From 9854ba1f765a434918246c5455b45c895eca1a51 Mon Sep 17 00:00:00 2001 From: "Eric J. Bowersox" Date: Sun, 18 Nov 2001 22:14:12 +0000 Subject: [PATCH] completed the transition to the new security architecture - the old stuff has now been removed completely; the VeniceEngine is managing the conference level SecurityMonitor for now --- etc/venice-config.xml | 101 +++++++++ .../venice/core/AdminOperations.java | 2 - .../venice/core/ConferenceContext.java | 2 + .../venice/core/GlobalProperties.java | 2 +- .../venice/core/impl/AdminOperationsImpl.java | 7 - .../venice/core/impl/CommunityCoreData.java | 4 +- .../core/impl/CommunityUserContextImpl.java | 1 - .../venice/core/impl/ConferenceCoreData.java | 59 +++-- .../core/impl/ConferenceUserContextImpl.java | 28 ++- .../venice/core/impl/VeniceEngineImpl.java | 5 + .../core/internals/ConferenceBackend.java | 2 + .../venice/core/internals/EngineBackend.java | 1 + .../venice/core/internals/EnvCommunity.java | 6 + .../venice/core/internals/EnvConference.java | 44 ++++ .../core/internals/EnvConferenceData.java | 31 +++ .../venice/security/DefaultLevels.java | 82 ------- src/com/silverwrist/venice/security/Role.java | 212 +----------------- .../venice/security/SecLevels.java | 98 -------- .../venice/servlets/ConfOperations.java | 8 +- .../servlets/format/ConferenceMembership.java | 2 +- .../servlets/format/EditConferenceDialog.java | 16 +- 21 files changed, 275 insertions(+), 438 deletions(-) delete mode 100644 src/com/silverwrist/venice/security/DefaultLevels.java delete mode 100644 src/com/silverwrist/venice/security/SecLevels.java diff --git a/etc/venice-config.xml b/etc/venice-config.xml index 5f2a819..92a23fd 100644 --- a/etc/venice-config.xml +++ b/etc/venice-config.xml @@ -183,6 +183,107 @@ + + + Conference Member + Any Conference Administrator + Conference Host + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/com/silverwrist/venice/core/AdminOperations.java b/src/com/silverwrist/venice/core/AdminOperations.java index 6bfb699..59982ea 100644 --- a/src/com/silverwrist/venice/core/AdminOperations.java +++ b/src/com/silverwrist/venice/core/AdminOperations.java @@ -23,8 +23,6 @@ public interface AdminOperations { public abstract SecurityInfo getSecurityInfo(); - public abstract boolean isGlobalAdmin(); - public abstract List getAllowedRoleList(); public abstract List getAuditRecords(int offset, int count) throws DataException; diff --git a/src/com/silverwrist/venice/core/ConferenceContext.java b/src/com/silverwrist/venice/core/ConferenceContext.java index d9a3390..0a7bc86 100644 --- a/src/com/silverwrist/venice/core/ConferenceContext.java +++ b/src/com/silverwrist/venice/core/ConferenceContext.java @@ -161,4 +161,6 @@ public interface ConferenceContext public abstract void setProperties(ConferenceProperties props) throws DataException, AccessError; + public abstract SecurityInfo getSecurityInfo(); + } // end interface ConferenceContext diff --git a/src/com/silverwrist/venice/core/GlobalProperties.java b/src/com/silverwrist/venice/core/GlobalProperties.java index fe0db42..fd02b7d 100644 --- a/src/com/silverwrist/venice/core/GlobalProperties.java +++ b/src/com/silverwrist/venice/core/GlobalProperties.java @@ -48,7 +48,7 @@ public final class GlobalProperties conference_members_per_page = 50; posts_on_front_page = 10; audit_records_per_page = 100; - community_create_level = com.silverwrist.venice.security.SecLevels.GLOBAL_NORMAL; + community_create_level = 1000; // this is actually the "normal user" security level display_post_pictures = false; } // end constructor diff --git a/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java b/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java index ba1ed52..1e0c379 100644 --- a/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java +++ b/src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java @@ -24,7 +24,6 @@ import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.db.*; import com.silverwrist.venice.security.AuditRecord; -import com.silverwrist.venice.security.SecLevels; class AdminOperationsImpl implements AdminOperations { @@ -64,12 +63,6 @@ class AdminOperationsImpl implements AdminOperations } // end getSecurityInfo - public boolean isGlobalAdmin() - { - return (env.getUser().realBaseLevel()==SecLevels.GLOBAL_BOFH); - - } // end isGlobalAdmin - public List getAllowedRoleList() { if (env.testPermission(EnvUser.PERM_DESIGNATEPFY)) diff --git a/src/com/silverwrist/venice/core/impl/CommunityCoreData.java b/src/com/silverwrist/venice/core/impl/CommunityCoreData.java index 3d0d267..49f979e 100644 --- a/src/com/silverwrist/venice/core/impl/CommunityCoreData.java +++ b/src/com/silverwrist/venice/core/impl/CommunityCoreData.java @@ -27,7 +27,6 @@ import com.silverwrist.venice.db.*; import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.security.AuditRecord; -import com.silverwrist.venice.security.DefaultLevels; class CommunityCoreData implements CommunityData, CommunityDataBackend { @@ -1493,7 +1492,8 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend host_uid); ConferenceData cdata = rcs.getConference(); if (outer.getUserID()!=host_uid) // make the creating user a conference host too - cdata.setMembership(outer,outer.getUserID(),DefaultLevels.hostConference()); + cdata.setMembership(outer,outer.getUserID(), + outer.getConferenceDefaultRole("Conference.Creator").getLevel()); // Wrap the returned ConferenceData object in a ConferenceCommunityContextImpl object. ConferenceCommunityContextImpl conf = diff --git a/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java b/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java index ce1f0c3..f0ca9f8 100644 --- a/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java +++ b/src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java @@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.db.*; import com.silverwrist.venice.security.AuditRecord; -import com.silverwrist.venice.security.DefaultLevels; import com.silverwrist.venice.security.Role; class CommunityUserContextImpl implements CommunityContext, CommunityBackend diff --git a/src/com/silverwrist/venice/core/impl/ConferenceCoreData.java b/src/com/silverwrist/venice/core/impl/ConferenceCoreData.java index c33c733..7a58ce1 100644 --- a/src/com/silverwrist/venice/core/impl/ConferenceCoreData.java +++ b/src/com/silverwrist/venice/core/impl/ConferenceCoreData.java @@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.db.*; import com.silverwrist.venice.security.AuditRecord; -import com.silverwrist.venice.security.DefaultLevels; class ConferenceCoreData implements ConferenceData { @@ -113,7 +112,7 @@ class ConferenceCoreData implements ConferenceData } // end constructor - protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, boolean pvt, + protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, int[] levels, String name, String descr) { if (logger.isDebugEnabled()) @@ -122,13 +121,13 @@ class ConferenceCoreData implements ConferenceData this.confid = confid; this.create_date = created; this.last_update = null; - this.read_level = DefaultLevels.newConferenceRead(pvt); - this.post_level = DefaultLevels.newConferencePost(pvt); - this.create_level = DefaultLevels.newConferenceCreate(pvt); - this.hide_level = DefaultLevels.newConferenceHide(); - this.nuke_level = DefaultLevels.newConferenceNuke(); - this.change_level = DefaultLevels.newConferenceChange(); - this.delete_level = DefaultLevels.newConferenceDelete(); + this.read_level = levels[0]; + this.post_level = levels[1]; + this.create_level = levels[2]; + this.hide_level = levels[3]; + this.nuke_level = levels[4]; + this.change_level = levels[5]; + this.delete_level = levels[6]; this.top_topic = 0; this.name = name; this.description = descr; @@ -361,8 +360,8 @@ class ConferenceCoreData implements ConferenceData new StringBuffer("SELECT u.uid, u.username, u.description, c.given_name, c.family_name, " + "c.locality, c.region, c.country FROM users u, contacts c, confmember m " + "WHERE u.contactid = c.contactid AND u.uid = m.uid AND m.confid = "); - sql.append(confid).append(" AND m.granted_lvl >= ").append(DefaultLevels.hostPrivsConference()); - sql.append(" ORDER BY u.username;"); + sql.append(confid).append(" AND m.granted_lvl >= "); + sql.append(env.getDefaultRole("Conference.HostPrivs").getLevel()).append(" ORDER BY u.username;"); // execute the query ResultSet rs = stmt.executeQuery(sql.toString()); @@ -1399,13 +1398,32 @@ class ConferenceCoreData implements ConferenceData sql.append("INSERT INTO confs (createdate, read_lvl, post_lvl, create_lvl, hide_lvl, nuke_lvl, " + "change_lvl, delete_lvl, name, descr) VALUES ('"); created = new java.util.Date(); - sql.append(SQLUtil.encodeDate(created)).append("', ").append(DefaultLevels.newConferenceRead(pvt)); - sql.append(", ").append(DefaultLevels.newConferencePost(pvt)).append(", "); - sql.append(DefaultLevels.newConferenceCreate(pvt)).append(", "); - sql.append(DefaultLevels.newConferenceHide()).append(", ").append(DefaultLevels.newConferenceNuke()); - sql.append(", ").append(DefaultLevels.newConferenceChange()).append(", "); - sql.append(DefaultLevels.newConferenceDelete()).append(", '").append(SQLUtil.encodeString(name)); - sql.append("', '").append(SQLUtil.encodeString(description)).append("');"); + int levels[] = new int[7]; + if (pvt) + { // load levels for private conference + levels[0] = outer.getConferenceDefaultRole("Conference.Read.Private").getLevel(); + levels[1] = outer.getConferenceDefaultRole("Conference.Post.Private").getLevel(); + levels[2] = outer.getConferenceDefaultRole("Conference.Create.Private").getLevel(); + + } // end if + else + { // load levels for public conference + levels[0] = outer.getConferenceDefaultRole("Conference.Read.Public").getLevel(); + levels[1] = outer.getConferenceDefaultRole("Conference.Post.Public").getLevel(); + levels[2] = outer.getConferenceDefaultRole("Conference.Create.Public").getLevel(); + + } // end else + + levels[3] = outer.getConferenceDefaultRole("Conference.Hide").getLevel(); + levels[4] = outer.getConferenceDefaultRole("Conference.Nuke").getLevel(); + levels[5] = outer.getConferenceDefaultRole("Conference.Change").getLevel(); + levels[6] = outer.getConferenceDefaultRole("Conference.Delete").getLevel(); + + sql.append(SQLUtil.encodeDate(created)).append("', ").append(levels[0]).append(", "); + sql.append(levels[1]).append(", ").append(levels[2]).append(", ").append(levels[3]).append(", "); + sql.append(levels[4]).append(", ").append(levels[5]).append(", ").append(levels[6]); + sql.append(", '").append(SQLUtil.encodeString(name)).append("', '"); + sql.append(SQLUtil.encodeString(description)).append("');"); if (logger.isDebugEnabled()) logger.debug("SQL: " + sql.toString()); stmt.executeUpdate(sql.toString()); @@ -1436,14 +1454,15 @@ class ConferenceCoreData implements ConferenceData // Make the specified UID the host of this new conference. sql.setLength(0); sql.append("INSERT INTO confmember (confid, uid, granted_lvl) VALUES (").append(new_confid); - sql.append(", ").append(host_uid).append(", ").append(DefaultLevels.hostConference()).append(");"); + sql.append(", ").append(host_uid).append(", "); + sql.append(outer.getConferenceDefaultRole("Conference.NewHost").getLevel()).append(");"); if (logger.isDebugEnabled()) logger.debug("SQL: " + sql.toString()); stmt.executeUpdate(sql.toString()); // Create a new ConferenceCoreData object representing this conference and register it with the // engine's conference data object cache. - conf = new ConferenceCoreData(env,new_confid,created,pvt,name,description); + conf = new ConferenceCoreData(env,new_confid,created,levels,name,description); conf.newProperties(conn); } // end try diff --git a/src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java b/src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java index cae68ee..48bdc4a 100644 --- a/src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java +++ b/src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java @@ -24,7 +24,7 @@ import com.silverwrist.venice.core.*; import com.silverwrist.venice.core.internals.*; import com.silverwrist.venice.db.*; import com.silverwrist.venice.htmlcheck.*; -import com.silverwrist.venice.security.DefaultLevels; +import com.silverwrist.venice.security.Role; class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend { @@ -155,7 +155,7 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend *-------------------------------------------------------------------------------- */ - private static Category logger = Category.getInstance(ConferenceUserContextImpl.class.getName()); + private static Category logger = Category.getInstance(ConferenceUserContextImpl.class); /*-------------------------------------------------------------------------------- * Attributes @@ -192,11 +192,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend ConferenceUserContextImpl(EnvCommunity env, ConferenceCommunityContext cdata) throws DataException { - this.env = new EnvConference(env,this); + EnvConference new_env = new EnvConference(env,this); + this.env = new_env; this.confid = cdata.getConfID(); this.cache = null; this.confdata = cdata; - recalcLevel(DefaultLevels.hostConference()); + recalcLevel(new_env.getDefaultRole("Conference.Creator").getLevel()); this.pseud = env.getUser().userDefaultPseud(); this.last_read = null; this.last_post = null; @@ -647,7 +648,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend public void addMember(int uid, boolean as_host) throws DataException, AccessError { - setMembership(uid,(as_host ? DefaultLevels.hostConference() : DefaultLevels.memberConference())); + Role r; + if (as_host) + r = env.getDefaultRole("Conference.NewHost"); + else + r = env.getDefaultRole("Conference.NewUser"); + setMembership(uid,r.getLevel()); } // end addMember @@ -1449,6 +1455,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend } // end setProperties + public SecurityInfo getSecurityInfo() + { + return env.getSecurityInfo(); + + } // end getSecurityInfo + /*-------------------------------------------------------------------------------- * Implementations from interface ConferenceBackend *-------------------------------------------------------------------------------- @@ -1593,6 +1605,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend } // end createDecoderContext + public int env_getConfLevel() + { + return level; + + } // end env_getConfLevel + /*-------------------------------------------------------------------------------- * Static functions usable only from within the package *-------------------------------------------------------------------------------- diff --git a/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java b/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java index eeb743e..db4ca6d 100644 --- a/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java +++ b/src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java @@ -410,6 +410,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend private OptionSet global_flags = new OptionSet(); // global option flags private SecurityMonitor global_security; // the global security monitor private SecurityMonitor community_security; // the community security monitor + private SecurityMonitor conference_security; // conference security monitor (will move eventually) /*-------------------------------------------------------------------------------- * Constructor @@ -752,6 +753,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend global_security = sm; else if (sm.getID().equals("Community")) community_security = sm; + else if (sm.getID().equals("Conference")) + conference_security = sm; } // end if @@ -2267,6 +2270,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend return global_security; if (selector==SM_COMMUNITY) return community_security; + if (selector==SM_CONFERENCE) + return conference_security; return null; } // end env_getSecurityMonitor diff --git a/src/com/silverwrist/venice/core/internals/ConferenceBackend.java b/src/com/silverwrist/venice/core/internals/ConferenceBackend.java index 09542ac..5780c92 100644 --- a/src/com/silverwrist/venice/core/internals/ConferenceBackend.java +++ b/src/com/silverwrist/venice/core/internals/ConferenceBackend.java @@ -47,4 +47,6 @@ public interface ConferenceBackend public abstract PostLinkDecoderContext createDecoderContext(short topicid); + public abstract int env_getConfLevel(); + } // end interface ConferenceBackend diff --git a/src/com/silverwrist/venice/core/internals/EngineBackend.java b/src/com/silverwrist/venice/core/internals/EngineBackend.java index 401ba5e..6cf7923 100644 --- a/src/com/silverwrist/venice/core/internals/EngineBackend.java +++ b/src/com/silverwrist/venice/core/internals/EngineBackend.java @@ -57,6 +57,7 @@ public interface EngineBackend // Selectors for security monitors public static final int SM_GLOBAL = 0; public static final int SM_COMMUNITY = 1; + public static final int SM_CONFERENCE = 2; public abstract VeniceEngine getSelf(); diff --git a/src/com/silverwrist/venice/core/internals/EnvCommunity.java b/src/com/silverwrist/venice/core/internals/EnvCommunity.java index c573d49..f6a02f6 100644 --- a/src/com/silverwrist/venice/core/internals/EnvCommunity.java +++ b/src/com/silverwrist/venice/core/internals/EnvCommunity.java @@ -169,4 +169,10 @@ public class EnvCommunity extends EnvUser } // end isLevelAdmin + public final Role getConferenceDefaultRole(String symbol) + { + return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE).getDefaultRole(symbol); + + } // end getCommunityDefaultRole + } // end class EnvCommunity diff --git a/src/com/silverwrist/venice/core/internals/EnvConference.java b/src/com/silverwrist/venice/core/internals/EnvConference.java index 0831a15..818e591 100644 --- a/src/com/silverwrist/venice/core/internals/EnvConference.java +++ b/src/com/silverwrist/venice/core/internals/EnvConference.java @@ -17,8 +17,16 @@ */ package com.silverwrist.venice.core.internals; +import com.silverwrist.venice.core.AccessError; +import com.silverwrist.venice.security.SecurityMonitor; + public class EnvConference extends EnvCommunity { + /*-------------------------------------------------------------------------------- + * Static data members + *-------------------------------------------------------------------------------- + */ + /*-------------------------------------------------------------------------------- * Attributes *-------------------------------------------------------------------------------- @@ -45,6 +53,42 @@ public class EnvConference extends EnvCommunity } // end constructor + /*-------------------------------------------------------------------------------- + * Overrides from class EnvEngine + *-------------------------------------------------------------------------------- + */ + + protected SecurityMonitor getStaticMonitor() + { + return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE); + + } // end getStaticMonitor + + /*-------------------------------------------------------------------------------- + * Overrides from class EnvCommunity + *-------------------------------------------------------------------------------- + */ + + public boolean testPermission(String symbol, String errormsg) throws AccessError + { + SecurityMonitor sm = getStaticMonitor(); + // TODO: test dynamic permissions + if (sm.testPermission(symbol,conf.env_getConfLevel(),errormsg)) + return true; + return super.testPermission(symbol,errormsg); + + } // end testPermission + + public boolean testPermission(String symbol) + { + SecurityMonitor sm = getStaticMonitor(); + // TODO: test dynamic permissions + if (sm.testPermission(symbol,conf.env_getConfLevel())) + return true; + return super.testPermission(symbol); + + } // end testPermission + /*-------------------------------------------------------------------------------- * External operations *-------------------------------------------------------------------------------- diff --git a/src/com/silverwrist/venice/core/internals/EnvConferenceData.java b/src/com/silverwrist/venice/core/internals/EnvConferenceData.java index f34e404..e294afa 100644 --- a/src/com/silverwrist/venice/core/internals/EnvConferenceData.java +++ b/src/com/silverwrist/venice/core/internals/EnvConferenceData.java @@ -17,6 +17,9 @@ */ package com.silverwrist.venice.core.internals; +import com.silverwrist.venice.core.AccessError; +import com.silverwrist.venice.security.SecurityMonitor; + public class EnvConferenceData extends EnvEngine { /*-------------------------------------------------------------------------------- @@ -36,4 +39,32 @@ public class EnvConferenceData extends EnvEngine } // end constructor + /*-------------------------------------------------------------------------------- + * Overrides from class EnvEngine + *-------------------------------------------------------------------------------- + */ + + protected SecurityMonitor getStaticMonitor() + { + return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE); + + } // end getStaticMonitor + + /*-------------------------------------------------------------------------------- + * External operations + *-------------------------------------------------------------------------------- + */ + + public final boolean testPermission(String symbol, int level, String errormsg) throws AccessError + { + return getStaticMonitor().testPermission(symbol,level,errormsg); + + } // end testPermission + + public final boolean testPermission(String symbol, int level) + { + return getStaticMonitor().testPermission(symbol,level); + + } // end testPermission + } // end class EnvConferenceData diff --git a/src/com/silverwrist/venice/security/DefaultLevels.java b/src/com/silverwrist/venice/security/DefaultLevels.java deleted file mode 100644 index dd7cfb2..0000000 --- a/src/com/silverwrist/venice/security/DefaultLevels.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public License Version 1.1 - * (the "License"); you may not use this file except in compliance with the License. - * You may obtain a copy of the License at . - * - * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT - * WARRANTY OF ANY KIND, either express or implied. See the License for the specific - * language governing rights and limitations under the License. - * - * The Original Code is the Venice Web Communities System. - * - * The Initial Developer of the Original Code is Eric J. Bowersox , - * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are - * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. - * - * Contributor(s): - */ -package com.silverwrist.venice.security; - -public class DefaultLevels implements SecLevels -{ - public static int hostPrivsConference() - { - return CONFERENCE_ANYADMIN; - - } // end hostPrivsConference - - public static int memberConference() - { - return CONFERENCE_MEMBER; - - } // end memberConference - - public static int hostConference() - { - return CONFERENCE_HOST; - - } // end hostConference - - public static int newConferenceRead(boolean pvt) - { - return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER); - - } // end newConferenceRead - - public static int newConferencePost(boolean pvt) - { - return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER); - - } // end newConferencePost - - public static int newConferenceCreate(boolean pvt) - { - return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER); - - } // end newConferencePost - - public static int newConferenceHide() - { - return CONFERENCE_HOST; - - } // end newConferenceHide - - public static int newConferenceNuke() - { - return CONFERENCE_HOST; - - } // end newConferenceHide - - public static int newConferenceChange() - { - return CONFERENCE_HOST; - - } // end newConferenceHide - - public static int newConferenceDelete() - { - return COMM_COHOST; - - } // end newConferenceHide - -} // end class DefaultLevels diff --git a/src/com/silverwrist/venice/security/Role.java b/src/com/silverwrist/venice/security/Role.java index 7f735b2..f887bb1 100644 --- a/src/com/silverwrist/venice/security/Role.java +++ b/src/com/silverwrist/venice/security/Role.java @@ -19,39 +19,16 @@ package com.silverwrist.venice.security; import java.util.*; -public final class Role implements Comparable, Cloneable, SecLevels +public final class Role implements Comparable, Cloneable { - /*-------------------------------------------------------------------------------- - * Static data members - *-------------------------------------------------------------------------------- - */ - - private static Role not_in_list; - private static Role no_access; - private static Role unrestricted_user; - private static Role global_admin; - private static Role comm_host; - private static ArrayList global_low; - private static ArrayList global_high; - private static ArrayList comm_low; - private static ArrayList comm_high; - private static ArrayList conf_low; - private static ArrayList conf_high; - - private static List confreadlist_rc = null; - private static List confpostlist_rc = null; - private static List confhidelist_rc = null; - private static List confdeletelist_rc = null; - private static List conf_member_levels = null; - /*-------------------------------------------------------------------------------- * Attributes *-------------------------------------------------------------------------------- */ - private int level; - private String name; - private String symbol; + private int level; // access level in this role + private String name; // human-readable name + private String symbol; // programmatic symbol /*-------------------------------------------------------------------------------- * Constructors @@ -162,189 +139,10 @@ public final class Role implements Comparable, Cloneable, SecLevels *-------------------------------------------------------------------------------- */ - public static final Role create(int level, String name, String symbol) + static final Role create(int level, String name, String symbol) { return new Role(level,name,symbol); } // end create - /*-------------------------------------------------------------------------------- - * External static operations which generate lists of roles - *-------------------------------------------------------------------------------- - */ - - public static List getConferenceReadList() - { - if (confreadlist_rc==null) - { // precalculate the conference read list - ArrayList rc = new ArrayList(); - rc.addAll(global_low); - rc.addAll(comm_low); - rc.addAll(conf_low); - rc.add(unrestricted_user); - rc.trimToSize(); - confreadlist_rc = Collections.unmodifiableList(rc); - - } // end if - - return confreadlist_rc; - - } // end getConferenceReadList - - public static List getConferencePostList() - { - if (confpostlist_rc==null) - { // precalculate the post list - ArrayList rc = new ArrayList(); - rc.addAll(global_low); - rc.addAll(comm_low); - rc.addAll(conf_low); - rc.add(unrestricted_user); - rc.addAll(conf_high); - rc.trimToSize(); - confpostlist_rc = Collections.unmodifiableList(rc); - - } // end if - - return confpostlist_rc; - - } // return getConferencePostList - - public static List getConferenceCreateList() - { - return getConferencePostList(); - - } // end getConferenceChangeList - - public static List getConferenceHideList() - { - if (confhidelist_rc==null) - { // precalculate the hide list - ArrayList rc = new ArrayList(); - rc.addAll(conf_high); - rc.addAll(comm_high); - rc.add(global_high.get(0)); - rc.trimToSize(); - confhidelist_rc = Collections.unmodifiableList(rc); - - } // end if - - return confhidelist_rc; - - } // end getConferenceHideList - - public static List getConferenceNukeList() - { - return getConferenceHideList(); - - } // end getConferenceNukeList - - public static List getConferenceChangeList() - { - return getConferenceHideList(); - - } // end getConferenceChangeList - - public static List getConferenceDeleteList() - { - if (confdeletelist_rc==null) - { // precalculate the delete list - ArrayList rc = new ArrayList(); - rc.addAll(comm_high); - rc.addAll(global_high); - rc.add(no_access); - rc.trimToSize(); - confdeletelist_rc = Collections.unmodifiableList(rc); - - } // end if - - return confdeletelist_rc; - - } // end getConferenceDeleteList - - public static List getConferenceMemberLevelChoices() - { - if (conf_member_levels==null) - { // precalculate the list - ArrayList rc = new ArrayList(); - rc.add(not_in_list); - rc.addAll(global_low); - rc.addAll(comm_low); - rc.addAll(conf_low); - rc.add(unrestricted_user); - rc.add(conf_high.get(conf_high.size()-1)); - rc.trimToSize(); - conf_member_levels = Collections.unmodifiableList(rc); - - } // end if - - return conf_member_levels; - - } // end getConferenceMemberLevelChoices - - /*-------------------------------------------------------------------------------- - * Static initializer - *-------------------------------------------------------------------------------- - */ - - static - { // begin initializing the "all roles" map - not_in_list = new Role(0,"(not in list)"); - no_access = new Role(NO_ACCESS,"No Access"); - unrestricted_user = new Role(UNRESTRICTED_USER,"'Unrestricted' User"); - - Role tmp; - - // initialize the "global lowband" vector - global_low = new ArrayList(3); - tmp = new Role(GLOBAL_ANONYMOUS,"Anonymous User"); - global_low.add(tmp); - tmp = new Role(GLOBAL_UNVERIFIED,"Unauthenticated User"); - global_low.add(tmp); - tmp = new Role(GLOBAL_NORMAL,"Normal User"); - global_low.add(tmp); - global_low.trimToSize(); - - // initialize the "global highband" vector - global_high = new ArrayList(3); - tmp = new Role(GLOBAL_ANYADMIN,"Any System Administrator"); - global_high.add(tmp); - tmp = new Role(GLOBAL_PFY,"System Assistant Administrator"); - global_high.add(tmp); - global_admin = new Role(GLOBAL_BOFH,"Global System Administrator"); - global_high.add(global_admin); - global_high.trimToSize(); - - // initialize the "community lowband" vector - comm_low = new ArrayList(1); - tmp = new Role(COMM_MEMBER,"Community Member"); - comm_low.add(tmp); - comm_low.trimToSize(); - - // initialize the "communtiy highband" vector - comm_high = new ArrayList(3); - tmp = new Role(COMM_ANYADMIN,"Any Community Administrator"); - comm_high.add(tmp); - tmp = new Role(COMM_COHOST,"Community Co-Host"); - comm_high.add(tmp); - comm_host = new Role(COMM_HOST,"Community Host"); - comm_high.add(comm_host); - comm_high.trimToSize(); - - // initialize the "conference lowband" vector - conf_low = new ArrayList(1); - tmp = new Role(CONFERENCE_MEMBER,"Conference Member"); - conf_low.add(tmp); - conf_low.trimToSize(); - - // initialize the "conference highband" vector - conf_high = new ArrayList(2); - tmp = new Role(CONFERENCE_ANYADMIN,"Any Conference Administrator"); - conf_high.add(tmp); - tmp = new Role(CONFERENCE_HOST,"Conference Host"); - conf_high.add(tmp); - conf_high.trimToSize(); - - } // end static initializer - } // end class Role diff --git a/src/com/silverwrist/venice/security/SecLevels.java b/src/com/silverwrist/venice/security/SecLevels.java deleted file mode 100644 index 1a2b81e..0000000 --- a/src/com/silverwrist/venice/security/SecLevels.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public License Version 1.1 - * (the "License"); you may not use this file except in compliance with the License. - * You may obtain a copy of the License at . - * - * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT - * WARRANTY OF ANY KIND, either express or implied. See the License for the specific - * language governing rights and limitations under the License. - * - * The Original Code is the Venice Web Community System. - * - * The Initial Developer of the Original Code is Eric J. Bowersox , - * for Silverwrist Design Studios. Portions created by Eric J. Bowersox are - * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. - * - * Contributor(s): - */ -package com.silverwrist.venice.security; - -public interface SecLevels -{ - /** - * Indicates "no access" (not even to the global system administrator). Used as the - * "delete" level for the Administration Community, so it can't be accidentally deleted. - */ - public static final int NO_ACCESS = 65500; - /** - * Indicates a user with unrestricted access to all objects, but no admin privilege. - * (Above the "low bands" of all scopes, but below the "high bands" of any of them.) - */ - public static final int UNRESTRICTED_USER = 32500; - /** - * Indicates a user that has not logged in ("Anonymous Honyak"). Can be used as a - * permission level for communities and conferences to permit public reading and/or anonymous - * posting. - */ - public static final int GLOBAL_ANONYMOUS = 100; - /** - * Indicates a user that has been registered, but has not yet had their email address - * verified. - */ - public static final int GLOBAL_UNVERIFIED = 500; - /** - * Indicates a user that has registered and been verified. Can be used as a permission - * level for communities and conferences to permit reading and/or posting by nonmembers. - */ - public static final int GLOBAL_NORMAL = 1000; - /** - * The security level of the global system administrator ("Administrator" account, sometimes - * known as the "BOFH" (Bastard Operator From Hell) account). - */ - public static final int GLOBAL_BOFH = 64999; - /** - * A security level for "assistant admin" accounts (sometimes known as "PFY" (Pimply- - * Faced Youth) accounts). - */ - public static final int GLOBAL_PFY = 64000; - /** - * A security level used to indicate any account with global admin privileges. Used - * to control access to the Administration community. - */ - public static final int GLOBAL_ANYADMIN = 63000; - /** - * The security level assigned to members of a community within that community. - */ - public static final int COMM_MEMBER = 6500; - /** - * The security level assigned to cohosts of a community within that community. - */ - public static final int COMM_COHOST = 58000; - /** - * The security level assigned to hosts of a community within that community. - */ - public static final int COMM_HOST = 58500; - /** - * A security level used to indicate any account with admin privileges over a specific community. - */ - public static final int COMM_ANYADMIN = 57000; - /** - * The maximum level in the "high band" of the community scope; used to test if a user already has - * maximum privs within the community (because of being an admin at global scope, perhaps). - */ - public static final int COMM_MAXADMIN = 58999; - /** - * The security level assigned to members of a (private) conference within that conference. - */ - public static final int CONFERENCE_MEMBER = 12500; - /** - * The security level assigned to hosts of a conference within that conference. - */ - public static final int CONFERENCE_HOST = 52500; - /** - * A security level used to indicate any account with admin privileges over a specific - * conference. - */ - public static final int CONFERENCE_ANYADMIN = 51000; - -} // end interface SecLevels diff --git a/src/com/silverwrist/venice/servlets/ConfOperations.java b/src/com/silverwrist/venice/servlets/ConfOperations.java index 5a4f7b8..f8f328f 100644 --- a/src/com/silverwrist/venice/servlets/ConfOperations.java +++ b/src/com/silverwrist/venice/servlets/ConfOperations.java @@ -61,14 +61,14 @@ public class ConfOperations extends VeniceServlet } // end makeCreateConferenceDialog - private EditConferenceDialog makeEditConferenceDialog() throws ServletException + private EditConferenceDialog makeEditConferenceDialog(SecurityInfo sinf) throws ServletException { final String desired_name = "EditConferenceDialog"; DialogCache cache = DialogCache.getDialogCache(getServletContext()); if (!(cache.isCached(desired_name))) { // create a template and save it off - EditConferenceDialog template = new EditConferenceDialog(); + EditConferenceDialog template = new EditConferenceDialog(sinf); cache.saveTemplate(template); } // end if @@ -416,7 +416,7 @@ public class ConfOperations extends VeniceServlet on_error); // create and return the Edit Conference dialog - EditConferenceDialog dlg = makeEditConferenceDialog(); + EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo()); try { // set up and return the dialog dlg.setupDialog(comm,conf); @@ -825,7 +825,7 @@ public class ConfOperations extends VeniceServlet on_error); // create the dialog class - EditConferenceDialog dlg = makeEditConferenceDialog(); + EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo()); if (dlg.isButtonClicked(request,"cancel")) throw new RedirectResult(on_error); // they chickened out - go back to the conference list diff --git a/src/com/silverwrist/venice/servlets/format/ConferenceMembership.java b/src/com/silverwrist/venice/servlets/format/ConferenceMembership.java index 3fd6d8e..8687f64 100644 --- a/src/com/silverwrist/venice/servlets/format/ConferenceMembership.java +++ b/src/com/silverwrist/venice/servlets/format/ConferenceMembership.java @@ -63,7 +63,7 @@ public class ConferenceMembership implements JSPRender, SearchMode this.engine = engine; this.comm = comm; this.conf = conf; - this.role_choices = Role.getConferenceMemberLevelChoices(); + this.role_choices = conf.getSecurityInfo().getRoleList("Conference.UserLevels"); } // end constructor diff --git a/src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java b/src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java index d7add83..4abe202 100644 --- a/src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java +++ b/src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java @@ -37,7 +37,7 @@ public class EditConferenceDialog extends ContentDialog *-------------------------------------------------------------------------------- */ - public EditConferenceDialog() + public EditConferenceDialog(SecurityInfo sinf) { super("Edit Conference:",null,"editconfform","confops"); setHiddenField("cmd","E"); @@ -51,26 +51,26 @@ public class EditConferenceDialog extends ContentDialog null,YES)); addFormField(new CDFormCategoryHeader("Security Information")); addFormField(new CDRoleListFormField("read_lvl","Security level required to read conference",null,true, - Role.getConferenceReadList())); + sinf.getRoleList("Conference.Read"))); addFormField(new CDRoleListFormField("post_lvl","Security level required to post to conference",null,true, - Role.getConferencePostList())); + sinf.getRoleList("Conference.Post"))); addFormField(new CDRoleListFormField("create_lvl", "Security level required to create new topics in conference",null, - true,Role.getConferenceCreateList())); + true,sinf.getRoleList("Conference.Create"))); addFormField(new CDRoleListFormField("hide_lvl", "Security level required to archive or freeze topics", "(or to hide posts of which you are not the owner)",true, - Role.getConferenceHideList())); + sinf.getRoleList("Conference.Hide"))); addFormField(new CDRoleListFormField("nuke_lvl", "Security level required to delete topics or nuke posts", "(or to scribble posts of which you are not the owner)",true, - Role.getConferenceNukeList())); + sinf.getRoleList("Conference.Nuke"))); addFormField(new CDRoleListFormField("change_lvl", "Security level required to change conference attributes",null,true, - Role.getConferenceChangeList())); + sinf.getRoleList("Conference.Change"))); addFormField(new CDRoleListFormField("delete_lvl", "Security level required to delete conference",null,true, - Role.getConferenceDeleteList())); + sinf.getRoleList("Conference.Delete"))); addFormField(new CDFormCategoryHeader("Conference Properties")); addFormField(new CDCheckBoxFormField("pic_in_post","Display users' pictures next to their posts", "(user can override)",YES));