portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Sean Taylor" <da...@bluesunrise.com>
Subject RE: Users and Groups
Date Fri, 22 Feb 2002 02:55:37 GMT
Hi Brian,

> -----Original Message-----
> From: Brian Pedersen [mailto:basetarget@yahoo.dk] 
> Sent: Thursday, February 21, 2002 1:37 PM
> To: jetspeed-dev@jakarta.apache.org
> Subject: Users and Groups
> 
> 
> Hi
> 
> I have just installed Apache Jetspeed 1.3a2 under Tomcat 
> 4.0.2. It seems like a really cool framework, with lots of 
> improvements since the last version i've seen.
> 
> I have two major problems though:
> 
> 1) I cant associate Users with Groups from the security pane, 
> when logged in as 'admin' ?

Yes. Didn't feature didn't make it into 1.3a2. (its still not in cvs)
Groups are associated to users thru roles

See
http://jakarta.apache.org/turbine/turbine-2/howto/security-howto.html
For more info on the security model.

> 
> 2) I cant seem to figure out how to obtain information 
> through the runData interface about the current users Security Roles.

Turbine has security check helpers:

http://www.bluesunrise.com/jetspeed-docs/turbine-2001-1124-javadocs/org/
apache/turbine/util/SecurityCheck.html

As does Jetspeed

http://www.bluesunrise.com/jetspeed-docs/javadocs/org/apache/jetspeed/se
rvices/JetspeedSecurity.html

You can obtain the acls from rundata
http://www.bluesunrise.com/jetspeed-docs/turbine-2001-1124-javadocs/org/
apache/turbine/util/RunData.html#getACL()
 
You can always cast RunData to JetspeedRunData

http://www.bluesunrise.com/jetspeed-docs/javadocs/org/apache/jetspeed/se
rvices/rundata/JetspeedRunData.html

Recommend using JetspeedSecurity for security checks with Jetspeed. 


> 
> I have tried obtaining user-information by casting the 
> 'runData' parameter from the 'getContent(RunData runData)' 
> method in my portlet into 
> 'org.apache.jetspeed.services.rundata.JetspeedRunData' and 
> calling '.getProfile().getXXX()' on it, but this gives the 
> strangest results like '.getLanguage()' returning the String 
> : 'Anonymous' and '.getName()' returning the String : 'default.psml' ?
> 

Well - getLanguage should not return 'Anonymous' - are you sure you
didn't call getUser()
Could you verify that?

getName() returning 'default.psml' is correct. That is the name of the
profile.


> Also, it seems denying a user the permission to minimize, has 
> no effect at all, he can still minimize the portlets ? 
> 

Just discussed this one last night on this list. 
Working on a patch.

> I have read the 'Portlet Howto', but it is only half finished 
> and has lots of black holes.
> 

Cheers :)
Any suggestions or contributions are very welcome.

> I hope you can help me.
> It is essential to my project to be able to associate Users 
> with Groups, and check their associated Security Roles/Groups 
> from within my code.

It should all be there (except for the UI to define groups/roles/users)

Look into JetspeedSecurityService which extends TurbineSecurity.
The idea for the checkPermission calls in Jetspeed was to extend
TurbineSecurity checks to include checks for resources (portlets,
controls, controllers, psml)

Get familiar with how Turbine's object model works.
Here's the DDL (from mySQL):

------------------------------------------------------------------------
--
-- TURBINE_PERMISSION
------------------------------------------------------------------------
--
drop table if exists TURBINE_PERMISSION;

CREATE TABLE TURBINE_PERMISSION
(
    PERMISSION_ID INTEGER NOT NULL AUTO_INCREMENT,
    PERMISSION_NAME VARCHAR (99) NOT NULL,
    OBJECTDATA MEDIUMBLOB,
    PRIMARY KEY(PERMISSION_ID),
    UNIQUE (PERMISSION_NAME)
);

    
------------------------------------------------------------------------
--
-- TURBINE_ROLE
------------------------------------------------------------------------
--
drop table if exists TURBINE_ROLE;

CREATE TABLE TURBINE_ROLE
(
    ROLE_ID INTEGER NOT NULL AUTO_INCREMENT,
    ROLE_NAME VARCHAR (99) NOT NULL,
    OBJECTDATA MEDIUMBLOB,
    PRIMARY KEY(ROLE_ID),
    UNIQUE (ROLE_NAME)
);

    
------------------------------------------------------------------------
--
-- TURBINE_GROUP
------------------------------------------------------------------------
--
drop table if exists TURBINE_GROUP;

CREATE TABLE TURBINE_GROUP
(
    GROUP_ID INTEGER NOT NULL AUTO_INCREMENT,
    GROUP_NAME VARCHAR (99) NOT NULL,
    OBJECTDATA MEDIUMBLOB,
    PRIMARY KEY(GROUP_ID),
    UNIQUE (GROUP_NAME)
);

    
------------------------------------------------------------------------
--
-- TURBINE_ROLE_PERMISSION
------------------------------------------------------------------------
--
drop table if exists TURBINE_ROLE_PERMISSION;

CREATE TABLE TURBINE_ROLE_PERMISSION
(
    ROLE_ID INTEGER NOT NULL,
    PERMISSION_ID INTEGER NOT NULL,
    PRIMARY KEY(ROLE_ID,PERMISSION_ID),
    FOREIGN KEY (ROLE_ID) REFERENCES TURBINE_ROLE (ROLE_ID),
    FOREIGN KEY (PERMISSION_ID) REFERENCES TURBINE_PERMISSION
(PERMISSION_ID)
);

    
------------------------------------------------------------------------
--
-- TURBINE_USER
------------------------------------------------------------------------
--
drop table if exists TURBINE_USER;

CREATE TABLE TURBINE_USER
(
    USER_ID INTEGER NOT NULL AUTO_INCREMENT,
    LOGIN_NAME VARCHAR (32) NOT NULL,
    PASSWORD_VALUE VARCHAR (32) NOT NULL,
    FIRST_NAME VARCHAR (99) NOT NULL,
    LAST_NAME VARCHAR (99) NOT NULL,
    EMAIL VARCHAR (99),
    CONFIRM_VALUE VARCHAR (99),
    MODIFIED TIMESTAMP,
    CREATED TIMESTAMP,
    LAST_LOGIN TIMESTAMP,
    OBJECTDATA MEDIUMBLOB,
    PRIMARY KEY(USER_ID),
    UNIQUE (LOGIN_NAME)
);

    
------------------------------------------------------------------------
--
-- TURBINE_USER_GROUP_ROLE
------------------------------------------------------------------------
--
drop table if exists TURBINE_USER_GROUP_ROLE;

CREATE TABLE TURBINE_USER_GROUP_ROLE
(
    USER_ID INTEGER NOT NULL,
    GROUP_ID INTEGER NOT NULL,
    ROLE_ID INTEGER NOT NULL,
    PRIMARY KEY(USER_ID,GROUP_ID,ROLE_ID),
    FOREIGN KEY (USER_ID) REFERENCES TURBINE_USER (USER_ID),
    FOREIGN KEY (GROUP_ID) REFERENCES TURBINE_GROUP (GROUP_ID),
    FOREIGN KEY (ROLE_ID) REFERENCES TURBINE_USER_ROLE (ROLE_ID)
);



--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message