first stage of transitioning to the new SecurityMonitor-based security

architecture--it's implemented at the global level and for communities, conferences still use the old hard-coded implementation. The new StaticSecurityMonitor is configured via XML data, which will be important when we implement the new Community Services architecture
2001-11-18 09:32:21 +00:00 · 2001-11-18 09:32:21 +00:00 · 5f966a6450
commit 5f966a6450
parent 47b88efd75
36 changed files with 2024 additions and 572 deletions
--- a/etc/venice-config.xml
+++ b/etc/venice-config.xml
@ -54,6 +54,137 @@
    <wait-if-busy/>
  </database>
  <!-- This section is used to configure the default security contexts, and should probably
       not be tampered with. -->
  <security>
    <security-definition id="Global">
      <defined-roles>
 	<role id="Anonymous" value="L+100">Anonymous User</role>
 	<role id="Unverified" value="L+500">Unauthenticated User</role>
 	<role id="Normal" value="L+1000">Normal User</role>
 	<role id="AnyAdmin" value="HMIN">Any System Administrator</role>
 	<role id="PFY" value="H+1000">System Assistant Administrator</role>
 	<role id="BOFH" value="HMAX">Global System Administrator</role>
      </defined-roles>
      <defined-lists>
 	<list id="UserLevels">
 	  <element role="Global.Anonymous"/>
 	  <element role="Global.Unverified"/>
 	  <element role="Global.Normal"/>
 	  <element role="UnrestrictedUser"/>
 	</list>
 	<list id="UserLevelsPFY">
 	  <element role="Global.Anonymous"/>
 	  <element role="Global.Unverified"/>
 	  <element role="Global.Normal"/>
 	  <element role="UnrestrictedUser"/>
 	  <element role="Global.PFY"/>
 	</list>
 	<list id="CreateCommunity">
 	  <permission/>
 	  <element role="Global.Normal" default="true"/>
 	  <element role="UnrestrictedUser"/>
 	  <element role="Global.AnyAdmin"/>
 	  <element role="Global.PFY"/>
 	  <element role="Global.BOFH"/>
 	</list>
      </defined-lists>
      <defaults>
 	<default id="NewUser" role="Global.Unverified"/>
 	<default id="AfterVerify" role="Global.Normal"/>
 	<default id="AfterEmailChange" role="Global.Unverified"/>
      </defaults>
      <permissions>
 	<permission id="ShowHiddenCategories" role="Global.AnyAdmin"/>
 	<permission id="NoEmailVerify" role="Global.AnyAdmin"/>
 	<permission id="SeeHiddenContactInfo" role="Global.AnyAdmin"/>
 	<permission id="SearchHiddenCommunities" role="Global.AnyAdmin"/>
 	<permission id="ShowHiddenCommunities" role="Global.AnyAdmin"/>
 	<permission id="SearchHiddenCategories" role="Global.AnyAdmin"/>
 	<permission id="SysAdminAccess" role="Global.AnyAdmin"/>
 	<permission id="PublishFP" role="Global.AnyAdmin"/>
 	<permission id="DesignatePFY" role="Global.BOFH"/>
      </permissions>
    </security-definition>
    <security-definition id="Community" parent="Global">
      <defined-roles>
 	<role id="Member" value="L+500">Community Member</role>
 	<role id="AnyAdmin" value="HMIN">Any Community Administrator</role>
 	<role id="Cohost" value="H+1000">Community Co-Host</role>
 	<role id="Host" value="H+1500">Community Host</role>
      </defined-roles>
      <defined-lists>
 	<list id="Read">
 	  <permission/>
 	  <element role="Global.Anonymous"/>
 	  <element role="Global.Unverified"/>
 	  <element role="Global.Normal"/>
 	  <element role="Community.Member" default="true"/>
 	  <element role="UnrestrictedUser"/>
 	  <element role="Community.AnyAdmin"/>
 	  <element role="Community.Cohost"/>
 	  <element role="Community.Host"/>
 	  <element role="Global.AnyAdmin"/>
 	</list>
 	<list id="Write">
 	  <permission/>
 	  <element role="Community.AnyAdmin"/>
 	  <element role="Community.Cohost" default="true"/>
 	  <element role="Community.Host"/>
 	  <element role="Global.AnyAdmin"/>
 	  <element role="Global.PFY"/>
 	  <element role="Global.BOFH"/>
 	</list>
 	<list id="Create">
 	  <permission/>
 	  <element role="Global.Normal"/>
 	  <element role="Community.Member"/>
 	  <element role="UnrestrictedUser"/>
 	  <element role="Community.AnyAdmin"/>
 	  <element role="Community.Cohost" default="true"/>
 	  <element role="Community.Host"/>
 	  <element role="Global.AnyAdmin"/>
 	</list>
 	<list id="Delete">
 	  <permission/>
 	  <element role="Community.AnyAdmin"/>
 	  <element role="Community.Cohost"/>
 	  <element role="Community.Host" default="true"/>
 	  <element role="Global.AnyAdmin"/>
 	  <element role="Global.PFY"/>
 	  <element role="Global.BOFH"/>
 	  <element role="NoAccess"/>
 	</list>
 	<list id="Join">
 	  <permission/>
 	  <element role="Global.Anonymous"/>
 	  <element role="Global.Unverified"/>
 	  <element role="Global.Normal" default="true"/>
 	</list>
 	<list id="UserLevels">
 	  <element role="NotInList"/>
 	  <element role="Global.Anonymous"/>
 	  <element role="Global.Unverified"/>
 	  <element role="Global.Normal"/>
 	  <element role="Community.Member"/>
 	  <element role="UnrestrictedUser"/>
 	  <element role="Community.Cohost"/>
 	</list>
      </defined-lists>
      <defaults>
 	<default id="NewUser" role="Community.Member"/>
 	<default id="Creator" role="Community.Host"/>
      </defaults>
      <permissions>
 	<permission id="ShowAdmin" role="Community.AnyAdmin"/>
 	<permission id="NoJoinRequired" role="Global.AnyAdmin"/>
 	<permission id="NoKeyRequired" role="Global.AnyAdmin"/>
 	<permission id="ShowHiddenMembers" role="Community.AnyAdmin"/>
 	<permission id="ShowHiddenObjects" role="Community.AnyAdmin"/>
      </permissions>
    </security-definition>
  </security>
  <!-- This section is used to configure electronic mail services. -->
  <email>
    <!-- The SMTP server to use when sending messages out.  This server must be
--- a/src/com/silverwrist/venice/core/AdminOperations.java
+++ b/src/com/silverwrist/venice/core/AdminOperations.java
@ -21,8 +21,12 @@ import java.util.List;
 public interface AdminOperations
 {
  public abstract SecurityInfo getSecurityInfo();
  public abstract boolean isGlobalAdmin();
  public abstract List getAllowedRoleList();
  public abstract List getAuditRecords(int offset, int count) throws DataException;
  public abstract int getAuditRecordCount() throws DataException;
--- a/src/com/silverwrist/venice/core/AdminUserContext.java
+++ b/src/com/silverwrist/venice/core/AdminUserContext.java
@ -20,6 +20,7 @@ package com.silverwrist.venice.core;
 import java.util.Date;
 import java.util.Locale;
 import java.util.TimeZone;
 import com.silverwrist.venice.security.Role;
 public interface AdminUserContext
 {
@ -37,6 +38,10 @@ public interface AdminUserContext
  public abstract void setBaseLevel(int new_level) throws DataException;
  public abstract Role getBaseRole();
  public abstract void setBaseRole(Role new_role) throws DataException;
  public abstract boolean isEmailVerified();
  public abstract void setEmailVerified(boolean flag) throws DataException;
--- a/src/com/silverwrist/venice/core/CommunityContext.java
+++ b/src/com/silverwrist/venice/core/CommunityContext.java
@ -175,4 +175,6 @@ public interface CommunityContext extends SearchMode
  public abstract void setProperties(CommunityProperties props) throws DataException, AccessError;
  public abstract SecurityInfo getSecurityInfo();
 } // end interface CommunityContext
--- a/src/com/silverwrist/venice/core/SecurityInfo.java
+++ b/src/com/silverwrist/venice/core/SecurityInfo.java
@ -0,0 +1,35 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.core;
 import java.util.List;
 import com.silverwrist.venice.security.Role;
 public interface SecurityInfo
 {
  public abstract List getRoleList(String symbol);
  public abstract Role getRole(String symbol);
  public abstract Role getRoleForLevel(int level);
  public abstract Role getDefaultRole(String symbol);
  public abstract String getID();
 } // end interface SecurityInfo
--- a/src/com/silverwrist/venice/core/VeniceEngine.java
+++ b/src/com/silverwrist/venice/core/VeniceEngine.java
@ -85,4 +85,6 @@ public interface VeniceEngine extends SearchMode
  public abstract Dimension getCommunityLogoSize();
  public abstract SecurityInfo getSecurityInfo();
 } // end interface VeniceEngine
--- a/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java
+++ b/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java
@ -58,12 +58,27 @@ class AdminOperationsImpl implements AdminOperations
   *--------------------------------------------------------------------------------
   */
  public SecurityInfo getSecurityInfo()
  {
    return env.getEngine().getSelf().getSecurityInfo();
  } // end getSecurityInfo
  public boolean isGlobalAdmin()
  {
    return (env.getUser().realBaseLevel()==SecLevels.GLOBAL_BOFH);
  } // end isGlobalAdmin
  public List getAllowedRoleList()
  {
    if (env.testPermission(EnvUser.PERM_DESIGNATEPFY))
      return env.getRoleList("Global.UserLevelsPFY");
    else
      return env.getRoleList("Global.UserLevels");
  } // end getAllowedRoleList
  public List getAuditRecords(int offset, int count) throws DataException
  {
    Connection conn = null;
--- a/src/com/silverwrist/venice/core/impl/AdminUserContextImpl.java
+++ b/src/com/silverwrist/venice/core/impl/AdminUserContextImpl.java
@ -24,8 +24,7 @@ import com.silverwrist.util.International;
 import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
-import com.silverwrist.venice.security.PasswordHash;
+import com.silverwrist.venice.security.*;
 import com.silverwrist.venice.security.AuditRecord;
 class AdminUserContextImpl implements AdminUserContext
 {
@ -203,6 +202,18 @@ class AdminUserContextImpl implements AdminUserContext
  } // end setBaseLevel
  public Role getBaseRole()
  {
    return env.getRoleForLevel(level);
  } // end getBaseRole
  public void setBaseRole(Role new_role) throws DataException
  {
    setBaseLevel(new_role.getLevel());
  } // end setBaseRole
  public boolean isEmailVerified()
  {
    return email_verified;
--- a/src/com/silverwrist/venice/core/impl/CategoryDescriptorImpl.java
+++ b/src/com/silverwrist/venice/core/impl/CategoryDescriptorImpl.java
@ -370,7 +370,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
   *--------------------------------------------------------------------------------
   */
-  static List getTopLevelCategoryList(EnvEngine env, boolean do_hide) throws DataException
+  static List getTopLevelCategoryList(EnvEngine env, boolean show_all) throws DataException
  {
    Connection conn = null;
    ArrayList rc = new ArrayList();
@ -379,7 +379,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
      conn = env.getConnection();
      Statement stmt = conn.createStatement();
      StringBuffer sql = new StringBuffer("SELECT catid, symlink, name FROM refcategory WHERE parent = -1");
-      if (do_hide)
+      if (!show_all)
 	sql.append(" AND hide_dir = 0");
      sql.append(';');
@ -388,7 +388,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
      while (rs.next())
      { // turn data values into CategoryDescriptor objects
 	CategoryDescriptor ncd = new CategoryDescriptorImpl(env,rs.getInt(1),rs.getInt(2),rs.getString(3),
-							    do_hide);
+							    !show_all);
 	rc.add(ncd);
      } // end while
@ -409,7 +409,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
  } // end getTopLevelCategoryList
-  static List searchForCategories(EnvEngine env, boolean do_hide, boolean search_all, int mode,
+  static List searchForCategories(EnvEngine env, boolean show_all, boolean search_all, int mode,
 				  String term, int offset, int count) throws DataException
  {
    if (logger.isDebugEnabled())
@ -444,7 +444,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
      } // end switch
-      if (do_hide)
+      if (!show_all)
 	sql.append(" AND hide_dir = 0");
      if (!search_all)
 	sql.append(" AND hide_search = 0");
@ -464,7 +464,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
      for (int i=0; i<n; i++)
      { // convert all the simple category IDs into full-blown CategoryDescriptor objects
-	CategoryDescriptor tmp = new CategoryDescriptorImpl(env,conn,rc_raw[i],do_hide);
+	CategoryDescriptor tmp = new CategoryDescriptorImpl(env,conn,rc_raw[i],!show_all);
 	rc.add(tmp);
      } // end for
@ -486,7 +486,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
  } // end searchForCategories
-  static int getSearchCategoryCount(EnvEngine env, boolean do_hide, boolean search_all, int mode,
+  static int getSearchCategoryCount(EnvEngine env, boolean show_all, boolean search_all, int mode,
 				    String term) throws DataException
  {
    if (logger.isDebugEnabled())
@ -519,7 +519,7 @@ class CategoryDescriptorImpl implements CategoryDescriptor, Cloneable
      } // end switch
-      if (do_hide)
+      if (!show_all)
 	sql.append(" AND hide_dir = 0");
      if (!search_all)
 	sql.append(" AND hide_search = 0");
--- a/src/com/silverwrist/venice/core/impl/CommunityCoreData.java
+++ b/src/com/silverwrist/venice/core/impl/CommunityCoreData.java
@ -27,7 +27,6 @@ import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Capability;
 import com.silverwrist.venice.security.DefaultLevels;
 class CommunityCoreData implements CommunityData, CommunityDataBackend
@ -183,16 +182,17 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
  {
    if (logger.isDebugEnabled())
      logger.debug("new CommunityCoreData for BRAND NEW COMMUNITY " + cid);
-    this.env = new EnvCommunityData(env,this);
+    EnvCommunityData new_env = new EnvCommunityData(env,this);
    this.env = new_env;
    this.cid = cid;
    this.created = creation;
    this.last_access = creation;
    this.last_update = creation;
-    this.read_level = DefaultLevels.newCommunityRead();
+    this.read_level = new_env.getDefaultRole("Community.Read").getLevel();
-    this.write_level = DefaultLevels.newCommunityWrite();
+    this.write_level = new_env.getDefaultRole("Community.Write").getLevel();
-    this.create_level = DefaultLevels.newCommunityCreate();
+    this.create_level = new_env.getDefaultRole("Community.Create").getLevel();
-    this.delete_level = DefaultLevels.newCommunityDelete();
+    this.delete_level = new_env.getDefaultRole("Community.Delete").getLevel();
-    this.join_level = DefaultLevels.newCommunityJoin();
+    this.join_level = new_env.getDefaultRole("Community.Join").getLevel();
    this.contactid = -1;
    this.host_uid = host_uid;
    this.category_id = 0;
@ -430,7 +430,7 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
  {
    if (deleted)
      throw new DataException("This community has been deleted.");
-    if (Capability.exemptFromMembershipRequirement(level))
+    if (env.testPermission(EnvCommunityData.PERM_NOJOINREQUIRED,level))
      return;
    if (members_only && !is_member)
    { // the membership test failed
@ -445,7 +445,7 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
  {
    if (deleted)
      return false;
-    if (Capability.exemptFromMembershipRequirement(level))
+    if (env.testPermission(EnvCommunityData.PERM_NOJOINREQUIRED,level))
      return true;
    return !members_only || is_member;
@ -1980,16 +1980,19 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
 		   + "rules, joinkey, alias) VALUES ('");
 	creation = new java.util.Date();
 	String creation_str = SQLUtil.encodeDate(creation);
 	int level_read = env.getCommunityDefaultRole("Community.Read").getLevel();
 	int level_write = env.getCommunityDefaultRole("Community.Write").getLevel();
 	int level_create = env.getCommunityDefaultRole("Community.Create").getLevel();
 	int level_delete = env.getCommunityDefaultRole("Community.Delete").getLevel();
 	int level_join = env.getCommunityDefaultRole("Community.Join").getLevel();
 	sql.append(creation).append("', '").append(creation).append("', '").append(creation).append("', ");
-	sql.append(DefaultLevels.newCommunityRead()).append(", ").append(DefaultLevels.newCommunityWrite());
+	sql.append(level_read).append(", ").append(level_write).append(", ").append(level_create).append(", ");
-	sql.append(", ").append(DefaultLevels.newCommunityCreate()).append(", ");
+	sql.append(level_delete).append(", ").append(level_join).append(", ").append(host_uid).append(", ");
-	sql.append(DefaultLevels.newCommunityDelete()).append(", ").append(DefaultLevels.newCommunityJoin());
+	sql.append(hide_dir ? '1' : '0').append(", ").append(hide_search ? '1' : '0').append(", ");
-	sql.append(", ").append(host_uid).append(", ").append(hide_dir ? '1' : '0').append(", ");
+	sql.append(SQLUtil.encodeStringArg(name)).append(", ").append(SQLUtil.encodeStringArg(language));
-	sql.append(hide_search ? '1' : '0').append(", ").append(SQLUtil.encodeStringArg(name)).append(", ");
+	sql.append(", ").append(SQLUtil.encodeStringArg(synopsis)).append(", ");
-	sql.append(SQLUtil.encodeStringArg(language)).append(", ").append(SQLUtil.encodeStringArg(synopsis));
+	sql.append(SQLUtil.encodeStringArg(rules)).append(", ").append(SQLUtil.encodeStringArg(joinkey));
-	sql.append(", ").append(SQLUtil.encodeStringArg(rules)).append(", ");
+	sql.append(", ").append(SQLUtil.encodeStringArg(alias)).append(");");
 	sql.append(SQLUtil.encodeStringArg(joinkey)).append(", ").append(SQLUtil.encodeStringArg(alias));
 	sql.append(");");
 	if (logger.isDebugEnabled())
 	  logger.debug("SQL: " + sql.toString());
@ -2037,8 +2040,8 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
 	// is "locked" so they can't unjoin and leave the community hostless.
 	sql.setLength(0);
 	sql.append("INSERT INTO sigmember(sigid, uid, granted_lvl, locked) VALUES (").append(new_cid);
-	sql.append(", ").append(host_uid).append(", ").append(DefaultLevels.creatorCommunity());
+	sql.append(", ").append(host_uid).append(", ");
-	sql.append(", 1);");
+	sql.append(env.getCommunityDefaultRole("Community.Creator").getLevel()).append(", 1);");
 	if (logger.isDebugEnabled())
 	  logger.debug("SQL: " + sql.toString());
 	stmt.executeUpdate(sql.toString());
--- a/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java
+++ b/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java
@ -25,8 +25,8 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Capability;
 import com.silverwrist.venice.security.DefaultLevels;
 import com.silverwrist.venice.security.Role;
 class CommunityUserContextImpl implements CommunityContext, CommunityBackend
 {
@ -118,11 +118,12 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
  {
    if (logger.isDebugEnabled())
      logger.debug("CommunityUserContextImpl constructor:newCommunity");
-    this.env = new EnvCommunity(env,this);
+    EnvCommunity new_env = new EnvCommunity(env,this);
    this.env = new_env;
    this.cid = data.getID();
    this.cache = null;  // no cache required - we have the CommunityData
    this.data = data;
-    setMemberValues(DefaultLevels.creatorCommunity(),true,true);
+    setMemberValues(new_env.getDefaultRole("Community.Creator").getLevel(),true,true);
  } // end constructor
@ -139,7 +140,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
    this.level = Math.max(env.getUser().realBaseLevel(),granted_level);
    this.is_member = member;
-    this.show_admin = Capability.isCommunityAdmin(granted_level);
+    this.show_admin = env.isLevelAdmin(granted_level);
    this.locked = locked;
  } // end setMemberValues
@ -327,7 +328,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
    if (deleted)
      throw new DataException("This community has been deleted.");
    return new CategoryDescriptorImpl(env,getData().getCategoryID(),
-				      Capability.hideHiddenCategories(env.getUser().realBaseLevel()));
+				      !(env.testPermission(EnvUser.PERM_SHOWHIDDENCATS)));
  } // end getCategory
@ -363,8 +364,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      conn = env.getConnection();
      // load the profile for the user
-      return new UserProfileImpl(env,conn,getData().getHostUID(),
+      return new UserProfileImpl(env,conn,getData().getHostUID());
 				 Capability.canSeeHiddenContactFields(env.getUser().realBaseLevel()));
    } // end try
    catch (SQLException e)
@ -953,7 +953,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
    if (!(getData().isPublicCommunity()))
    { // this is a private community - but admins can join anyway
-      if (!(Capability.canJoinPrivateCommunityWithoutKey(level)))
+      if (!(env.testPermission(EnvCommunity.PERM_NOKEYREQUIRED)))
      { // we need to test the join key against the one they supply
 	String real_key = getData().getJoinKey();
 	if (!(real_key.equals(joinkey)))
@ -970,10 +970,11 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
    // else we can join without specifying a key
    // actually set the data in the database
-    getData().setMembership(env,env.getUserID(),DefaultLevels.memberCommunity(),false,false);
+    Role new_role = env.getDefaultRole("Community.NewUser");
    getData().setMembership(env,env.getUserID(),new_role.getLevel(),false,false);
    // and update our internal data store
-    setMemberValues(DefaultLevels.memberCommunity(),true,false);
+    setMemberValues(new_role.getLevel(),true,false);
    // and that's it!  You expected lightning bolts maybe?
@ -1008,7 +1009,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
  public int getMemberCount() throws DataException
  {
-    return getData().getMemberCount(Capability.showHiddenCommunityMembers(level));
+    return getData().getMemberCount(env.testPermission(EnvCommunity.PERM_SHOWHIDDENMEMBERS));
  } // end getMemberCount
@ -1095,19 +1096,20 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      throws DataException
  {
    return getData().searchForMembers(field,mode,term,offset,count,
-				      Capability.showHiddenCommunityMembers(level));
+				      env.testPermission(EnvCommunity.PERM_SHOWHIDDENMEMBERS));
  } // end searchForMembers
  public int getSearchMemberCount(int field, int mode, String term) throws DataException
  {
-    return getData().getSearchMemberCount(field,mode,term,Capability.showHiddenCommunityMembers(level));
+    return getData().getSearchMemberCount(field,mode,term,
 					  env.testPermission(EnvCommunity.PERM_SHOWHIDDENMEMBERS));
  } // end getSearchMemberCount
  public List getMemberList() throws DataException
  {
-    return getData().getMemberList(Capability.showHiddenCommunityMembers(level));
+    return getData().getMemberList(env.testPermission(EnvCommunity.PERM_SHOWHIDDENMEMBERS));
  } // end getMemberList
@ -1349,6 +1351,12 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
  } // end setProperties
  public SecurityInfo getSecurityInfo()
  {
    return env.getSecurityInfo();
  } // end getSecurityInfo
  /*--------------------------------------------------------------------------------
   * Implementations from interface CommunityBackend
   *--------------------------------------------------------------------------------
@ -1368,7 +1376,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
  public boolean userHideHiddenConferences()
  {
-    return Capability.hideHiddenConferences(level);
+    return !(env.testPermission(EnvCommunity.PERM_SHOWHIDDENOBJECTS));
  } // end userHideHiddenConferences
@ -1420,6 +1428,33 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
  } // end getDataBackend
  public boolean env_testPermission(String symbol)
  {
    if (deleted)
      return false;
    CommunityData d = getDataNE();
    if (d==null)
      return false;
    if (symbol.equals(EnvCommunity.PERM_JOIN))
      return (is_member ? false : d.canJoinCommunity(env.getUserID(),level));
    if (!(d.checkMembership(level,is_member)))
      return false;
    if (symbol.equals(EnvCommunity.PERM_READ))
      return d.canReadCommunitySubObjects(level);
    if (symbol.equals(EnvCommunity.PERM_WRITE))
      return d.canModifyCommunityProfile(level);
    if (symbol.equals(EnvCommunity.PERM_CREATE))
      return d.canCreateCommunitySubObjects(level);
    if (symbol.equals(EnvCommunity.PERM_DELETE))
      return d.canDeleteCommunity(level);
    return false;
  } // end env_testPermission
  /*--------------------------------------------------------------------------------
   * Static operations for use within the implementation package
   *--------------------------------------------------------------------------------
@ -1591,7 +1626,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      } // end switch
-      if (Capability.hideHiddenSearchCommunities(env.getUser().realBaseLevel()))
+      if (!(env.testPermission(EnvUser.PERM_SEARCHHIDDENCOMMUNITIES)))
 	sql.append(" AND hide_search = 0");
      sql.append(" ORDER BY signame LIMIT ").append(offset).append(", ").append(count+1).append(';');
@ -1676,7 +1711,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      } // end switch
-      if (Capability.hideHiddenSearchCommunities(env.getUser().realBaseLevel()))
+      if (!(env.testPermission(EnvUser.PERM_SEARCHHIDDENCOMMUNITIES)))
 	sql.append(" AND hide_search = 0");
      sql.append(';');
@ -1720,7 +1755,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      Statement stmt = conn.createStatement();
      StringBuffer sql = new StringBuffer("SELECT sigid, signame, alias FROM sigs WHERE catid = ");
      sql.append(catid);
-      if (Capability.hideHiddenDirectoryCommunities(env.getUser().realBaseLevel()))
+      if (!(env.testPermission(EnvUser.PERM_SHOWHIDDENCOMMUNITIES)))
 	sql.append(" AND hide_dir = 0");
      sql.append(" ORDER BY signame LIMIT ").append(offset).append(", ").append(count+1).append(';');
@ -1770,7 +1805,7 @@ class CommunityUserContextImpl implements CommunityContext, CommunityBackend
      Statement stmt = conn.createStatement();
      StringBuffer sql = new StringBuffer("SELECT COUNT(*) FROM sigs WHERE catid = ");
      sql.append(catid);
-      if (Capability.hideHiddenDirectoryCommunities(env.getUser().realBaseLevel()))
+      if (!(env.testPermission(EnvUser.PERM_SHOWHIDDENCOMMUNITIES)))
 	sql.append(" AND hide_dir = 0");
      sql.append(';');
--- a/src/com/silverwrist/venice/core/impl/TopicMessageUserContextImpl.java
+++ b/src/com/silverwrist/venice/core/impl/TopicMessageUserContextImpl.java
@ -28,7 +28,6 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Capability;
 class TopicMessageUserContextImpl implements TopicMessageContext
 {
@ -47,23 +46,23 @@ class TopicMessageUserContextImpl implements TopicMessageContext
   */
  private EnvConference env;                   // the conference environment
-  private long postid;
+  private long postid;                         // the ID of this post
-  private long parent;
+  private long parent;                         // the parent post ID (not really used)
-  private int num;
+  private int num;                             // the post number within the topic
-  private int linecount;
+  private int linecount;                       // number of lines in message
-  private int creator_uid;
+  private int creator_uid;                     // the UID of the poster
-  private java.util.Date posted;
+  private java.util.Date posted;               // date and time posted
-  private boolean hidden;
+  private boolean hidden;                      // has this post been hidden?
-  private int scribble_uid;
+  private int scribble_uid;                    // UID of the user who scribbled it
-  private java.util.Date scribble_date;
+  private java.util.Date scribble_date;        // date and time it was scribbled
-  private String pseud;
+  private String pseud;                        // the pseud attached to this message
-  private int datalen;
+  private int datalen;                         // length in bytes of attachment
-  private String filename;
+  private String filename;                     // file name of attachment
-  private String mimetype;
+  private String mimetype;                     // MIME type for attachment
-  private int stgmethod;
+  private int stgmethod;                       // storage method for attachment
-  private boolean nuked = false;
+  private boolean nuked = false;               // has this message been nuked?
-  private String creator_cache = null;
+  private String creator_cache = null;         // cache for username of creator
-  private String text_cache = null;
+  private String text_cache = null;            // cache for actual message text
  /*--------------------------------------------------------------------------------
   * Constructors
@ -966,7 +965,7 @@ class TopicMessageUserContextImpl implements TopicMessageContext
  public boolean canPublish()
  {
-    if (!(Capability.canPublishToFrontPage(env.getUser().realBaseLevel())))
+    if (!(env.testPermission(EnvUser.PERM_PUBLISH_FP)))
      return false;  // must be a sysadmin to publish
    if ((scribble_date!=null) || nuked)
      return false;  // cannot publish a scribbled or nuked message
@ -1001,13 +1000,7 @@ class TopicMessageUserContextImpl implements TopicMessageContext
  public void publish() throws DataException, AccessError
  {
-    if (!(Capability.canPublishToFrontPage(env.getUser().realBaseLevel())))
+    env.testPermission(EnvUser.PERM_PUBLISH_FP,"You are not permitted to publish postings to the front page.");
    { // you aren't allowed to publish - naughty naughty!
      logger.error("unable to publish because we're not allowed");
      throw new AccessError("You are not permitted to publish postings to the front page.");
    } // end if
    if (nuked)
    { // we can't publish a nuked message!
      logger.error("unable to publish because message nuked");
--- a/src/com/silverwrist/venice/core/impl/UserContextImpl.java
+++ b/src/com/silverwrist/venice/core/impl/UserContextImpl.java
@ -25,10 +25,7 @@ import com.silverwrist.venice.*;
 import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
-import com.silverwrist.venice.security.PasswordHash;
+import com.silverwrist.venice.security.*;
 import com.silverwrist.venice.security.Capability;
 import com.silverwrist.venice.security.DefaultLevels;
 import com.silverwrist.venice.security.AuditRecord;
 class UserContextImpl implements UserContext, UserBackend
 {
@ -238,6 +235,7 @@ class UserContextImpl implements UserContext, UserBackend
    // Figure out which of those communities we haven't joined yet and set up to autojoin them.
    sql.setLength(0);
    int new_level = env.getCommunityDefaultRole("Community.NewUser").getLevel();
    for (int i=0; i<tmp_cid.size(); i++)
    { // see if the user is already a member of this community
      Integer x_cid = (Integer)(tmp_cid.get(i));
@ -250,9 +248,8 @@ class UserContextImpl implements UserContext, UserBackend
 	  sql.append("INSERT INTO sigmember (sigid, uid, granted_lvl, locked) VALUES ");
 	else
 	  sql.append(", ");
-	sql.append("(").append(x_cid).append(", ").append(uid).append(", ");
+	sql.append("(").append(x_cid).append(", ").append(uid).append(", ").append(new_level).append(", ");
-	sql.append(DefaultLevels.memberCommunity()).append(", ").append(x_locked.booleanValue() ? '1' : '0');
+	sql.append(x_locked.booleanValue() ? '1' : '0').append(")");
 	sql.append(")");
      } // end if
@ -481,7 +478,7 @@ class UserContextImpl implements UserContext, UserBackend
  {
    if (logger.isDebugEnabled())
      logger.debug("confirmEmail(): confirming for UID " + uid);
-    if ((email_verified) || Capability.exemptFromEmailVerification(level))
+    if ((email_verified) || env.testPermission(EnvUser.PERM_NOEMAILVERIFY))
    { // already confirmed
      if (logger.isDebugEnabled())
 	logger.debug("...user has either already confirmed or is exempt");
@ -501,16 +498,17 @@ class UserContextImpl implements UserContext, UserBackend
    } // end if
    Connection conn = null;
    Role new_role = env.getDefaultRole("Global.AfterVerify");
    try
    { // get a connection and set the user's status to reflect the verification
      conn = env.getConnection();
      Statement stmt = conn.createStatement();
      StringBuffer sql = new StringBuffer("UPDATE users SET verify_email = 1, base_lvl = ");
-      sql.append(DefaultLevels.afterEmailVerification()).append(" WHERE uid = ").append(uid).append(';');
+      sql.append(new_role.getLevel()).append(" WHERE uid = ").append(uid).append(';');
      stmt.executeUpdate(sql.toString());
      email_verified = true;
-      level = DefaultLevels.afterEmailVerification();
+      level = new_role.getLevel();
      autoJoinCommunities(conn);  // EJB 4/14/2001 - handle autojoin of any SIGs we couldn't autojoin at
                                  // account creation time
@ -549,7 +547,7 @@ class UserContextImpl implements UserContext, UserBackend
  {
    if (logger.isDebugEnabled())
      logger.debug("resendEmailConfirmation(): resending for UID " + uid);
-    if ((email_verified) || Capability.exemptFromEmailVerification(level))
+    if ((email_verified) || env.testPermission(EnvUser.PERM_NOEMAILVERIFY))
    { // already confirmed, no need to resend
      if (logger.isDebugEnabled())
 	logger.debug("...user has either already confirmed or is exempt");
@ -678,7 +676,7 @@ class UserContextImpl implements UserContext, UserBackend
      if (my_email==null)  // filling in, this is not necessarily the first time
 	my_email = ci.getEmail();
-      else if (!(my_email.equals(ci.getEmail())) && !Capability.exemptFromEmailVerification(level))
+      else if (!(my_email.equals(ci.getEmail())) && !(env.testPermission(EnvUser.PERM_NOEMAILVERIFY)))
      { // email address change - need to reconfirm - but choose a new confirmation
 	// number and save it in the database first; also turn off the verify flag
 	// and set the base level to GLOBAL_UNVERIFIED
@ -689,10 +687,11 @@ class UserContextImpl implements UserContext, UserBackend
 	// generate new confirmation number
 	int new_confirm_num = env.getEngine().getNewConfirmationNumber();
 	Role new_role = env.getDefaultRole("Global.Unverified");
 	// create an SQL statement to reset the user account information, and execute it
 	StringBuffer sql = new StringBuffer("UPDATE users SET verify_email = 0, email_confnum = ");
-	sql.append(new_confirm_num).append(", base_lvl = ").append(DefaultLevels.afterEmailAddressChange());
+	sql.append(new_confirm_num).append(", base_lvl = ").append(new_role.getLevel());
 	sql.append(" WHERE uid = ").append(uid).append(';');
 	Statement stmt = conn.createStatement();
 	stmt.executeUpdate(sql.toString());
@ -700,7 +699,7 @@ class UserContextImpl implements UserContext, UserBackend
 	// save off changed data
 	email_verified = false;
 	confirm_num = new_confirm_num;
-	level = DefaultLevels.afterEmailAddressChange();
+	level = new_role.getLevel();
 	// now send the email confirmation!
 	sendEmailConfirmation();
@ -755,8 +754,7 @@ class UserContextImpl implements UserContext, UserBackend
    try
    { // retrieve a connection from the data pool
      conn = env.getConnection();
-      UserProfileImpl prof = new UserProfileImpl(env,conn,xusername,
+      UserProfileImpl prof = new UserProfileImpl(env,conn,xusername);
 						 Capability.canSeeHiddenContactFields(level));
      if (logger.isDebugEnabled())
 	logger.debug("...found it!");
      return prof;
@ -785,8 +783,7 @@ class UserContextImpl implements UserContext, UserBackend
    try
    { // retrieve a connection from the data pool
      conn = env.getConnection();
-      UserProfileImpl prof = new UserProfileImpl(env,conn,xuid,
+      UserProfileImpl prof = new UserProfileImpl(env,conn,xuid);
 						 Capability.canSeeHiddenContactFields(level));
      if (logger.isDebugEnabled())
 	logger.debug("...found it!");
      return prof;
@ -914,13 +911,13 @@ class UserContextImpl implements UserContext, UserBackend
  public List getRootCategoryList() throws DataException
  {
-    return CategoryDescriptorImpl.getTopLevelCategoryList(env,Capability.hideHiddenCategories(level));
+    return CategoryDescriptorImpl.getTopLevelCategoryList(env,env.testPermission(EnvUser.PERM_SHOWHIDDENCATS));
  } // end getRootCategoryList
  public CategoryDescriptor getCategoryDescriptor(int catid) throws DataException
  {
-    return new CategoryDescriptorImpl(env,catid,Capability.hideHiddenCategories(level));
+    return new CategoryDescriptorImpl(env,catid,!(env.testPermission(EnvUser.PERM_SHOWHIDDENCATS)));
  } // end getCategoryDescriptor
@ -963,16 +960,16 @@ class UserContextImpl implements UserContext, UserBackend
  public List searchForCategories(int mode, String term, int offset, int count) throws DataException
  {
-    return CategoryDescriptorImpl.searchForCategories(env,Capability.hideHiddenCategories(level),
+    return CategoryDescriptorImpl.searchForCategories(env,env.testPermission(EnvUser.PERM_SHOWHIDDENCATS),
-						      Capability.showHiddenSearchCategories(level),mode,
+						      env.testPermission(EnvUser.PERM_SEARCHHIDDENCATS),mode,
 						      term,offset,count);
  } // end searchForCategories
  public int getSearchCategoryCount(int mode, String term) throws DataException
  {
-    return CategoryDescriptorImpl.getSearchCategoryCount(env,Capability.hideHiddenCategories(level),
+    return CategoryDescriptorImpl.getSearchCategoryCount(env,env.testPermission(EnvUser.PERM_SHOWHIDDENCATS),
-							 Capability.showHiddenSearchCategories(level),
+							 env.testPermission(EnvUser.PERM_SEARCHHIDDENCATS),
 							 mode,term);
  } // end getSearchCategoryCount
@ -981,8 +978,7 @@ class UserContextImpl implements UserContext, UserBackend
 					  String rules, String joinkey, int hide_mode)
      throws DataException, AccessError
  {
-    if (!canCreateCommunity())
+    env.testPermission(EnvUser.PERM_CREATECOMMUNITY,"You are not authorized to create new communities.");
      throw new AccessError("You are not authorized to create new communities.");
    // Convert the "hide mode" value into the two hide flags.
    boolean hide_dir = (hide_mode!=CommunityContext.HIDE_NONE);
@ -1003,7 +999,7 @@ class UserContextImpl implements UserContext, UserBackend
  public boolean canCreateCommunity()
  {
-    return (level>=env.getEngine().getParamInt(EngineBackend.IP_CREATECOMMUNITYLVL));
+    return env.testPermission(EnvUser.PERM_CREATECOMMUNITY);
  } // end canCreateCommunity
@ -1112,20 +1108,13 @@ class UserContextImpl implements UserContext, UserBackend
  public boolean hasAdminAccess()
  {
-    return Capability.canAdministerSystem(level);
+    return env.testPermission(EnvUser.PERM_SYSADMINACCESS);
  } // end hasAdminAccess
  public AdminOperations getAdminInterface() throws AccessError
  {
-    if (!(Capability.canAdministerSystem(level)))
+    env.testPermission(EnvUser.PERM_SYSADMINACCESS,"You are not permitted to administer the server.");
    { // you don't have access to get this!
      logger.error("user does not have access to do system admin stuff");
      throw new AccessError("You are not permitted to administer the server.");
    } // end if
    // create the return object
    return new AdminOperationsImpl(env);
  } // end getAdminInterface
--- a/src/com/silverwrist/venice/core/impl/UserProfileImpl.java
+++ b/src/com/silverwrist/venice/core/impl/UserProfileImpl.java
@ -72,11 +72,10 @@ class UserProfileImpl implements UserProfile
   *--------------------------------------------------------------------------------
   */
-  UserProfileImpl(EnvUser env, Connection conn, String username, boolean override)
+  UserProfileImpl(EnvUser env, Connection conn, String username) throws DataException, SQLException
    throws DataException, SQLException
  {
    if (logger.isDebugEnabled())
-      logger.debug("load UserProfileImpl by name: " + username + " (" + override + ")");
+      logger.debug("load UserProfileImpl by name: " + username);
    this.env = env;
    // first retrieve from the users table
@ -101,15 +100,14 @@ class UserProfileImpl implements UserProfile
    descr = rs.getString(6);
    is_anon = rs.getBoolean(7);
-    loadContact(conn,contact_id,override);
+    loadContact(conn,contact_id);
  } // end constructor
-  UserProfileImpl(EnvUser env, Connection conn, int uid, boolean override)
+  UserProfileImpl(EnvUser env, Connection conn, int uid) throws DataException, SQLException
      throws DataException, SQLException
  {
    if (logger.isDebugEnabled())
-      logger.debug("load UserProfileImpl by UID: " + uid + " (" + override + ")");
+      logger.debug("load UserProfileImpl by UID: " + uid);
    this.env = env;
    // first retrieve from the users table
@ -134,7 +132,7 @@ class UserProfileImpl implements UserProfile
    descr = rs.getString(6);
    is_anon = rs.getBoolean(7);
-    loadContact(conn,contact_id,override);
+    loadContact(conn,contact_id);
  } // end constructor
@ -143,10 +141,11 @@ class UserProfileImpl implements UserProfile
   *--------------------------------------------------------------------------------
   */
-  private void loadContact(Connection conn, int contact_id, boolean override) throws SQLException
+  private void loadContact(Connection conn, int contact_id) throws SQLException
  {
    if (logger.isDebugEnabled())
-      logger.debug("loadContact for contact ID " + contact_id + " (" + override + ")");
+      logger.debug("loadContact for contact ID " + contact_id);
    boolean override = env.testPermission(EnvUser.PERM_SEEHIDDENCONTACTINFO);
    Statement stmt = conn.createStatement();
    StringBuffer sql = new StringBuffer("SELECT * FROM contacts WHERE contactid = ");
--- a/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java
+++ b/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java
@ -30,10 +30,7 @@ import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.htmlcheck.*;
 import com.silverwrist.venice.htmlcheck.dict.*;
 import com.silverwrist.venice.htmlcheck.filters.*;
-import com.silverwrist.venice.security.AuditRecord;
+import com.silverwrist.venice.security.*;
 import com.silverwrist.venice.security.PasswordGenerator;
 import com.silverwrist.venice.security.PasswordHash;
 import com.silverwrist.venice.security.DefaultLevels;
 public class VeniceEngineImpl implements VeniceEngine, EngineBackend
 {
@ -411,6 +408,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
  private HashSet no_compress_types = new HashSet();  // the file types that can't be compressed
  private HashMap password_changes = new HashMap();   // current password change requests
  private OptionSet global_flags = new OptionSet();   // global option flags
  private SecurityMonitor global_security;            // the global security monitor
  private SecurityMonitor community_security;         // the community security monitor
  /*--------------------------------------------------------------------------------
   * Constructor
@ -711,7 +710,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
      // store the real master sidebox table as an array
      sideboxes = (MasterSideBox[])(sidebox_tmp.toArray(new MasterSideBox[0]));
      if (logger.isDebugEnabled())
-	logger.debug(sideboxes.length + " sidebox definitions loaded from database");
+	logger.debug(sideboxes.length + " sidebox definitions loaded from XML");
      // Get the <database/> section.
      Element db_sect = root_h.getSubElement("database");
@ -734,6 +733,30 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
      } // end catch
      Element security_sect = root_h.getSubElement("security");
      if (security_sect==null)
      { // no "security" section...bad!
 	logger.fatal("config document has no <security/> section");
 	throw new ConfigException("no <security/> section found in config file",root);
      } // end if
      NodeList sec_nodes = security_sect.getChildNodes();
      for (i=0; i<sec_nodes.getLength(); i++)
      { // scan through and find security monitors to initialize
 	Node n = sec_nodes.item(i);
 	if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("security-definition")))
 	{ // initial security definition
 	  SecurityMonitor sm = new StaticSecurityMonitor((Element)n);
 	  if (sm.getID().equals("Global"))
 	    global_security = sm;
 	  else if (sm.getID().equals("Community"))
 	    community_security = sm;
 	} // end if
      } // end for
      Element email_sect = root_h.getSubElement("email");
      if (email_sect==null)
      { // unable to find the database section
@ -1218,6 +1241,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
    Connection conn = null;
    AuditRecord ar = null;
    String encode_username = SQLUtil.encodeString(username);
    Role new_role = global_security.getDefaultRole("Global.NewUser");
    // email confirmation # is between 1000000 and 9999999
    int confirm_num = getNewConfirmationNumber();
    int new_uid;
@ -1247,7 +1271,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
 	StringBuffer sql = new StringBuffer("INSERT INTO users (username, passhash, email_confnum, "
 					    + "base_lvl, created, lastaccess, passreminder) VALUES ('");
 	sql.append(encode_username).append("', '").append(phash.toString()).append("', ");
-	sql.append(confirm_num).append(", ").append(DefaultLevels.newUser()).append(", '");
+	sql.append(confirm_num).append(", ").append(new_role.getLevel()).append(", '");
 	created = new java.util.Date();
 	sql.append(SQLUtil.encodeDate(created)).append("', '").append(SQLUtil.encodeDate(created));
 	sql.append("', ").append(SQLUtil.encodeStringArg(reminder)).append(");");
@ -1387,7 +1411,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
    // create a new context for the user (they're now effectively logged in)
    UserContextImpl rc = new UserContextImpl(env);
-    rc.loadNewUser(remote_addr,new_uid,DefaultLevels.newUser(),username,confirm_num,created,created);
+    rc.loadNewUser(remote_addr,new_uid,new_role.getLevel(),username,confirm_num,created,created);
    rc.autoJoinCommunities();  // EJB 4/14/2001
    if (logger.isDebugEnabled())
      logger.debug("...created new user context");
@ -1819,11 +1843,23 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
  } // end getCommunityLogoSize
  public SecurityInfo getSecurityInfo()
  {
    return new SecurityInfoWrapper(global_security);
  } // end getSecurityInfo
  /*--------------------------------------------------------------------------------
   * Implementations from interface EngineBackend
   *--------------------------------------------------------------------------------
   */
  public VeniceEngine getSelf()
  {
    return this;
  } // end getSelf
  public Emailer createEmailer()
  {
    checkInitialized();
@ -2078,6 +2114,14 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
  } // end getParamBoolean
  public Role getParamRole(int selector)
  {
    if (selector==ROLEP_CREATECOMMUNITY)
      return global_security.getRoleForLevel(gp_ints[IP_CREATECOMMUNITYLVL]);
    return null;
  } // end getParamRole
  public void forceParamReload() throws DataException
  {
    Connection conn = null;  // data pooled connection
@ -2217,6 +2261,16 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
  } // end setProperties
  public SecurityMonitor env_getSecurityMonitor(int selector)
  {
    if (selector==SM_GLOBAL)
      return global_security;
    if (selector==SM_COMMUNITY)
      return community_security;
    return null;
  } // end env_getSecurityMonitor
  /*--------------------------------------------------------------------------------
   * Static initializer
   *--------------------------------------------------------------------------------
--- a/src/com/silverwrist/venice/core/internals/CommunityBackend.java
+++ b/src/com/silverwrist/venice/core/internals/CommunityBackend.java
@ -42,4 +42,6 @@ public interface CommunityBackend
  public abstract CommunityDataBackend getDataBackend() throws DataException;
  public abstract boolean env_testPermission(String symbol);
 } // end interface CommunityBackend
--- a/src/com/silverwrist/venice/core/internals/EngineBackend.java
+++ b/src/com/silverwrist/venice/core/internals/EngineBackend.java
@ -20,11 +20,14 @@ package com.silverwrist.venice.core.internals;
 import java.util.BitSet;
 import java.util.List;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Role;
 import com.silverwrist.venice.security.SecurityMonitor;
 import com.silverwrist.venice.htmlcheck.HTMLChecker;
 import com.silverwrist.venice.core.DataException;
 import com.silverwrist.venice.core.GlobalProperties;
 import com.silverwrist.venice.core.SideBoxDescriptor;
 import com.silverwrist.venice.core.TopicMessageContext;
 import com.silverwrist.venice.core.VeniceEngine;
 public interface EngineBackend
 {
@ -48,6 +51,15 @@ public interface EngineBackend
  // Boolean parameter indexes
  public static final int BP_POSTPICTURES = 0;
  // role parameter indexes
  public static final int ROLEP_CREATECOMMUNITY = 0;
  // Selectors for security monitors
  public static final int SM_GLOBAL = 0;
  public static final int SM_COMMUNITY = 1;
  public abstract VeniceEngine getSelf();
  public abstract Emailer createEmailer();
  public abstract String getStockMessage(String key);
@ -88,6 +100,8 @@ public interface EngineBackend
  public abstract boolean getParamBoolean(int selector);
  public abstract Role getParamRole(int selector);
  public abstract void forceParamReload() throws DataException;
  public abstract SideBoxDescriptor getMasterSideBoxDescriptor(int id);
@ -108,4 +122,6 @@ public interface EngineBackend
  public abstract void setProperties(GlobalProperties props) throws DataException;
  public abstract SecurityMonitor env_getSecurityMonitor(int selector);
 } // end interface EngineBackend
--- a/src/com/silverwrist/venice/core/internals/EnvCommunity.java
+++ b/src/com/silverwrist/venice/core/internals/EnvCommunity.java
@ -17,10 +17,28 @@
 */
 package com.silverwrist.venice.core.internals;
 import com.silverwrist.venice.core.AccessError;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Role;
 import com.silverwrist.venice.security.SecurityMonitor;
 public class EnvCommunity extends EnvUser
 {
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  public static final String PERM_SHOWADMIN = "Community.ShowAdmin";
  public static final String PERM_NOKEYREQUIRED = "Community.NoKeyRequired";
  public static final String PERM_SHOWHIDDENMEMBERS = "Community.ShowHiddenMembers";
  public static final String PERM_SHOWHIDDENOBJECTS = "Community.ShowHiddenObjects";
  public static final String PERM_READ = "Community.Read";
  public static final String PERM_WRITE = "Community.Write";
  public static final String PERM_CREATE = "Community.Create";
  public static final String PERM_DELETE = "Community.Delete";
  public static final String PERM_JOIN = "Community.Join";
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
@ -47,6 +65,17 @@ public class EnvCommunity extends EnvUser
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Overrides from class EnvEngine
   *--------------------------------------------------------------------------------
   */
  protected SecurityMonitor getStaticMonitor()
  {
    return getEngine().env_getSecurityMonitor(EngineBackend.SM_COMMUNITY);
  } // end getStaticMonitor
  /*--------------------------------------------------------------------------------
   * Overrides from class EnvUser
   *--------------------------------------------------------------------------------
@ -85,6 +114,38 @@ public class EnvCommunity extends EnvUser
  } // end newAudit
  public boolean testPermission(String symbol, String errormsg) throws AccessError
  {
    SecurityMonitor sm = getStaticMonitor();
    if (   symbol.equals(PERM_READ) || symbol.equals(PERM_WRITE) || symbol.equals(PERM_CREATE)
 	|| symbol.equals(PERM_DELETE) || symbol.equals(PERM_JOIN))
    { // fall back to the backend object to test this
      if (comm.env_testPermission(symbol))
 	return true;
      if (errormsg==null)
 	errormsg = "Permission denied.";
      throw new AccessError(errormsg);
    } // end if
    if (sm.testPermission(symbol,comm.realCommunityLevel(),errormsg))
      return true;
    return super.testPermission(symbol,errormsg);
  } // end testPermission
  public boolean testPermission(String symbol)
  {
    SecurityMonitor sm = getStaticMonitor();
    if (   symbol.equals(PERM_READ) || symbol.equals(PERM_WRITE) || symbol.equals(PERM_CREATE)
 	|| symbol.equals(PERM_DELETE) || symbol.equals(PERM_JOIN))
      return comm.env_testPermission(symbol);
    if (sm.testPermission(symbol,comm.realCommunityLevel()))
      return true;
    return super.testPermission(symbol);
  } // end testPermission
  /*--------------------------------------------------------------------------------
   * External operations
   *--------------------------------------------------------------------------------
@ -102,4 +163,10 @@ public class EnvCommunity extends EnvUser
  } // end getCommunityID()
  public final boolean isLevelAdmin(int level)
  {
    return getStaticMonitor().testPermission(PERM_SHOWADMIN,level);
  } // end isLevelAdmin
 } // end class EnvCommunity
--- a/src/com/silverwrist/venice/core/internals/EnvCommunityData.java
+++ b/src/com/silverwrist/venice/core/internals/EnvCommunityData.java
@ -17,8 +17,18 @@
 */
 package com.silverwrist.venice.core.internals;
 import com.silverwrist.venice.core.AccessError;
 import com.silverwrist.venice.security.SecurityMonitor;
 public class EnvCommunityData extends EnvEngine
 {
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  public static final String PERM_NOJOINREQUIRED = "Community.NoJoinRequired";
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
@ -45,6 +55,17 @@ public class EnvCommunityData extends EnvEngine
  } // end EnvCommunityData
  /*--------------------------------------------------------------------------------
   * Overrides from class EnvEngine
   *--------------------------------------------------------------------------------
   */
  protected SecurityMonitor getStaticMonitor()
  {
    return getEngine().env_getSecurityMonitor(EngineBackend.SM_COMMUNITY);
  } // end getStaticMonitor
  /*--------------------------------------------------------------------------------
   * External operations
   *--------------------------------------------------------------------------------
@ -62,4 +83,16 @@ public class EnvCommunityData extends EnvEngine
  } // end getCommunityID
  public final boolean testPermission(String symbol, int level, String errormsg) throws AccessError
  {
    return getStaticMonitor().testPermission(symbol,level,errormsg);
  } // end testPermission
  public final boolean testPermission(String symbol, int level)
  {
    return getStaticMonitor().testPermission(symbol,level);
  } // end testPermission
 } // end class EnvCommunityData
--- a/src/com/silverwrist/venice/core/internals/EnvEngine.java
+++ b/src/com/silverwrist/venice/core/internals/EnvEngine.java
@ -19,7 +19,11 @@ package com.silverwrist.venice.core.internals;
 import java.sql.Connection;
 import java.sql.SQLException;
 import java.util.List;
 import com.silverwrist.venice.core.AccessError;
 import com.silverwrist.venice.core.SecurityInfo;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.*;
 public class EnvEngine
 {
@ -50,6 +54,17 @@ public class EnvEngine
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Internal operations
   *--------------------------------------------------------------------------------
   */
  protected SecurityMonitor getStaticMonitor()
  {
    return engine.env_getSecurityMonitor(EngineBackend.SM_GLOBAL);
  } // end getStaticMonitor
  /*--------------------------------------------------------------------------------
   * External operations
   *--------------------------------------------------------------------------------
@ -80,4 +95,40 @@ public class EnvEngine
  } // end releaseConnection
  public final boolean permissionDefined(String symbol, boolean no_follow)
  {
    return getStaticMonitor().permissionDefined(symbol,no_follow);
  } // end permissionDefined
  public final List getRoleList(String symbol)
  {
    return getStaticMonitor().getRoleList(symbol);
  } // end getRoleList
  public final Role getRole(String symbol)
  {
    return getStaticMonitor().getRole(symbol);
  } // end getRole
  public final Role getRoleForLevel(int level)
  {
    return getStaticMonitor().getRoleForLevel(level);
  } // end getRoleForLevel
  public final Role getDefaultRole(String symbol)
  {
    return getStaticMonitor().getDefaultRole(symbol);
  } // end getDefaultRole
  public final SecurityInfo getSecurityInfo()
  {
    return new SecurityInfoWrapper(getStaticMonitor());
  } // end getSecurityInfo
 } // end class EnvEngine
--- a/src/com/silverwrist/venice/core/internals/EnvUser.java
+++ b/src/com/silverwrist/venice/core/internals/EnvUser.java
@ -17,10 +17,31 @@
 */
 package com.silverwrist.venice.core.internals;
 import org.apache.log4j.*;
 import com.silverwrist.venice.core.AccessError;
 import com.silverwrist.venice.security.AuditRecord;
 import com.silverwrist.venice.security.Role;
 public class EnvUser extends EnvEngine
 {
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  private static Category logger = Category.getInstance(EnvUser.class);
  public static final String PERM_SHOWHIDDENCATS = "Global.ShowHiddenCategories";
  public static final String PERM_NOEMAILVERIFY = "Global.NoEmailVerify";
  public static final String PERM_SEEHIDDENCONTACTINFO = "Global.SeeHiddenContactInfo";
  public static final String PERM_SEARCHHIDDENCOMMUNITIES = "Global.SearchHiddenCommunities";
  public static final String PERM_SHOWHIDDENCOMMUNITIES = "Global.ShowHiddenCommunities";
  public static final String PERM_SEARCHHIDDENCATS = "Global.SearchHiddenCategories";
  public static final String PERM_SYSADMINACCESS = "Global.SysAdminAccess";
  public static final String PERM_PUBLISH_FP = "Global.PublishFP";
  public static final String PERM_DESIGNATEPFY = "Global.DesignatePFY";
  public static final String PERM_CREATECOMMUNITY = "Global.CreateCommunity";
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
@ -52,18 +73,6 @@ public class EnvUser extends EnvEngine
   *--------------------------------------------------------------------------------
   */
  public final UserBackend getUser()
  {
    return user;
  } // end getUser
  public final int getUserID()
  {
    return user.realUID();
  } // end getUserID
  public AuditRecord newAudit(int type, String data1, String data2, String data3, String data4)
  {
    return new AuditRecord(type,getUserID(),user.userRemoteAddress(),data1,data2,data3,data4);
@ -94,4 +103,59 @@ public class EnvUser extends EnvEngine
  } // end newAudit
  public boolean testPermission(String symbol, String errormsg) throws AccessError
  {
    if (symbol.equals(PERM_CREATECOMMUNITY))
    { // the Create Community permission test
      Role r = getEngine().getParamRole(EngineBackend.ROLEP_CREATECOMMUNITY);
      if (r.isSatisfiedBy(user.realBaseLevel()))
 	return true;
      logger.error("testPermission() fail for permission " + PERM_CREATECOMMUNITY);
      if (errormsg==null)
 	errormsg = "You are not authorized to create new communities.";
      throw new AccessError(errormsg);
    } // end if
    return getStaticMonitor().testPermission(symbol,user.realBaseLevel(),errormsg);
  } // end testPermission
  public boolean testPermission(String symbol)
  {
    if (symbol.equals(PERM_CREATECOMMUNITY))
    { // do the "Create Community" test here
      Role r = getEngine().getParamRole(EngineBackend.ROLEP_CREATECOMMUNITY);
      return r.isSatisfiedBy(user.realBaseLevel());
    } // end if
    return getStaticMonitor().testPermission(symbol,user.realBaseLevel());
  } // end testPermission
  public final UserBackend getUser()
  {
    return user;
  } // end getUser
  public final int getUserID()
  {
    return user.realUID();
  } // end getUserID
  public final int getUserBaseLevel()
  {
    return user.realBaseLevel();
  } // end getUserBaseLevel
  public final Role getCommunityDefaultRole(String symbol)
  {
    return getEngine().env_getSecurityMonitor(EngineBackend.SM_COMMUNITY).getDefaultRole(symbol);
  } // end getCommunityDefaultRole
 } // end class EnvUser
--- a/src/com/silverwrist/venice/core/internals/SecurityInfoWrapper.java
+++ b/src/com/silverwrist/venice/core/internals/SecurityInfoWrapper.java
@ -0,0 +1,80 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.core.internals;
 import java.util.List;
 import com.silverwrist.venice.core.SecurityInfo;
 import com.silverwrist.venice.security.Role;
 import com.silverwrist.venice.security.SecurityMonitor;
 public class SecurityInfoWrapper implements SecurityInfo
 {
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
   */
  private SecurityMonitor sm;      // we call through to this
  /*--------------------------------------------------------------------------------
   * Constructor
   *--------------------------------------------------------------------------------
   */
  public SecurityInfoWrapper(SecurityMonitor sm)
  {
    this.sm = sm;
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Implementations from interface SecurityInfo
   *--------------------------------------------------------------------------------
   */
  public List getRoleList(String symbol)
  {
    return sm.getRoleList(symbol);
  } // end getRoleList
  public Role getRole(String symbol)
  {
    return sm.getRole(symbol);
  } // end getRole
  public Role getRoleForLevel(int level)
  {
    return sm.getRoleForLevel(level);
  } // end getRoleForLevel
  public Role getDefaultRole(String symbol)
  {
    return sm.getDefaultRole(symbol);
  } // end getDefaultRole
  public String getID()
  {
    return sm.getID();
  } // end getID
 } // end class SecurityInfoWrapper
--- a/src/com/silverwrist/venice/security/Capability.java
+++ b/src/com/silverwrist/venice/security/Capability.java
@ -1,106 +0,0 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.security;
 public class Capability implements SecLevels
 {
  public static boolean canDesignatePFYs(int level)
  {
    return (level>=GLOBAL_BOFH);
  } // end canDesignatePFYs
  public static boolean isCommunityAdmin(int level)
  {
    return (level>=COMM_ANYADMIN);
  } // end isCommunityAdmin
  public static boolean hideHiddenCategories(int level)
  {
    return (level<GLOBAL_ANYADMIN);
  } // end hideHiddenCategories
  public static boolean exemptFromEmailVerification(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end exemptFromEmailVerification
  public static boolean canSeeHiddenContactFields(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end canSeeHiddenContactFields
  public static boolean exemptFromMembershipRequirement(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end exemptFromMembershipRequirement
  public static boolean hideHiddenSearchCommunities(int level)
  {
    return (level<GLOBAL_ANYADMIN);
  } // end hideHiddenSearchCommunities
  public static boolean hideHiddenDirectoryCommunities(int level)
  {
    return (level<GLOBAL_ANYADMIN);
  } // end hideHiddenSearchCommunities
  public static boolean canJoinPrivateCommunityWithoutKey(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end canJoinPrivateCommunityWithoutKey
  public static boolean showHiddenSearchCategories(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end showHioddenSearchCategories
  public static boolean showHiddenCommunityMembers(int level)
  {
    return (level>=COMM_ANYADMIN);
  } // end showHiddenCommunityMembers
  public static boolean hideHiddenConferences(int level)
  {
    return (level<COMM_ANYADMIN);
  } // end hideHiddenConferences
  public static boolean canAdministerSystem(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end canAdministerSystem
  public static boolean canPublishToFrontPage(int level)
  {
    return (level>=GLOBAL_ANYADMIN);
  } // end canPublishToFrontPage
 } // end class Capability
--- a/src/com/silverwrist/venice/security/DefaultLevels.java
+++ b/src/com/silverwrist/venice/security/DefaultLevels.java
@ -19,72 +19,6 @@ package com.silverwrist.venice.security;
 public class DefaultLevels implements SecLevels
 {
  public static int newUser()
  {
    return GLOBAL_UNVERIFIED;
  } // end newUser
  public static int memberCommunity()
  {
    return COMM_MEMBER;
  } // end memberCommunity
  public static int PFY()
  {
    return GLOBAL_PFY;
  } // end PFY
  public static int afterEmailVerification()
  {
    return GLOBAL_NORMAL;
  } // end afterEmailVerification
  public static int afterEmailAddressChange()
  {
    return GLOBAL_UNVERIFIED;
  } // end afterEmailAddressChange
  public static int newCommunityRead()
  {
    return COMM_MEMBER;
  } // end newCommunityRead
  public static int newCommunityWrite()
  {
    return COMM_COHOST;
  } // end newCommunityWrite
  public static int newCommunityCreate()
  {
    return COMM_COHOST;
  } // end newCommunityCreate
  public static int newCommunityDelete()
  {
    return COMM_HOST;
  } // end newCommunityDelete
  public static int newCommunityJoin()
  {
    return GLOBAL_NORMAL;
  } // end newCommunityJoin
  public static int creatorCommunity()
  {
    return COMM_HOST;
  } // end creatorCommunity
  public static int hostPrivsConference()
  {
    return CONFERENCE_ANYADMIN;
--- a/src/com/silverwrist/venice/security/PrimordialSecurityMonitor.java
+++ b/src/com/silverwrist/venice/security/PrimordialSecurityMonitor.java
@ -0,0 +1,187 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.security;
 import java.io.IOException;
 import java.util.*;
 import org.apache.log4j.*;
 import com.silverwrist.venice.core.AccessError;
 public class PrimordialSecurityMonitor implements SecurityMonitor
 {
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  private static PrimordialSecurityMonitor self = null;
  private static Category logger = Category.getInstance(PrimordialSecurityMonitor.class);
  public static final String SYM_NOT_IN_LIST = "NotInList";
  public static final String SYM_NO_ACCESS = "NoAccess";
  public static final String SYM_UNRESTRICTED = "UnrestrictedUser";
  private static final String NAME_NOT_IN_LIST = "(not in list)";
  private static final String NAME_NO_ACCESS = "No Access";
  private static final String NAME_UNRESTRICTED = "'Unrestricted' User";
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
   */
  private Role not_in_list;              // the "not in list" role
  private Role no_access;                // the "no access" role
  private Role unrestricted_user;        // the "unrestricted user" role
  /*--------------------------------------------------------------------------------
   * Constructor
   *--------------------------------------------------------------------------------
   */
  private PrimordialSecurityMonitor()
  {
    String name_not_in_list = null, name_no_access = null, name_unrestricted_user = null;
    try
    { // load the three initial role names
      Properties init_props = new Properties();
      init_props.load(getClass().getResourceAsStream("sm.properties"));
      name_not_in_list = init_props.getProperty("role.NotInList.name",NAME_NOT_IN_LIST);
      name_no_access = init_props.getProperty("role.NoAccess.name",NAME_NO_ACCESS);
      name_unrestricted_user = init_props.getProperty("role.UnrestrictedUser.name",NAME_UNRESTRICTED);
    } // end try
    catch (IOException e)
    { // on error, revert to the internal names
      logger.warn("Error loading default names",e);
      name_not_in_list = NAME_NOT_IN_LIST;
      name_no_access = NAME_NO_ACCESS;
      name_unrestricted_user = NAME_UNRESTRICTED;
    } // end catch
    // Create the actual roles.
    this.not_in_list = Role.create(ScopeInfo.L_NOT_THERE,name_not_in_list,SYM_NOT_IN_LIST);
    this.no_access = Role.create(ScopeInfo.L_NO_ACCESS,name_no_access,SYM_NO_ACCESS);
    this.unrestricted_user = Role.create(ScopeInfo.L_UNRESTRICTED,name_unrestricted_user,SYM_UNRESTRICTED);
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Implementations from interface SecurityMonitor
   *--------------------------------------------------------------------------------
   */
  public boolean testPermission(String symbol, int level, String errormsg) throws AccessError
  {
    if (symbol==null)
      throw new NullPointerException("testPermission() got null symbol");
    logger.error("testPermission: symbol \"" + symbol + "\" is not a defined permission test");
    throw new AccessError("Undefined internal permission test \"" + symbol + "\"");
  } // end testPermission
  public boolean testPermission(String symbol, int level)
  {
    if (symbol==null)
      throw new NullPointerException("testPermission() got null symbol");
    logger.error("testPermission: symbol \"" + symbol + "\" is not a defined permission test");
    return false;
  } // end testPermission
  public boolean permissionDefined(String symbol, boolean no_follow)
  {
    if (symbol==null)
      throw new NullPointerException("permissionDefined() got null symbol");
    return false;  // primordial monitor defines no permissions
  } // end permissionDefined
  public List getRoleList(String symbol)
  {
    if (symbol==null)
      throw new NullPointerException("getRoleList() got null symbol");
    logger.error("getRoleList: symbol \"" + symbol + "\" is not a defined role list");
    return null;
  } // end getRoleList
  public Role getRole(String symbol)
  {
    if (symbol==null)
      throw new NullPointerException("getRole() got null symbol");
    if (symbol.equals(SYM_NOT_IN_LIST))
      return not_in_list;
    if (symbol.equals(SYM_NO_ACCESS))
      return no_access;
    if (symbol.equals(SYM_UNRESTRICTED))
      return unrestricted_user;
    logger.error("getRole: symbol \"" + symbol + "\" is not a defined role");
    return null;
  } // end getRole
  public Role getRoleForLevel(int level)
  {
    if (level==ScopeInfo.L_NOT_THERE)
      return not_in_list;
    if (level==ScopeInfo.L_NO_ACCESS)
      return no_access;
    if (level==ScopeInfo.L_UNRESTRICTED)
      return unrestricted_user;
    logger.error("getRoleForLevel: no role for level " + level);
    return null;
  } // end getRoleForLevel
  public Role getDefaultRole(String symbol)
  {
    logger.error("getDefaultRole: symbol \"" + symbol + "\" has no default role");
    return null;
  } // end getDefaultRole
  public ScopeInfo getScopeInfo()
  {
    return null;  // this security monitor HAS no scope
  } // end getScopeInfo
  public String getID()
  {
    return null;  // this security monitor HAS no ID
  } // end getID
  /*--------------------------------------------------------------------------------
   * External static operations
   *--------------------------------------------------------------------------------
   */
  public static synchronized SecurityMonitor get()
  {
    if (self==null)
      self = new PrimordialSecurityMonitor();
    return self;
  } // end get
 } // end class PrimordialSecurityMonitor
--- a/src/com/silverwrist/venice/security/Role.java
+++ b/src/com/silverwrist/venice/security/Role.java
@ -19,7 +19,7 @@ package com.silverwrist.venice.security;
 import java.util.*;
-public class Role implements Comparable, SecLevels
+public final class Role implements Comparable, Cloneable, SecLevels
 {
  /*--------------------------------------------------------------------------------
   * Static data members
@ -37,22 +37,12 @@ public class Role implements Comparable, SecLevels
  private static ArrayList comm_high;
  private static ArrayList conf_low;
  private static ArrayList conf_high;
  private static HashMap all_roles;
  private static List base_levels = null;
  private static List base_levels_2 = null;
  private static List commreadlist_rc = null;
  private static List commwritelist_rc = null;
  private static List commcreatelist_rc = null;
  private static List commdeletelist_rc = null;
  private static List commjoinlist_rc = null;
  private static List comm_member_levels = null;
  private static List confreadlist_rc = null;
  private static List confpostlist_rc = null;
  private static List confhidelist_rc = null;
  private static List confdeletelist_rc = null;
  private static List conf_member_levels = null;
  private static List new_comm_list_rc = null;
  /*--------------------------------------------------------------------------------
   * Attributes
@ -61,9 +51,10 @@ public class Role implements Comparable, SecLevels
  private int level;
  private String name;
  private String symbol;
  /*--------------------------------------------------------------------------------
-   * Constructor
+   * Constructors
   *--------------------------------------------------------------------------------
   */
@ -71,34 +62,23 @@ public class Role implements Comparable, SecLevels
  {
    this.level = level;
    this.name = name;
    this.symbol = null;
  } // end constructor
  protected Role(int level, String name, String symbol)
  {
    this.level = level;
    this.name = name;
    this.symbol = symbol;
  } // end constructor
  /*--------------------------------------------------------------------------------
-   * External operations
+   * Overrides from class Object
   *--------------------------------------------------------------------------------
   */
  public int getLevel()
  {
    return level;
  } // end getLevel
  public String getName()
  {
    return name;
  } // end getName
  public String toString()
  {
    StringBuffer buf = new StringBuffer(name);
    buf.append('[').append(level).append(']');
    return buf.toString();
  } // end toString
  public boolean equals(Object obj)
  {
    if (obj==null)
@ -108,7 +88,7 @@ public class Role implements Comparable, SecLevels
    if (obj instanceof Role)
    { // compare levels
      Role other = (Role)obj;
-      return (level==other.getLevel());
+      return (level==other.level);
    } // end if
@ -122,174 +102,77 @@ public class Role implements Comparable, SecLevels
  } // end hashCode
  public String toString()
  {
    StringBuffer buf = new StringBuffer(name);
    buf.append('[').append(level).append(']');
    if (symbol!=null)
      buf.append('{').append(symbol).append('}');
    return buf.toString();
  } // end toString
  /*--------------------------------------------------------------------------------
   * Implementations from interface Comparable
   *--------------------------------------------------------------------------------
   */
  public int compareTo(Object obj)
  {
    if (obj==null)
      throw new NullPointerException("comparing a NULL object");
    if (!(obj instanceof Role))
      throw new ClassCastException("comparing non-Role to Role");
    Role other = (Role)obj;
-    return level - other.getLevel();
+    return level - other.level;
  } // end compareTo
  /*--------------------------------------------------------------------------------
   * External operations
   *--------------------------------------------------------------------------------
   */
  public final int getLevel()
  {
    return level;
  } // end getLevel
  public final String getName()
  {
    return name;
  } // end getName
  public final String getSymbol()
  {
    return symbol;
  } // end getSymbol
  public final boolean isSatisfiedBy(int l)
  {
    return (l>=level);
  } // end isSatisfiedBy
  /*--------------------------------------------------------------------------------
   * External static operations
   *--------------------------------------------------------------------------------
   */
  public static final Role create(int level, String name, String symbol)
  {
    return new Role(level,name,symbol);
  } // end create
  /*--------------------------------------------------------------------------------
   * External static operations which generate lists of roles
   *--------------------------------------------------------------------------------
   */
  public static Role getRoleForLevel(int level)
  {
    Role rc = (Role)(all_roles.get(new Integer(level)));
    if (rc!=null)
      return rc;
    return new Role(level,"(Level " + level + ")");
  } // end getRoleForLevel
  public static List getBaseLevelChoices()
  {
    if (base_levels==null)
    { // create the returned list
      ArrayList rc = new ArrayList();
      rc.addAll(global_low);
      rc.add(unrestricted_user);
      rc.addAll(global_high);
      rc.remove(rc.size()-1);
      rc.trimToSize();
      base_levels = Collections.unmodifiableList(rc);
    } // end if
    return base_levels;
  } // end getBaseLevelChoices
  public static List getBaseLevelChoices2()
  {
    if (base_levels_2==null)
    { // create the returned list
      ArrayList rc = new ArrayList();
      rc.addAll(global_low);
      rc.add(unrestricted_user);
      rc.trimToSize();
      base_levels_2 = Collections.unmodifiableList(rc);
    } // end if
    return base_levels_2;
  } // end getBaseLevelChoices2
  public static Role getGlobalAdmin()
  {
    return global_admin;
  } // end getGlobalAdmin
  public static List getCommunityReadList()
  {
    if (commreadlist_rc==null)
    { // create the returned list
      ArrayList rc = new ArrayList();
      rc.addAll(global_low);
      rc.addAll(comm_low);
      rc.add(unrestricted_user);
      rc.addAll(comm_high);
      rc.add(global_high.get(0));
      rc.trimToSize();
      commreadlist_rc = Collections.unmodifiableList(rc);
    } // end if
    return commreadlist_rc;
  } // end getCommunityReadList
  public static List getCommunityWriteList()
  {
    if (commwritelist_rc==null)
    { // build the return value
      ArrayList rc = new ArrayList();
      rc.addAll(comm_high);
      rc.addAll(global_high);
      rc.trimToSize();
      commwritelist_rc = Collections.unmodifiableList(rc);
    } // end if
    return commwritelist_rc;
  } // end getCommunityWriteList
  public static List getCommunityCreateList()
  {
    if (commcreatelist_rc==null)
    { // create the return list
      ArrayList rc = new ArrayList();
      rc.add(global_low.get(global_low.size()-1));
      rc.addAll(comm_low);
      rc.add(unrestricted_user);
      rc.addAll(comm_high);
      rc.add(global_high.get(0));
      rc.trimToSize();
      commcreatelist_rc = Collections.unmodifiableList(rc);
    } // end if
    return commcreatelist_rc;
  } // end getCommunityCreateList
  public static List getCommunityDeleteList()
  { 
    if (commdeletelist_rc==null)
    { // create the return list
      ArrayList rc = new ArrayList();
      rc.addAll(comm_high);
      rc.addAll(global_high);
      rc.add(no_access);
      rc.trimToSize();
      commdeletelist_rc = Collections.unmodifiableList(rc);
    } // end if
    return commdeletelist_rc;
  } // end getCommunityDeleteList
  public static List getCommunityJoinList()
  {
    if (commjoinlist_rc==null)
      commjoinlist_rc = Collections.unmodifiableList(global_low);
    return commjoinlist_rc;
  } // end getCommunityJoinList
  public static List getCommunityMemberLevelChoices()
  {
    if (comm_member_levels==null)
    { // figure out the member levels list
      ArrayList rc = new ArrayList();
      rc.add(not_in_list);
      rc.addAll(global_low);
      rc.addAll(comm_low);
      rc.add(unrestricted_user);
      rc.addAll(comm_high);
      rc.remove(rc.size()-1);
      rc.trimToSize();
      comm_member_levels = Collections.unmodifiableList(rc);
    } // end if
    return comm_member_levels;
  } // end getCommunityMemberLevelChoices
  public static Role getCommunityHostRole()
  {
    return comm_host;
  } // end getCommunityHostRole
  public static List getConferenceReadList()
  {
    if (confreadlist_rc==null)
@ -399,23 +282,6 @@ public class Role implements Comparable, SecLevels
  } // end getConferenceMemberLevelChoices
  public static List getNewCommunityLevelChoices()
  {
    if (new_comm_list_rc==null)
    { // precalculate the list
      ArrayList rc = new ArrayList();
      rc.add(global_low.get(global_low.size()-1));
      rc.add(unrestricted_user);
      rc.addAll(global_high);
      rc.trimToSize();
      new_comm_list_rc = Collections.unmodifiableList(rc);
    } // end if
    return new_comm_list_rc;
  } // end getNewCommunityLevelChoices
  /*--------------------------------------------------------------------------------
   * Static initializer
   *--------------------------------------------------------------------------------
@ -423,13 +289,9 @@ public class Role implements Comparable, SecLevels
  static
  { // begin initializing the "all roles" map
    all_roles = new HashMap();
    not_in_list = new Role(0,"(not in list)");
    all_roles.put(new Integer(0),not_in_list);
    no_access = new Role(NO_ACCESS,"No Access");
    all_roles.put(new Integer(NO_ACCESS),no_access);
    unrestricted_user = new Role(UNRESTRICTED_USER,"'Unrestricted' User");
    all_roles.put(new Integer(UNRESTRICTED_USER),unrestricted_user);
    Role tmp;
@ -437,63 +299,50 @@ public class Role implements Comparable, SecLevels
    global_low = new ArrayList(3);
    tmp = new Role(GLOBAL_ANONYMOUS,"Anonymous User");
    global_low.add(tmp);
    all_roles.put(new Integer(GLOBAL_ANONYMOUS),tmp);
    tmp = new Role(GLOBAL_UNVERIFIED,"Unauthenticated User");
    global_low.add(tmp);
    all_roles.put(new Integer(GLOBAL_UNVERIFIED),tmp);
    tmp = new Role(GLOBAL_NORMAL,"Normal User");
    global_low.add(tmp);
    all_roles.put(new Integer(GLOBAL_NORMAL),tmp);
    global_low.trimToSize();
    // initialize the "global highband" vector
    global_high = new ArrayList(3);
    tmp = new Role(GLOBAL_ANYADMIN,"Any System Administrator");
    global_high.add(tmp);
    all_roles.put(new Integer(GLOBAL_ANYADMIN),tmp);
    tmp = new Role(GLOBAL_PFY,"System Assistant Administrator");
    global_high.add(tmp);
    all_roles.put(new Integer(GLOBAL_PFY),tmp);
    global_admin = new Role(GLOBAL_BOFH,"Global System Administrator");
    global_high.add(global_admin);
    all_roles.put(new Integer(GLOBAL_BOFH),global_admin);
    global_high.trimToSize();
    // initialize the "community lowband" vector
    comm_low = new ArrayList(1);
    tmp = new Role(COMM_MEMBER,"Community Member");
    comm_low.add(tmp);
    all_roles.put(new Integer(COMM_MEMBER),tmp);
    comm_low.trimToSize();
    // initialize the "communtiy highband" vector
    comm_high = new ArrayList(3);
    tmp = new Role(COMM_ANYADMIN,"Any Community Administrator");
    comm_high.add(tmp);
    all_roles.put(new Integer(COMM_ANYADMIN),tmp);
    tmp = new Role(COMM_COHOST,"Community Co-Host");
    comm_high.add(tmp);
    all_roles.put(new Integer(COMM_COHOST),tmp);
    comm_host = new Role(COMM_HOST,"Community Host");
    comm_high.add(comm_host);
    all_roles.put(new Integer(COMM_HOST),comm_host);
    comm_high.trimToSize();
    // initialize the "conference lowband" vector
    conf_low = new ArrayList(1);
    tmp = new Role(CONFERENCE_MEMBER,"Conference Member");
    conf_low.add(tmp);
    all_roles.put(new Integer(CONFERENCE_MEMBER),tmp);
    conf_low.trimToSize();
    // initialize the "conference highband" vector
    conf_high = new ArrayList(2);
    tmp = new Role(CONFERENCE_ANYADMIN,"Any Conference Administrator");
    conf_high.add(tmp);
    all_roles.put(new Integer(CONFERENCE_ANYADMIN),tmp);
    tmp = new Role(CONFERENCE_HOST,"Conference Host");
    conf_high.add(tmp);
    all_roles.put(new Integer(CONFERENCE_HOST),tmp);
    conf_high.trimToSize();
  } // end static initializer
--- a/src/com/silverwrist/venice/security/ScopeInfo.java
+++ b/src/com/silverwrist/venice/security/ScopeInfo.java
@ -0,0 +1,225 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.security;
 public final class ScopeInfo implements Cloneable, Comparable
 {
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  private static final int[] LB_LOW =   // Scope values, lowband, low end of range
      { 0, 2000, 4000, 6000, 8000, 10000, 12000, 14000, 16000, 18000, 20000, 22000, 24000, 26000, 28000,
 	30000 };
  private static final int[] LB_HIGH =  // Scope values, lowband, high end of range
      { 1999, 3999, 5999, 7999, 9999, 11999, 13999, 15999, 17999, 19999, 21999, 23999, 25999, 27999, 29999,
 	31999 };
  private static final int[] HB_LOW =   // Scope values, highband, low end of range
      { 63000, 61000, 59000, 57000, 55000, 53000, 51000, 49000, 47000, 45000, 43000, 41000, 39000, 37000,
 	35000, 33000 };
  private static final int[] HB_HIGH =  // Scope values, highband, high end of range
      { 64999, 62999, 60999, 58999, 56999, 54999, 52999, 50999, 48999, 46999, 44999, 42999, 40999, 38999,
 	36999, 34999 };
  public static final int L_NOT_THERE = -1;         // global "not there" constant
  public static final int L_UNRESTRICTED = 32500;   // global "unrestricted user" constant
  public static final int L_NO_ACCESS = 65500;      // global "no access" constant
  public static final int BAND_WIDTH = 1999;        // offset between "high and low" values within a band
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
   */
  int scope;                 // the scope value
  /*--------------------------------------------------------------------------------
   * Constructor
   *--------------------------------------------------------------------------------
   */
  public ScopeInfo(int scope)
  {
    if ((scope<0) || (scope>=LB_LOW.length))
      throw new IndexOutOfBoundsException("invalid scope value");
    this.scope = scope;
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Overrides from class Object
   *--------------------------------------------------------------------------------
   */
  public boolean equals(Object o)
  {
    if ((o==null) || !(o instanceof ScopeInfo))
      return false;
    ScopeInfo other = (ScopeInfo)o;
    return (scope==other.scope);
  } // end equals
  public int hashCode()
  {
    return scope;
  } // end hashCode
  public String toString()
  {
    StringBuffer buf = new StringBuffer("{ScopeInfo(");
    buf.append(scope).append("): ranges [").append(LB_LOW[scope]).append('-').append(LB_HIGH[scope]);
    buf.append("], [").append(HB_LOW[scope]).append('-').append(HB_HIGH[scope]).append("]}");
    return buf.toString();
  } // end toString
  /*--------------------------------------------------------------------------------
   * Implementations from interface Comparable
   *--------------------------------------------------------------------------------
   */
  public int compareTo(Object o)
  {
    if (o==null)
      throw new NullPointerException("can't compare to a null object");
    ScopeInfo other = (ScopeInfo)o;  // may throw ClassCastException - that's OK
    return scope - other.scope;
  } // end compareTo
  /*--------------------------------------------------------------------------------
   * External operations
   *--------------------------------------------------------------------------------
   */
  public final int getScope()
  {
    return scope;
  } // end getScope
  public final int getLowBandLow()
  {
    return LB_LOW[scope];
  } // end getLowBandLow
  public final int getLowBandHigh()
  {
    return LB_HIGH[scope];
  } // end getLowBandHigh
  public final int getHighBandLow()
  {
    return HB_LOW[scope];
  } // end getHighBandLow
  public final int getHighBandHigh()
  {
    return HB_HIGH[scope];
  } // end getHighBandHigh
  public final int getLevel(boolean highband, int offset)
  {
    int rc;
    if (highband)
    { // it's in the highband
      if (offset<0)
      { // negative offset from high end of highband
 	rc = HB_HIGH[scope] + offset;
 	if (rc<HB_LOW[scope])
 	  throw new IllegalArgumentException("value out of scope");
      } // end if
      else
      { // positive offset from low end of highband
 	rc = HB_LOW[scope] + offset;
 	if (rc>HB_HIGH[scope])
 	  throw new IllegalArgumentException("value out of scope");
      } // end else
    } // end if (highband)
    else
    { // it's in the lowband
      if (offset<0)
      { // negative offset from high end of lowband
 	rc = LB_HIGH[scope] + offset;
 	if (rc<LB_LOW[scope])
 	  throw new IllegalArgumentException("value out of scope");
      } // end if
      else
      { // positive offset from low end of lowband
 	rc = LB_LOW[scope] + offset;
 	if (rc>LB_HIGH[scope])
 	  throw new IllegalArgumentException("value out of scope");
      } // end else
    } // end else (lowband)
    return rc;
  } // end getLevel
  public final boolean isInScope(int value)
  {
    if ((value>=LB_LOW[scope]) && (value<=LB_HIGH[scope]))
      return true;
    if ((value>=HB_LOW[scope]) && (value<=HB_HIGH[scope]))
      return true;
    return false;
  } // end isInScope
  /*--------------------------------------------------------------------------------
   * External static operations
   *--------------------------------------------------------------------------------
   */
  public static final boolean isValidScope(int s)
  {
    return ((s>=0) && (s<LB_LOW.length));
  } // end isValidScope
  public static final int getScopeOf(int value)
  {
    if ((value<LB_LOW[0]) || (value>HB_HIGH[0]))
      return -1;  // quick test to eliminate most of the range
    for (int i=0; i<LB_LOW.length; i++)
    { // look in each scope in turn
      if ((value<=LB_HIGH[i]) || (value>=HB_LOW[i]))
 	return i;
    } // end for
    return -1;  // not in a scope
  } // end getScopeOf
 } // end class ScopeInfo
--- a/src/com/silverwrist/venice/security/SecurityMonitor.java
+++ b/src/com/silverwrist/venice/security/SecurityMonitor.java
@ -0,0 +1,43 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.security;
 import java.util.List;
 import com.silverwrist.venice.core.AccessError;
 public interface SecurityMonitor
 {
  public abstract boolean testPermission(String symbol, int level, String errormsg) throws AccessError;
  public abstract boolean testPermission(String symbol, int level);
  public abstract boolean permissionDefined(String symbol, boolean no_follow);
  public abstract List getRoleList(String symbol);
  public abstract Role getRole(String symbol);
  public abstract Role getRoleForLevel(int level);
  public abstract Role getDefaultRole(String symbol);
  public abstract ScopeInfo getScopeInfo();
  public abstract String getID();
 } // end interface SecurityMonitor
--- a/src/com/silverwrist/venice/security/StaticSecurityMonitor.java
+++ b/src/com/silverwrist/venice/security/StaticSecurityMonitor.java
@ -0,0 +1,713 @@
 /*
 * The contents of this file are subject to the Mozilla Public License Version 1.1
 * (the "License"); you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 * 
 * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 * language governing rights and limitations under the License.
 * 
 * The Original Code is the Venice Web Communities System.
 * 
 * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 * 
 * Contributor(s): 
 */
 package com.silverwrist.venice.security;
 import java.util.*;
 import org.apache.log4j.*;
 import org.w3c.dom.*;
 import com.silverwrist.util.DOMElementHelper;
 import com.silverwrist.venice.core.AccessError;
 import com.silverwrist.venice.core.ConfigException;
 public class StaticSecurityMonitor implements SecurityMonitor
 {
  /*--------------------------------------------------------------------------------
   * Internal class for evaluating static permissions
   *--------------------------------------------------------------------------------
   */
  final class StaticPermission
  {
    private Role role;
    private String message;
    StaticPermission(Role role, String message)
    {
      this.role = role;
      this.message = message;
    } // end constructor
    final void test(int level, String errormessage) throws AccessError
    {
      if (!(role.isSatisfiedBy(level)))
      { // the static permission test failed!
 	logger.warn("Static permission test (level " + level + " vs. role " + role + ") failed");
 	if (errormessage==null)
 	  errormessage = message;
 	if (errormessage==null)
 	  errormessage = "Operation not permitted.";
 	throw new AccessError(errormessage);
      } // end if
    } // end test
    final boolean test(int level)
    {
      return role.isSatisfiedBy(level);
    } // end test
  } // end class StaticPermission
  /*--------------------------------------------------------------------------------
   * Static data members
   *--------------------------------------------------------------------------------
   */
  private static Category logger = Category.getInstance(StaticSecurityMonitor.class);
  private static SecurityMonitor root_monitor = null;
  private static Map known_monitors = Collections.synchronizedMap(new HashMap());
  private static int DEFAULT_SCOPE_OFFSET = 3;
  /*--------------------------------------------------------------------------------
   * Attributes
   *--------------------------------------------------------------------------------
   */
  private String id;               // the identity of this security monitor
  private ScopeInfo scope;         // the scope of this security monitor
  private SecurityMonitor parent;  // the parent of this security monitor
  private Map sym_to_role;         // mapping of role symbols to roles
  private Map level_to_role;       // mapping of role levels to roles
  private Map lists;               // mapping of list symbols to lists
  private Map default_roles;       // mapping of symbols to default values
  private Map static_permissions;  // mapping of symbols to static permissions
  private Set dynamic_permissions; // set of defined dynamic permission names
  /*--------------------------------------------------------------------------------
   * Constructor
   *--------------------------------------------------------------------------------
   */
  public StaticSecurityMonitor(Element cfg) throws ConfigException
  {
    boolean set_root_monitor = false;
    if (!(cfg.getTagName().equals("security-definition")))
    { // not the right kind of element!
      logger.fatal("security monitor config is not a <security-definition/> element");
      throw new ConfigException("configuration must be a <security-definition/>",cfg);
    } // end if
    DOMElementHelper root_h = new DOMElementHelper(cfg);
    if (root_h.hasAttribute("id"))
      id = cfg.getAttribute("id");
    else
    { // no id= attribute? that's bad!
      logger.fatal("security monitor has no id= attribute");
      throw new ConfigException("<security-definition/> must have an id= attribute",cfg);
    } // end else
    if (logger.isDebugEnabled())
      logger.debug("defining new StaticSecurityMonitor with id=" + id);
    if (known_monitors.containsKey(id))
    { // the monitor with this ID has already been defined!
      logger.fatal("security monitor with id=" + id + " is already defined!");
      throw new ConfigException("security monitor id=" + id + " is already defined!");
    } // end if
    if (root_h.hasAttribute("parent"))
    { // find our parent
      String parent_id = cfg.getAttribute("parent");
      parent = (SecurityMonitor)(known_monitors.get(parent_id));
      if (parent==null)
      { // no parent!  that's bogus!
 	logger.fatal("parent security monitor with id=" + parent_id + " does not exist!");
 	throw new ConfigException("parent security monitor with id=" + parent_id + " does not exist!");
      } // end if
      int my_scope = parent.getScopeInfo().getScope();
      int my_offset = DEFAULT_SCOPE_OFFSET;
      if (root_h.hasAttribute("offset"))
      { // get the offset value and compare it
 	Integer tmp = root_h.getAttributeInt("offset");
 	if (tmp==null)
 	{ // the offset was not an integer value - bye now!
 	  logger.fatal("offset= value was not an integer");
 	  throw new ConfigException("offset= attribute of <security-definition/> must be an integer");
 	} // end if
 	my_offset = tmp.intValue();
 	if (my_offset<1)
 	{ // the offset must be greater than or equal to 1!
 	  logger.fatal("offset= value (" + my_offset + ") was out of range");
 	  throw new ConfigException("offset= attribute of <security-definition/> must be >= 1");
 	} // end if
      } // end if
      my_scope += my_offset;
      if (!(ScopeInfo.isValidScope(my_scope)))
      { // resulting scope is out of range!
 	logger.fatal("scope for id=" + id + " comes out to " + my_scope + ", and that's not in range");
 	throw new ConfigException("scope for security monitor id=" + id + " is out of range!");
      } // end if
      // allocate a scope info object with the new scope
      scope = new ScopeInfo(my_scope);
    } // end if
    else
    { // this must be the root security monitor!
      if (root_monitor!=null)
      { // but we already have a root - can't be two roots!
 	logger.fatal("trying to define root security monitor but we already have one");
 	throw new ConfigException("root security monitor is already defined!");
      } // end if
      // we are the root security monitor...we live at scope 0, our parent is the primordial monitor
      set_root_monitor = true;
      scope = new ScopeInfo(0);
      parent = PrimordialSecurityMonitor.get();
    } // end else
    // get the defined roles
    Element sect = root_h.getSubElement("defined-roles");
    NodeList nl;
    int i;
    if (sect!=null)
    { // we need to define some roles here...
      HashMap tmp_sym_to_role = new HashMap();
      HashMap tmp_level_to_role = new HashMap();
      nl = sect.getChildNodes();
      for (i=0; i<nl.getLength(); i++)
      { // get each child node, see if it's a <role/>
 	Node n = nl.item(i);
 	if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("role")))
 	{ // create the role and add it to the temporary 
 	  Role r = createRole((Element)n);
 	  tmp_sym_to_role.put(r.getSymbol(),r);
 	  tmp_level_to_role.put(new Integer(r.getLevel()),r);
 	} // end if
      } // end for
      if (tmp_sym_to_role.size()>0)
      { // save these off as unmodifiable maps
 	sym_to_role = Collections.unmodifiableMap(tmp_sym_to_role);
 	level_to_role = Collections.unmodifiableMap(tmp_level_to_role);
      } // end if
      else
      { // nothing defined here!
 	sym_to_role = Collections.EMPTY_MAP;
 	level_to_role = Collections.EMPTY_MAP;
      } // end else
    } // end if
    else
    { // I guess we don't define any roles!
      sym_to_role = Collections.EMPTY_MAP;
      level_to_role = Collections.EMPTY_MAP;
    } // end else
    // since lists may indirectly define default roles and permissions, create storage space for them
    HashMap tmp_default_roles = new HashMap();
    HashMap tmp_static_permissions = new HashMap();
    HashSet tmp_dynamic_permissions = new HashSet();
    // get the defined role lists
    sect = root_h.getSubElement("defined-lists");
    if (sect!=null)
    { // we need to define some role lists here!
      HashMap tmp_lists = new HashMap();
      nl = sect.getChildNodes();
      for (i=0; i<nl.getLength(); i++)
      { // get each child node, see if it's a <list/>
 	Node n = nl.item(i);
 	if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("list")))
 	{ // create the role list and add it to the temporary map
 	  // but first, get the ID
 	  DOMElementHelper hn = new DOMElementHelper((Element)n);
 	  String list_id;
 	  if (hn.hasAttribute("id"))
 	    list_id = id + "." + hn.getElement().getAttribute("id");
 	  else
 	  { // no id= attribute - can't do anything with this
 	    logger.fatal("<list/> element found with no id= attribute!");
 	    throw new ConfigException("no id= attribute on defined <list/> element",hn.getElement());
 	  } // end else
 	  // now actually build the list and insert it
 	  List rlist = buildList(hn.getElement(),list_id,tmp_default_roles,tmp_static_permissions,
 				 tmp_dynamic_permissions);
 	  tmp_lists.put(list_id,rlist);
 	} // end if
      } // end for
      if (tmp_lists.size()>0)
 	lists = Collections.unmodifiableMap(tmp_lists);
      else
 	lists = Collections.EMPTY_MAP;
    } // end if
    else // no lists defined here!
      lists = Collections.EMPTY_MAP;
    // Get the additional defined default roles.
    sect = root_h.getSubElement("defaults");
    if (sect!=null)
    { // get the nodes in the defaults section
      nl = sect.getChildNodes();
      for (i=0; i<nl.getLength(); i++)
      { // pick out each one and process it if it's a <default/>
 	Node n = nl.item(i);
 	if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("default")))
 	  processDefault((Element)n,tmp_default_roles);
      } // end for
    } // end if
    // else no more defined defaults
    // Since that's it for the defaults, freeze the defaults list.
    if (tmp_default_roles.size()>0)
      default_roles = Collections.unmodifiableMap(tmp_default_roles);
    else
      default_roles = Collections.EMPTY_MAP;
    // Get the defined permissions.
    sect = root_h.getSubElement("permissions");
    if (sect!=null)
    { // get the nodes in the permissions section
      nl = sect.getChildNodes();
      for (i=0; i<nl.getLength(); i++)
      { // pick out each one and process it if it's a <permission/>
 	Node n = nl.item(i);
 	if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("permission")))
 	  processPermission((Element)n,tmp_static_permissions,tmp_dynamic_permissions);
      } // end for
    } // end if
    // else no more defined permissions
    // That's now it for the permissions, so freeze those elements.
    if (tmp_static_permissions.size()>0)
      static_permissions = Collections.unmodifiableMap(tmp_static_permissions);
    else
      static_permissions = Collections.EMPTY_MAP;
    if (tmp_dynamic_permissions.size()>0)
      dynamic_permissions = Collections.unmodifiableSet(tmp_dynamic_permissions);
    else
      dynamic_permissions = Collections.EMPTY_SET;
    // Finish up by adding ourselves to the known monitors list.
    known_monitors.put(id,this);
    if (set_root_monitor)
      root_monitor = this;
  } // end constructor
  /*--------------------------------------------------------------------------------
   * Internal operations
   *--------------------------------------------------------------------------------
   */
  private Role createRole(Element e) throws ConfigException
  {
    String symbol, text;
    int level;
    DOMElementHelper h = new DOMElementHelper(e);
    if (h.hasAttribute("id"))
      symbol = id + "." + e.getAttribute("id");  // symbols get automagically scoped
    else
    { // no role defined
      logger.fatal("<role/> defined with no id= attribute!");
      throw new ConfigException("no id= attribute for a <role/>",e);
    } // end else
    if (h.hasAttribute("value"))
    { // get the value and parse it out
      String value_str = e.getAttribute("value").trim().toUpperCase();
      if (value_str.equals("LMIN"))
 	level = scope.getLowBandLow();
      else if (value_str.equals("LMAX"))
 	level = scope.getLowBandHigh();
      else if (value_str.equals("HMIN"))
 	level = scope.getHighBandLow();
      else if (value_str.equals("HMAX"))
 	level = scope.getHighBandHigh();
      else if (   value_str.startsWith("L+") || value_str.startsWith("L-") || value_str.startsWith("H+")
 	       || value_str.startsWith("H-"))
      { // take the characters following the 2-character prefix and convert them to an integer
 	int offset;
 	try
 	{ // convert the value and make sure it's not less than 0
 	  offset = Integer.parseInt(value_str.substring(2));
 	  if (offset<0)
 	  { // don't want it less than zero here!
 	    logger.fatal("offset value " + offset + " was out of range");
 	    throw new ConfigException("offset value= attribute for <role/> was out of range",e);
 	  } // end if
 	} // end try
 	catch (NumberFormatException nfe)
 	{ // not a numeric offset value
 	  logger.fatal("offset value \"" + value_str + "\" was not numeric");
 	  throw new ConfigException("offset value= attribute for <role/> was not properly numeric",e);
 	} // end catch
 	if (value_str.charAt(1)=='-')
 	  offset = -offset;  // compute as negative offset
 	try
 	{ // now use the scope to compute the level!
 	  level = scope.getLevel((value_str.charAt(0)=='H'),offset);
 	} // end try
 	catch (IllegalArgumentException iae)
 	{ // we landed with a value outside the scope!
 	  logger.fatal("offset value \"" + value_str + "\" was not in the scope");
 	  throw new ConfigException("offset value= attribute for <role/> was not within the scope",e);
 	} // end catch
      } // end else if
      else
      { // just a straight numeric level
 	try
 	{ // parse it out and give it a scope check
 	  level = Integer.parseInt(value_str);
 	  if (!(scope.isInScope(level)))
 	  { // not in the right scope - can't help you, pal!
 	    logger.fatal("level value \"" + level + "\" was not in the scope");
 	    throw new ConfigException("level value= attribute for <role/> was not within the scope",e);
 	  } // end if
 	} // end try
 	catch (NumberFormatException nfe)
 	{ // the level was not numeric
 	  logger.fatal("level value \"" + value_str + "\" was not numeric");
 	  throw new ConfigException("level value= attribute for <role/> was not properly numeric",e);
 	} // end catch
      } // end else
    } // end if
    else
    { // no value defined for this role!
      logger.fatal("<role/> defined with no value= attribute!");
      throw new ConfigException("no value= attribute for a <role/>",e);
    } // end else
    // Get the text; default to the symbol name if it doesn't exist.
    text = h.getElementText();
    if (text==null)
      text = symbol;
    // create the resulting role!
    return Role.create(level,text,symbol);
  } // end createRole
  private List buildList(Element elem, String listid, Map defaultrole, Map static_perm, Set dynamic_perm)
      throws ConfigException
  {
    DOMElementHelper h = new DOMElementHelper(elem);
    Element perm = h.getSubElement("permission");
    if (perm!=null)
    { // there's a permission associated with this list, find out what it is
      DOMElementHelper ph = new DOMElementHelper(perm);
      if (ph.hasAttribute("role"))
      { // look up the role and make sure it corresponds to one we know
 	Role role = this.getRole(perm.getAttribute("role"));
 	if (role==null)
 	{ // role not present!
 	  logger.fatal("list <permission/> role (" + perm.getAttribute("role") + ") not defined");
 	  throw new ConfigException("<permission/> inside of <list/> did not use defined role!",perm);
 	} // end if
 	// create a new StaticPermission and add it to the mapping
 	StaticPermission sp = new StaticPermission(role,ph.getElementText());
 	static_perm.put(listid,sp);
      } // end if
      else  // this is a dynamic permission, add it to the set
 	dynamic_perm.add(listid);
    } // end if
    // else there's no problem
    NodeList nl = elem.getChildNodes();
    ArrayList rc = new ArrayList(nl.getLength());
    boolean have_default = false;
    for (int i=0; i<nl.getLength(); i++)
    { // look for list elements
      Node n = nl.item(i);
      if ((n.getNodeType()==Node.ELEMENT_NODE) && (n.getNodeName().equals("element")))
      { // look at the attributes of this element node
 	DOMElementHelper itmh = new DOMElementHelper((Element)n);
 	Role r = null;
 	if (itmh.hasAttribute("role"))
 	{ // convert the string into a role
 	  r = this.getRole(itmh.getElement().getAttribute("role"));
 	  if (r==null)
 	  { // the role is not defined!
 	    logger.fatal("list <element/> role (" + itmh.getElement().getAttribute("role") + ") not defined");
 	    throw new ConfigException("<element/> inside of <list/> did not use defined role!",
 				      itmh.getElement());
 	  } // end if
 	} // end if
 	else
 	{ // no attribute present
 	  logger.fatal("<element/> defined with no role= attribute!");
 	  throw new ConfigException("no role= attribute for a list <element/>",itmh.getElement());
 	} // end else
 	rc.add(r);  // add element to defining list
 	if (itmh.hasAttribute("default"))
 	{ // this is a default item...
 	  if (have_default)
 	  { // but there can't be two defaults!
 	    logger.fatal("duplicate default= attributes in list <element/> nodes!");
 	    throw new ConfigException("duplicate default= attribute in list <element/>",itmh.getElement());
 	  } // end if
 	  else
 	  { // we have a default for the list now!
 	    defaultrole.put(listid,r);
 	    have_default = true;
 	  } // end else
 	} // end if
      } // end if
    } // end for
    // Final prep on the list prior to returning it.
    Collections.sort(rc);
    rc.trimToSize();
    return Collections.unmodifiableList(rc);
  } // end buildlist
  private void processDefault(Element elem, Map defaultrole) throws ConfigException
  {
    // Start by getting the default ID.
    DOMElementHelper h = new DOMElementHelper(elem);
    String def_id = null;
    if (h.hasAttribute("id"))
      def_id = id + "." + elem.getAttribute("id");
    else
    { // no id defined!
      logger.fatal("<default/> defined with no id= attribute!");
      throw new ConfigException("no id= attribute for a <default/>",elem);
    } // end else
    Role r = null;
    if (h.hasAttribute("role"))
    { // get the role associated with the item
      r = this.getRole(elem.getAttribute("role"));
      if (r==null)
      { // no role found - this is an error!
 	logger.fatal("<default/> role (" + elem.getAttribute("role") + ") not defined");
 	throw new ConfigException("<default/> did not use defined role!",elem);
      } // end if
    } // end if
    else
    { // no role defined!
      logger.fatal("<default/> defined with no id= attribute!");
      throw new ConfigException("no id= attribute for a <default/>",elem);
    } // end else
    defaultrole.put(def_id,r);
  } // end processDefault
  private void processPermission(Element elem, Map static_perm, Set dynamic_perm) throws ConfigException
  {
    // Start by getting the permission ID.
    DOMElementHelper h = new DOMElementHelper(elem);
    String perm_id = null;
    if (h.hasAttribute("id"))
      perm_id = id + "." + elem.getAttribute("id");
    else
    { // no id defined!
      logger.fatal("<permission/> defined with no id= attribute!");
      throw new ConfigException("no id= attribute for a <permission/>",elem);
    } // end else
    if (h.hasAttribute("role"))
    { // this is a static permission; try and get the associated role
      Role r = this.getRole(elem.getAttribute("role"));
      if (r==null)
      { // no role found - this is an error!
 	logger.fatal("<permission/> role (" + elem.getAttribute("role") + ") not defined");
 	throw new ConfigException("<permission/> did not use defined role!",elem);
      } // end if
      // create static permission and add it
      StaticPermission sp = new StaticPermission(r,h.getElementText());
      static_perm.put(perm_id,sp);
    } // end if
    else // this is a dynamic permission; just add to our set
      dynamic_perm.add(perm_id);
  } // end processPermission
  /*--------------------------------------------------------------------------------
   * Implementations from interface SecurityMonitor
   *--------------------------------------------------------------------------------
   */
  public boolean testPermission(String symbol, int level, String errormsg) throws AccessError
  {
    if (symbol==null)
      throw new NullPointerException("testPermission() got null symbol");
    StaticPermission sp = (StaticPermission)(static_permissions.get(symbol));
    if (sp==null)
    { // permission not found here - NOTE! Do not call to parent unless we are at the root level, as
      // permission tests always follow the DYNAMIC chain, not the static one!
      if (scope.getScope()==0)
 	return parent.testPermission(symbol,level,errormsg);
      else
 	return false;
    } // end if
    sp.test(level,errormsg); // will throw AccessError on failure
    return true;
  } // end testPermission
  public boolean testPermission(String symbol, int level)
  {
    if (symbol==null)
      throw new NullPointerException("testPermission() got null symbol");
    StaticPermission sp = (StaticPermission)(static_permissions.get(symbol));
    if (sp==null)
    { // permission not found here - NOTE! Do not call to parent unless we are at the root level, as
      // permission tests always follow the DYNAMIC chain, not the static one!
      if (scope.getScope()==0)
 	return parent.testPermission(symbol,level);
      else
 	return false;
    } // end if
    return sp.test(level);
  } // end testPermission
  public boolean permissionDefined(String symbol, boolean no_follow)
  {
    if (symbol==null)
      throw new NullPointerException("permissionDefined() got null symbol");
    if (static_permissions.containsKey(symbol) || dynamic_permissions.contains(symbol))
      return true;
    if (no_follow)
      return false;
    return parent.permissionDefined(symbol,false);
  } // end permissionDefined
  public List getRoleList(String symbol)
  {
    if (symbol==null)
      throw new NullPointerException("getRoleList() got null symbol");
    List rc = (List)(lists.get(symbol));
    if (rc==null)
      rc = parent.getRoleList(symbol);
    return rc;
  } // end getRoleList
  public Role getRole(String symbol)
  {
    if (symbol==null)
      throw new NullPointerException("getRole() got null symbol");
    Role rc = (Role)(sym_to_role.get(symbol));
    if (rc==null)
      rc = parent.getRole(symbol);
    return rc;
  } // end getRole
  public Role getRoleForLevel(int level)
  {
    Role rc = (Role)(level_to_role.get(new Integer(level)));
    if (rc==null)
      rc = parent.getRoleForLevel(level);
    return rc;
  } // end getRoleForLevel
  public Role getDefaultRole(String symbol)
  {
    if (symbol==null)
      throw new NullPointerException("getRole() got null symbol");
    Role rc = (Role)(default_roles.get(symbol));
    if (rc==null)
      rc = parent.getDefaultRole(symbol);
    return rc;
  } // end getDefaultRole
  public ScopeInfo getScopeInfo()
  {
    return scope;
  } // end getScopeInfo
  public String getID()
  {
    return id;
  } // end getID
 } // end class StaticSecurityMonitor
--- a/src/com/silverwrist/venice/security/sm.properties
+++ b/src/com/silverwrist/venice/security/sm.properties
@ -0,0 +1,21 @@
 # The contents of this file are subject to the Mozilla Public License Version 1.1
 # (the "License"); you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
 # 
 # Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
 # WARRANTY OF ANY KIND, either express or implied. See the License for the specific
 # language governing rights and limitations under the License.
 #  
 # The Original Code is the Venice Web Communities System.
 # 
 # The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
 # for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
 # Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
 # 
 # Contributor(s): 
 # -------------------------------------------------------------------------------------
 # Names for the roles initialized by the primordial security monitor
 role.NoAccess.name=No Access
 role.NotInList.name=(not in list)
 role.UnrestrictedUser.name='Unrestricted' User
--- a/src/com/silverwrist/venice/servlets/CommunityAdmin.java
+++ b/src/com/silverwrist/venice/servlets/CommunityAdmin.java
@ -61,14 +61,14 @@ public class CommunityAdmin extends VeniceServlet
  } // end makeCommunityAdminTop
-  private EditCommunityProfileDialog makeEditCommunityProfileDialog() throws ServletException
+  private EditCommunityProfileDialog makeEditCommunityProfileDialog(SecurityInfo sinf) throws ServletException
  {
    final String desired_name = "EditCommunityProfileDialog";
    DialogCache cache = DialogCache.getDialogCache(getServletContext());
    if (!(cache.isCached(desired_name)))
    { // create a template and save it off
-      EditCommunityProfileDialog template = new EditCommunityProfileDialog();
+      EditCommunityProfileDialog template = new EditCommunityProfileDialog(sinf);
      cache.saveTemplate(template);
    } // end if
@ -126,7 +126,7 @@ public class CommunityAdmin extends VeniceServlet
      } // end if
      // construct the edit profile dialog and load it up for use
-      EditCommunityProfileDialog dlg = makeEditCommunityProfileDialog();
+      EditCommunityProfileDialog dlg = makeEditCommunityProfileDialog(comm.getSecurityInfo());
      try
      { // load the values for this dialog
@ -393,7 +393,7 @@ public class CommunityAdmin extends VeniceServlet
      } // end if
      // construct the edit profile dialog and load it up for use
-      EditCommunityProfileDialog dlg = makeEditCommunityProfileDialog();
+      EditCommunityProfileDialog dlg = makeEditCommunityProfileDialog(comm.getSecurityInfo());
      dlg.setupDialogBasic(engine,comm);
      if (dlg.isButtonClicked(request,"cancel"))
--- a/src/com/silverwrist/venice/servlets/SystemAdmin.java
+++ b/src/com/silverwrist/venice/servlets/SystemAdmin.java
@ -75,14 +75,14 @@ public class SystemAdmin extends VeniceServlet
  } // end makeAdminModifyUserDialog
-  private EditGlobalPropertiesDialog makeGlobalPropertiesDialog() throws ServletException
+  private EditGlobalPropertiesDialog makeGlobalPropertiesDialog(SecurityInfo sinf) throws ServletException
  {
    final String desired_name = "EditGlobalPropertiesDialog";
    DialogCache cache = DialogCache.getDialogCache(getServletContext());
    if (!(cache.isCached(desired_name)))
    { // create a template and save it off
-      EditGlobalPropertiesDialog template = new EditGlobalPropertiesDialog();
+      EditGlobalPropertiesDialog template = new EditGlobalPropertiesDialog(sinf);
      cache.saveTemplate(template);
    } // end if
@ -186,7 +186,7 @@ public class SystemAdmin extends VeniceServlet
 	AdminUserContext admuser = adm.getUserContext(Integer.parseInt(s_uid));
 	AdminModifyUserDialog dlg = makeAdminModifyUserDialog();
-	dlg.setupDialog(adm.isGlobalAdmin(),admuser);
+	dlg.setupDialog(adm,admuser);
 	setMyLocation(request,"sysadmin?cmd=UM");
 	return dlg;
@ -215,7 +215,7 @@ public class SystemAdmin extends VeniceServlet
      try
      { // get the global properties
 	AdminOperations adm = user.getAdminInterface();
-	EditGlobalPropertiesDialog dlg = makeGlobalPropertiesDialog();
+	EditGlobalPropertiesDialog dlg = makeGlobalPropertiesDialog(adm.getSecurityInfo());
 	dlg.setupDialog(adm);
 	setMyLocation(request,"sysadmin?cmd=G");
 	return dlg;
@ -301,7 +301,7 @@ public class SystemAdmin extends VeniceServlet
 	  } // end try
 	  catch (ValidationException ve)
 	  { // this is a simple error
-	    dlg.resetOnError(adm.isGlobalAdmin(),admuser,ve.getMessage() + " Please try again.");
+	    dlg.resetOnError(adm,admuser,ve.getMessage() + " Please try again.");
 	    setMyLocation(request,"sysadmin?cmd=UM");
 	    return dlg;
@ -339,7 +339,7 @@ public class SystemAdmin extends VeniceServlet
    { // "G" - Edit Global Properties
      try
      { // get the dialog box
-	EditGlobalPropertiesDialog dlg = makeGlobalPropertiesDialog();
+	EditGlobalPropertiesDialog dlg = makeGlobalPropertiesDialog(engine.getSecurityInfo());
 	if (dlg.isButtonClicked(request,"cancel"))
 	  throw new RedirectResult("sysadmin");  // we decided not to bother - go back
--- a/src/com/silverwrist/venice/servlets/format/AdminModifyUserDialog.java
+++ b/src/com/silverwrist/venice/servlets/format/AdminModifyUserDialog.java
@ -42,7 +42,7 @@ public class AdminModifyUserDialog extends ContentDialog
    addFormField(new CDPasswordFormField("pass2","Password","(retype)",false,32,128));
    addFormField(new CDTextFormField("remind","Password reminder phrase",null,false,32,255));
    addFormField(new CDRoleListFormField("base_lvl","Base security level",null,true,
-					 Role.getBaseLevelChoices()));
+					 Collections.EMPTY_LIST));
    addFormField(new CDCheckBoxFormField("verify_email","E-mail address verified",null,"Y"));
    addFormField(new CDCheckBoxFormField("lockout","Account locked out",null,"Y"));
    addFormField(new CDFormCategoryHeader("Name"));
@ -91,29 +91,23 @@ public class AdminModifyUserDialog extends ContentDialog
   *--------------------------------------------------------------------------------
   */
-  private void coreSetup(boolean is_global_admin, AdminUserContext admuser)
+  private void coreSetup(AdminOperations ops, AdminUserContext admuser)
  {
    setSubtitle("User: " + admuser.getUserName());
    setHiddenField("uid",String.valueOf(admuser.getUID()));
    CDPickListFormField level_field = (CDPickListFormField)modifyField("base_lvl");
-    List role_list;
+    List role_list = ops.getAllowedRoleList();
-    if (is_global_admin)
+    level_field.setChoicesList(role_list);
      role_list = level_field.getChoicesList();
    else
    { // not a global admin - deny user the right to select assistant admin choices
      role_list = Role.getBaseLevelChoices2();
      level_field.setChoicesList(role_list);
    } // end else
    // See if this level was found on the list.
    Role my_role = admuser.getBaseRole();
    boolean found = false;
    Iterator it = role_list.iterator();
    while (it.hasNext())
    { // seek each role in turn
      Role r = (Role)(it.next());
-      if (r.getLevel()==admuser.getBaseLevel())
+      if (r.equals(my_role))
      { // found it!
 	found = true;
 	break;
@ -124,7 +118,7 @@ public class AdminModifyUserDialog extends ContentDialog
    if (!found)
    { // not in the list - set the defined "role list" to be a singleton of our current level
-      role_list = Collections.singletonList(Role.getRoleForLevel(admuser.getBaseLevel()));
+      role_list = Collections.singletonList(my_role);
      level_field.setChoicesList(role_list);
    } // end if
@ -172,9 +166,9 @@ public class AdminModifyUserDialog extends ContentDialog
   *--------------------------------------------------------------------------------
   */
-  public void setupDialog(boolean is_global_admin, AdminUserContext admuser) throws DataException
+  public void setupDialog(AdminOperations ops, AdminUserContext admuser) throws DataException
  {
-    coreSetup(is_global_admin,admuser);
+    coreSetup(ops,admuser);
    setFieldValue("base_lvl",String.valueOf(admuser.getBaseLevel()));
    if (admuser.isEmailVerified())
@ -281,9 +275,9 @@ public class AdminModifyUserDialog extends ContentDialog
  } // end doDialog
-  public void resetOnError(boolean is_global_admin, AdminUserContext admuser, String message)
+  public void resetOnError(AdminOperations ops, AdminUserContext admuser, String message)
  {
-    coreSetup(is_global_admin,admuser);
+    coreSetup(ops,admuser);
    setErrorMessage(message);
    setFieldValue("pass1",null);
    setFieldValue("pass2",null);
--- a/src/com/silverwrist/venice/servlets/format/CommunityMembership.java
+++ b/src/com/silverwrist/venice/servlets/format/CommunityMembership.java
@ -62,8 +62,9 @@ public class CommunityMembership implements JSPRender, SearchMode
  {
    this.engine = engine;
    this.comm = comm;
-    this.role_choices = Role.getCommunityMemberLevelChoices();
+    SecurityInfo sinf = comm.getSecurityInfo();
-    this.role_comm_host = Role.getCommunityHostRole();
+    this.role_choices = sinf.getRoleList("Community.UserLevels");
    this.role_comm_host = sinf.getRole("Community.Host");
  } // end constructor
--- a/src/com/silverwrist/venice/servlets/format/EditCommunityProfileDialog.java
+++ b/src/com/silverwrist/venice/servlets/format/EditCommunityProfileDialog.java
@ -101,7 +101,7 @@ public class EditCommunityProfileDialog extends ContentDialog
   *--------------------------------------------------------------------------------
   */
-  public EditCommunityProfileDialog()
+  public EditCommunityProfileDialog(SecurityInfo sinf)
  {
    super("Edit Community Profile:",null,"commprofform","sigadmin");
    setHiddenField("cmd","P");
@ -145,15 +145,15 @@ public class EditCommunityProfileDialog extends ContentDialog
 					 null,YES));
    addFormField(new CDSimplePickListFormField("hidemode","Community visibility",null,true,vec_hidemode,'|'));
    addFormField(new CDRoleListFormField("read_lvl","Security level required to read contents",null,true,
-					 Role.getCommunityReadList()));
+					 sinf.getRoleList("Community.Read")));
    addFormField(new CDRoleListFormField("write_lvl","Security level required to update profile",null,true,
-					 Role.getCommunityWriteList()));
+					 sinf.getRoleList("Community.Write")));
    addFormField(new CDRoleListFormField("create_lvl","Security level required to create new subobjects",
-					 null,true,Role.getCommunityCreateList()));
+					 null,true,sinf.getRoleList("Community.Create")));
    addFormField(new CDRoleListFormField("delete_lvl","Security level required to delete community",null,true,
-					 Role.getCommunityDeleteList()));
+					 sinf.getRoleList("Community.Delete")));
    addFormField(new CDRoleListFormField("join_lvl","Security level required to join community",null,true,
-					 Role.getCommunityJoinList()));
+					 sinf.getRoleList("Community.Join")));
    addFormField(new CDFormCategoryHeader("Conferencing Options"));
    addFormField(new CDCheckBoxFormField("pic_in_post","Display user pictures next to posts in conferences",
--- a/src/com/silverwrist/venice/servlets/format/EditGlobalPropertiesDialog.java
+++ b/src/com/silverwrist/venice/servlets/format/EditGlobalPropertiesDialog.java
@ -31,7 +31,7 @@ public class EditGlobalPropertiesDialog extends ContentDialog
   *--------------------------------------------------------------------------------
   */
-  public EditGlobalPropertiesDialog()
+  public EditGlobalPropertiesDialog(SecurityInfo sinf)
  {
    super("Edit Global Properties",null,"globpropform","sysadmin");
    setHiddenField("cmd","G");
@ -44,7 +44,7 @@ public class EditGlobalPropertiesDialog extends ContentDialog
    addFormField(new CDIntegerFormField("audit_recs","Number of audit records to display per page",
 					null,10,500));
    addFormField(new CDRoleListFormField("create_lvl","Security level required to create a new community",
-					 null,true,Role.getNewCommunityLevelChoices()));
+					 null,true,sinf.getRoleList("Global.CreateCommunity")));
    addFormField(new CDFormCategoryHeader("Community Properties"));
    addFormField(new CDIntegerFormField("comm_mbrs","Number of community members to display per page",