Skip to content

Antti Väyrynen / Moya

Go to a project
Commit 775eeb93 by Tuukka Kivilahti
Options

permissions for moyaterminalweb, now there is examble of how we do basic permissions in there

1 parent 4084aa93
Inline Side-by-side
Showing with 50 additions and 11 deletions
code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/PermissionBean.java
...@@ -81,9 +81,9 @@ import fi.codecrew.moya.model.User; ...@@ -81,9 +81,9 @@ import fi.codecrew.moya.model.User;
SpecialPermission.S_USER, SpecialPermission.S_USER,
SpecialPermission.S_ANONYMOUS, SpecialPermission.S_ANONYMOUS,
TerminalPermission.S_CASHIER_TERMINAL, TerminalPermission.S_INFO_TERMINAL,
TerminalPermission.S_CUSTOMER_TERMINAL, TerminalPermission.S_USER_TERMINAL,
TerminalPermission.S_SELFHELP_TERMINAL, TerminalPermission.S_ADMIN_TERMINAL,
CompoPermission.S_MANAGE, CompoPermission.S_MANAGE,
CompoPermission.S_VOTE, CompoPermission.S_VOTE,
......
code/MoyaTerminalWeb/WebContent/WEB-INF/web.xml
...@@ -5,10 +5,12 @@ ...@@ -5,10 +5,12 @@
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name> <param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value> <param-value>true</param-value>
</context-param> </context-param>
<welcome-file-list> <welcome-file-list>
<welcome-file>index.html</welcome-file> <welcome-file>index.html</welcome-file>
<welcome-file>index.jsf</welcome-file> <welcome-file>index.jsf</welcome-file>
</welcome-file-list> </welcome-file-list>
<session-config> <session-config>
<session-timeout>30</session-timeout> <session-timeout>30</session-timeout>
</session-config> </session-config>
...@@ -17,11 +19,12 @@ ...@@ -17,11 +19,12 @@
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup> <load-on-startup>1</load-on-startup>
</servlet> </servlet>
<servlet-mapping> <servlet-mapping>
<servlet-name>Faces Servlet</servlet-name> <servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern> <url-pattern>*.jsf</url-pattern>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping> </servlet-mapping>
<context-param> <context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name> <param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value> <param-value>Development</param-value>
...@@ -47,6 +50,40 @@ ...@@ -47,6 +50,40 @@
<auth-method>CLIENT-CERT</auth-method> <auth-method>CLIENT-CERT</auth-method>
<realm-name>certificate</realm-name> <realm-name>certificate</realm-name>
</login-config> </login-config>
<security-constraint>
<display-name>Forbidden resource</display-name>
<web-resource-collection>
<web-resource-name>Forbidden</web-resource-name>
<url-pattern>*.xhtml</url-pattern>
<url-pattern>/layout/*</url-pattern>
<url-pattern>/resources/tools/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Thou shall not read the sources or use utils directly
</description>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>Resource that needs cert auth</display-name>
<web-resource-collection>
<web-resource-name>Forbidden</web-resource-name>
<url-pattern>/info/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>TERMINAL/INFO</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!--
<security-constraint> <security-constraint>
<display-name>Resource that needs cert auth</display-name> <display-name>Resource that needs cert auth</display-name>
<web-resource-collection> <web-resource-collection>
...@@ -60,7 +97,9 @@ ...@@ -60,7 +97,9 @@
<user-data-constraint> <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint> </user-data-constraint>
</security-constraint> </security-constraint> -->
<persistence-unit-ref> <persistence-unit-ref>
<persistence-unit-ref-name>BortalEMF</persistence-unit-ref-name> <persistence-unit-ref-name>BortalEMF</persistence-unit-ref-name>
</persistence-unit-ref> </persistence-unit-ref>
......
code/MoyaUtilities/src/main/java/fi/codecrew/moya/enums/apps/TerminalPermission.java
...@@ -11,16 +11,16 @@ import fi.codecrew.moya.enums.BortalApplication; ...@@ -11,16 +11,16 @@ import fi.codecrew.moya.enums.BortalApplication;
*/ */
public enum TerminalPermission implements IAppPermission { public enum TerminalPermission implements IAppPermission {
CASHIER, // ("Access cashier terminal functions"), INFO,
CUSTOMER, // ("Access client terminal functions"), USER,
SELFHELP, // ("Self help terminal") ADMIN,
; ;
// public static final String S_TERMINAL = "TERMINAL"; // public static final String S_TERMINAL = "TERMINAL";
public static final String S_CASHIER_TERMINAL = "TERMINAL/CASHIER"; public static final String S_INFO_TERMINAL = "TERMINAL/INFO";
public static final String S_CUSTOMER_TERMINAL = "TERMINAL/CUSTOMER"; public static final String S_USER_TERMINAL = "TERMINAL/USER";
public static final String S_SELFHELP_TERMINAL = "TERMINAL/SELFHELP"; public static final String S_ADMIN_TERMINAL = "TERMINAL/ADMIN";
private final String fullName; private final String fullName;
private final String key; private final String key;
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!