Skip to content

Antti Väyrynen / Moya

Go to a project
Commit 5c6df81b by Tuomas Riihimäki
Options

AuthorisationBean PrintBill, BillBean

1 parent ed5e952b
Inline Side-by-side
Showing with 196 additions and 0 deletions
Glassfishin_asennus 0 → 100644
################################################
HUOM!!!!
Stablessa glasfishissä on ainakin kirjoitushetkellä bugi nemaed queryjen kanssa. 3.1 betassa tämä on korjattu!
################################################
bortal realmin lisääminen glassfishiin.
1. Lisää code/LanBortalAuthModule.jar tiedosto hakemistoon glassfish/glassfish/domains/domain1/lib/
2. lisää tiedostoon glassfish/glassfish/domains/domain1/config/login.conf tiedostoon:
bortalRealm {
fi.insomnia.bortal.BortalLoginModule required;
};
3. suorita seuraava komento hakemistossa glassfish/glassfish/bin/
./asadmin create-auth-realm --classname fi.insomnia.bortal.BortalRealm --property jaas-context=bortalRealm omniarealm
./asadmin create-jdbc-connection-pool --datasourceclassname org.postgresql.ds.PGSimpleDataSource --restype javax.sql.DataSource --ping true --property DatabaseName=BortalDb:Password=derkoppa:User=bortal Omniapossu
Lisää JDBC resource jdbc/bortal connection poolille Omniapossu wepikälistä.
\ No newline at end of file
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java 0 → 100644
package fi.insomnia.bortal.beans;
import javax.annotation.security.DeclareRoles;
import javax.ejb.EJB;
import javax.ejb.Stateless;
import fi.insomnia.bortal.beanutil.AuthorisationBean;
import fi.insomnia.bortal.beanutil.AuthorisationBean.Right;
import fi.insomnia.bortal.beanutil.AuthorisationBean.RightType;
import fi.insomnia.bortal.facade.BillFacade;
import fi.insomnia.bortal.model.Bill;
import fi.insomnia.bortal.model.Event;
import fi.insomnia.bortal.model.User;
/**
* Session Bean implementation class BillBean
*/
@Stateless
@DeclareRoles({ "user", "moneyadmin" })
public class BillBean implements BillBeanLocal {
@EJB
private BillFacade billFacade;
@EJB
private SessionHandlerBean sessionbean;
@EJB
private SecurityBean secubean;
@EJB
private AuthorisationBean authbean;
/**
* Default constructor.
*/
public BillBean() {
// TODO Auto-generated constructor stub
}
public Bill findById(int eventId, int id) {
if (eventId <= 0 && id <= 0) {
return null;
}
Bill bill = billFacade.find(eventId, id);
Event event = bill.getEvent();
User currentuser = sessionbean.getCurrentUser(event);
if (!currentuser.equals(bill.getUser()))
if (!authbean.isAuthorised(currentuser, Right.ADMIN, RightType.READ)) {
{
secubean.logPermissionDenied(currentuser,
"User tried to print the bill with insufficient rights. Bill id: " + bill);
return null;
}
}
return bill;
}
}
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beanutil/AuthorisationBean.java 0 → 100644
package fi.insomnia.bortal.beanutil;
import javax.ejb.Stateless;
import fi.insomnia.bortal.model.User;
/**
* Session Bean implementation class AuthorisationBean
*/
@Stateless
public class AuthorisationBean implements AuthorisationBeanLocal {
public enum Right {
ADMIN
}
public enum RightType {
READ, WRITE, EXECUTE
}
/**
* Default constructor.
*/
public AuthorisationBean() {
// TODO Auto-generated constructor stub
}
public boolean isAuthorised(User user, Right r, RightType t) {
if (user.isSuperadmin()) {
return true;
} else {
}
return false;
}
}
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beanutil/AuthorisationBeanLocal.java 0 → 100644
package fi.insomnia.bortal.beanutil;
import javax.ejb.Local;
@Local
public interface AuthorisationBeanLocal {
}
code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/BillBeanLocal.java 0 → 100644
package fi.insomnia.bortal.beans;
import javax.ejb.Local;
import fi.insomnia.bortal.model.Bill;
@Local
public interface BillBeanLocal {
Bill findById(int eventId, int id);
}
code/LanBortalWeb/src/fi/insomnia/bortal/servlet/PrintBill.java 0 → 100644
package fi.insomnia.bortal.servlet;
import java.io.IOException;
import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import fi.insomnia.bortal.beans.BillBeanLocal;
/**
* Servlet implementation class PrintBill
*/
public class PrintBill extends HttpServlet {
private static final long serialVersionUID = 1L;
@EJB
private BillBeanLocal billentity;
/**
* @see HttpServlet#HttpServlet()
*/
public PrintBill() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
ouput(request, response);
}
private void ouput(HttpServletRequest request, HttpServletResponse response) {
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
ouput(request, response);
}
}
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!