleView */
public RoleView() { public RoleView() {
} }
......
code/LanBortalWeb/src/fi/insomnia/bortal/view/UserView.java
...@@ -49,13 +49,13 @@ public class UserView { ...@@ -49,13 +49,13 @@ public class UserView {
public String getLocale() { public String getLocale() {
return "en_IN_XII"; return "en_ST_v7";
} }
public String createUser() { public String createUser() {
if (!getSessionhandler().canWrite("userManagement")) { if (!getSessionhandler().canWrite("userManagement")) {
// Give message to administration what happened here. // Give message to administration what happened here.
throw new PermissionDeniedException("User " + getSessionhandler().getUser() + " does not have permission to create user!",securitybean); throw new PermissionDeniedException(securitybean, getSessionhandler().getUser(), "User " + getSessionhandler().getUser() + " does not have permission to create user!");
} }
logger.info("Saving user"); logger.info("Saving user");
......
code/LanBortalWeb/src/resources/i18n.properties
...@@ -16,3 +16,4 @@ user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemass ...@@ -16,3 +16,4 @@ user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemass
fallbackstr="fallback default" fallbackstr="fallback default"
teststr=default locale test teststr=default locale test
defaultstr="Something default..." defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en.properties
user.username=K\u00e4ytt\u00e4j\u00e4tunnus user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi user.realname=Nimi
user.password=Salasana user.password=Salasana
user.email=S\u00e4hk\u00e4postiosoite user.email=S\u00E4hk\u00E4postiosoite
user.phone=Puhelinnumero user.phone=Puhelinnumero
user.bankaccount=Tilinumero user.bankaccount=Tilinumero
user.bank=Pankki user.bank=Pankki
save=Tallenna save=Tallenna
cancel=Peruuta cancel=Peruuta
login.username=K\u00e4ytt\u00e4j\u00e4tunnus: login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana: login.password=Salasana:
login.submit=Kirjaudu sis\u00e4\u00e4n login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n K\u00e4ytt\u00e4j\u00e4tunnus on jo olemassa. Ole hyv\u00e4 ja valitse toinen tunnus. user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default" fallbackstr="fallback default"
teststr=default locale test teststr=default locale test
defaultstr="Something default..." defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en_ST.properties
user.username=Kyttjtunnus user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi user.realname=Nimi
user.password=Salasana user.password=Salasana
user.email=Shkpostiosoite user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero user.phone=Puhelinnumero
user.bankaccount=Tilinumero user.bankaccount=Tilinumero
user.bank=Pankki user.bank=Pankki
save=Tallenna save=Tallenna
cancel=Peruuta cancel=Peruuta
login.username=Kyttjtunnus: login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana: login.password=Salasana:
login.submit=Kirjaudu sisn login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus. user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default" fallbackstr="fallback default"
teststr=default locale test teststr=default locale test
defaultstr="Something default..." defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_en_ST_v7.properties
user.username=Kyttjtunnus user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi user.realname=Nimi
user.password=Salasana user.password=Salasana
user.email=Shkpostiosoite user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero user.phone=Puhelinnumero
user.bankaccount=Tilinumero user.bankaccount=Tilinumero
user.bank=Pankki user.bank=Pankki
save=Tallenna save=Tallenna
cancel=Peruuta cancel=Peruuta
login.username=Kyttjtunnus: login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana: login.password=Salasana:
login.submit=Kirjaudu sisn login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus. user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
fallbackstr="fallback default" fallbackstr="fallback default"
teststr=default locale test teststr=default locale test
defaultstr="Something default..." defaultstr="Something default..."
logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_fi_IN.properties
user.username=Kyttjtunnus user.username=K\u00E4ytt\u00E4j\u00E4tunnus
user.realname=Nimi user.realname=Nimi
user.password=Salasana user.password=Salasana
user.email=Shkpostiosoite user.email=S\u00E4hk\u00F6postiosoite
user.phone=Puhelinnumero user.phone=Puhelinnumero
user.bankaccount=Tilinumero user.bankaccount=Tilinumero
user.bank=Pankki user.bank=Pankki
save=Tallenna save=Tallenna
cancel=Peruuta cancel=Peruuta
login.username=Kyttjtunnus: login.username=K\u00E4ytt\u00E4j\u00E4tunnus:
login.password=Salasana: login.password=Salasana:
login.submit=Kirjaudu sisn login.submit=Kirjaudu sis\u00E4\u00E4n
user.validate.notUniqueUsername=i18n Kyttjtunnus on jo olemassa. Ole hyv ja valitse toinen tunnus. user.validate.notUniqueUsername=i18n K\u00E4ytt\u00E4j\u00E4tunnus on jo olemassa. Ole hyv\u00E4 ja valitse toinen tunnus.
teststr=brlocale test teststr=brlocale test
fallbackstr=InsomniaSpecific fallback fallbackstr=InsomniaSpecific fallback
\ No newline at end of file logout=H\u00E4ivy
code/LanBortalWeb/src/resources/i18n_fi_IN_XII.properties
teststr=XII locale test teststr=XII locale test
\ No newline at end of file logout=H\u00E4ivy
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!