amy/venice-main-classic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

completed the transition to the new security architecture - the old stuff

Browse Source 
has now been removed completely; the VeniceEngine is managing the conference
level SecurityMonitor for now
This commit is contained in:
Eric J. Bowersox 2001-11-18 22:14:12 +00:00
parent 5f966a6450
commit 9854ba1f76
21 changed files with 275 additions and 438 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
etc/venice-config.xml
View File

@ -183,6 +183,107 @@
<permission id="ShowHiddenObjects" role="Community.AnyAdmin"/>
</permissions>
</security-definition>
<security-definition id="Conference" parent="Community"> <!-- will move eventually -->
<defined-roles>
<role id="Member" value="L+500">Conference Member</role>
<role id="AnyAdmin" value="HMIN">Any Conference Administrator</role>
<role id="Host" value="H+1500">Conference Host</role>
</defined-roles>
<defined-lists>
<list id="Read">
<permission/>
<element role="Global.Anonymous"/>
<element role="Global.Unverified"/>
<element role="Global.Normal"/>
<element role="Community.Member"/>
<element role="Conference.Member"/>
<element role="UnrestrictedUser"/>
</list>
<list id="Post">
<permission/>
<element role="Global.Anonymous"/>
<element role="Global.Unverified"/>
<element role="Global.Normal"/>
<element role="Community.Member"/>
<element role="Conference.Member"/>
<element role="UnrestrictedUser"/>
<element role="Conference.AnyAdmin"/>
<element role="Conference.Host"/>
</list>
<list id="Create">
<permission/>
<element role="Global.Anonymous"/>
<element role="Global.Unverified"/>
<element role="Global.Normal"/>
<element role="Community.Member"/>
<element role="Conference.Member"/>
<element role="UnrestrictedUser"/>
<element role="Conference.AnyAdmin"/>
<element role="Conference.Host"/>
</list>
<list id="Hide">
<permission/>
<element role="Conference.AnyAdmin"/>
<element role="Conference.Host" default="true"/>
<element role="Community.AnyAdmin"/>
<element role="Community.Cohost"/>
<element role="Community.Host"/>
<element role="Global.AnyAdmin"/>
</list>
<list id="Nuke">
<permission/>
<element role="Conference.AnyAdmin"/>
<element role="Conference.Host" default="true"/>
<element role="Community.AnyAdmin"/>
<element role="Community.Cohost"/>
<element role="Community.Host"/>
<element role="Global.AnyAdmin"/>
</list>
<list id="Change">
<permission/>
<element role="Conference.AnyAdmin"/>
<element role="Conference.Host" default="true"/>
<element role="Community.AnyAdmin"/>
<element role="Community.Cohost"/>
<element role="Community.Host"/>
<element role="Global.AnyAdmin"/>
</list>
<list id="Delete">
<permission/>
<element role="Community.AnyAdmin"/>
<element role="Community.Cohost" default="true"/>
<element role="Community.Host"/>
<element role="Global.AnyAdmin"/>
<element role="Global.PFY"/>
<element role="Global.BOFH"/>
<element role="NoAccess"/>
</list>
<list id="UserLevels">
<element role="NotInList"/>
<element role="Global.Anonymous"/>
<element role="Global.Unverified"/>
<element role="Global.Normal"/>
<element role="Community.Member"/>
<element role="Conference.Member"/>
<element role="UnrestrictedUser"/>
<element role="Conference.Host"/>
</list>
</defined-lists>
<defaults>
<default id="HostPrivs" role="Community.AnyAdmin"/>
<default id="NewUser" role="Conference.Member"/>
<default id="NewHost" role="Conference.Host"/>
<default id="Creator" role="Conference.Host"/>
<default id="Read.Public" role="Community.Member"/>
<default id="Read.Private" role="Conference.Member"/>
<default id="Post.Public" role="Community.Member"/>
<default id="Post.Private" role="Conference.Member"/>
<default id="Create.Public" role="Community.Member"/>
<default id="Create.Private" role="Conference.Member"/>
</defaults>
<permissions>
</permissions>
</security-definition>
</security>
<!-- This section is used to configure electronic mail services. -->

2
src/com/silverwrist/venice/core/AdminOperations.java
View File

@ -23,8 +23,6 @@ public interface AdminOperations
{
public abstract SecurityInfo getSecurityInfo();
public abstract boolean isGlobalAdmin();
public abstract List getAllowedRoleList();
public abstract List getAuditRecords(int offset, int count) throws DataException;

2
src/com/silverwrist/venice/core/ConferenceContext.java
View File

@ -161,4 +161,6 @@ public interface ConferenceContext
public abstract void setProperties(ConferenceProperties props) throws DataException, AccessError;
public abstract SecurityInfo getSecurityInfo();
} // end interface ConferenceContext

2
src/com/silverwrist/venice/core/GlobalProperties.java
View File

@ -48,7 +48,7 @@ public final class GlobalProperties
conference_members_per_page = 50;
posts_on_front_page = 10;
audit_records_per_page = 100;
community_create_level = com.silverwrist.venice.security.SecLevels.GLOBAL_NORMAL;
community_create_level = 1000; // this is actually the "normal user" security level
display_post_pictures = false;
} // end constructor

7
src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java
View File

@ -24,7 +24,6 @@ import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.db.*;
import com.silverwrist.venice.security.AuditRecord;
import com.silverwrist.venice.security.SecLevels;
class AdminOperationsImpl implements AdminOperations
{
@ -64,12 +63,6 @@ class AdminOperationsImpl implements AdminOperations
} // end getSecurityInfo
public boolean isGlobalAdmin()
{
return (env.getUser().realBaseLevel()==SecLevels.GLOBAL_BOFH);
} // end isGlobalAdmin
public List getAllowedRoleList()
{
if (env.testPermission(EnvUser.PERM_DESIGNATEPFY))

4
src/com/silverwrist/venice/core/impl/CommunityCoreData.java
View File

@ -27,7 +27,6 @@ import com.silverwrist.venice.db.*;
import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.security.AuditRecord;
import com.silverwrist.venice.security.DefaultLevels;
class CommunityCoreData implements CommunityData, CommunityDataBackend
{
@ -1493,7 +1492,8 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
host_uid);
ConferenceData cdata = rcs.getConference();
if (outer.getUserID()!=host_uid) // make the creating user a conference host too
cdata.setMembership(outer,outer.getUserID(),DefaultLevels.hostConference());
cdata.setMembership(outer,outer.getUserID(),
outer.getConferenceDefaultRole("Conference.Creator").getLevel());
// Wrap the returned ConferenceData object in a ConferenceCommunityContextImpl object.
ConferenceCommunityContextImpl conf =

1
src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java
View File

@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.db.*;
import com.silverwrist.venice.security.AuditRecord;
import com.silverwrist.venice.security.DefaultLevels;
import com.silverwrist.venice.security.Role;
class CommunityUserContextImpl implements CommunityContext, CommunityBackend

59
src/com/silverwrist/venice/core/impl/ConferenceCoreData.java
View File

@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.db.*;
import com.silverwrist.venice.security.AuditRecord;
import com.silverwrist.venice.security.DefaultLevels;
class ConferenceCoreData implements ConferenceData
{
@ -113,7 +112,7 @@ class ConferenceCoreData implements ConferenceData
} // end constructor
protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, boolean pvt,
protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, int[] levels,
String name, String descr)
{
if (logger.isDebugEnabled())
@ -122,13 +121,13 @@ class ConferenceCoreData implements ConferenceData
this.confid = confid;
this.create_date = created;
this.last_update = null;
this.read_level = DefaultLevels.newConferenceRead(pvt);
this.post_level = DefaultLevels.newConferencePost(pvt);
this.create_level = DefaultLevels.newConferenceCreate(pvt);
this.hide_level = DefaultLevels.newConferenceHide();
this.nuke_level = DefaultLevels.newConferenceNuke();
this.change_level = DefaultLevels.newConferenceChange();
this.delete_level = DefaultLevels.newConferenceDelete();
this.read_level = levels[0];
this.post_level = levels[1];
this.create_level = levels[2];
this.hide_level = levels[3];
this.nuke_level = levels[4];
this.change_level = levels[5];
this.delete_level = levels[6];
this.top_topic = 0;
this.name = name;
this.description = descr;
@ -361,8 +360,8 @@ class ConferenceCoreData implements ConferenceData
new StringBuffer("SELECT u.uid, u.username, u.description, c.given_name, c.family_name, "
+ "c.locality, c.region, c.country FROM users u, contacts c, confmember m "
+ "WHERE u.contactid = c.contactid AND u.uid = m.uid AND m.confid = ");
sql.append(confid).append(" AND m.granted_lvl >= ").append(DefaultLevels.hostPrivsConference());
sql.append(" ORDER BY u.username;");
sql.append(confid).append(" AND m.granted_lvl >= ");
sql.append(env.getDefaultRole("Conference.HostPrivs").getLevel()).append(" ORDER BY u.username;");
// execute the query
ResultSet rs = stmt.executeQuery(sql.toString());
@ -1399,13 +1398,32 @@ class ConferenceCoreData implements ConferenceData
sql.append("INSERT INTO confs (createdate, read_lvl, post_lvl, create_lvl, hide_lvl, nuke_lvl, "
+ "change_lvl, delete_lvl, name, descr) VALUES ('");
created = new java.util.Date();
sql.append(SQLUtil.encodeDate(created)).append("', ").append(DefaultLevels.newConferenceRead(pvt));
sql.append(", ").append(DefaultLevels.newConferencePost(pvt)).append(", ");
sql.append(DefaultLevels.newConferenceCreate(pvt)).append(", ");
sql.append(DefaultLevels.newConferenceHide()).append(", ").append(DefaultLevels.newConferenceNuke());
sql.append(", ").append(DefaultLevels.newConferenceChange()).append(", ");
sql.append(DefaultLevels.newConferenceDelete()).append(", '").append(SQLUtil.encodeString(name));
sql.append("', '").append(SQLUtil.encodeString(description)).append("');");
int levels[] = new int[7];
if (pvt)
{ // load levels for private conference
levels[0] = outer.getConferenceDefaultRole("Conference.Read.Private").getLevel();
levels[1] = outer.getConferenceDefaultRole("Conference.Post.Private").getLevel();
levels[2] = outer.getConferenceDefaultRole("Conference.Create.Private").getLevel();
} // end if
else
{ // load levels for public conference
levels[0] = outer.getConferenceDefaultRole("Conference.Read.Public").getLevel();
levels[1] = outer.getConferenceDefaultRole("Conference.Post.Public").getLevel();
levels[2] = outer.getConferenceDefaultRole("Conference.Create.Public").getLevel();
} // end else
levels[3] = outer.getConferenceDefaultRole("Conference.Hide").getLevel();
levels[4] = outer.getConferenceDefaultRole("Conference.Nuke").getLevel();
levels[5] = outer.getConferenceDefaultRole("Conference.Change").getLevel();
levels[6] = outer.getConferenceDefaultRole("Conference.Delete").getLevel();
sql.append(SQLUtil.encodeDate(created)).append("', ").append(levels[0]).append(", ");
sql.append(levels[1]).append(", ").append(levels[2]).append(", ").append(levels[3]).append(", ");
sql.append(levels[4]).append(", ").append(levels[5]).append(", ").append(levels[6]);
sql.append(", '").append(SQLUtil.encodeString(name)).append("', '");
sql.append(SQLUtil.encodeString(description)).append("');");
if (logger.isDebugEnabled())
logger.debug("SQL: " + sql.toString());
stmt.executeUpdate(sql.toString());
@ -1436,14 +1454,15 @@ class ConferenceCoreData implements ConferenceData
// Make the specified UID the host of this new conference.
sql.setLength(0);
sql.append("INSERT INTO confmember (confid, uid, granted_lvl) VALUES (").append(new_confid);
sql.append(", ").append(host_uid).append(", ").append(DefaultLevels.hostConference()).append(");");
sql.append(", ").append(host_uid).append(", ");
sql.append(outer.getConferenceDefaultRole("Conference.NewHost").getLevel()).append(");");
if (logger.isDebugEnabled())
logger.debug("SQL: " + sql.toString());
stmt.executeUpdate(sql.toString());
// Create a new ConferenceCoreData object representing this conference and register it with the
// engine's conference data object cache.
conf = new ConferenceCoreData(env,new_confid,created,pvt,name,description);
conf = new ConferenceCoreData(env,new_confid,created,levels,name,description);
conf.newProperties(conn);
} // end try

28
src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java
View File

@ -24,7 +24,7 @@ import com.silverwrist.venice.core.*;
import com.silverwrist.venice.core.internals.*;
import com.silverwrist.venice.db.*;
import com.silverwrist.venice.htmlcheck.*;
import com.silverwrist.venice.security.DefaultLevels;
import com.silverwrist.venice.security.Role;
class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
{
@ -155,7 +155,7 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
*--------------------------------------------------------------------------------
*/
private static Category logger = Category.getInstance(ConferenceUserContextImpl.class.getName());
private static Category logger = Category.getInstance(ConferenceUserContextImpl.class);
/*--------------------------------------------------------------------------------
* Attributes
@ -192,11 +192,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
ConferenceUserContextImpl(EnvCommunity env, ConferenceCommunityContext cdata) throws DataException
{
this.env = new EnvConference(env,this);
EnvConference new_env = new EnvConference(env,this);
this.env = new_env;
this.confid = cdata.getConfID();
this.cache = null;
this.confdata = cdata;
recalcLevel(DefaultLevels.hostConference());
recalcLevel(new_env.getDefaultRole("Conference.Creator").getLevel());
this.pseud = env.getUser().userDefaultPseud();
this.last_read = null;
this.last_post = null;
@ -647,7 +648,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
public void addMember(int uid, boolean as_host) throws DataException, AccessError
{
setMembership(uid,(as_host ? DefaultLevels.hostConference() : DefaultLevels.memberConference()));
Role r;
if (as_host)
r = env.getDefaultRole("Conference.NewHost");
else
r = env.getDefaultRole("Conference.NewUser");
setMembership(uid,r.getLevel());
} // end addMember
@ -1449,6 +1455,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
} // end setProperties
public SecurityInfo getSecurityInfo()
{
return env.getSecurityInfo();
} // end getSecurityInfo
/*--------------------------------------------------------------------------------
* Implementations from interface ConferenceBackend
*--------------------------------------------------------------------------------
@ -1593,6 +1605,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
} // end createDecoderContext
public int env_getConfLevel()
{
return level;
} // end env_getConfLevel
/*--------------------------------------------------------------------------------
* Static functions usable only from within the package
*--------------------------------------------------------------------------------

5
src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java
View File

@ -410,6 +410,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
private OptionSet global_flags = new OptionSet(); // global option flags
private SecurityMonitor global_security; // the global security monitor
private SecurityMonitor community_security; // the community security monitor
private SecurityMonitor conference_security; // conference security monitor (will move eventually)
/*--------------------------------------------------------------------------------
* Constructor
@ -752,6 +753,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
global_security = sm;
else if (sm.getID().equals("Community"))
community_security = sm;
else if (sm.getID().equals("Conference"))
conference_security = sm;
} // end if
@ -2267,6 +2270,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
return global_security;
if (selector==SM_COMMUNITY)
return community_security;
if (selector==SM_CONFERENCE)
return conference_security;
return null;
} // end env_getSecurityMonitor

2
src/com/silverwrist/venice/core/internals/ConferenceBackend.java
View File

@ -47,4 +47,6 @@ public interface ConferenceBackend
public abstract PostLinkDecoderContext createDecoderContext(short topicid);
public abstract int env_getConfLevel();
} // end interface ConferenceBackend

1
src/com/silverwrist/venice/core/internals/EngineBackend.java
View File

@ -57,6 +57,7 @@ public interface EngineBackend
// Selectors for security monitors
public static final int SM_GLOBAL = 0;
public static final int SM_COMMUNITY = 1;
public static final int SM_CONFERENCE = 2;
public abstract VeniceEngine getSelf();

6
src/com/silverwrist/venice/core/internals/EnvCommunity.java
View File

@ -169,4 +169,10 @@ public class EnvCommunity extends EnvUser
} // end isLevelAdmin
public final Role getConferenceDefaultRole(String symbol)
{
return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE).getDefaultRole(symbol);
} // end getCommunityDefaultRole
} // end class EnvCommunity

44
src/com/silverwrist/venice/core/internals/EnvConference.java
View File

@ -17,8 +17,16 @@
*/
package com.silverwrist.venice.core.internals;
import com.silverwrist.venice.core.AccessError;
import com.silverwrist.venice.security.SecurityMonitor;
public class EnvConference extends EnvCommunity
{
/*--------------------------------------------------------------------------------
* Static data members
*--------------------------------------------------------------------------------
*/
/*--------------------------------------------------------------------------------
* Attributes
*--------------------------------------------------------------------------------
@ -45,6 +53,42 @@ public class EnvConference extends EnvCommunity
} // end constructor
/*--------------------------------------------------------------------------------
* Overrides from class EnvEngine
*--------------------------------------------------------------------------------
*/
protected SecurityMonitor getStaticMonitor()
{
return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE);
} // end getStaticMonitor
/*--------------------------------------------------------------------------------
* Overrides from class EnvCommunity
*--------------------------------------------------------------------------------
*/
public boolean testPermission(String symbol, String errormsg) throws AccessError
{
SecurityMonitor sm = getStaticMonitor();
// TODO: test dynamic permissions
if (sm.testPermission(symbol,conf.env_getConfLevel(),errormsg))
return true;
return super.testPermission(symbol,errormsg);
} // end testPermission
public boolean testPermission(String symbol)
{
SecurityMonitor sm = getStaticMonitor();
// TODO: test dynamic permissions
if (sm.testPermission(symbol,conf.env_getConfLevel()))
return true;
return super.testPermission(symbol);
} // end testPermission
/*--------------------------------------------------------------------------------
* External operations
*--------------------------------------------------------------------------------

31
src/com/silverwrist/venice/core/internals/EnvConferenceData.java
View File

@ -17,6 +17,9 @@
*/
package com.silverwrist.venice.core.internals;
import com.silverwrist.venice.core.AccessError;
import com.silverwrist.venice.security.SecurityMonitor;
public class EnvConferenceData extends EnvEngine
{
/*--------------------------------------------------------------------------------
@ -36,4 +39,32 @@ public class EnvConferenceData extends EnvEngine
} // end constructor
/*--------------------------------------------------------------------------------
* Overrides from class EnvEngine
*--------------------------------------------------------------------------------
*/
protected SecurityMonitor getStaticMonitor()
{
return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE);
} // end getStaticMonitor
/*--------------------------------------------------------------------------------
* External operations
*--------------------------------------------------------------------------------
*/
public final boolean testPermission(String symbol, int level, String errormsg) throws AccessError
{
return getStaticMonitor().testPermission(symbol,level,errormsg);
} // end testPermission
public final boolean testPermission(String symbol, int level)
{
return getStaticMonitor().testPermission(symbol,level);
} // end testPermission
} // end class EnvConferenceData

82
src/com/silverwrist/venice/security/DefaultLevels.java
View File

@ -1,82 +0,0 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Communities System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public class DefaultLevels implements SecLevels
{
public static int hostPrivsConference()
{
return CONFERENCE_ANYADMIN;
} // end hostPrivsConference
public static int memberConference()
{
return CONFERENCE_MEMBER;
} // end memberConference
public static int hostConference()
{
return CONFERENCE_HOST;
} // end hostConference
public static int newConferenceRead(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
} // end newConferenceRead
public static int newConferencePost(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
} // end newConferencePost
public static int newConferenceCreate(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
} // end newConferencePost
public static int newConferenceHide()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceNuke()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceChange()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceDelete()
{
return COMM_COHOST;
} // end newConferenceHide
} // end class DefaultLevels

212
src/com/silverwrist/venice/security/Role.java
View File

@ -19,39 +19,16 @@ package com.silverwrist.venice.security;
import java.util.*;
public final class Role implements Comparable, Cloneable, SecLevels
public final class Role implements Comparable, Cloneable
{
/*--------------------------------------------------------------------------------
* Static data members
*--------------------------------------------------------------------------------
*/
private static Role not_in_list;
private static Role no_access;
private static Role unrestricted_user;
private static Role global_admin;
private static Role comm_host;
private static ArrayList global_low;
private static ArrayList global_high;
private static ArrayList comm_low;
private static ArrayList comm_high;
private static ArrayList conf_low;
private static ArrayList conf_high;
private static List confreadlist_rc = null;
private static List confpostlist_rc = null;
private static List confhidelist_rc = null;
private static List confdeletelist_rc = null;
private static List conf_member_levels = null;
/*--------------------------------------------------------------------------------
* Attributes
*--------------------------------------------------------------------------------
*/
private int level;
private String name;
private String symbol;
private int level; // access level in this role
private String name; // human-readable name
private String symbol; // programmatic symbol
/*--------------------------------------------------------------------------------
* Constructors
@ -162,189 +139,10 @@ public final class Role implements Comparable, Cloneable, SecLevels
*--------------------------------------------------------------------------------
*/
public static final Role create(int level, String name, String symbol)
static final Role create(int level, String name, String symbol)
{
return new Role(level,name,symbol);
} // end create
/*--------------------------------------------------------------------------------
* External static operations which generate lists of roles
*--------------------------------------------------------------------------------
*/
public static List getConferenceReadList()
{
if (confreadlist_rc==null)
{ // precalculate the conference read list
ArrayList rc = new ArrayList();
rc.addAll(global_low);
rc.addAll(comm_low);
rc.addAll(conf_low);
rc.add(unrestricted_user);
rc.trimToSize();
confreadlist_rc = Collections.unmodifiableList(rc);
} // end if
return confreadlist_rc;
} // end getConferenceReadList
public static List getConferencePostList()
{
if (confpostlist_rc==null)
{ // precalculate the post list
ArrayList rc = new ArrayList();
rc.addAll(global_low);
rc.addAll(comm_low);
rc.addAll(conf_low);
rc.add(unrestricted_user);
rc.addAll(conf_high);
rc.trimToSize();
confpostlist_rc = Collections.unmodifiableList(rc);
} // end if
return confpostlist_rc;
} // return getConferencePostList
public static List getConferenceCreateList()
{
return getConferencePostList();
} // end getConferenceChangeList
public static List getConferenceHideList()
{
if (confhidelist_rc==null)
{ // precalculate the hide list
ArrayList rc = new ArrayList();
rc.addAll(conf_high);
rc.addAll(comm_high);
rc.add(global_high.get(0));
rc.trimToSize();
confhidelist_rc = Collections.unmodifiableList(rc);
} // end if
return confhidelist_rc;
} // end getConferenceHideList
public static List getConferenceNukeList()
{
return getConferenceHideList();
} // end getConferenceNukeList
public static List getConferenceChangeList()
{
return getConferenceHideList();
} // end getConferenceChangeList
public static List getConferenceDeleteList()
{
if (confdeletelist_rc==null)
{ // precalculate the delete list
ArrayList rc = new ArrayList();
rc.addAll(comm_high);
rc.addAll(global_high);
rc.add(no_access);
rc.trimToSize();
confdeletelist_rc = Collections.unmodifiableList(rc);
} // end if
return confdeletelist_rc;
} // end getConferenceDeleteList
public static List getConferenceMemberLevelChoices()
{
if (conf_member_levels==null)
{ // precalculate the list
ArrayList rc = new ArrayList();
rc.add(not_in_list);
rc.addAll(global_low);
rc.addAll(comm_low);
rc.addAll(conf_low);
rc.add(unrestricted_user);
rc.add(conf_high.get(conf_high.size()-1));
rc.trimToSize();
conf_member_levels = Collections.unmodifiableList(rc);
} // end if
return conf_member_levels;
} // end getConferenceMemberLevelChoices
/*--------------------------------------------------------------------------------
* Static initializer
*--------------------------------------------------------------------------------
*/
static
{ // begin initializing the "all roles" map
not_in_list = new Role(0,"(not in list)");
no_access = new Role(NO_ACCESS,"No Access");
unrestricted_user = new Role(UNRESTRICTED_USER,"'Unrestricted' User");
Role tmp;
// initialize the "global lowband" vector
global_low = new ArrayList(3);
tmp = new Role(GLOBAL_ANONYMOUS,"Anonymous User");
global_low.add(tmp);
tmp = new Role(GLOBAL_UNVERIFIED,"Unauthenticated User");
global_low.add(tmp);
tmp = new Role(GLOBAL_NORMAL,"Normal User");
global_low.add(tmp);
global_low.trimToSize();
// initialize the "global highband" vector
global_high = new ArrayList(3);
tmp = new Role(GLOBAL_ANYADMIN,"Any System Administrator");
global_high.add(tmp);
tmp = new Role(GLOBAL_PFY,"System Assistant Administrator");
global_high.add(tmp);
global_admin = new Role(GLOBAL_BOFH,"Global System Administrator");
global_high.add(global_admin);
global_high.trimToSize();
// initialize the "community lowband" vector
comm_low = new ArrayList(1);
tmp = new Role(COMM_MEMBER,"Community Member");
comm_low.add(tmp);
comm_low.trimToSize();
// initialize the "communtiy highband" vector
comm_high = new ArrayList(3);
tmp = new Role(COMM_ANYADMIN,"Any Community Administrator");
comm_high.add(tmp);
tmp = new Role(COMM_COHOST,"Community Co-Host");
comm_high.add(tmp);
comm_host = new Role(COMM_HOST,"Community Host");
comm_high.add(comm_host);
comm_high.trimToSize();
// initialize the "conference lowband" vector
conf_low = new ArrayList(1);
tmp = new Role(CONFERENCE_MEMBER,"Conference Member");
conf_low.add(tmp);
conf_low.trimToSize();
// initialize the "conference highband" vector
conf_high = new ArrayList(2);
tmp = new Role(CONFERENCE_ANYADMIN,"Any Conference Administrator");
conf_high.add(tmp);
tmp = new Role(CONFERENCE_HOST,"Conference Host");
conf_high.add(tmp);
conf_high.trimToSize();
} // end static initializer
} // end class Role

98
src/com/silverwrist/venice/security/SecLevels.java
View File

@ -1,98 +0,0 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public interface SecLevels
{
/**
* Indicates "no access" (not even to the global system administrator). Used as the
* "delete" level for the Administration Community, so it can't be accidentally deleted.
*/
public static final int NO_ACCESS = 65500;
/**
* Indicates a user with unrestricted access to all objects, but no admin privilege.
* (Above the "low bands" of all scopes, but below the "high bands" of any of them.)
*/
public static final int UNRESTRICTED_USER = 32500;
/**
* Indicates a user that has not logged in ("Anonymous Honyak"). Can be used as a
* permission level for communities and conferences to permit public reading and/or anonymous
* posting.
*/
public static final int GLOBAL_ANONYMOUS = 100;
/**
* Indicates a user that has been registered, but has not yet had their email address
* verified.
*/
public static final int GLOBAL_UNVERIFIED = 500;
/**
* Indicates a user that has registered and been verified. Can be used as a permission
* level for communities and conferences to permit reading and/or posting by nonmembers.
*/
public static final int GLOBAL_NORMAL = 1000;
/**
* The security level of the global system administrator ("Administrator" account, sometimes
* known as the "BOFH" (Bastard Operator From Hell) account).
*/
public static final int GLOBAL_BOFH = 64999;
/**
* A security level for "assistant admin" accounts (sometimes known as "PFY" (Pimply-
* Faced Youth) accounts).
*/
public static final int GLOBAL_PFY = 64000;
/**
* A security level used to indicate any account with global admin privileges. Used
* to control access to the Administration community.
*/
public static final int GLOBAL_ANYADMIN = 63000;
/**
* The security level assigned to members of a community within that community.
*/
public static final int COMM_MEMBER = 6500;
/**
* The security level assigned to cohosts of a community within that community.
*/
public static final int COMM_COHOST = 58000;
/**
* The security level assigned to hosts of a community within that community.
*/
public static final int COMM_HOST = 58500;
/**
* A security level used to indicate any account with admin privileges over a specific community.
*/
public static final int COMM_ANYADMIN = 57000;
/**
* The maximum level in the "high band" of the community scope; used to test if a user already has
* maximum privs within the community (because of being an admin at global scope, perhaps).
*/
public static final int COMM_MAXADMIN = 58999;
/**
* The security level assigned to members of a (private) conference within that conference.
*/
public static final int CONFERENCE_MEMBER = 12500;
/**
* The security level assigned to hosts of a conference within that conference.
*/
public static final int CONFERENCE_HOST = 52500;
/**
* A security level used to indicate any account with admin privileges over a specific
* conference.
*/
public static final int CONFERENCE_ANYADMIN = 51000;
} // end interface SecLevels

8
src/com/silverwrist/venice/servlets/ConfOperations.java
View File

@ -61,14 +61,14 @@ public class ConfOperations extends VeniceServlet
} // end makeCreateConferenceDialog
private EditConferenceDialog makeEditConferenceDialog() throws ServletException
private EditConferenceDialog makeEditConferenceDialog(SecurityInfo sinf) throws ServletException
{
final String desired_name = "EditConferenceDialog";
DialogCache cache = DialogCache.getDialogCache(getServletContext());
if (!(cache.isCached(desired_name)))
{ // create a template and save it off
EditConferenceDialog template = new EditConferenceDialog();
EditConferenceDialog template = new EditConferenceDialog(sinf);
cache.saveTemplate(template);
} // end if
@ -416,7 +416,7 @@ public class ConfOperations extends VeniceServlet
on_error);
// create and return the Edit Conference dialog
EditConferenceDialog dlg = makeEditConferenceDialog();
EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo());
try
{ // set up and return the dialog
dlg.setupDialog(comm,conf);
@ -825,7 +825,7 @@ public class ConfOperations extends VeniceServlet
on_error);
// create the dialog class
EditConferenceDialog dlg = makeEditConferenceDialog();
EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo());
if (dlg.isButtonClicked(request,"cancel"))
throw new RedirectResult(on_error); // they chickened out - go back to the conference list

2
src/com/silverwrist/venice/servlets/format/ConferenceMembership.java
View File

@ -63,7 +63,7 @@ public class ConferenceMembership implements JSPRender, SearchMode
this.engine = engine;
this.comm = comm;
this.conf = conf;
this.role_choices = Role.getConferenceMemberLevelChoices();
this.role_choices = conf.getSecurityInfo().getRoleList("Conference.UserLevels");
} // end constructor

16
src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java
View File

@ -37,7 +37,7 @@ public class EditConferenceDialog extends ContentDialog
*--------------------------------------------------------------------------------
*/
public EditConferenceDialog()
public EditConferenceDialog(SecurityInfo sinf)
{
super("Edit Conference:",null,"editconfform","confops");
setHiddenField("cmd","E");
@ -51,26 +51,26 @@ public class EditConferenceDialog extends ContentDialog
null,YES));
addFormField(new CDFormCategoryHeader("Security Information"));
addFormField(new CDRoleListFormField("read_lvl","Security level required to read conference",null,true,
Role.getConferenceReadList()));
sinf.getRoleList("Conference.Read")));
addFormField(new CDRoleListFormField("post_lvl","Security level required to post to conference",null,true,
Role.getConferencePostList()));
sinf.getRoleList("Conference.Post")));
addFormField(new CDRoleListFormField("create_lvl",
"Security level required to create new topics in conference",null,
true,Role.getConferenceCreateList()));
true,sinf.getRoleList("Conference.Create")));
addFormField(new CDRoleListFormField("hide_lvl",
"Security level required to archive or freeze topics",
"(or to hide posts of which you are not the owner)",true,
Role.getConferenceHideList()));
sinf.getRoleList("Conference.Hide")));
addFormField(new CDRoleListFormField("nuke_lvl",
"Security level required to delete topics or nuke posts",
"(or to scribble posts of which you are not the owner)",true,
Role.getConferenceNukeList()));
sinf.getRoleList("Conference.Nuke")));
addFormField(new CDRoleListFormField("change_lvl",
"Security level required to change conference attributes",null,true,
Role.getConferenceChangeList()));
sinf.getRoleList("Conference.Change")));
addFormField(new CDRoleListFormField("delete_lvl",
"Security level required to delete conference",null,true,
Role.getConferenceDeleteList()));
sinf.getRoleList("Conference.Delete")));
addFormField(new CDFormCategoryHeader("Conference Properties"));
addFormField(new CDCheckBoxFormField("pic_in_post","Display users' pictures next to their posts",
"(user can override)",YES));