Rooliviilausta.. Ei pushata näitä vielä..

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java

@@ -7,21 +7,21 @@ import javax.ejb.EJB;
 import javax.ejb.Stateless;
 import javax.servlet.ServletOutputStream;
 
+
 import fi.insomnia.bortal.beanutil.AuthorisationBean;
 import fi.insomnia.bortal.beanutil.AuthorisationBean.Right;
 import fi.insomnia.bortal.beanutil.AuthorisationBean.RightType;
 import fi.insomnia.bortal.beanutil.PdfPrinter;
 
+import fi.insomnia.bortal.enums.BeanRole;
 import fi.insomnia.bortal.facade.BillFacade;
 import fi.insomnia.bortal.model.Bill;
 import fi.insomnia.bortal.model.Event;
 import fi.insomnia.bortal.model.User;
-
 /**
  * Session Bean implementation class BillBean
  */
 @Stateless
-@DeclareRoles({ "user", "moneyadmin" })
 public class BillBean implements BillBeanLocal {
 
     @EJB

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/JaasBean.java

@@ -9,7 +9,7 @@ import javax.ejb.Stateless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import fi.insomnia.bortal.enums.Role;
+import fi.insomnia.bortal.enums.BeanRole;
 import fi.insomnia.bortal.facade.UserFacade;
 import fi.insomnia.bortal.model.User;
 
@@ -19,8 +19,6 @@ import fi.insomnia.bortal.model.User;
 @Stateless
 public class JaasBean implements JaasBeanLocal, JaasBeanRemote {
 
-    public static final String JAAS_SUPERADMINGROUP = "superadmin";
-    public static final String JAAS_USERGROUP = "user";
     private static final Logger logger = LoggerFactory.getLogger(JaasBean.class);
     @EJB
     private UserFacade userfacade;
@@ -61,9 +59,9 @@ public class JaasBean implements JaasBeanLocal, JaasBeanRemote {
 
         Vector<String> rights = new Vector<String>();
         if (usr != null) {
-            rights.add(JAAS_USERGROUP);
+            rights.add(BeanRole.USER_BASE.name());
             if (usr.isSuperadmin()) {
-                rights.add(JAAS_SUPERADMINGROUP);
+                rights.add(BeanRole.SUPERADMIN.name());
             }
         }
 

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/RoleBean.java

@@ -4,6 +4,7 @@
  */
 package fi.insomnia.bortal.beans;
 
+import fi.insomnia.bortal.enums.BeanRole;
 import fi.insomnia.bortal.facade.RoleFacade;
 import fi.insomnia.bortal.model.Role;
 import java.util.ArrayList;
@@ -16,12 +17,14 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- *
+ * 
  * @author tuukka
  */
 @Stateless
 public class RoleBean implements RoleBeanLocal {
 
+    public static final String[] DECLARED_ROLES = { BeanRole.SUPERADMIN.name(), BeanRole.ADMIN_BASE.name(), BeanRole.USER_BASE.name() };
+
     @EJB
     private RoleFacade roleFacade;
     private static final Logger logger = LoggerFactory.getLogger(RoleBean.class);
@@ -37,7 +40,6 @@ public class RoleBean implements RoleBeanLocal {
 
     public Role create(Role role) {
 
-
         roleFacade.create(role);
 
         return role;
@@ -46,7 +48,7 @@ public class RoleBean implements RoleBeanLocal {
     public List<Role> getPossibleParents(Role role) {
         List<Role> roleList = listRoles();
 
-        if(role == null)
+        if (role == null)
             return roleList;
 
         List<Role> children = getAllChilds(role, new HashSet<Role>());
@@ -60,8 +62,6 @@ public class RoleBean implements RoleBeanLocal {
         return roleList;
     }
 
-
-
     private static List<Role> getAllChilds(Role role, Set<Role> checkedRoles) {
 
         List<Role> returnList = new ArrayList<Role>();
@@ -80,7 +80,9 @@ public class RoleBean implements RoleBeanLocal {
         return returnList;
     }
 
-
+    public static String[] getDeclaredRoles() {
+        return DECLARED_ROLES;
+    }
 
     // Add business logic below. (Right-click in editor and choose
     // "Insert Code > Add Business Method")

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/SecurityBean.java

@@ -19,6 +19,7 @@ import fi.insomnia.bortal.model.User;
 @Stateless
 public class SecurityBean implements SecurityBeanLocal {
 
+  
     private final Logger logger = org.slf4j.LoggerFactory.getLogger(SecurityBean.class);
     @EJB
     private LogEntryTypeFacade typeFacade;

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/TestDataBean.java

@@ -38,7 +38,7 @@ import fi.insomnia.bortal.model.User;
  * Session Bean implementation class TestDataBean
  */
 @Stateless
-@DeclareRoles(JaasBean.JAAS_SUPERADMINGROUP)
+// @DeclareRoles(JaasBean.JAAS_SUPERADMINGROUP)
 //@RolesAllowed(JaasBean.JAAS_SUPERADMINGROUP)
 public class TestDataBean implements TestDataBeanLocal {
 

code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java

@@ -3,7 +3,9 @@ package fi.insomnia.bortal.beans;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.HashSet;
+import java.util.Iterator;
 import java.util.List;
+import java.util.Map.Entry;
 import java.util.Set;
 
 import javax.annotation.Resource;
@@ -11,6 +13,7 @@ import javax.ejb.EJB;
 import javax.ejb.LocalBean;
 import javax.ejb.SessionContext;
 import javax.ejb.Stateless;
+import javax.xml.rpc.handler.MessageContext;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -78,6 +81,7 @@ public class UserBean implements UserBeanLocal {
         return userFacade.findByLogin(nick);
     }
 
+   
     @Override
     public User getCurrentUser(Event event) {
         Principal principal = context.getCallerPrincipal();

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UserBeanLocal.java

@@ -27,4 +27,5 @@ public interface UserBeanLocal {
 
     boolean hasPermission(Permission target, User user, RolePermission permission);
 
+
 }

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/enums/Role.java → code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/enums/BeanRole.java

 package fi.insomnia.bortal.enums;
 
-public enum Role {
+public enum BeanRole {
     USER_BASE(true), // Logged in user
     ADMIN_BASE(true),
     SUPERADMIN(false) // Admin for this event
@@ -8,11 +8,13 @@ public enum Role {
 
     private boolean inDatabase;
 
-    Role(boolean inDb) {
+    BeanRole(boolean inDb) {
         inDatabase = inDb;
     }
 
     public boolean isInDatabase() {
         return inDatabase;
     }
+   
+   
 }

code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/enums/Permission.java

@@ -15,7 +15,7 @@ public enum Permission {
 
     PERMISSION("Description"),
     LOGIN("User can see loginbutton. (only defaultuser should have permission to that one)"),
-    userManagement;
+    USER_MANAGEMENT("User has right to manage users.... ");
 
     private static final Logger logger = LoggerFactory.getLogger(Permission.class);
     private String description;

code/LanBortalWeb/WebContent/WEB-INF/sun-web.xml

@@ -3,12 +3,16 @@
 <sun-web-app error-url="">
 	<context-root>/LanBortalWeb</context-root>
 	<security-role-mapping>
-		<role-name>admin</role-name>
-		<group-name>admin</group-name>
+		<role-name>SUPERADMIN</role-name>
+		<group-name>SUPERADMIN</group-name>
 	</security-role-mapping>
 	<security-role-mapping>
-		<role-name>user</role-name>
-		<group-name>user</group-name>
+		<role-name>ADMIN_BASE</role-name>
+		<group-name>ADMIN_BASE</group-name>
+	</security-role-mapping>
+	<security-role-mapping>
+		<role-name>USER_BASE</role-name>
+		<group-name>USER_BASE</group-name>
 	</security-role-mapping>
 	<class-loader delegate="true" />
 	<jsp-config>

code/LanBortalWeb/WebContent/WEB-INF/web.xml

@@ -44,10 +44,13 @@
 		</form-login-config>
 	</login-config>
 	<security-role>
-		<role-name>admin</role-name>
+		<role-name>SUPERADMIN</role-name>
 	</security-role>
 	<security-role>
-		<role-name>user</role-name>
+		<role-name>USER_BASE</role-name>
+	</security-role>
+	<security-role>
+		<role-name>ADMIN_BASE</role-name>
 	</security-role>
 	<security-constraint>
 		<web-resource-collection>

code/LanBortalWeb/WebContent/generateTestData.xhtml

@@ -14,7 +14,8 @@
             <br />
             <br />
             <h:commandButton value="print places debug info" action="#{TestDataView.printPlacesInfo}" />
-        </h:form>
+             <br />
+             </h:form>
     </h:body>
 </html>
 

code/LanBortalWeb/WebContent/resources/tools/canExecute.xhtml

@@ -17,7 +17,7 @@
 
 <composite:implementation>
 	<c:choose>
-		<c:when test='#{sessionHandler.canExecute(target) }'>
+		<c:when test='#{sessionHandler.canExecute(cc.attrs.target) }'>
 			<composite:insertChildren />
 		</c:when>
 		<c:otherwise>

code/LanBortalWeb/WebContent/resources/tools/canWrite.xhtml

@@ -17,7 +17,7 @@
 
 <composite:implementation>
 	<c:choose>
-		<c:when test='#{sessionHandler.canWrite(target) }'>
+		<c:when test='#{sessionHandler.canWrite(cc.attrs.target) }'>
 			<composite:insertChildren />
 		</c:when>
 		<c:otherwise>

code/LanBortalWeb/WebContent/resources/tools/user/list.xhtml

@@ -16,7 +16,7 @@
 
     <composite:implementation>
 
-        <tools:canRead target="userManagement" >
+        <tools:canRead target="USER_MANAGEMENT" >
             <h:form>
                 <h:dataTable
                     border="1"
@@ -66,7 +66,7 @@
                         <h:outputText value="#{user.female}" />
                     </h:column>
 
-                    <tools:canWrite target="userManagement" >
+                    <tools:canWrite target="USER_MANAGEMENT" >
                         <h:column>
                             <f:facet name="header">
                                 <h:outputText value="Edit" />

code/LanBortalWeb/src/fi/insomnia/bortal/HostnameFilter.java

 package fi.insomnia.bortal;
 
 import java.io.IOException;
+
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -82,6 +83,5 @@ public class HostnameFilter implements Filter {
         }
         return ret;
     }
-    
 
 }

code/LanBortalWeb/src/fi/insomnia/bortal/view/TestDataView.java

@@ -10,6 +10,7 @@ import javax.faces.bean.ManagedProperty;
 import javax.faces.bean.RequestScoped;
 
 import fi.insomnia.bortal.beans.TestDataBeanLocal;
+import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.model.Event;
 import fi.insomnia.bortal.model.EventMap;
@@ -25,6 +26,8 @@ public class TestDataView {
 
     @EJB
     private TestDataBeanLocal testdatabean;
+    @EJB
+    private UserBeanLocal userbean;
 
     @ManagedProperty("#{sessionHandler}")
     private SessionHandler sessionhandler;
@@ -57,5 +60,6 @@ public class TestDataView {
 
         return null;
     }
-
+    
+  
 }

code/LanBortalWeb/src/fi/insomnia/bortal/view/UserView.java

@@ -14,6 +14,7 @@ import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.SecurityBeanLocal;
 import fi.insomnia.bortal.beans.JaasBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
+import fi.insomnia.bortal.enums.Permission;
 import fi.insomnia.bortal.exceptions.PermissionDeniedException;
 import fi.insomnia.bortal.handler.SessionHandler;
 import fi.insomnia.bortal.model.User;
@@ -48,7 +49,7 @@ public class UserView {
     }
 
     public String createUser() {
-        if (!getSessionhandler().canWrite("userManagement")) {
+        if (!getSessionhandler().canWrite(Permission.USER_MANAGEMENT.name())) {
             // Give message to administration what happened here.
             throw new PermissionDeniedException(securitybean, getSessionhandler().getUser(), "User " + getSessionhandler().getUser() + " does not have permission to create user!");
         }