completed the transition to the new security architecture - the old stuff

has now been removed completely; the VeniceEngine is managing the conference
level SecurityMonitor for now

etc/venice-config.xml

@@ -183,6 +183,107 @@
 	<permission id="ShowHiddenObjects" role="Community.AnyAdmin"/>
       </permissions>
     </security-definition>
+    <security-definition id="Conference" parent="Community"> <!-- will move eventually -->
+      <defined-roles>
+	<role id="Member" value="L+500">Conference Member</role>
+	<role id="AnyAdmin" value="HMIN">Any Conference Administrator</role>
+	<role id="Host" value="H+1500">Conference Host</role>
+      </defined-roles>
+      <defined-lists>
+	<list id="Read">
+	  <permission/>
+	  <element role="Global.Anonymous"/>
+	  <element role="Global.Unverified"/>
+	  <element role="Global.Normal"/>
+	  <element role="Community.Member"/>
+	  <element role="Conference.Member"/>
+	  <element role="UnrestrictedUser"/>
+	</list>
+	<list id="Post">
+	  <permission/>
+	  <element role="Global.Anonymous"/>
+	  <element role="Global.Unverified"/>
+	  <element role="Global.Normal"/>
+	  <element role="Community.Member"/>
+	  <element role="Conference.Member"/>
+	  <element role="UnrestrictedUser"/>
+	  <element role="Conference.AnyAdmin"/>
+	  <element role="Conference.Host"/>
+	</list>
+	<list id="Create">
+	  <permission/>
+	  <element role="Global.Anonymous"/>
+	  <element role="Global.Unverified"/>
+	  <element role="Global.Normal"/>
+	  <element role="Community.Member"/>
+	  <element role="Conference.Member"/>
+	  <element role="UnrestrictedUser"/>
+	  <element role="Conference.AnyAdmin"/>
+	  <element role="Conference.Host"/>
+	</list>
+	<list id="Hide">
+	  <permission/>
+	  <element role="Conference.AnyAdmin"/>
+	  <element role="Conference.Host" default="true"/>
+	  <element role="Community.AnyAdmin"/>
+	  <element role="Community.Cohost"/>
+	  <element role="Community.Host"/>
+	  <element role="Global.AnyAdmin"/>
+	</list>
+	<list id="Nuke">
+	  <permission/>
+	  <element role="Conference.AnyAdmin"/>
+	  <element role="Conference.Host" default="true"/>
+	  <element role="Community.AnyAdmin"/>
+	  <element role="Community.Cohost"/>
+	  <element role="Community.Host"/>
+	  <element role="Global.AnyAdmin"/>
+	</list>
+	<list id="Change">
+	  <permission/>
+	  <element role="Conference.AnyAdmin"/>
+	  <element role="Conference.Host" default="true"/>
+	  <element role="Community.AnyAdmin"/>
+	  <element role="Community.Cohost"/>
+	  <element role="Community.Host"/>
+	  <element role="Global.AnyAdmin"/>
+	</list>
+	<list id="Delete">
+	  <permission/>
+	  <element role="Community.AnyAdmin"/>
+	  <element role="Community.Cohost" default="true"/>
+	  <element role="Community.Host"/>
+	  <element role="Global.AnyAdmin"/>
+	  <element role="Global.PFY"/>
+	  <element role="Global.BOFH"/>
+	  <element role="NoAccess"/>
+	</list>
+	<list id="UserLevels">
+	  <element role="NotInList"/>
+	  <element role="Global.Anonymous"/>
+	  <element role="Global.Unverified"/>
+	  <element role="Global.Normal"/>
+	  <element role="Community.Member"/>
+	  <element role="Conference.Member"/>
+	  <element role="UnrestrictedUser"/>
+	  <element role="Conference.Host"/>
+	</list>
+      </defined-lists>
+      <defaults>
+	<default id="HostPrivs" role="Community.AnyAdmin"/>
+	<default id="NewUser" role="Conference.Member"/>
+	<default id="NewHost" role="Conference.Host"/>
+	<default id="Creator" role="Conference.Host"/>
+	<default id="Read.Public" role="Community.Member"/>
+	<default id="Read.Private" role="Conference.Member"/>
+	<default id="Post.Public" role="Community.Member"/>
+	<default id="Post.Private" role="Conference.Member"/>
+	<default id="Create.Public" role="Community.Member"/>
+	<default id="Create.Private" role="Conference.Member"/>
+      </defaults>
+      <permissions>
+      </permissions>
+    </security-definition>
   </security>
 
   <!-- This section is used to configure electronic mail services. -->

src/com/silverwrist/venice/core/AdminOperations.java

@@ -23,8 +23,6 @@ public interface AdminOperations
 {
   public abstract SecurityInfo getSecurityInfo();
 
-  public abstract boolean isGlobalAdmin();
-
   public abstract List getAllowedRoleList();
 
   public abstract List getAuditRecords(int offset, int count) throws DataException;

src/com/silverwrist/venice/core/ConferenceContext.java

@@ -161,4 +161,6 @@ public interface ConferenceContext
 
   public abstract void setProperties(ConferenceProperties props) throws DataException, AccessError;
 
+  public abstract SecurityInfo getSecurityInfo();
+
 } // end interface ConferenceContext

src/com/silverwrist/venice/core/GlobalProperties.java

@@ -48,7 +48,7 @@ public final class GlobalProperties
     conference_members_per_page = 50;
     posts_on_front_page = 10;
     audit_records_per_page = 100;
-    community_create_level = com.silverwrist.venice.security.SecLevels.GLOBAL_NORMAL;
+    community_create_level = 1000;   // this is actually the "normal user" security level
     display_post_pictures = false;
 
   } // end constructor

src/com/silverwrist/venice/core/impl/AdminOperationsImpl.java

@@ -24,7 +24,6 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.AuditRecord;
-import com.silverwrist.venice.security.SecLevels;
 
 class AdminOperationsImpl implements AdminOperations
 {
@@ -64,12 +63,6 @@ class AdminOperationsImpl implements AdminOperations
 
   } // end getSecurityInfo
 
-  public boolean isGlobalAdmin()
-  {
-    return (env.getUser().realBaseLevel()==SecLevels.GLOBAL_BOFH);
-
-  } // end isGlobalAdmin
-
   public List getAllowedRoleList()
   {
     if (env.testPermission(EnvUser.PERM_DESIGNATEPFY))

src/com/silverwrist/venice/core/impl/CommunityCoreData.java

@@ -27,7 +27,6 @@ import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.security.AuditRecord;
-import com.silverwrist.venice.security.DefaultLevels;
 
 class CommunityCoreData implements CommunityData, CommunityDataBackend
 {
@@ -1493,7 +1492,8 @@ class CommunityCoreData implements CommunityData, CommunityDataBackend
 							    host_uid);
     ConferenceData cdata = rcs.getConference();
     if (outer.getUserID()!=host_uid)  // make the creating user a conference host too
-      cdata.setMembership(outer,outer.getUserID(),DefaultLevels.hostConference());
+      cdata.setMembership(outer,outer.getUserID(),
+			  outer.getConferenceDefaultRole("Conference.Creator").getLevel());
 
     // Wrap the returned ConferenceData object in a ConferenceCommunityContextImpl object.
     ConferenceCommunityContextImpl conf =

src/com/silverwrist/venice/core/impl/CommunityUserContextImpl.java

@@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.AuditRecord;
-import com.silverwrist.venice.security.DefaultLevels;
 import com.silverwrist.venice.security.Role;
 
 class CommunityUserContextImpl implements CommunityContext, CommunityBackend

src/com/silverwrist/venice/core/impl/ConferenceCoreData.java

@@ -25,7 +25,6 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.security.AuditRecord;
-import com.silverwrist.venice.security.DefaultLevels;
 
 class ConferenceCoreData implements ConferenceData
 {
@@ -113,7 +112,7 @@ class ConferenceCoreData implements ConferenceData
 
   } // end constructor
 
-  protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, boolean pvt,
+  protected ConferenceCoreData(EnvCommunityData env, int confid, java.util.Date created, int[] levels,
 			       String name, String descr)
   {
     if (logger.isDebugEnabled())
@@ -122,13 +121,13 @@ class ConferenceCoreData implements ConferenceData
     this.confid = confid;
     this.create_date = created;
     this.last_update = null;
-    this.read_level = DefaultLevels.newConferenceRead(pvt);
+    this.read_level = levels[0];
-    this.post_level = DefaultLevels.newConferencePost(pvt);
+    this.post_level = levels[1];
-    this.create_level = DefaultLevels.newConferenceCreate(pvt);
+    this.create_level = levels[2];
-    this.hide_level = DefaultLevels.newConferenceHide();
+    this.hide_level = levels[3];
-    this.nuke_level = DefaultLevels.newConferenceNuke();
+    this.nuke_level = levels[4];
-    this.change_level = DefaultLevels.newConferenceChange();
+    this.change_level = levels[5];
-    this.delete_level = DefaultLevels.newConferenceDelete();
+    this.delete_level = levels[6];
     this.top_topic = 0;
     this.name = name;
     this.description = descr;
@@ -361,8 +360,8 @@ class ConferenceCoreData implements ConferenceData
 	  new StringBuffer("SELECT u.uid, u.username, u.description, c.given_name, c.family_name, "
 			   + "c.locality, c.region, c.country FROM users u, contacts c, confmember m "
 			   + "WHERE u.contactid = c.contactid AND u.uid = m.uid AND m.confid = ");
-      sql.append(confid).append(" AND m.granted_lvl >= ").append(DefaultLevels.hostPrivsConference());
+      sql.append(confid).append(" AND m.granted_lvl >= ");
-      sql.append(" ORDER BY u.username;");
+      sql.append(env.getDefaultRole("Conference.HostPrivs").getLevel()).append(" ORDER BY u.username;");
 
       // execute the query
       ResultSet rs = stmt.executeQuery(sql.toString());
@@ -1399,13 +1398,32 @@ class ConferenceCoreData implements ConferenceData
 	sql.append("INSERT INTO confs (createdate, read_lvl, post_lvl, create_lvl, hide_lvl, nuke_lvl, "
 		   + "change_lvl, delete_lvl, name, descr) VALUES ('");
 	created = new java.util.Date();
-	sql.append(SQLUtil.encodeDate(created)).append("', ").append(DefaultLevels.newConferenceRead(pvt));
+	int levels[] = new int[7];
-	sql.append(", ").append(DefaultLevels.newConferencePost(pvt)).append(", ");
+	if (pvt)
-	sql.append(DefaultLevels.newConferenceCreate(pvt)).append(", ");
+	{ // load levels for private conference
-	sql.append(DefaultLevels.newConferenceHide()).append(", ").append(DefaultLevels.newConferenceNuke());
+	  levels[0] = outer.getConferenceDefaultRole("Conference.Read.Private").getLevel();
-	sql.append(", ").append(DefaultLevels.newConferenceChange()).append(", ");
+	  levels[1] = outer.getConferenceDefaultRole("Conference.Post.Private").getLevel();
-	sql.append(DefaultLevels.newConferenceDelete()).append(", '").append(SQLUtil.encodeString(name));
+	  levels[2] = outer.getConferenceDefaultRole("Conference.Create.Private").getLevel();
-	sql.append("', '").append(SQLUtil.encodeString(description)).append("');");
+
+	} // end if
+	else
+	{ // load levels for public conference
+	  levels[0] = outer.getConferenceDefaultRole("Conference.Read.Public").getLevel();
+	  levels[1] = outer.getConferenceDefaultRole("Conference.Post.Public").getLevel();
+	  levels[2] = outer.getConferenceDefaultRole("Conference.Create.Public").getLevel();
+
+	} // end else
+
+	levels[3] = outer.getConferenceDefaultRole("Conference.Hide").getLevel();
+	levels[4] = outer.getConferenceDefaultRole("Conference.Nuke").getLevel();
+	levels[5] = outer.getConferenceDefaultRole("Conference.Change").getLevel();
+	levels[6] = outer.getConferenceDefaultRole("Conference.Delete").getLevel();
+
+	sql.append(SQLUtil.encodeDate(created)).append("', ").append(levels[0]).append(", ");
+	sql.append(levels[1]).append(", ").append(levels[2]).append(", ").append(levels[3]).append(", ");
+	sql.append(levels[4]).append(", ").append(levels[5]).append(", ").append(levels[6]);
+	sql.append(", '").append(SQLUtil.encodeString(name)).append("', '");
+	sql.append(SQLUtil.encodeString(description)).append("');");
 	if (logger.isDebugEnabled())
 	  logger.debug("SQL: " + sql.toString());
 	stmt.executeUpdate(sql.toString());
@@ -1436,14 +1454,15 @@ class ConferenceCoreData implements ConferenceData
 	// Make the specified UID the host of this new conference.
 	sql.setLength(0);
 	sql.append("INSERT INTO confmember (confid, uid, granted_lvl) VALUES (").append(new_confid);
-	sql.append(", ").append(host_uid).append(", ").append(DefaultLevels.hostConference()).append(");");
+	sql.append(", ").append(host_uid).append(", ");
+	sql.append(outer.getConferenceDefaultRole("Conference.NewHost").getLevel()).append(");");
 	if (logger.isDebugEnabled())
 	  logger.debug("SQL: " + sql.toString());
 	stmt.executeUpdate(sql.toString());
 
 	// Create a new ConferenceCoreData object representing this conference and register it with the
 	// engine's conference data object cache.
-	conf = new ConferenceCoreData(env,new_confid,created,pvt,name,description);
+	conf = new ConferenceCoreData(env,new_confid,created,levels,name,description);
 	conf.newProperties(conn);
 
       } // end try

src/com/silverwrist/venice/core/impl/ConferenceUserContextImpl.java

@@ -24,7 +24,7 @@ import com.silverwrist.venice.core.*;
 import com.silverwrist.venice.core.internals.*;
 import com.silverwrist.venice.db.*;
 import com.silverwrist.venice.htmlcheck.*;
-import com.silverwrist.venice.security.DefaultLevels;
+import com.silverwrist.venice.security.Role;
 
 class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
 {
@@ -155,7 +155,7 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
    *--------------------------------------------------------------------------------
    */
 
-  private static Category logger = Category.getInstance(ConferenceUserContextImpl.class.getName());
+  private static Category logger = Category.getInstance(ConferenceUserContextImpl.class);
 
   /*--------------------------------------------------------------------------------
    * Attributes
@@ -192,11 +192,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
 
   ConferenceUserContextImpl(EnvCommunity env, ConferenceCommunityContext cdata) throws DataException
   {
-    this.env = new EnvConference(env,this);
+    EnvConference new_env = new EnvConference(env,this);
+    this.env = new_env;
     this.confid = cdata.getConfID();
     this.cache = null;
     this.confdata = cdata;
-    recalcLevel(DefaultLevels.hostConference());
+    recalcLevel(new_env.getDefaultRole("Conference.Creator").getLevel());
     this.pseud = env.getUser().userDefaultPseud();
     this.last_read = null;
     this.last_post = null;
@@ -647,7 +648,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
 
   public void addMember(int uid, boolean as_host) throws DataException, AccessError
   {
-    setMembership(uid,(as_host ? DefaultLevels.hostConference() : DefaultLevels.memberConference()));
+    Role r;
+    if (as_host)
+      r = env.getDefaultRole("Conference.NewHost");
+    else
+      r = env.getDefaultRole("Conference.NewUser");
+    setMembership(uid,r.getLevel());
 
   } // end addMember
 
@@ -1449,6 +1455,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
 
   } // end setProperties
 
+  public SecurityInfo getSecurityInfo()
+  {
+    return env.getSecurityInfo();
+
+  } // end getSecurityInfo
+
   /*--------------------------------------------------------------------------------
    * Implementations from interface ConferenceBackend
    *--------------------------------------------------------------------------------
@@ -1593,6 +1605,12 @@ class ConferenceUserContextImpl implements ConferenceContext, ConferenceBackend
 
   } // end createDecoderContext
 
+  public int env_getConfLevel()
+  {
+    return level;
+
+  } // end env_getConfLevel
+
   /*--------------------------------------------------------------------------------
    * Static functions usable only from within the package
    *--------------------------------------------------------------------------------

src/com/silverwrist/venice/core/impl/VeniceEngineImpl.java

@@ -410,6 +410,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
   private OptionSet global_flags = new OptionSet();   // global option flags
   private SecurityMonitor global_security;            // the global security monitor
   private SecurityMonitor community_security;         // the community security monitor
+  private SecurityMonitor conference_security;        // conference security monitor (will move eventually)
 
   /*--------------------------------------------------------------------------------
    * Constructor
@@ -752,6 +753,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
 	    global_security = sm;
 	  else if (sm.getID().equals("Community"))
 	    community_security = sm;
+	  else if (sm.getID().equals("Conference"))
+	    conference_security = sm;
 
 	} // end if
 
@@ -2267,6 +2270,8 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
       return global_security;
     if (selector==SM_COMMUNITY)
       return community_security;
+    if (selector==SM_CONFERENCE)
+      return conference_security;
     return null;
 
   } // end env_getSecurityMonitor

src/com/silverwrist/venice/core/internals/ConferenceBackend.java

@@ -47,4 +47,6 @@ public interface ConferenceBackend
 
   public abstract PostLinkDecoderContext createDecoderContext(short topicid);
 
+  public abstract int env_getConfLevel();
+
 } // end interface ConferenceBackend

src/com/silverwrist/venice/core/internals/EngineBackend.java

@@ -57,6 +57,7 @@ public interface EngineBackend
   // Selectors for security monitors
   public static final int SM_GLOBAL = 0;
   public static final int SM_COMMUNITY = 1;
+  public static final int SM_CONFERENCE = 2;
 
   public abstract VeniceEngine getSelf();
 

src/com/silverwrist/venice/core/internals/EnvCommunity.java

@@ -169,4 +169,10 @@ public class EnvCommunity extends EnvUser
 
   } // end isLevelAdmin
 
+  public final Role getConferenceDefaultRole(String symbol)
+  {
+    return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE).getDefaultRole(symbol);
+
+  } // end getCommunityDefaultRole
+
 } // end class EnvCommunity

src/com/silverwrist/venice/core/internals/EnvConference.java

@@ -17,8 +17,16 @@
  */
 package com.silverwrist.venice.core.internals;
 
+import com.silverwrist.venice.core.AccessError;
+import com.silverwrist.venice.security.SecurityMonitor;
+
 public class EnvConference extends EnvCommunity
 {
+  /*--------------------------------------------------------------------------------
+   * Static data members
+   *--------------------------------------------------------------------------------
+   */
+
   /*--------------------------------------------------------------------------------
    * Attributes
    *--------------------------------------------------------------------------------
@@ -45,6 +53,42 @@ public class EnvConference extends EnvCommunity
 
   } // end constructor
 
+  /*--------------------------------------------------------------------------------
+   * Overrides from class EnvEngine
+   *--------------------------------------------------------------------------------
+   */
+
+  protected SecurityMonitor getStaticMonitor()
+  {
+    return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE);
+
+  } // end getStaticMonitor
+
+  /*--------------------------------------------------------------------------------
+   * Overrides from class EnvCommunity
+   *--------------------------------------------------------------------------------
+   */
+
+  public boolean testPermission(String symbol, String errormsg) throws AccessError
+  {
+    SecurityMonitor sm = getStaticMonitor();
+    // TODO: test dynamic permissions
+    if (sm.testPermission(symbol,conf.env_getConfLevel(),errormsg))
+      return true;
+    return super.testPermission(symbol,errormsg);
+
+  } // end testPermission
+
+  public boolean testPermission(String symbol)
+  {
+    SecurityMonitor sm = getStaticMonitor();
+    // TODO: test dynamic permissions
+    if (sm.testPermission(symbol,conf.env_getConfLevel()))
+      return true;
+    return super.testPermission(symbol);
+
+  } // end testPermission
+
   /*--------------------------------------------------------------------------------
    * External operations
    *--------------------------------------------------------------------------------

src/com/silverwrist/venice/core/internals/EnvConferenceData.java

@@ -17,6 +17,9 @@
  */
 package com.silverwrist.venice.core.internals;
 
+import com.silverwrist.venice.core.AccessError;
+import com.silverwrist.venice.security.SecurityMonitor;
+
 public class EnvConferenceData extends EnvEngine
 {
   /*--------------------------------------------------------------------------------
@@ -36,4 +39,32 @@ public class EnvConferenceData extends EnvEngine
 
   } // end constructor
 
+  /*--------------------------------------------------------------------------------
+   * Overrides from class EnvEngine
+   *--------------------------------------------------------------------------------
+   */
+
+  protected SecurityMonitor getStaticMonitor()
+  {
+    return getEngine().env_getSecurityMonitor(EngineBackend.SM_CONFERENCE);
+
+  } // end getStaticMonitor
+
+  /*--------------------------------------------------------------------------------
+   * External operations
+   *--------------------------------------------------------------------------------
+   */
+
+  public final boolean testPermission(String symbol, int level, String errormsg) throws AccessError
+  {
+    return getStaticMonitor().testPermission(symbol,level,errormsg);
+
+  } // end testPermission
+
+  public final boolean testPermission(String symbol, int level)
+  {
+    return getStaticMonitor().testPermission(symbol,level);
+
+  } // end testPermission
+
 } // end class EnvConferenceData

src/com/silverwrist/venice/security/DefaultLevels.java

@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public License Version 1.1
- * (the "License"); you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
- * 
- * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
- * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
- * language governing rights and limitations under the License.
- * 
- * The Original Code is the Venice Web Communities System.
- * 
- * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
- * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
- * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
- * 
- * Contributor(s): 
- */
-package com.silverwrist.venice.security;
-
-public class DefaultLevels implements SecLevels
-{
-  public static int hostPrivsConference()
-  {
-    return CONFERENCE_ANYADMIN;
-
-  } // end hostPrivsConference
-
-  public static int memberConference()
-  {
-    return CONFERENCE_MEMBER;
-
-  } // end memberConference
-
-  public static int hostConference()
-  {
-    return CONFERENCE_HOST;
-
-  } // end hostConference
-
-  public static int newConferenceRead(boolean pvt)
-  {
-    return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
-
-  } // end newConferenceRead
-
-  public static int newConferencePost(boolean pvt)
-  {
-    return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
-
-  } // end newConferencePost
-
-  public static int newConferenceCreate(boolean pvt)
-  {
-    return (pvt ? CONFERENCE_MEMBER : COMM_MEMBER);
-
-  } // end newConferencePost
-
-  public static int newConferenceHide()
-  {
-    return CONFERENCE_HOST;
-
-  } // end newConferenceHide
-
-  public static int newConferenceNuke()
-  {
-    return CONFERENCE_HOST;
-
-  } // end newConferenceHide
-
-  public static int newConferenceChange()
-  {
-    return CONFERENCE_HOST;
-
-  } // end newConferenceHide
-
-  public static int newConferenceDelete()
-  {
-    return COMM_COHOST;
-
-  } // end newConferenceHide
-
-} // end class DefaultLevels

src/com/silverwrist/venice/security/Role.java

@@ -19,39 +19,16 @@ package com.silverwrist.venice.security;
 
 import java.util.*;
 
-public final class Role implements Comparable, Cloneable, SecLevels
+public final class Role implements Comparable, Cloneable
 {
-  /*--------------------------------------------------------------------------------
-   * Static data members
-   *--------------------------------------------------------------------------------
-   */
-
-  private static Role not_in_list;
-  private static Role no_access;
-  private static Role unrestricted_user;
-  private static Role global_admin;
-  private static Role comm_host;
-  private static ArrayList global_low;
-  private static ArrayList global_high;
-  private static ArrayList comm_low;
-  private static ArrayList comm_high;
-  private static ArrayList conf_low;
-  private static ArrayList conf_high;
-
-  private static List confreadlist_rc = null;
-  private static List confpostlist_rc = null;
-  private static List confhidelist_rc = null;
-  private static List confdeletelist_rc = null;
-  private static List conf_member_levels = null;
-
   /*--------------------------------------------------------------------------------
    * Attributes
    *--------------------------------------------------------------------------------
    */
 
-  private int level;
+  private int level;                // access level in this role
-  private String name;
+  private String name;              // human-readable name
-  private String symbol;
+  private String symbol;            // programmatic symbol
 
   /*--------------------------------------------------------------------------------
    * Constructors
@@ -162,189 +139,10 @@ public final class Role implements Comparable, Cloneable, SecLevels
    *--------------------------------------------------------------------------------
    */
 
-  public static final Role create(int level, String name, String symbol)
+  static final Role create(int level, String name, String symbol)
   {
     return new Role(level,name,symbol);
 
   } // end create
 
-  /*--------------------------------------------------------------------------------
-   * External static operations which generate lists of roles
-   *--------------------------------------------------------------------------------
-   */
-
-  public static List getConferenceReadList()
-  {
-    if (confreadlist_rc==null)
-    { // precalculate the conference read list
-      ArrayList rc = new ArrayList();
-      rc.addAll(global_low);
-      rc.addAll(comm_low);
-      rc.addAll(conf_low);
-      rc.add(unrestricted_user);
-      rc.trimToSize();
-      confreadlist_rc = Collections.unmodifiableList(rc);
-
-    } // end if
-
-    return confreadlist_rc;
-
-  } // end getConferenceReadList
-
-  public static List getConferencePostList()
-  {
-    if (confpostlist_rc==null)
-    { // precalculate the post list
-      ArrayList rc = new ArrayList();
-      rc.addAll(global_low);
-      rc.addAll(comm_low);
-      rc.addAll(conf_low);
-      rc.add(unrestricted_user);
-      rc.addAll(conf_high);
-      rc.trimToSize();
-      confpostlist_rc = Collections.unmodifiableList(rc);
-
-    } // end if
-
-    return confpostlist_rc;
-
-  } // return getConferencePostList
-
-  public static List getConferenceCreateList()
-  {
-    return getConferencePostList();
-
-  } // end getConferenceChangeList
-
-  public static List getConferenceHideList()
-  {
-    if (confhidelist_rc==null)
-    { // precalculate the hide list
-      ArrayList rc = new ArrayList();
-      rc.addAll(conf_high);
-      rc.addAll(comm_high);
-      rc.add(global_high.get(0));
-      rc.trimToSize();
-      confhidelist_rc = Collections.unmodifiableList(rc);
-
-    } // end if
-
-    return confhidelist_rc;
-
-  } // end getConferenceHideList
-
-  public static List getConferenceNukeList()
-  {
-    return getConferenceHideList();
-
-  } // end getConferenceNukeList
-
-  public static List getConferenceChangeList()
-  {
-    return getConferenceHideList();
-
-  } // end getConferenceChangeList
-
-  public static List getConferenceDeleteList()
-  {
-    if (confdeletelist_rc==null)
-    { // precalculate the delete list
-      ArrayList rc = new ArrayList();
-      rc.addAll(comm_high);
-      rc.addAll(global_high);
-      rc.add(no_access);
-      rc.trimToSize();
-      confdeletelist_rc = Collections.unmodifiableList(rc);
-
-    } // end if
-
-    return confdeletelist_rc;
-
-  } // end getConferenceDeleteList
-
-  public static List getConferenceMemberLevelChoices()
-  {
-    if (conf_member_levels==null)
-    { // precalculate the list
-      ArrayList rc = new ArrayList();
-      rc.add(not_in_list);
-      rc.addAll(global_low);
-      rc.addAll(comm_low);
-      rc.addAll(conf_low);
-      rc.add(unrestricted_user);
-      rc.add(conf_high.get(conf_high.size()-1));
-      rc.trimToSize();
-      conf_member_levels = Collections.unmodifiableList(rc);
-
-    } // end if
-    
-    return conf_member_levels;
-
-  } // end getConferenceMemberLevelChoices
-
-  /*--------------------------------------------------------------------------------
-   * Static initializer
-   *--------------------------------------------------------------------------------
-   */
-
-  static
-  { // begin initializing the "all roles" map
-    not_in_list = new Role(0,"(not in list)");
-    no_access = new Role(NO_ACCESS,"No Access");
-    unrestricted_user = new Role(UNRESTRICTED_USER,"'Unrestricted' User");
-
-    Role tmp;
-
-    // initialize the "global lowband" vector
-    global_low = new ArrayList(3);
-    tmp = new Role(GLOBAL_ANONYMOUS,"Anonymous User");
-    global_low.add(tmp);
-    tmp = new Role(GLOBAL_UNVERIFIED,"Unauthenticated User");
-    global_low.add(tmp);
-    tmp = new Role(GLOBAL_NORMAL,"Normal User");
-    global_low.add(tmp);
-    global_low.trimToSize();
-
-    // initialize the "global highband" vector
-    global_high = new ArrayList(3);
-    tmp = new Role(GLOBAL_ANYADMIN,"Any System Administrator");
-    global_high.add(tmp);
-    tmp = new Role(GLOBAL_PFY,"System Assistant Administrator");
-    global_high.add(tmp);
-    global_admin = new Role(GLOBAL_BOFH,"Global System Administrator");
-    global_high.add(global_admin);
-    global_high.trimToSize();
-
-    // initialize the "community lowband" vector
-    comm_low = new ArrayList(1);
-    tmp = new Role(COMM_MEMBER,"Community Member");
-    comm_low.add(tmp);
-    comm_low.trimToSize();
-
-    // initialize the "communtiy highband" vector
-    comm_high = new ArrayList(3);
-    tmp = new Role(COMM_ANYADMIN,"Any Community Administrator");
-    comm_high.add(tmp);
-    tmp = new Role(COMM_COHOST,"Community Co-Host");
-    comm_high.add(tmp);
-    comm_host = new Role(COMM_HOST,"Community Host");
-    comm_high.add(comm_host);
-    comm_high.trimToSize();
-
-    // initialize the "conference lowband" vector
-    conf_low = new ArrayList(1);
-    tmp = new Role(CONFERENCE_MEMBER,"Conference Member");
-    conf_low.add(tmp);
-    conf_low.trimToSize();
-
-    // initialize the "conference highband" vector
-    conf_high = new ArrayList(2);
-    tmp = new Role(CONFERENCE_ANYADMIN,"Any Conference Administrator");
-    conf_high.add(tmp);
-    tmp = new Role(CONFERENCE_HOST,"Conference Host");
-    conf_high.add(tmp);
-    conf_high.trimToSize();
-
-  } // end static initializer
-
 } // end class Role

src/com/silverwrist/venice/security/SecLevels.java

@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public License Version 1.1
- * (the "License"); you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
- * 
- * Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
- * WARRANTY OF ANY KIND, either express or implied. See the License for the specific
- * language governing rights and limitations under the License.
- * 
- * The Original Code is the Venice Web Community System.
- * 
- * The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
- * for Silverwrist Design Studios.  Portions created by Eric J. Bowersox are
- * Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios.  All Rights Reserved.
- * 
- * Contributor(s): 
- */
-package com.silverwrist.venice.security;
-
-public interface SecLevels
-{
-  /**
-   * Indicates "no access" (not even to the global system administrator).  Used as the
-   * "delete" level for the Administration Community, so it can't be accidentally deleted.
-   */
-  public static final int NO_ACCESS = 65500;
-  /**
-   * Indicates a user with unrestricted access to all objects, but no admin privilege.
-   * (Above the "low bands" of all scopes, but below the "high bands" of any of them.)
-   */
-  public static final int UNRESTRICTED_USER = 32500;
-  /**
-   * Indicates a user that has not logged in ("Anonymous Honyak").  Can be used as a
-   * permission level for communities and conferences to permit public reading and/or anonymous
-   * posting.
-   */
-  public static final int GLOBAL_ANONYMOUS = 100;
-  /**
-   * Indicates a user that has been registered, but has not yet had their email address
-   * verified.
-   */
-  public static final int GLOBAL_UNVERIFIED = 500;
-  /**
-   * Indicates a user that has registered and been verified.  Can be used as a permission
-   * level for communities and conferences to permit reading and/or posting by nonmembers.
-   */
-  public static final int GLOBAL_NORMAL = 1000;
-  /**
-   * The security level of the global system administrator ("Administrator" account, sometimes
-   * known as the "BOFH" (Bastard Operator From Hell) account).
-   */
-  public static final int GLOBAL_BOFH = 64999;
-  /**
-   * A security level for "assistant admin" accounts (sometimes known as "PFY" (Pimply-
-   * Faced Youth) accounts).
-   */
-  public static final int GLOBAL_PFY = 64000;
-  /**
-   * A security level used to indicate any account with global admin privileges.  Used
-   * to control access to the Administration community.
-   */
-  public static final int GLOBAL_ANYADMIN = 63000;
-  /**
-   * The security level assigned to members of a community within that community.
-   */
-  public static final int COMM_MEMBER = 6500;
-  /**
-   * The security level assigned to cohosts of a community within that community.
-   */
-  public static final int COMM_COHOST = 58000;
-  /**
-   * The security level assigned to hosts of a community within that community.
-   */
-  public static final int COMM_HOST = 58500;
-  /**
-   * A security level used to indicate any account with admin privileges over a specific community.
-   */
-  public static final int COMM_ANYADMIN = 57000;
-  /**
-   * The maximum level in the "high band" of the community scope; used to test if a user already has
-   * maximum privs within the community (because of being an admin at global scope, perhaps).
-   */
-  public static final int COMM_MAXADMIN = 58999;
-  /**
-   * The security level assigned to members of a (private) conference within that conference.
-   */
-  public static final int CONFERENCE_MEMBER = 12500;
-  /**
-   * The security level assigned to hosts of a conference within that conference.
-   */
-  public static final int CONFERENCE_HOST = 52500;
-  /**
-   * A security level used to indicate any account with admin privileges over a specific
-   * conference.
-   */
-  public static final int CONFERENCE_ANYADMIN = 51000;
-
-} // end interface SecLevels

src/com/silverwrist/venice/servlets/ConfOperations.java

@@ -61,14 +61,14 @@ public class ConfOperations extends VeniceServlet
 
   } // end makeCreateConferenceDialog
 
-  private EditConferenceDialog makeEditConferenceDialog() throws ServletException
+  private EditConferenceDialog makeEditConferenceDialog(SecurityInfo sinf) throws ServletException
   {
     final String desired_name = "EditConferenceDialog";
     DialogCache cache = DialogCache.getDialogCache(getServletContext());
 
     if (!(cache.isCached(desired_name)))
     { // create a template and save it off
-      EditConferenceDialog template = new EditConferenceDialog();
+      EditConferenceDialog template = new EditConferenceDialog(sinf);
       cache.saveTemplate(template);
 
     } // end if
@@ -416,7 +416,7 @@ public class ConfOperations extends VeniceServlet
 			    on_error);
 
       // create and return the Edit Conference dialog
-      EditConferenceDialog dlg = makeEditConferenceDialog();
+      EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo());
       try
       { // set up and return the dialog
 	dlg.setupDialog(comm,conf);
@@ -825,7 +825,7 @@ public class ConfOperations extends VeniceServlet
 			    on_error);
 
       // create the dialog class
-      EditConferenceDialog dlg = makeEditConferenceDialog();
+      EditConferenceDialog dlg = makeEditConferenceDialog(conf.getSecurityInfo());
 
       if (dlg.isButtonClicked(request,"cancel"))
 	throw new RedirectResult(on_error); // they chickened out - go back to the conference list

src/com/silverwrist/venice/servlets/format/ConferenceMembership.java

@@ -63,7 +63,7 @@ public class ConferenceMembership implements JSPRender, SearchMode
     this.engine = engine;
     this.comm = comm;
     this.conf = conf;
-    this.role_choices = Role.getConferenceMemberLevelChoices();
+    this.role_choices = conf.getSecurityInfo().getRoleList("Conference.UserLevels");
 
   } // end constructor
 

src/com/silverwrist/venice/servlets/format/EditConferenceDialog.java

@@ -37,7 +37,7 @@ public class EditConferenceDialog extends ContentDialog
    *--------------------------------------------------------------------------------
    */
 
-  public EditConferenceDialog()
+  public EditConferenceDialog(SecurityInfo sinf)
   {
     super("Edit Conference:",null,"editconfform","confops");
     setHiddenField("cmd","E");
@@ -51,26 +51,26 @@ public class EditConferenceDialog extends ContentDialog
 					 null,YES));
     addFormField(new CDFormCategoryHeader("Security Information"));
     addFormField(new CDRoleListFormField("read_lvl","Security level required to read conference",null,true,
-					 Role.getConferenceReadList()));
+					 sinf.getRoleList("Conference.Read")));
     addFormField(new CDRoleListFormField("post_lvl","Security level required to post to conference",null,true,
-					 Role.getConferencePostList()));
+					 sinf.getRoleList("Conference.Post")));
     addFormField(new CDRoleListFormField("create_lvl",
 					 "Security level required to create new topics in conference",null,
-					 true,Role.getConferenceCreateList()));
+					 true,sinf.getRoleList("Conference.Create")));
     addFormField(new CDRoleListFormField("hide_lvl",
 					 "Security level required to archive or freeze topics",
 					 "(or to hide posts of which you are not the owner)",true,
-					 Role.getConferenceHideList()));
+					 sinf.getRoleList("Conference.Hide")));
     addFormField(new CDRoleListFormField("nuke_lvl",
 					 "Security level required to delete topics or nuke posts",
 					 "(or to scribble posts of which you are not the owner)",true,
-					 Role.getConferenceNukeList()));
+					 sinf.getRoleList("Conference.Nuke")));
     addFormField(new CDRoleListFormField("change_lvl",
 					 "Security level required to change conference attributes",null,true,
-					 Role.getConferenceChangeList()));
+					 sinf.getRoleList("Conference.Change")));
     addFormField(new CDRoleListFormField("delete_lvl",
 					 "Security level required to delete conference",null,true,
-					 Role.getConferenceDeleteList()));
+					 sinf.getRoleList("Conference.Delete")));
     addFormField(new CDFormCategoryHeader("Conference Properties"));
     addFormField(new CDCheckBoxFormField("pic_in_post","Display users' pictures next to their posts",
 					 "(user can override)",YES));