test/cuba
1
0
Fork 0
mirror of https://gitee.com/jmix/cuba.git synced 2024-12-04 12:17:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Get rid of security profiles and subjects

Browse Source
This commit is contained in:
Konstantin Krivopustov 2009-02-15 20:06:57 +00:00
parent c4279a546f
commit 11fe9d7e87
59 changed files with 570 additions and 1132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
db/init/mysql/create-db.sql
View File

@ -3,12 +3,12 @@
create table SYS_SERVER ( create table SYS_SERVER (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
ADDRESS varchar(255), ADDRESS varchar(255),
IS_RUNNING smallint, IS_RUNNING smallint,
@ -20,10 +20,10 @@ create table SYS_SERVER (
create table SYS_CONFIG ( create table SYS_CONFIG (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
VALUE varchar(500), VALUE varchar(500),
primary key (ID) primary key (ID)
@ -33,35 +33,15 @@ alter table SYS_CONFIG add constraint SYS_CONFIG_UNIQ_NAME unique (NAME)^
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_USER (
ID binary(16),
CREATE_TS datetime,
CREATED_BY binary(16),
VERSION integer,
UPDATE_TS datetime,
UPDATED_BY binary(16),
DELETE_TS datetime,
DELETED_BY binary(16),
LOGIN varchar(20),
PASSWORD varchar(32),
NAME varchar(255),
AD_USER varchar(100),
primary key (ID)
)^
alter table SEC_USER add constraint SEC_USER_UNIQ_LOGIN unique (LOGIN, DELETE_TS)^
------------------------------------------------------------------------------------------------------------
create table SEC_ROLE ( create table SEC_ROLE (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
IS_SUPER smallint, IS_SUPER smallint,
primary key (ID) primary key (ID)
@ -74,12 +54,12 @@ alter table SEC_ROLE add constraint SEC_ROLE_UNIQ_NAME unique (NAME, DELETE_TS)^
create table SEC_GROUP ( create table SEC_GROUP (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
PARENT_ID binary(16), PARENT_ID binary(16),
primary key (ID) primary key (ID)
@ -92,7 +72,7 @@ alter table SEC_GROUP add constraint SEC_GROUP_PARENT foreign key (PARENT_ID) re
create table SEC_GROUP_HIERARCHY ( create table SEC_GROUP_HIERARCHY (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
GROUP_ID binary(16), GROUP_ID binary(16),
PARENT_ID binary(16), PARENT_ID binary(16),
LEVEL integer, LEVEL integer,
@ -105,78 +85,60 @@ alter table SEC_GROUP_HIERARCHY add constraint SEC_GROUP_HIERARCHY_PARENT foreig
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_PROFILE ( create table SEC_USER (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
LOGIN varchar(20),
PASSWORD varchar(32),
NAME varchar(255), NAME varchar(255),
AD_USER varchar(100),
GROUP_ID binary(16), GROUP_ID binary(16),
primary key (ID) primary key (ID)
)^ )^
alter table SEC_PROFILE add constraint SEC_PROFILE_GROUP foreign key (GROUP_ID) references SEC_GROUP(ID)^ alter table SEC_USER add constraint SEC_USER_UNIQ_LOGIN unique (LOGIN, DELETE_TS)^
alter table SEC_USER add constraint SEC_USER_GROUP foreign key (GROUP_ID) references SEC_GROUP(ID)^
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_SUBJECT ( create table SEC_USER_ROLE (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS timestamp,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS timestamp,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS timestamp,
DELETED_BY binary(16), DELETED_BY varchar(20),
IS_DEFAULT smallint,
USER_ID binary(16), USER_ID binary(16),
PROFILE_ID binary(16),
START_DATE datetime,
END_DATE datetime,
primary key (ID)
)^
alter table SEC_SUBJECT add constraint SEC_SUBJECT_USER foreign key (USER_ID) references SEC_USER(ID)^
alter table SEC_SUBJECT add constraint SEC_SUBJECT_PROFILE foreign key (PROFILE_ID) references SEC_PROFILE(ID)^
------------------------------------------------------------------------------------------------------------
create table SEC_PROFILE_ROLE (
ID binary(16),
CREATE_TS datetime,
CREATED_BY binary(16),
VERSION integer,
UPDATE_TS datetime,
UPDATED_BY binary(16),
DELETE_TS datetime,
DELETED_BY binary(16),
PROFILE_ID binary(16),
ROLE_ID binary(16), ROLE_ID binary(16),
primary key (ID) primary key (ID)
)^ )^
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_ROLE_PROFILE foreign key (PROFILE_ID) references SEC_PROFILE(ID)^ alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_PROFILE foreign key (USER_ID) references SEC_USER(ID)^
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_ROLE_ROLE foreign key (ROLE_ID) references SEC_ROLE(ID)^ alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_ROLE foreign key (ROLE_ID) references SEC_ROLE(ID)^
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_UNIQ_ROLE unique (PROFILE_ID, ROLE_ID, DELETE_TS)^ alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_UNIQ_ROLE unique (USER_ID, ROLE_ID, DELETE_TS)^
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_PERMISSION ( create table SEC_PERMISSION (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
TYPE integer, TYPE integer,
TARGET varchar(100), TARGET varchar(100),
VALUE integer, VALUE integer,
@ -193,12 +155,12 @@ alter table SEC_PERMISSION add constraint SEC_PERMISSION_UNIQUE unique (ROLE_ID,
create table SEC_CONSTRAINT ( create table SEC_CONSTRAINT (
ID binary(16), ID binary(16),
CREATE_TS datetime, CREATE_TS datetime,
CREATED_BY binary(16), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS datetime, UPDATE_TS datetime,
UPDATED_BY binary(16), UPDATED_BY varchar(20),
DELETE_TS datetime, DELETE_TS datetime,
DELETED_BY binary(16), DELETED_BY varchar(20),
ENTITY_NAME varchar(50), ENTITY_NAME varchar(50),
WHERE_CLAUSE varchar(500), WHERE_CLAUSE varchar(500),
GROUP_ID binary(16), GROUP_ID binary(16),
@ -221,20 +183,14 @@ end^
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME)
values (to_id('60885987-1b61-4247-94c7-dff348347f93'), current_timestamp, 0, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator')^
insert into SEC_GROUP (ID, CREATE_TS, VERSION, NAME, PARENT_ID) insert into SEC_GROUP (ID, CREATE_TS, VERSION, NAME, PARENT_ID)
values (to_id('0fa2b1a5-1d68-4d69-9fbd-dff348347f93'), current_timestamp, 0, 'Company', null)^ values (to_id('0fa2b1a5-1d68-4d69-9fbd-dff348347f93'), current_timestamp, 0, 'Company', null)^
insert into SEC_PROFILE (ID, CREATE_TS, VERSION, NAME, GROUP_ID) insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME, GROUP_ID)
values (to_id('bf83541f-f610-46f4-a268-dff348347f93'), current_timestamp, 0, 'Default', to_id('0fa2b1a5-1d68-4d69-9fbd-dff348347f93'))^ values (to_id('60885987-1b61-4247-94c7-dff348347f93'), current_timestamp, 0, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', to_id('0fa2b1a5-1d68-4d69-9fbd-dff348347f93'))^
insert into SEC_SUBJECT (ID, CREATE_TS, VERSION, IS_DEFAULT, USER_ID, PROFILE_ID)
values (to_id('05d9d689-da68-4622-8952-f94dfb36ca07'), current_timestamp, 0, 1, to_id('60885987-1b61-4247-94c7-dff348347f93'), to_id('bf83541f-f610-46f4-a268-dff348347f93'))^
insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER) insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER)
values (to_id('0c018061-b26f-4de2-a5be-dff348347f93'), current_timestamp, 0, 'Administrators', 1)^ values (to_id('0c018061-b26f-4de2-a5be-dff348347f93'), current_timestamp, 0, 'Administrators', 1)^
insert into SEC_PROFILE_ROLE (ID, CREATE_TS, VERSION, PROFILE_ID, ROLE_ID) insert into SEC_USER_ROLE (ID, CREATE_TS, VERSION, USER_ID, ROLE_ID)
values (to_id('c838be0a-96d0-4ef4-a7c0-dff348347f93'), current_timestamp, 0, to_id('bf83541f-f610-46f4-a268-dff348347f93'), to_id('0c018061-b26f-4de2-a5be-dff348347f93'))^ values (to_id('c838be0a-96d0-4ef4-a7c0-dff348347f93'), current_timestamp, 0, to_id('60885987-1b61-4247-94c7-dff348347f93'), to_id('0c018061-b26f-4de2-a5be-dff348347f93'))^

122
db/init/sql/create-db.sql
View File

@ -3,12 +3,12 @@
create table SYS_SERVER ( create table SYS_SERVER (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
ADDRESS varchar(255), ADDRESS varchar(255),
IS_RUNNING smallint, IS_RUNNING smallint,
@ -20,10 +20,10 @@ create table SYS_SERVER (
create table SYS_CONFIG ( create table SYS_CONFIG (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
VALUE varchar(500), VALUE varchar(500),
primary key (ID) primary key (ID)
@ -33,35 +33,15 @@ alter table SYS_CONFIG add constraint SYS_CONFIG_UNIQ_NAME unique (NAME);
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_USER (
ID varchar(36),
CREATE_TS timestamp,
CREATED_BY varchar(36),
VERSION integer,
UPDATE_TS timestamp,
UPDATED_BY varchar(36),
DELETE_TS timestamp,
DELETED_BY varchar(36),
LOGIN varchar(20),
PASSWORD varchar(32),
NAME varchar(255),
AD_USER varchar(100),
primary key (ID)
);
alter table SEC_USER add constraint SEC_USER_UNIQ_LOGIN unique (LOGIN, DELETE_TS);
------------------------------------------------------------------------------------------------------------
create table SEC_ROLE ( create table SEC_ROLE (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
IS_SUPER smallint, IS_SUPER smallint,
primary key (ID) primary key (ID)
@ -74,12 +54,12 @@ alter table SEC_ROLE add constraint SEC_ROLE_UNIQ_NAME unique (NAME, DELETE_TS);
create table SEC_GROUP ( create table SEC_GROUP (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
NAME varchar(255), NAME varchar(255),
PARENT_ID varchar(36), PARENT_ID varchar(36),
primary key (ID) primary key (ID)
@ -92,7 +72,7 @@ alter table SEC_GROUP add constraint SEC_GROUP_PARENT foreign key (PARENT_ID) re
create table SEC_GROUP_HIERARCHY ( create table SEC_GROUP_HIERARCHY (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
GROUP_ID varchar(36), GROUP_ID varchar(36),
PARENT_ID varchar(36), PARENT_ID varchar(36),
LEVEL integer, LEVEL integer,
@ -105,78 +85,60 @@ alter table SEC_GROUP_HIERARCHY add constraint SEC_GROUP_HIERARCHY_PARENT foreig
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_PROFILE ( create table SEC_USER (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
LOGIN varchar(20),
PASSWORD varchar(32),
NAME varchar(255), NAME varchar(255),
AD_USER varchar(100),
GROUP_ID varchar(36), GROUP_ID varchar(36),
primary key (ID) primary key (ID)
); );
alter table SEC_PROFILE add constraint SEC_PROFILE_GROUP foreign key (GROUP_ID) references SEC_GROUP(ID); alter table SEC_USER add constraint SEC_USER_UNIQ_LOGIN unique (LOGIN, DELETE_TS);
alter table SEC_USER add constraint SEC_USER_GROUP foreign key (GROUP_ID) references SEC_GROUP(ID);
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_SUBJECT ( create table SEC_USER_ROLE (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
IS_DEFAULT smallint,
USER_ID varchar(36), USER_ID varchar(36),
PROFILE_ID varchar(36),
START_DATE timestamp,
END_DATE timestamp,
primary key (ID)
);
alter table SEC_SUBJECT add constraint SEC_SUBJECT_USER foreign key (USER_ID) references SEC_USER(ID);
alter table SEC_SUBJECT add constraint SEC_SUBJECT_PROFILE foreign key (PROFILE_ID) references SEC_PROFILE(ID);
------------------------------------------------------------------------------------------------------------
create table SEC_PROFILE_ROLE (
ID varchar(36),
CREATE_TS timestamp,
CREATED_BY varchar(36),
VERSION integer,
UPDATE_TS timestamp,
UPDATED_BY varchar(36),
DELETE_TS timestamp,
DELETED_BY varchar(36),
PROFILE_ID varchar(36),
ROLE_ID varchar(36), ROLE_ID varchar(36),
primary key (ID) primary key (ID)
); );
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_ROLE_PROFILE foreign key (PROFILE_ID) references SEC_PROFILE(ID); alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_PROFILE foreign key (USER_ID) references SEC_USER(ID);
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_ROLE_ROLE foreign key (ROLE_ID) references SEC_ROLE(ID); alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_ROLE foreign key (ROLE_ID) references SEC_ROLE(ID);
alter table SEC_PROFILE_ROLE add constraint SEC_PROFILE_UNIQ_ROLE unique (PROFILE_ID, ROLE_ID, DELETE_TS); alter table SEC_USER_ROLE add constraint SEC_USER_ROLE_UNIQ_ROLE unique (USER_ID, ROLE_ID, DELETE_TS);
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
create table SEC_PERMISSION ( create table SEC_PERMISSION (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
TYPE integer, TYPE integer,
TARGET varchar(100), TARGET varchar(100),
VALUE integer, VALUE integer,
@ -193,12 +155,12 @@ alter table SEC_PERMISSION add constraint SEC_PERMISSION_UNIQUE unique (ROLE_ID,
create table SEC_CONSTRAINT ( create table SEC_CONSTRAINT (
ID varchar(36), ID varchar(36),
CREATE_TS timestamp, CREATE_TS timestamp,
CREATED_BY varchar(36), CREATED_BY varchar(20),
VERSION integer, VERSION integer,
UPDATE_TS timestamp, UPDATE_TS timestamp,
UPDATED_BY varchar(36), UPDATED_BY varchar(20),
DELETE_TS timestamp, DELETE_TS timestamp,
DELETED_BY varchar(36), DELETED_BY varchar(20),
ENTITY_NAME varchar(50), ENTITY_NAME varchar(50),
WHERE_CLAUSE varchar(500), WHERE_CLAUSE varchar(500),
GROUP_ID varchar(36), GROUP_ID varchar(36),
@ -209,20 +171,14 @@ alter table SEC_CONSTRAINT add constraint SEC_CONSTRAINT_GROUP foreign key (GROU
------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------
insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME)
values ('60885987-1b61-4247-94c7-dff348347f93', current_timestamp, 0, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator');
insert into SEC_GROUP (ID, CREATE_TS, VERSION, NAME, PARENT_ID) insert into SEC_GROUP (ID, CREATE_TS, VERSION, NAME, PARENT_ID)
values ('0fa2b1a5-1d68-4d69-9fbd-dff348347f93', current_timestamp, 0, 'Company', null); values ('0fa2b1a5-1d68-4d69-9fbd-dff348347f93', current_timestamp, 0, 'Company', null);
insert into SEC_PROFILE (ID, CREATE_TS, VERSION, NAME, GROUP_ID) insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME, GROUP_ID)
values ('bf83541f-f610-46f4-a268-dff348347f93', current_timestamp, 0, 'Default', '0fa2b1a5-1d68-4d69-9fbd-dff348347f93'); values ('60885987-1b61-4247-94c7-dff348347f93', current_timestamp, 0, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', '0fa2b1a5-1d68-4d69-9fbd-dff348347f93');
insert into SEC_SUBJECT (ID, CREATE_TS, VERSION, IS_DEFAULT, USER_ID, PROFILE_ID)
values ('05d9d689-da68-4622-8952-f94dfb36ca07', current_timestamp, 0, 1, '60885987-1b61-4247-94c7-dff348347f93', 'bf83541f-f610-46f4-a268-dff348347f93');
insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER) insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER)
values ('0c018061-b26f-4de2-a5be-dff348347f93', current_timestamp, 0, 'Administrators', 1); values ('0c018061-b26f-4de2-a5be-dff348347f93', current_timestamp, 0, 'Administrators', 1);
insert into SEC_PROFILE_ROLE (ID, CREATE_TS, VERSION, PROFILE_ID, ROLE_ID) insert into SEC_USER_ROLE (ID, CREATE_TS, VERSION, USER_ID, ROLE_ID)
values ('c838be0a-96d0-4ef4-a7c0-dff348347f93', current_timestamp, 0, 'bf83541f-f610-46f4-a268-dff348347f93', '0c018061-b26f-4de2-a5be-dff348347f93'); values ('c838be0a-96d0-4ef4-a7c0-dff348347f93', current_timestamp, 0, '60885987-1b61-4247-94c7-dff348347f93', '0c018061-b26f-4de2-a5be-dff348347f93');

24
db/init/sql/create-sample-data.sql
View File

@ -1,23 +1,11 @@
insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME) insert into SEC_USER (ID, CREATE_TS, VERSION, LOGIN, PASSWORD, NAME, GROUP_ID)
values ('40288137-1ef4-11c8-011e-f41247370001', current_timestamp, 0, 'abramov', '402881371ef411c8011ef411c8c50000', 'Dmitry Abramov'); values ('40288137-1ef4-11c8-011e-f41247370001', current_timestamp, 0, 'abramov', '402881371ef411c8011ef411c8c50000', 'Dmitry Abramov', '0fa2b1a5-1d68-4d69-9fbd-dff348347f93');
insert into SEC_PROFILE (ID, CREATE_TS, VERSION, NAME, GROUP_ID)
values ('40288137-1ef4-11c8-011e-f4157fa70002', current_timestamp, 0, 'Default', '0fa2b1a5-1d68-4d69-9fbd-dff348347f93');
insert into SEC_PROFILE (ID, CREATE_TS, VERSION, NAME, GROUP_ID)
values ('40288137-1ef4-11c8-011e-f415e4fc0004', current_timestamp, 0, 'Administrator', '0fa2b1a5-1d68-4d69-9fbd-dff348347f93');
insert into SEC_SUBJECT (ID, CREATE_TS, VERSION, IS_DEFAULT, USER_ID, PROFILE_ID)
values ('efb58415-6c9f-4adb-bef7-f94dfb36ca07', current_timestamp, 0, 1, '40288137-1ef4-11c8-011e-f41247370001', '40288137-1ef4-11c8-011e-f4157fa70002');
insert into SEC_SUBJECT (ID, CREATE_TS, VERSION, IS_DEFAULT, USER_ID, PROFILE_ID)
values ('de933c93-0573-4720-ba0c-f94dfb36ca07', current_timestamp, 0, 1, '40288137-1ef4-11c8-011e-f41247370001', '40288137-1ef4-11c8-011e-f415e4fc0004');
insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER) insert into SEC_ROLE (ID, CREATE_TS, VERSION, NAME, IS_SUPER)
values ('40288137-1ef4-11c8-011e-f416e4150005', current_timestamp, 0, 'Users', 0); values ('40288137-1ef4-11c8-011e-f416e4150005', current_timestamp, 0, 'Users', 0);
insert into SEC_PROFILE_ROLE (ID, CREATE_TS, VERSION, PROFILE_ID, ROLE_ID) insert into SEC_USER_ROLE (ID, CREATE_TS, VERSION, USER_ID, ROLE_ID)
values ('40288137-1ef4-11c8-011e-f41aaa740006', current_timestamp, 0, '40288137-1ef4-11c8-011e-f4157fa70002', '40288137-1ef4-11c8-011e-f416e4150005'); values ('40288137-1ef4-11c8-011e-f41aaa740006', current_timestamp, 0, '40288137-1ef4-11c8-011e-f41247370001', '40288137-1ef4-11c8-011e-f416e4150005');
insert into SEC_PROFILE_ROLE (ID, CREATE_TS, VERSION, PROFILE_ID, ROLE_ID) insert into SEC_USER_ROLE (ID, CREATE_TS, VERSION, USER_ID, ROLE_ID)
values ('40288137-1ef4-11c8-011e-f41aaa740007', current_timestamp, 0, '40288137-1ef4-11c8-011e-f415e4fc0004', '0c018061-b26f-4de2-a5be-dff348347f93'); values ('40288137-1ef4-11c8-011e-f41aaa740007', current_timestamp, 0, '40288137-1ef4-11c8-011e-f41247370001', '0c018061-b26f-4de2-a5be-dff348347f93');

4
modules/core/src/META-INF/cuba-persistence.xml
View File

@ -10,11 +10,9 @@
<class>com.haulmont.cuba.core.entity.Config</class> <class>com.haulmont.cuba.core.entity.Config</class>
<class>com.haulmont.cuba.security.entity.User</class> <class>com.haulmont.cuba.security.entity.User</class>
<class>com.haulmont.cuba.security.entity.Role</class> <class>com.haulmont.cuba.security.entity.Role</class>
<class>com.haulmont.cuba.security.entity.UserRole</class>
<class>com.haulmont.cuba.security.entity.Group</class> <class>com.haulmont.cuba.security.entity.Group</class>
<class>com.haulmont.cuba.security.entity.GroupHierarchy</class> <class>com.haulmont.cuba.security.entity.GroupHierarchy</class>
<class>com.haulmont.cuba.security.entity.Profile</class>
<class>com.haulmont.cuba.security.entity.ProfileRole</class>
<class>com.haulmont.cuba.security.entity.Subject</class>
<class>com.haulmont.cuba.security.entity.Permission</class> <class>com.haulmont.cuba.security.entity.Permission</class>
<class>com.haulmont.cuba.security.entity.Constraint</class> <class>com.haulmont.cuba.security.entity.Constraint</class>

2
modules/core/src/com/haulmont/cuba/core/PersistenceProvider.java
View File

@ -25,6 +25,8 @@ import java.util.Set;
public abstract class PersistenceProvider public abstract class PersistenceProvider
{ {
public static final int LOGIN_FIELD_LEN = 20;
private static PersistenceProvider instance; private static PersistenceProvider instance;
public static final String PERSISTENCE_XML = "cuba.PersistenceXml"; public static final String PERSISTENCE_XML = "cuba.PersistenceXml";

5
modules/core/src/com/haulmont/cuba/core/SecurityProvider.java
View File

@ -81,10 +81,7 @@ public abstract class SecurityProvider
} }
protected void setQueryParam(Query query, String paramName) { protected void setQueryParam(Query query, String paramName) {
if ("currentSubjectId".equals(paramName)) { if ("currentUserLogin".equals(paramName)) {
query.setParameter("currentSubjectId", __currentUserSession().getSubjectId());
}
else if ("currentUserLogin".equals(paramName)) {
query.setParameter("currentUserLogin", __currentUserSession().getLogin()); query.setParameter("currentUserLogin", __currentUserSession().getLogin());
} }
else if ("currentUserId".equals(paramName)) { else if ("currentUserId".equals(paramName)) {

4
modules/core/src/com/haulmont/cuba/core/entity/BaseEntity.java
View File

@ -21,7 +21,7 @@ public interface BaseEntity<T> extends Entity<T>
void setCreateTs(Date date); void setCreateTs(Date date);
UUID getCreatedBy(); String getCreatedBy();
void setCreatedBy(UUID createdBy); void setCreatedBy(String createdBy);
} }

6
modules/core/src/com/haulmont/cuba/core/entity/BaseLongIdEntity.java
View File

@ -28,7 +28,7 @@ public class BaseLongIdEntity implements BaseEntity<Long>
private Date createTs; private Date createTs;
@Column(name = "CREATED_BY") @Column(name = "CREATED_BY")
private UUID createdBy; private String createdBy;
public Long getId() { public Long getId() {
return id; return id;
@ -54,11 +54,11 @@ public class BaseLongIdEntity implements BaseEntity<Long>
this.createTs = createTs; this.createTs = createTs;
} }
public UUID getCreatedBy() { public String getCreatedBy() {
return createdBy; return createdBy;
} }
public void setCreatedBy(UUID createdBy) { public void setCreatedBy(String createdBy) {
this.createdBy = createdBy; this.createdBy = createdBy;
} }
} }

9
modules/core/src/com/haulmont/cuba/core/entity/BaseUuidEntity.java
View File

@ -30,9 +30,8 @@ public class BaseUuidEntity implements BaseEntity<UUID>
@Column(name = "CREATE_TS") @Column(name = "CREATE_TS")
protected Date createTs; protected Date createTs;
@Persistent @Column(name = "CREATED_BY", length = PersistenceProvider.LOGIN_FIELD_LEN)
@Column(name = "CREATED_BY") protected String createdBy;
protected UUID createdBy;
public BaseUuidEntity() { public BaseUuidEntity() {
id = UuidProvider.createUuid(); id = UuidProvider.createUuid();
@ -58,11 +57,11 @@ public class BaseUuidEntity implements BaseEntity<UUID>
this.createTs = createTs; this.createTs = createTs;
} }
public UUID getCreatedBy() { public String getCreatedBy() {
return createdBy; return createdBy;
} }
public void setCreatedBy(UUID createdBy) { public void setCreatedBy(String createdBy) {
this.createdBy = createdBy; this.createdBy = createdBy;
} }

9
modules/core/src/com/haulmont/cuba/core/entity/Config.java
View File

@ -34,9 +34,8 @@ public class Config extends BaseUuidEntity implements Versioned, Updatable
@Column(name = "UPDATE_TS") @Column(name = "UPDATE_TS")
private Date updateTs; private Date updateTs;
@Persistent @Column(name = "UPDATED_BY", length = PersistenceProvider.LOGIN_FIELD_LEN)
@Column(name = "UPDATED_BY") private String updatedBy;
private UUID updatedBy;
@Column(name = "NAME") @Column(name = "NAME")
private String name; private String name;
@ -60,11 +59,11 @@ public class Config extends BaseUuidEntity implements Versioned, Updatable
this.updateTs = updateTs; this.updateTs = updateTs;
} }
public UUID getUpdatedBy() { public String getUpdatedBy() {
return updatedBy; return updatedBy;
} }
public void setUpdatedBy(UUID updatedBy) { public void setUpdatedBy(String updatedBy) {
this.updatedBy = updatedBy; this.updatedBy = updatedBy;
} }

5
modules/core/src/com/haulmont/cuba/core/entity/DeleteDeferred.java
View File

@ -11,7 +11,6 @@
package com.haulmont.cuba.core.entity; package com.haulmont.cuba.core.entity;
import java.util.Date; import java.util.Date;
import java.util.UUID;
public interface DeleteDeferred extends Updatable public interface DeleteDeferred extends Updatable
{ {
@ -21,7 +20,7 @@ public interface DeleteDeferred extends Updatable
void setDeleteTs(Date deleteTs); void setDeleteTs(Date deleteTs);
UUID getDeletedBy(); String getDeletedBy();
void setDeletedBy(UUID deletedBy); void setDeletedBy(String deletedBy);
} }

21
modules/core/src/com/haulmont/cuba/core/entity/StandardEntity.java
View File

@ -16,9 +16,6 @@ import javax.persistence.MappedSuperclass;
import javax.persistence.Column; import javax.persistence.Column;
import javax.persistence.Version; import javax.persistence.Version;
import java.util.Date; import java.util.Date;
import java.util.UUID;
import org.apache.openjpa.persistence.Persistent;
@MappedSuperclass @MappedSuperclass
public class StandardEntity public class StandardEntity
@ -32,16 +29,14 @@ public class StandardEntity
@Column(name = "UPDATE_TS") @Column(name = "UPDATE_TS")
protected Date updateTs; protected Date updateTs;
@Persistent @Column(name = "UPDATED_BY", length = PersistenceProvider.LOGIN_FIELD_LEN)
@Column(name = "UPDATED_BY") protected String updatedBy;
protected UUID updatedBy;
@Column(name = "DELETE_TS") @Column(name = "DELETE_TS")
protected Date deleteTs; protected Date deleteTs;
@Persistent @Column(name = "DELETED_BY", length = PersistenceProvider.LOGIN_FIELD_LEN)
@Column(name = "DELETED_BY") protected String deletedBy;
protected UUID deletedBy;
public Integer getVersion() { public Integer getVersion() {
return version; return version;
@ -59,11 +54,11 @@ public class StandardEntity
this.updateTs = updateTs; this.updateTs = updateTs;
} }
public UUID getUpdatedBy() { public String getUpdatedBy() {
return updatedBy; return updatedBy;
} }
public void setUpdatedBy(UUID updatedBy) { public void setUpdatedBy(String updatedBy) {
this.updatedBy = updatedBy; this.updatedBy = updatedBy;
} }
@ -79,11 +74,11 @@ public class StandardEntity
this.deleteTs = deleteTs; this.deleteTs = deleteTs;
} }
public UUID getDeletedBy() { public String getDeletedBy() {
return deletedBy; return deletedBy;
} }
public void setDeletedBy(UUID deletedBy) { public void setDeletedBy(String deletedBy) {
this.deletedBy = deletedBy; this.deletedBy = deletedBy;
} }
} }

5
modules/core/src/com/haulmont/cuba/core/entity/Updatable.java
View File

@ -11,7 +11,6 @@
package com.haulmont.cuba.core.entity; package com.haulmont.cuba.core.entity;
import java.util.Date; import java.util.Date;
import java.util.UUID;
public interface Updatable public interface Updatable
{ {
@ -19,7 +18,7 @@ public interface Updatable
void setUpdateTs(Date updateTs); void setUpdateTs(Date updateTs);
UUID getUpdatedBy(); String getUpdatedBy();
void setUpdatedBy(UUID updatedBy); void setUpdatedBy(String updatedBy);
} }

2
modules/core/src/com/haulmont/cuba/core/sys/EntityManagerImpl.java
View File

@ -73,7 +73,7 @@ public class EntityManagerImpl implements EntityManager
public void remove(Entity entity) { public void remove(Entity entity) {
if (entity instanceof DeleteDeferred) { if (entity instanceof DeleteDeferred) {
((DeleteDeferred) entity).setDeleteTs(TimeProvider.currentTimestamp()); ((DeleteDeferred) entity).setDeleteTs(TimeProvider.currentTimestamp());
((DeleteDeferred) entity).setDeletedBy(SecurityProvider.currentUserSession().getSubjectId()); ((DeleteDeferred) entity).setDeletedBy(SecurityProvider.currentUserSession().getLogin());
} }
else { else {
jpaEm.remove(entity); jpaEm.remove(entity);

4
modules/core/src/com/haulmont/cuba/core/sys/persistence/EntityLifecycleListener.java
View File

@ -69,7 +69,7 @@ public class EntityLifecycleListener extends AbstractLifecycleListener
} }
private void __beforePersist(BaseEntity entity) { private void __beforePersist(BaseEntity entity) {
entity.setCreatedBy(SecurityProvider.currentUserSession().getSubjectId()); entity.setCreatedBy(SecurityProvider.currentUserSession().getLogin());
Date ts = TimeProvider.currentTimestamp(); Date ts = TimeProvider.currentTimestamp();
entity.setCreateTs(ts); entity.setCreateTs(ts);
@ -79,7 +79,7 @@ public class EntityLifecycleListener extends AbstractLifecycleListener
} }
private void __beforeUpdate(Updatable entity) { private void __beforeUpdate(Updatable entity) {
entity.setUpdatedBy(SecurityProvider.currentUserSession().getSubjectId()); entity.setUpdatedBy(SecurityProvider.currentUserSession().getLogin());
entity.setUpdateTs(TimeProvider.currentTimestamp()); entity.setUpdateTs(TimeProvider.currentTimestamp());
} }

4
modules/core/src/com/haulmont/cuba/security/app/LoginService.java
View File

@ -13,16 +13,12 @@ package com.haulmont.cuba.security.app;
import com.haulmont.cuba.security.global.LoginServiceRemote; import com.haulmont.cuba.security.global.LoginServiceRemote;
import com.haulmont.cuba.security.global.LoginException; import com.haulmont.cuba.security.global.LoginException;
import com.haulmont.cuba.security.global.UserSession; import com.haulmont.cuba.security.global.UserSession;
import com.haulmont.cuba.security.entity.Profile;
import javax.ejb.Local; import javax.ejb.Local;
import java.util.List;
import java.util.Locale; import java.util.Locale;
@Local @Local
public interface LoginService extends LoginServiceRemote public interface LoginService extends LoginServiceRemote
{ {
UserSession loginActiveDirectory(String activeDirectoryUser, Locale locale) throws LoginException; UserSession loginActiveDirectory(String activeDirectoryUser, Locale locale) throws LoginException;
UserSession loginActiveDirectory(String activeDirectoryUser, String profileName, Locale locale) throws LoginException;
} }

28
modules/core/src/com/haulmont/cuba/security/app/LoginServiceBean.java
View File

@ -29,20 +29,6 @@ public class LoginServiceBean implements LoginService, LoginServiceRemote
return Locator.lookupLocal(LoginWorker.JNDI_NAME); return Locator.lookupLocal(LoginWorker.JNDI_NAME);
} }
public UserSession login(String login, String password, String profileName, Locale locale) throws LoginException {
try {
return getLoginWorker().login(login, password, profileName, locale);
} catch (Exception e) {
log.error("Login error", e);
if (e instanceof LoginException)
throw ((LoginException) e);
else if (e instanceof RuntimeException)
throw ((RuntimeException) e);
else
throw new RuntimeException(e);
}
}
public UserSession login(String activeDirectoryUser, String profileName, Locale locale) throws LoginException { public UserSession login(String activeDirectoryUser, String profileName, Locale locale) throws LoginException {
try { try {
return getLoginWorker().login(activeDirectoryUser, profileName, locale); return getLoginWorker().login(activeDirectoryUser, profileName, locale);
@ -71,20 +57,6 @@ public class LoginServiceBean implements LoginService, LoginServiceRemote
} }
} }
public UserSession loginActiveDirectory(String activeDirectoryUser, String profileName, Locale locale) throws LoginException {
try {
return getLoginWorker().loginActiveDirectory(activeDirectoryUser, profileName, locale);
} catch (Exception e) {
log.error("Login error", e);
if (e instanceof LoginException)
throw ((LoginException) e);
else if (e instanceof RuntimeException)
throw ((RuntimeException) e);
else
throw new RuntimeException(e);
}
}
public void logout() { public void logout() {
try { try {
getLoginWorker().logout(); getLoginWorker().logout();

2
modules/core/src/com/haulmont/cuba/security/app/LoginWorker.java
View File

@ -10,8 +10,6 @@
*/ */
package com.haulmont.cuba.security.app; package com.haulmont.cuba.security.app;
import com.haulmont.cuba.security.global.LoginServiceRemote;
import javax.ejb.Local; import javax.ejb.Local;
@Local @Local

51
modules/core/src/com/haulmont/cuba/security/app/LoginWorkerBean.java
View File

@ -13,9 +13,7 @@ package com.haulmont.cuba.security.app;
import com.haulmont.cuba.security.global.UserSession; import com.haulmont.cuba.security.global.UserSession;
import com.haulmont.cuba.security.global.LoginException; import com.haulmont.cuba.security.global.LoginException;
import com.haulmont.cuba.security.global.NoUserSessionException; import com.haulmont.cuba.security.global.NoUserSessionException;
import com.haulmont.cuba.security.entity.Profile;
import com.haulmont.cuba.security.entity.User; import com.haulmont.cuba.security.entity.User;
import com.haulmont.cuba.security.entity.Subject;
import com.haulmont.cuba.security.resource.Messages; import com.haulmont.cuba.security.resource.Messages;
import com.haulmont.cuba.security.sys.UserSessionManager; import com.haulmont.cuba.security.sys.UserSessionManager;
import com.haulmont.cuba.core.PersistenceProvider; import com.haulmont.cuba.core.PersistenceProvider;
@ -40,9 +38,8 @@ public class LoginWorkerBean implements LoginWorker
{ {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createQuery( Query q = em.createQuery(
"select u " + "select u from sec$User u " +
" from sec$User u join fetch u.subjects" + "where u.login = ?1 and u.password = ?2");
" where u.login = ?1 and u.password = ?2");
q.setParameter(1, login); q.setParameter(1, login);
q.setParameter(2, password); q.setParameter(2, password);
List list = q.getResultList(); List list = q.getResultList();
@ -62,9 +59,8 @@ public class LoginWorkerBean implements LoginWorker
{ {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createQuery( Query q = em.createQuery(
"select u " + "select u from sec$User u " +
" from sec$User u join fetch u.subjects" + "where u.activeDirectoryUser = ?1");
" where u.activeDirectoryUser = ?1");
q.setParameter(1, activeDirectoryUser); q.setParameter(1, activeDirectoryUser);
List list = q.getResultList(); List list = q.getResultList();
if (list.isEmpty()) { if (list.isEmpty()) {
@ -78,55 +74,22 @@ public class LoginWorkerBean implements LoginWorker
} }
} }
public UserSession login(String login, String password, Locale locale) throws LoginException { public UserSession login(String login, String password, Locale locale)
return login(login, password, null, locale);
}
public UserSession login(String login, String password, String profileName, Locale locale)
throws LoginException throws LoginException
{ {
User user = loadUser(login, password, locale); User user = loadUser(login, password, locale);
UserSession session = findProfile(user, profileName, locale); UserSession session = UserSessionManager.getInstance().createSession(user, locale);
log.info("Logged in: " + session); log.info("Logged in: " + session);
return session; return session;
} }
public UserSession loginActiveDirectory(String activeDirectoryUser, Locale locale) throws LoginException { public UserSession loginActiveDirectory(String activeDirectoryUser, Locale locale) throws LoginException {
return loginActiveDirectory(activeDirectoryUser, null, locale);
}
public UserSession loginActiveDirectory(String activeDirectoryUser, String profileName, Locale locale) throws LoginException {
User user = loadUser(activeDirectoryUser, locale); User user = loadUser(activeDirectoryUser, locale);
UserSession session = findProfile(user, profileName, locale); UserSession session = UserSessionManager.getInstance().createSession(user, locale);
log.info("Logged in: " + session); log.info("Logged in: " + session);
return session; return session;
} }
private UserSession findProfile(User user, String profileName, Locale locale) throws LoginException {
Subject subject = null;
if (profileName == null) {
for (Subject s : user.getSubjects()) {
subject = s;
if (subject.isDefaultSubject())
break;
}
if (subject == null)
throw new LoginException(Messages.getString("LoginException.NoProfile", locale));
}
else {
for (Subject s : user.getSubjects()) {
if (profileName.equals(s.getProfile().getName())) {
subject = s;
break;
}
}
if (subject == null)
throw new LoginException(Messages.getString("LoginException.InvalidProfile", locale), profileName);
}
return UserSessionManager.getInstance().createSession(user, subject, locale);
}
public void logout() { public void logout() {
try { try {
UserSession session = SecurityProvider.currentUserSession(); UserSession session = SecurityProvider.currentUserSession();

64
modules/core/src/com/haulmont/cuba/security/entity/Profile.java
View File

@ -1,64 +0,0 @@
/*
* Copyright (c) 2008 Haulmont Technology Ltd. All Rights Reserved.
* Haulmont Technology proprietary and confidential.
* Use is subject to license terms.
* Author: Konstantin Krivopustov
* Created: 26.11.2008 12:37:01
*
* $Id$
*/
package com.haulmont.cuba.security.entity;
import com.haulmont.cuba.core.entity.StandardEntity;
import com.haulmont.cuba.core.entity.annotation.Listeners;
import com.haulmont.cuba.core.entity.annotation.OnDelete;
import com.haulmont.cuba.core.global.DeletePolicy;
import javax.persistence.*;
import java.util.Set;
import java.io.Serializable;
import org.apache.commons.lang.BooleanUtils;
@Entity(name = "sec$Profile")
@Table(name = "SEC_PROFILE")
public class Profile extends StandardEntity
{
private static final long serialVersionUID = 8037692798864039665L;
@Column(name = "NAME")
private String name;
@OneToMany(mappedBy = "profile")
@OnDelete(DeletePolicy.CASCADE)
private Set<ProfileRole> profileRoles;
@ManyToOne(optional = false, fetch = FetchType.LAZY)
@JoinColumn(name = "GROUP_ID")
private Group group;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Set<ProfileRole> getProfileRoles() {
return profileRoles;
}
public void setProfileRoles(Set<ProfileRole> profileRoles) {
this.profileRoles = profileRoles;
}
public Group getGroup() {
return group;
}
public void setGroup(Group group) {
this.group = group;
}
}

82
modules/core/src/com/haulmont/cuba/security/entity/Subject.java
View File

@ -1,82 +0,0 @@
/*
* Copyright (c) 2008 Haulmont Technology Ltd. All Rights Reserved.
* Haulmont Technology proprietary and confidential.
* Use is subject to license terms.
* Author: Konstantin Krivopustov
* Created: 10.02.2009 17:22:38
*
* $Id$
*/
package com.haulmont.cuba.security.entity;
import com.haulmont.cuba.core.entity.StandardEntity;
import javax.persistence.*;
import java.util.Date;
import org.apache.commons.lang.BooleanUtils;
@Entity(name = "sec$Subject")
@Table(name = "SEC_SUBJECT")
public class Subject extends StandardEntity
{
private static final long serialVersionUID = 837722143973534603L;
@ManyToOne(optional = false, fetch = FetchType.LAZY)
@JoinColumn(name = "USER_ID")
private User user;
@ManyToOne(optional = false)
@JoinColumn(name = "PROFILE_ID")
private Profile profile;
@Column(name = "IS_DEFAULT")
private Boolean defaultSubject;
@Column(name = "START_DATE")
private Date startDate;
@Column(name = "END_DATE")
private Date endDate;
public boolean isDefaultSubject() {
return BooleanUtils.isTrue(defaultSubject);
}
public void setDefaultSubject(boolean defaultSubject) {
this.defaultSubject = defaultSubject;
}
public Date getEndDate() {
return endDate;
}
public void setEndDate(Date endDate) {
this.endDate = endDate;
}
public Profile getProfile() {
return profile;
}
public void setProfile(Profile profile) {
this.profile = profile;
}
public Date getStartDate() {
return startDate;
}
public void setStartDate(Date startDate) {
this.startDate = startDate;
}
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
}

27
modules/core/src/com/haulmont/cuba/security/entity/User.java
View File

@ -11,6 +11,8 @@
package com.haulmont.cuba.security.entity; package com.haulmont.cuba.security.entity;
import com.haulmont.cuba.core.entity.StandardEntity; import com.haulmont.cuba.core.entity.StandardEntity;
import com.haulmont.cuba.core.entity.annotation.OnDeleteInverse;
import com.haulmont.cuba.core.global.DeletePolicy;
import javax.persistence.*; import javax.persistence.*;
import java.util.Set; import java.util.Set;
@ -33,8 +35,13 @@ public class User extends StandardEntity
@Column(name = "AD_USER", length = 100) @Column(name = "AD_USER", length = 100)
private String activeDirectoryUser; private String activeDirectoryUser;
@ManyToOne(optional = false, fetch = FetchType.LAZY)
@JoinColumn(name = "GROUP_ID")
@OnDeleteInverse(DeletePolicy.DENY)
private Group group;
@OneToMany(mappedBy = "user") @OneToMany(mappedBy = "user")
private Set<Subject> subjects; private Set<UserRole> userRoles;
public String getLogin() { public String getLogin() {
return login; return login;
@ -68,15 +75,23 @@ public class User extends StandardEntity
this.activeDirectoryUser = activeDirectoryUser; this.activeDirectoryUser = activeDirectoryUser;
} }
public Set<Subject> getSubjects() { public Group getGroup() {
return subjects; return group;
} }
public void setSubjects(Set<Subject> subjects) { public void setGroup(Group group) {
this.subjects = subjects; this.group = group;
}
public Set<UserRole> getUserRoles() {
return userRoles;
}
public void setUserRoles(Set<UserRole> userRoles) {
this.userRoles = userRoles;
} }
public String toString() { public String toString() {
return name; return login;
} }
} }

21
modules/core/src/com/haulmont/cuba/security/entity/ProfileRole.java → modules/core/src/com/haulmont/cuba/security/entity/UserRole.java
View File

@ -16,27 +16,28 @@ import com.haulmont.cuba.core.global.DeletePolicy;
import javax.persistence.*; import javax.persistence.*;
@Entity(name = "sec$ProfileRole") @Entity(name = "sec$UserRole")
@Table(name = "SEC_PROFILE_ROLE") @Table(name = "SEC_USER_ROLE")
public class ProfileRole extends StandardEntity public class UserRole extends StandardEntity
{ {
private static final long serialVersionUID = 6151402331592361210L; private static final long serialVersionUID = 8543853035155300992L;
@ManyToOne(fetch = FetchType.LAZY, optional = false) @ManyToOne(fetch = FetchType.LAZY, optional = false)
@JoinColumn(name = "PROFILE_ID") @JoinColumn(name = "USER_ID")
private Profile profile; @OnDeleteInverse(DeletePolicy.CASCADE)
private User user;
@ManyToOne(fetch = FetchType.LAZY, optional = false) @ManyToOne(fetch = FetchType.LAZY, optional = false)
@JoinColumn(name = "ROLE_ID") @JoinColumn(name = "ROLE_ID")
@OnDeleteInverse(DeletePolicy.CASCADE) @OnDeleteInverse(DeletePolicy.CASCADE)
private Role role; private Role role;
public Profile getProfile() { public User getUser() {
return profile; return user;
} }
public void setProfile(Profile profile) { public void setUser(User user) {
this.profile = profile; this.user = user;
} }
public Role getRole() { public Role getRole() {

2
modules/core/src/com/haulmont/cuba/security/global/LoginServiceRemote.java
View File

@ -20,8 +20,6 @@ public interface LoginServiceRemote
UserSession login(String login, String password, Locale locale) throws LoginException; UserSession login(String login, String password, Locale locale) throws LoginException;
UserSession login(String login, String password, String profileName, Locale locale) throws LoginException;
void logout(); void logout();
void ping(); void ping();

15
modules/core/src/com/haulmont/cuba/security/global/UserSession.java
View File

@ -24,21 +24,17 @@ public class UserSession implements Serializable
private final UUID userId; private final UUID userId;
private final String login; private final String login;
private final String name; private final String name;
private final UUID subjectId;
private final String profile;
private final String[] roles; private final String[] roles;
private final Locale locale; private final Locale locale;
private final Map<String, Integer>[] permissions; private final Map<String, Integer>[] permissions;
private final Map<String, List<String>> constraints; private final Map<String, List<String>> constraints;
public UserSession(User user, Subject subject, String[] roles, Locale locale) { public UserSession(User user, String[] roles, Locale locale) {
this.id = UuidProvider.createUuid(); this.id = UuidProvider.createUuid();
this.userId = user.getId(); this.userId = user.getId();
this.login = user.getLogin(); this.login = user.getLogin();
this.name = user.getName(); this.name = user.getName();
this.subjectId = subject.getId();
this.profile = subject.getProfile().getName();
this.roles = roles; this.roles = roles;
Arrays.sort(this.roles); Arrays.sort(this.roles);
@ -69,14 +65,6 @@ public class UserSession implements Serializable
return name; return name;
} }
public UUID getSubjectId() {
return subjectId;
}
public String getProfile() {
return profile;
}
public String[] getRoles() { public String[] getRoles() {
return roles; return roles;
} }
@ -120,7 +108,6 @@ public class UserSession implements Serializable
return "UserSession{" + return "UserSession{" +
"id=" + id + "id=" + id +
", login='" + login + '\'' + ", login='" + login + '\'' +
", profile='" + profile + '\'' +
'}'; '}';
} }
} }

15
modules/core/src/com/haulmont/cuba/security/sys/UserSessionManager.java
View File

@ -36,20 +36,19 @@ public class UserSessionManager
sessions = new UserSessionsCache(); sessions = new UserSessionsCache();
} }
public UserSession createSession(User user, Subject subject, Locale locale) { public UserSession createSession(User user, Locale locale) {
Profile profile = subject.getProfile();
List<String> roleNames = new ArrayList<String>(); List<String> roleNames = new ArrayList<String>();
List<Role> roles = new ArrayList<Role>(); List<Role> roles = new ArrayList<Role>();
for (ProfileRole profileRole : profile.getProfileRoles()) { for (UserRole userRole : user.getUserRoles()) {
if (profileRole.getRole() != null) { if (userRole.getRole() != null) {
roleNames.add(profileRole.getRole().getName()); roleNames.add(userRole.getRole().getName());
roles.add(profileRole.getRole()); roles.add(userRole.getRole());
} }
} }
UserSession session = new UserSession( UserSession session = new UserSession(
user, subject, roleNames.toArray(new String[roleNames.size()]), locale); user, roleNames.toArray(new String[roleNames.size()]), locale);
compilePermissions(session, roles); compilePermissions(session, roles);
compileConstraints(session, profile.getGroup()); compileConstraints(session, user.getGroup());
sessions.add(session); sessions.add(session);
return session; return session;
} }

178
modules/core/test/com/haulmont/cuba/core/DeletedCollectionItemTest.java
View File

@ -11,23 +11,21 @@
package com.haulmont.cuba.core; package com.haulmont.cuba.core;
import com.haulmont.cuba.security.entity.User; import com.haulmont.cuba.security.entity.User;
import com.haulmont.cuba.security.entity.Profile;
import com.haulmont.cuba.security.entity.Group; import com.haulmont.cuba.security.entity.Group;
import com.haulmont.cuba.security.entity.Subject; import com.haulmont.cuba.security.entity.UserRole;
import com.haulmont.cuba.security.entity.Role;
import com.haulmont.cuba.core.global.View; import com.haulmont.cuba.core.global.View;
import java.util.UUID; import java.util.UUID;
import java.util.List;
import java.util.Set; import java.util.Set;
public class DeletedCollectionItemTest extends CubaTestCase public class DeletedCollectionItemTest extends CubaTestCase
{ {
private UUID groupId; private UUID groupId;
private UUID userId; private UUID userId;
private UUID profile1Id; private UUID role2Id;
private UUID profile2Id; private UUID userRole1Id;
private UUID subject1Id; private UUID userRole2Id;
private UUID subject2Id;
protected void setUp() throws Exception { protected void setUp() throws Exception {
super.setUp(); super.setUp();
@ -45,47 +43,42 @@ public class DeletedCollectionItemTest extends CubaTestCase
userId = user.getId(); userId = user.getId();
user.setName("testUser"); user.setName("testUser");
user.setLogin("testLogin"); user.setLogin("testLogin");
user.setGroup(group);
em.persist(user); em.persist(user);
Profile profile1 = new Profile(); Role role1 = em.find(Role.class, UUID.fromString("0c018061-b26f-4de2-a5be-dff348347f93"));
profile1Id = profile1.getId();
profile1.setName("testProfile1");
profile1.setGroup(group);
em.persist(profile1);
Profile profile2 = new Profile(); UserRole userRole1 = new UserRole();
profile2Id = profile2.getId(); userRole1Id = userRole1.getId();
profile2.setName("testProfile2"); userRole1.setUser(user);
profile2.setGroup(group); userRole1.setRole(role1);
em.persist(profile2); em.persist(userRole1);
Subject subject1 = new Subject(); Role role2 = new Role();
subject1Id = subject1.getId(); role2Id = role2.getId();
subject1.setUser(user); role2.setName("role2");
subject1.setProfile(profile1); em.persist(role2);
em.persist(subject1);
Subject subject2 = new Subject();
subject2Id = subject2.getId();
subject2.setUser(user);
subject2.setProfile(profile2);
em.persist(subject2);
UserRole userRole2 = new UserRole();
userRole2Id = userRole2.getId();
userRole2.setUser(user);
userRole2.setRole(role2);
em.persist(userRole2);
tx.commitRetaining(); tx.commitRetaining();
em = PersistenceProvider.getEntityManager(); em = PersistenceProvider.getEntityManager();
Profile profile = em.find(Profile.class, profile2Id); UserRole ur = em.find(UserRole.class, userRole2Id);
em.remove(profile); em.remove(ur);
Group g = em.find(Group.class, groupId); Role r = em.find(Role.class, role2Id);
em.remove(g); em.remove(r);
tx.commit(); tx.commit();
} finally { } finally {
tx.end(); tx.end();
} }
} }
protected void tearDown() throws Exception { protected void tearDown() throws Exception {
@ -93,14 +86,15 @@ public class DeletedCollectionItemTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createNativeQuery("delete from SEC_SUBJECT where ID = ? or ID = ?"); Query q;
q.setParameter(1, subject1Id.toString());
q.setParameter(2, subject2Id.toString()); q = em.createNativeQuery("delete from SEC_USER_ROLE where ID = ? or ID = ?");
q.setParameter(1, userRole1Id.toString());
q.setParameter(2, userRole2Id.toString());
q.executeUpdate(); q.executeUpdate();
q = em.createNativeQuery("delete from SEC_PROFILE where ID = ? or ID = ?"); q = em.createNativeQuery("delete from SEC_ROLE where ID = ?");
q.setParameter(1, profile1Id.toString()); q.setParameter(1, role2Id.toString());
q.setParameter(2, profile2Id.toString());
q.executeUpdate(); q.executeUpdate();
q = em.createNativeQuery("delete from SEC_USER where ID = ?"); q = em.createNativeQuery("delete from SEC_USER where ID = ?");
@ -123,8 +117,8 @@ public class DeletedCollectionItemTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Group group = em.find(Group.class, groupId); Role role = em.find(Role.class, role2Id);
assertNull(group); assertNull(role);
tx.commit(); tx.commit();
} finally { } finally {
@ -138,9 +132,9 @@ public class DeletedCollectionItemTest extends CubaTestCase
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
em.setDeleteDeferred(false); em.setDeleteDeferred(false);
Group group = em.find(Group.class, groupId); Role role = em.find(Role.class, role2Id);
assertNotNull(group); assertNotNull(role);
assertTrue(group.isDeleted()); assertTrue(role.isDeleted());
tx.commit(); tx.commit();
} finally { } finally {
@ -157,17 +151,18 @@ public class DeletedCollectionItemTest extends CubaTestCase
new View(User.class, "testView") new View(User.class, "testView")
.addProperty("name") .addProperty("name")
.addProperty("login") .addProperty("login")
.addProperty("subjects", .addProperty("userRoles",
new View(Subject.class, "testView") new View(UserRole.class, "testView")
.addProperty("profile") .addProperty("role",
) new View(Role.class, "testView")
.addProperty("name")))
); );
User user = em.find(User.class, userId); User user = em.find(User.class, userId);
Set<Subject> subjects = user.getSubjects(); Set<UserRole> userRoles = user.getUserRoles();
assertEquals(2, subjects.size()); assertEquals(1, userRoles.size());
for (Subject subject : subjects) { for (UserRole ur : userRoles) {
System.out.println(subject.getProfile().getName()); assertNotNull(ur.getRole());
} }
tx.commit(); tx.commit();
@ -186,17 +181,18 @@ public class DeletedCollectionItemTest extends CubaTestCase
new View(User.class, "testView") new View(User.class, "testView")
.addProperty("name") .addProperty("name")
.addProperty("login") .addProperty("login")
.addProperty("subjects", .addProperty("userRoles",
new View(Subject.class, "testView") new View(UserRole.class, "testView")
.addProperty("profile") .addProperty("role",
) new View(Role.class, "testView")
.addProperty("name")))
); );
User user = em.find(User.class, userId); User user = em.find(User.class, userId);
Set<Subject> subjects = user.getSubjects(); Set<UserRole> userRoles = user.getUserRoles();
assertEquals(2, subjects.size()); assertEquals(2, userRoles.size());
for (Subject subject : subjects) { for (UserRole ur : userRoles) {
System.out.println(subject.getProfile().getName()); assertNotNull(ur.getRole());
} }
tx.commit(); tx.commit();
@ -214,10 +210,10 @@ public class DeletedCollectionItemTest extends CubaTestCase
q.setParameter(1, userId); q.setParameter(1, userId);
User user = (User) q.getSingleResult(); User user = (User) q.getSingleResult();
Set<Subject> subjects = user.getSubjects(); Set<UserRole> userRoles = user.getUserRoles();
assertEquals(2, subjects.size()); assertEquals(1, userRoles.size());
for (Subject subject : subjects) { for (UserRole ur : userRoles) {
System.out.println(subject.getProfile().getName()); assertNotNull(ur.getRole());
} }
tx.commit(); tx.commit();
@ -231,14 +227,14 @@ public class DeletedCollectionItemTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createQuery("select u from sec$User u join fetch u.subjects where u.id = ?1"); Query q = em.createQuery("select u from sec$User u join fetch u.userRoles where u.id = ?1");
q.setParameter(1, userId); q.setParameter(1, userId);
User user = (User) q.getSingleResult(); User user = (User) q.getSingleResult();
Set<Subject> subjects = user.getSubjects(); Set<UserRole> userRoles = user.getUserRoles();
assertEquals(2, subjects.size()); assertEquals(1, userRoles.size());
for (Subject subject : subjects) { for (UserRole ur : userRoles) {
System.out.println(subject.getProfile().getName()); assertNotNull(ur.getRole());
} }
tx.commit(); tx.commit();
@ -247,26 +243,26 @@ public class DeletedCollectionItemTest extends CubaTestCase
} }
} }
public void testManyToOne() { // public void testManyToOne() {
Transaction tx = Locator.createTransaction(); // Transaction tx = Locator.createTransaction();
try { // try {
EntityManager em = PersistenceProvider.getEntityManager(); // EntityManager em = PersistenceProvider.getEntityManager();
//
em.setView( // em.setView(
new View(Profile.class, "testView") // new View(Profile.class, "testView")
.addProperty("name") // .addProperty("name")
.addProperty("group", // .addProperty("group",
new View(Group.class, "testView") // new View(Group.class, "testView")
.addProperty("name") // .addProperty("name")
) // )
); // );
Profile profile = em.find(Profile.class, profile1Id); // Profile profile = em.find(Profile.class, profile1Id);
assertNotNull(profile.getGroup()); // assertNotNull(profile.getGroup());
assertTrue(profile.getGroup().isDeleted()); // assertTrue(profile.getGroup().isDeleted());
//
tx.commit(); // tx.commit();
} finally { // } finally {
tx.end(); // tx.end();
} // }
} // }
} }

2
modules/core/test/com/haulmont/cuba/core/QueryTest.java
View File

@ -24,7 +24,7 @@ public class QueryTest extends CubaTestCase
User user = em.find(User.class, UUID.fromString("60885987-1b61-4247-94c7-dff348347f93")); User user = em.find(User.class, UUID.fromString("60885987-1b61-4247-94c7-dff348347f93"));
Query query = em.createQuery("select s from sec$Subject s where s.user.id = :user"); Query query = em.createQuery("select r from sec$UserRole r where r.user.id = :user");
query.setParameter("user", user); query.setParameter("user", user);
List list = query.getResultList(); List list = query.getResultList();

43
modules/core/test/com/haulmont/cuba/core/ViewTest.java
View File

@ -12,9 +12,7 @@ package com.haulmont.cuba.core;
import com.haulmont.cuba.core.global.View; import com.haulmont.cuba.core.global.View;
import com.haulmont.cuba.security.entity.User; import com.haulmont.cuba.security.entity.User;
import com.haulmont.cuba.security.entity.Profile;
import com.haulmont.cuba.security.entity.Group; import com.haulmont.cuba.security.entity.Group;
import com.haulmont.cuba.security.entity.Subject;
import java.util.UUID; import java.util.UUID;
@ -27,35 +25,16 @@ public class ViewTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Group group = em.find(Group.class, UUID.fromString("0fa2b1a5-1d68-4d69-9fbd-dff348347f93"));
User user = new User(); User user = new User();
userId = user.getId(); userId = user.getId();
user.setName("testUser"); user.setName("testUser");
user.setLogin("login" + userId); user.setLogin("login" + userId);
user.setPassword("000"); user.setPassword("000");
user.setGroup(group);
em.persist(user); em.persist(user);
Group group = em.find(Group.class, UUID.fromString("0fa2b1a5-1d68-4d69-9fbd-dff348347f93"));
Profile profile = new Profile();
profile.setName("testProfile1");
profile.setGroup(group);
em.persist(profile);
Subject subject = new Subject();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
profile = new Profile();
profile.setName("testProfile2");
profile.setGroup(group);
em.persist(profile);
subject = new Subject();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
tx.commit(); tx.commit();
} finally { } finally {
tx.end(); tx.end();
@ -75,9 +54,9 @@ public class ViewTest extends CubaTestCase
View view = new View(User.class, "testUserView") View view = new View(User.class, "testUserView")
.addProperty("name") .addProperty("name")
.addProperty("login") .addProperty("login")
.addProperty("subjects", .addProperty("group",
new View(Subject.class, "testSubjectView") new View(Group.class, "testGroupView")
.addProperty("profile") .addProperty("name")
); );
q.setView(view); q.setView(view);
@ -86,7 +65,7 @@ public class ViewTest extends CubaTestCase
tx.commit(); tx.commit();
assertNull(user.getPassword()); assertNull(user.getPassword());
assertEquals(2, user.getSubjects().size()); assertNotNull(user.getGroup().getName());
} finally { } finally {
tx.end(); tx.end();
} }
@ -102,9 +81,9 @@ public class ViewTest extends CubaTestCase
View view = new View(User.class, "testUserView") View view = new View(User.class, "testUserView")
.addProperty("name") .addProperty("name")
.addProperty("login") .addProperty("login")
.addProperty("subjects", .addProperty("group",
new View(Subject.class, "testSubjectView") new View(Group.class, "testGroupView")
.addProperty("profile") .addProperty("name")
); );
em.setView(view); em.setView(view);
@ -113,7 +92,7 @@ public class ViewTest extends CubaTestCase
tx.commit(); tx.commit();
assertNull(user.getPassword()); assertNull(user.getPassword());
assertEquals(2, user.getSubjects().size()); assertNotNull(user.getGroup().getName());
} finally { } finally {
tx.end(); tx.end();
} }

14
modules/core/test/com/haulmont/cuba/core/global/ViewRepositoryTest.java
View File

@ -32,15 +32,15 @@ public class ViewRepositoryTest extends CubaTestCase
assertNotNull(view); assertNotNull(view);
assertNotNull(view.getProperty("name")); assertNotNull(view.getProperty("name"));
assertNotNull(view.getProperty("login")); assertNotNull(view.getProperty("login"));
assertNotNull(view.getProperty("subjects")); assertNotNull(view.getProperty("userRoles"));
View subjectView = view.getProperty("subjects").getView(); View userRolesView = view.getProperty("userRoles").getView();
assertNotNull(subjectView); assertNotNull(userRolesView);
assertNotNull(subjectView.getProperty("profile")); assertNotNull(userRolesView.getProperty("role"));
View profileView = subjectView.getProperty("profile").getView(); View roleView = userRolesView.getProperty("role").getView();
assertNotNull(profileView); assertNotNull(roleView);
assertNotNull(profileView.getProperty("name")); assertNotNull(roleView.getProperty("name"));
} }

8
modules/core/test/com/haulmont/cuba/core/global/test.view.xml
View File

@ -3,14 +3,14 @@
<view entity="sec$User" name="test"> <view entity="sec$User" name="test">
<property name="name"/> <property name="name"/>
<property name="login"/> <property name="login"/>
<property name="subjects" view="test"/> <property name="userRoles" view="test"/>
</view> </view>
<view entity="sec$Subject" name="test"> <view entity="sec$UserRole" name="test">
<property name="profile" view="test"/> <property name="role" view="test"/>
</view> </view>
<view entity="sec$Profile" name="test"> <view entity="sec$Role" name="test">
<property name="name"/> <property name="name"/>
</view> </view>

15
modules/core/test/com/haulmont/cuba/core/sys/TestSecurityProvider.java
View File

@ -12,8 +12,6 @@ package com.haulmont.cuba.core.sys;
import com.haulmont.cuba.core.SecurityProvider; import com.haulmont.cuba.core.SecurityProvider;
import com.haulmont.cuba.security.entity.User; import com.haulmont.cuba.security.entity.User;
import com.haulmont.cuba.security.entity.Subject;
import com.haulmont.cuba.security.entity.Profile;
import com.haulmont.cuba.security.global.UserSession; import com.haulmont.cuba.security.global.UserSession;
import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.codec.digest.DigestUtils;
@ -29,17 +27,8 @@ public class TestSecurityProvider extends SecurityProvider
user.setName("Test Administrator"); user.setName("Test Administrator");
user.setPassword(DigestUtils.md5Hex("test_admin")); user.setPassword(DigestUtils.md5Hex("test_admin"));
Profile profile = new Profile(); UserSession session = new UserSession(user, new String[]{"Administrators"}, Locale.getDefault());
profile.setId(UUID.fromString("bf83541f-f610-46f4-a268-dff348347f93")); session.addConstraint("sec$Group", "a.createdBy = :currentUserLogin");
profile.setName("Default");
Subject subject = new Subject();
subject.setId(UUID.fromString("05d9d689-da68-4622-8952-f94dfb36ca07"));
subject.setUser(user);
subject.setProfile(profile);
UserSession session = new UserSession(user, subject, new String[]{"Administrators"}, Locale.getDefault());
session.addConstraint("sec$Group", "a.createdBy = :currentSubjectId");
return session; return session;
} }

50
modules/core/test/com/haulmont/cuba/security/ConstraintTest.java
View File

@ -26,11 +26,10 @@ import org.apache.commons.codec.digest.DigestUtils;
public class ConstraintTest extends CubaTestCase public class ConstraintTest extends CubaTestCase
{ {
private static final String ADMIN_NAME = "admin"; private static final String USER_LOGIN = "testUser";
private static final String ADMIN_PASSW = DigestUtils.md5Hex("admin"); private static final String USER_PASSW = DigestUtils.md5Hex("testUser");
private static final String PROFILE_NAME = "testProfile";
private UUID constraintId, parentConstraintId, groupId, parentGroupId, profileId, subjectId; private UUID constraintId, parentConstraintId, groupId, parentGroupId, userId;
protected void setUp() throws Exception { protected void setUp() throws Exception {
super.setUp(); super.setUp();
@ -39,8 +38,6 @@ public class ConstraintTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
User user = em.find(User.class, UUID.fromString("60885987-1b61-4247-94c7-dff348347f93"));
Group parentGroup = new Group(); Group parentGroup = new Group();
parentGroupId = parentGroup.getId(); parentGroupId = parentGroup.getId();
parentGroup.setName("testParentGroup"); parentGroup.setName("testParentGroup");
@ -69,17 +66,12 @@ public class ConstraintTest extends CubaTestCase
constraint.setGroup(group); constraint.setGroup(group);
em.persist(constraint); em.persist(constraint);
Profile profile = new Profile(); User user = new User();
profileId = profile.getId(); userId = user.getId();
profile.setName(PROFILE_NAME); user.setLogin(USER_LOGIN);
profile.setGroup(group); user.setPassword(USER_PASSW);
em.persist(profile); user.setGroup(group);
em.persist(user);
Subject subject = new Subject();
subjectId = subject.getId();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
tx.commit(); tx.commit();
} finally { } finally {
@ -92,12 +84,10 @@ public class ConstraintTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createNativeQuery("delete from SEC_SUBJECT where ID = ?"); Query q;
q.setParameter(1, subjectId.toString());
q.executeUpdate();
q = em.createNativeQuery("delete from SEC_PROFILE where ID = ?"); q = em.createNativeQuery("delete from SEC_USER where ID = ?");
q.setParameter(1, profileId.toString()); q.setParameter(1, userId.toString());
q.executeUpdate(); q.executeUpdate();
q = em.createNativeQuery("delete from SEC_CONSTRAINT where ID = ? or ID = ?"); q = em.createNativeQuery("delete from SEC_CONSTRAINT where ID = ? or ID = ?");
@ -131,18 +121,18 @@ public class ConstraintTest extends CubaTestCase
public void test() throws LoginException { public void test() throws LoginException {
LoginWorker lw = Locator.lookupLocal(LoginWorker.JNDI_NAME); LoginWorker lw = Locator.lookupLocal(LoginWorker.JNDI_NAME);
UserSession userSession = lw.login(ADMIN_NAME, ADMIN_PASSW, PROFILE_NAME, Locale.getDefault()); UserSession userSession = lw.login(USER_LOGIN, USER_PASSW, Locale.getDefault());
assertNotNull(userSession); assertNotNull(userSession);
List<String> constraints = userSession.getConstraints("core$Server"); List<String> constraints = userSession.getConstraints("core$Server");
assertEquals(2, constraints.size()); assertEquals(2, constraints.size());
DataService bs = Locator.lookupLocal(DataService.JNDI_NAME); // DataService bs = Locator.lookupLocal(DataService.JNDI_NAME);
//
DataService.CollectionLoadContext ctx = new DataService.CollectionLoadContext(Group.class); // DataService.CollectionLoadContext ctx = new DataService.CollectionLoadContext(Group.class);
ctx.setQueryString("select g from sec$Group g where g.createTs <= :createTs").addParameter("createTs", new Date()); // ctx.setQueryString("select g from sec$Group g where g.createTs <= :createTs").addParameter("createTs", new Date());
//
List<Group> list = bs.loadList(ctx); // List<Group> list = bs.loadList(ctx);
assertTrue(list.size() > 0); // assertTrue(list.size() > 0);
} }
} }

63
modules/core/test/com/haulmont/cuba/security/PermissionTest.java
View File

@ -30,7 +30,7 @@ public class PermissionTest extends CubaTestCase
private static final String PERM_TARGET_ATTR = "core$Server:address"; private static final String PERM_TARGET_ATTR = "core$Server:address";
private UUID role1Id, permission1Id, role2Id, permission2Id, userId, groupId, private UUID role1Id, permission1Id, role2Id, permission2Id, userId, groupId,
profileId, profileRole1Id, profileRole2Id, subjectId; userRole1Id, userRole2Id;
protected void setUp() throws Exception { protected void setUp() throws Exception {
super.setUp(); super.setUp();
@ -67,41 +67,30 @@ public class PermissionTest extends CubaTestCase
permission2.setValue(1); permission2.setValue(1);
em.persist(permission2); em.persist(permission2);
User user = new User();
userId = user.getId();
user.setName(USER_NAME);
user.setLogin(USER_NAME);
user.setPassword(USER_PASSW);
em.persist(user);
Group group = new Group(); Group group = new Group();
groupId = group.getId(); groupId = group.getId();
group.setName("testGroup"); group.setName("testGroup");
em.persist(group); em.persist(group);
Profile profile = new Profile(); User user = new User();
profileId = profile.getId(); userId = user.getId();
profile.setName(PROFILE_NAME); user.setName(USER_NAME);
profile.setGroup(group); user.setLogin(USER_NAME);
em.persist(profile); user.setPassword(USER_PASSW);
user.setGroup(group);
em.persist(user);
ProfileRole profileRole1 = new ProfileRole(); UserRole userRole1 = new UserRole();
profileRole1Id = profileRole1.getId(); userRole1Id = userRole1.getId();
profileRole1.setProfile(profile); userRole1.setUser(user);
profileRole1.setRole(role1); userRole1.setRole(role1);
em.persist(profileRole1); em.persist(userRole1);
ProfileRole profileRole2 = new ProfileRole(); UserRole userRole2 = new UserRole();
profileRole2Id = profileRole2.getId(); userRole2Id = userRole2.getId();
profileRole2.setProfile(profile); userRole2.setUser(user);
profileRole2.setRole(role2); userRole2.setRole(role2);
em.persist(profileRole2); em.persist(userRole2);
Subject subject = new Subject();
subjectId = subject.getId();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
tx.commit(); tx.commit();
} finally { } finally {
@ -114,17 +103,11 @@ public class PermissionTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Query q = em.createNativeQuery("delete from SEC_SUBJECT where ID = ?"); Query q;
q.setParameter(1, subjectId.toString());
q.executeUpdate();
q = em.createNativeQuery("delete from SEC_PROFILE_ROLE where ID = ? or ID = ?"); q = em.createNativeQuery("delete from SEC_USER_ROLE where ID = ? or ID = ?");
q.setParameter(1, profileRole1Id.toString()); q.setParameter(1, userRole1Id.toString());
q.setParameter(2, profileRole2Id.toString()); q.setParameter(2, userRole2Id.toString());
q.executeUpdate();
q = em.createNativeQuery("delete from SEC_PROFILE where ID = ?");
q.setParameter(1, profileId.toString());
q.executeUpdate(); q.executeUpdate();
q = em.createNativeQuery("delete from SEC_USER where ID = ?"); q = em.createNativeQuery("delete from SEC_USER where ID = ?");
@ -155,7 +138,7 @@ public class PermissionTest extends CubaTestCase
public void test() throws LoginException { public void test() throws LoginException {
LoginWorker lw = Locator.lookupLocal(LoginWorker.JNDI_NAME); LoginWorker lw = Locator.lookupLocal(LoginWorker.JNDI_NAME);
UserSession userSession = lw.login(USER_NAME, USER_PASSW, PROFILE_NAME, Locale.getDefault()); UserSession userSession = lw.login(USER_NAME, USER_PASSW, Locale.getDefault());
assertNotNull(userSession); assertNotNull(userSession);
boolean permitted = userSession.isPermitted(PermissionType.SCREEN, PERM_TARGET_SCREEN); boolean permitted = userSession.isPermitted(PermissionType.SCREEN, PERM_TARGET_SCREEN);

58
modules/core/test/com/haulmont/cuba/security/RelationsTest.java
View File

@ -17,22 +17,6 @@ import java.util.UUID;
public class RelationsTest extends CubaTestCase public class RelationsTest extends CubaTestCase
{ {
public void testProfile() {
UUID profileId = createProfile();
Transaction tx = Locator.createTransaction();
try {
EntityManager em = PersistenceProvider.getEntityManager();
Profile profile = em.find(Profile.class, profileId);
em.remove(profile);
tx.commit();
} finally {
tx.end();
}
}
public void testRole() { public void testRole() {
UUID roleId = createRole(); UUID roleId = createRole();
@ -49,53 +33,21 @@ public class RelationsTest extends CubaTestCase
} }
} }
public UUID createProfile() {
Transaction tx = Locator.createTransaction();
try {
EntityManager em = PersistenceProvider.getEntityManager();
User user = em.find(User.class, UUID.fromString("60885987-1b61-4247-94c7-dff348347f93"));
Role role = em.find(Role.class, UUID.fromString("0c018061-b26f-4de2-a5be-dff348347f93"));
Group group = em.find(Group.class, UUID.fromString("0fa2b1a5-1d68-4d69-9fbd-dff348347f93"));
Profile profile = new Profile();
profile.setGroup(group);
profile.setName("RelationTest");
em.persist(profile);
ProfileRole profileRole = new ProfileRole();
profileRole.setProfile(profile);
profileRole.setRole(role);
em.persist(profileRole);
Subject subject = new Subject();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
tx.commit();
return profile.getId();
} finally {
tx.end();
}
}
public UUID createRole() { public UUID createRole() {
Transaction tx = Locator.createTransaction(); Transaction tx = Locator.createTransaction();
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
Profile profile = em.find(Profile.class, UUID.fromString("bf83541f-f610-46f4-a268-dff348347f93")); User user = em.find(User.class, UUID.fromString("60885987-1b61-4247-94c7-dff348347f93"));
Role role = new Role(); Role role = new Role();
role.setName("RelationTest"); role.setName("RelationTest");
em.persist(role); em.persist(role);
ProfileRole profileRole = new ProfileRole(); UserRole userRole = new UserRole();
profileRole.setProfile(profile); userRole.setUser(user);
profileRole.setRole(role); userRole.setRole(role);
em.persist(profileRole); em.persist(userRole);
tx.commit(); tx.commit();

44
modules/core/test/com/haulmont/cuba/security/UserRoleTest.java
View File

@ -23,12 +23,6 @@ public class UserRoleTest extends CubaTestCase
try { try {
EntityManager em = PersistenceProvider.getEntityManager(); EntityManager em = PersistenceProvider.getEntityManager();
User user = new User();
UUID userId = user.getId();
user.setLogin("testUser1");
user.setName("Test User 1");
em.persist(user);
Role role = new Role(); Role role = new Role();
role.setName("testRole1"); role.setName("testRole1");
em.persist(role); em.persist(role);
@ -37,35 +31,27 @@ public class UserRoleTest extends CubaTestCase
group.setName("testGroup1"); group.setName("testGroup1");
em.persist(group); em.persist(group);
Profile profile = new Profile(); User user = new User();
profile.setName("testProfile"); UUID userId = user.getId();
profile.setGroup(group); user.setLogin("testUser1");
em.persist(profile); user.setName("Test User 1");
user.setGroup(group);
em.persist(user);
ProfileRole profileRole = new ProfileRole(); UserRole userRole = new UserRole();
profileRole.setProfile(profile); userRole.setUser(user);
profileRole.setRole(role); userRole.setRole(role);
em.persist(profileRole); em.persist(userRole);
Subject subject = new Subject();
subject.setUser(user);
subject.setProfile(profile);
em.persist(subject);
tx.commitRetaining(); tx.commitRetaining();
em = PersistenceProvider.getEntityManager(); em = PersistenceProvider.getEntityManager();
user = em.find(User.class, userId); user = em.find(User.class, userId);
Set<Subject> subjects = user.getSubjects(); Set<UserRole> userRoles = user.getUserRoles();
assertEquals(1, subjects.size()); assertEquals(1, userRoles.size());
for (Subject s : subjects) { for (UserRole ur : userRoles) {
assertEquals(profile.getName(), s.getProfile().getName()); Role r = ur.getRole();
Set<ProfileRole> roles = s.getProfile().getProfileRoles(); assertEquals(role.getName(), r.getName());
assertEquals(1, roles.size());
for (ProfileRole pr : roles) {
Role r = pr.getRole();
assertEquals(role.getName(), r.getName());
}
} }
} finally { } finally {
tx.end(); tx.end();

24
modules/web/src-conf/cuba/client/web/screen-config.xml
View File

@ -1,18 +1,18 @@
<screen-config> <screen-config>
<screen id="core$Server.browse" <screen id="core$Server.browse"
class="com.haulmont.cuba.web.app.ui.DemoScreen"/>
<screen id="sec$User.browse"
template="/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse.xml"/>
<screen id="sec$User.edit"
template="/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.xml"/>
<screen id="sec$Group.browse"
template="/com/haulmont/cuba/web/app/ui/security/group/browse/security-group-browse.xml"/>
<screen id="sec$Role.browse"
class="com.haulmont.cuba.web.app.ui.TableDemoScreen"/> class="com.haulmont.cuba.web.app.ui.TableDemoScreen"/>
<screen id="sec$User.browse"
template="/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse.xml"/>
<screen id="sec$User.edit"
template="/com/haulmont/cuba/web/app/ui/security/user/edit/user-edit.xml"/>
<screen id="sec$Group.browse"
template="/com/haulmont/cuba/web/app/ui/security/group/browse/group-browse.xml"/>
<screen id="sec$Role.browse"
template="/com/haulmont/cuba/web/app/ui/security/role/browse/role-browse.xml"/>
</screen-config> </screen-config>

35
modules/web/src/com/haulmont/cuba/web/AppWindow.java
View File

@ -24,8 +24,6 @@ import java.util.Locale;
import java.util.List; import java.util.List;
import java.util.Collections; import java.util.Collections;
import org.dom4j.Element;
public class AppWindow extends Window public class AppWindow extends Window
{ {
private Connection connection; private Connection connection;
@ -64,33 +62,12 @@ public class AppWindow extends Window
titleLayout.setSpacing(true); titleLayout.setSpacing(true);
titleLayout.setHeight(-1); titleLayout.setHeight(-1);
// Button navBtn = new Button(Messages.getString("navBtn"), Label logoLabel = new Label(Messages.getString("logoLabel"));
// new Button.ClickListener() { titleLayout.addComponent(logoLabel);
// public void buttonClick(Button.ClickEvent event) {
// Navigator navigator = new Navigator(AppWindow.this);
// addWindow(navigator);
// }
// }
// );
// navBtn.setStyleName(Button.STYLE_LINK);
// titleLayout.addComponent(navBtn);
Label label = new Label(String.format(Messages.getString("loggedInLabel"), Label loggedInLabel = new Label(String.format(Messages.getString("loggedInLabel"),
connection.getSession().getName(), connection.getSession().getProfile())); connection.getSession().getName()));
titleLayout.addComponent(label); titleLayout.addComponent(loggedInLabel);
Button profileBtn = new Button(Messages.getString("profileBtn"),
new Button.ClickListener()
{
public void buttonClick(Button.ClickEvent event) {
ChangeProfileWindow window = new ChangeProfileWindow();
window.center();
addWindow(window);
}
}
);
profileBtn.setStyleName(Button.STYLE_LINK);
titleLayout.addComponent(profileBtn);
Button logoutBtn = new Button(Messages.getString("logoutBtn"), Button logoutBtn = new Button(Messages.getString("logoutBtn"),
new Button.ClickListener() { new Button.ClickListener() {
@ -115,7 +92,7 @@ public class AppWindow extends Window
viewLogBtn.setStyleName(Button.STYLE_LINK); viewLogBtn.setStyleName(Button.STYLE_LINK);
titleLayout.addComponent(viewLogBtn); titleLayout.addComponent(viewLogBtn);
// titleLayout.expand(navBtn); titleLayout.expand(logoLabel);
rootLayout.addComponent(titleLayout); rootLayout.addComponent(titleLayout);

98
modules/web/src/com/haulmont/cuba/web/ChangeProfileWindow.java
View File

@ -1,98 +0,0 @@
/*
* Copyright (c) 2008 Haulmont Technology Ltd. All Rights Reserved.
* Haulmont Technology proprietary and confidential.
* Use is subject to license terms.
* Author: Konstantin Krivopustov
* Created: 05.01.2009 15:28:11
*
* $Id$
*/
package com.haulmont.cuba.web;
import com.haulmont.cuba.core.app.DataService;
import com.haulmont.cuba.core.global.DataServiceRemote;
import com.haulmont.cuba.security.entity.Subject;
import com.haulmont.cuba.security.global.LoginException;
import com.haulmont.cuba.security.global.UserSession;
import com.haulmont.cuba.web.log.LogLevel;
import com.haulmont.cuba.web.resource.Messages;
import com.itmill.toolkit.terminal.ExternalResource;
import com.itmill.toolkit.terminal.Sizeable;
import com.itmill.toolkit.ui.*;
import java.util.List;
public class ChangeProfileWindow extends Window
{
public ChangeProfileWindow() {
super(Messages.getString("changeProfileWindow.caption"));
setModal(true);
initUI();
}
private void initUI() {
ExpandLayout layout = new ExpandLayout(ExpandLayout.ORIENTATION_VERTICAL);
layout.setMargin(true);
layout.setSpacing(true);
setHeight(200, Sizeable.UNITS_PIXELS);
setWidth(400, Sizeable.UNITS_PIXELS);
Label label = new Label(Messages.getString("changeProfileWindow.label"));
layout.addComponent(label);
final ListSelect select = new ListSelect();
select.setMultiSelect(false);
select.setNullSelectionAllowed(false);
select.setSizeFull();
select.focus();
fillItems(select);
layout.addComponent(select);
layout.expand(select);
Button button = new Button(Messages.getString("changeProfileWindow.button"),
new Button.ClickListener()
{
public void buttonClick(Button.ClickEvent event) {
changeProfile((String) select.getValue());
Component parent = getParent();
if (parent != null && parent instanceof Window) {
((Window) parent).removeWindow(ChangeProfileWindow.this);
((Window) parent).open(new ExternalResource(App.getInstance().getURL()));
}
}
}
);
layout.addComponent(button);
setLayout(layout);
}
private void changeProfile(String profile) {
Connection connection = App.getInstance().getConnection();
try {
connection.changeProfile(profile);
} catch (LoginException e) {
App.getInstance().getAppLog().log(LogLevel.ERROR, "Unable to change profile", e);
showNotification(e.getMessage());
}
}
private void fillItems(ListSelect select) {
DataService bs = ServiceLocator.getDataService();
UserSession userSession = App.getInstance().getConnection().getSession();
final DataServiceRemote.CollectionLoadContext context = new DataServiceRemote.CollectionLoadContext(Subject.class);
context.setQueryString("select s from sec$Subject s where s.user.id = :userId").addParameter("userId", userSession.getUserId());
List<Subject> list = bs.loadList(context);
for (Subject subject : list) {
if (!subject.getId().equals(userSession.getSubjectId())) {
select.addItem(subject.getProfile().getName());
}
}
if (!select.getItemIds().isEmpty()) {
select.select(select.getItemIds().iterator().next());
}
}
}

4
modules/web/src/com/haulmont/cuba/web/Connection.java
View File

@ -45,7 +45,7 @@ public class Connection
} }
public void login(String login, String password, String profileName) throws LoginException { public void login(String login, String password, String profileName) throws LoginException {
session = getLoginService().login(login, password, profileName, App.getInstance().getLocale()); session = getLoginService().login(login, password, App.getInstance().getLocale());
connected = true; connected = true;
this.login = login; this.login = login;
this.password = password; this.password = password;
@ -58,7 +58,7 @@ public class Connection
} }
public void loginActiveDirectory(String activeDirectoryUser, String profileName) throws LoginException { public void loginActiveDirectory(String activeDirectoryUser, String profileName) throws LoginException {
session = getLoginService().loginActiveDirectory(activeDirectoryUser, profileName, App.getInstance().getLocale()); session = getLoginService().loginActiveDirectory(activeDirectoryUser, App.getInstance().getLocale());
connected = true; connected = true;
this.login = activeDirectoryUser; this.login = activeDirectoryUser;
this.password = null; this.password = null;

5
modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/SecurityGroupBrowser.java → modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/GroupBrowser.java
View File

@ -13,11 +13,10 @@ package com.haulmont.cuba.web.app.ui.security.group.browse;
import com.haulmont.cuba.gui.components.AbstractWindow; import com.haulmont.cuba.gui.components.AbstractWindow;
import com.haulmont.cuba.gui.components.Window; import com.haulmont.cuba.gui.components.Window;
import com.haulmont.cuba.gui.components.Tree; import com.haulmont.cuba.gui.components.Tree;
import com.haulmont.cuba.gui.data.Datasource;
public class SecurityGroupBrowser extends AbstractWindow public class GroupBrowser extends AbstractWindow
{ {
public SecurityGroupBrowser(Window frame) { public GroupBrowser(Window frame) {
super(frame); super(frame);
} }

12
modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/group-browse.views.xml Normal file
View File

@ -0,0 +1,12 @@
<views>
<view entity="sec$Group" name="group-browse">
<property name="name"/>
<property name="parent"/>
</view>
<view entity="sec$User" name="group-browse">
<property name="name"/>
<property name="login"/>
<property name="activeDirectoryUser"/>
</view>
</views>

43
modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/group-browse.xml Normal file
View File

@ -0,0 +1,43 @@
<window class="com.haulmont.cuba.web.app.ui.security.group.browse.GroupBrowser">
<metadataContext>
<deployViews name="/com/haulmont/cuba/web/app/ui/security/group/browse/group-browse.views.xml"/>
</metadataContext>
<dsContext>
<collectionDatasource
id="groups"
class="com.haulmont.cuba.security.entity.Group"
view="group-browse">
<query>
<![CDATA[select g from sec$Group g]]>
</query>
</collectionDatasource>
<collectionDatasource
id="users"
class="com.haulmont.cuba.security.entity.User"
view="group-browse">
<query>select u from sec$User u where u.group.id = :ds$groups</query>
</collectionDatasource>
</dsContext>
<layout>
<hbox id="tree-panel" expand="table">
<split orientation="horizontal">
<vbox>
<tree id="groups">
<treechildren datasource="groups" property="name" parent="parent"/>
</tree>
</vbox>
<table id="users">
<columns>
<column id="name" caption="Name"/>
<column id="login" caption="Login"/>
<column id="activeDirectoryUser" caption="ActiveDirectory User"/>
</columns>
<rows datasource="users"/>
</table>
</split>
</hbox>
</layout>
</window>

20
modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/security-group-browse.views.xml
View File

@ -1,20 +0,0 @@
<views>
<view entity="sec$Group" name="group-browse">
<property name="name"/>
<property name="parent"/>
</view>
<view entity="sec$User" name="group-browse">
<property name="name"/>
</view>
<view entity="sec$Subject" name="group-browse">
<property name="defaultSubject"/>
<property name="user" view="group-browse"/>
<property name="profile" view="group-browse"/>
</view>
<view entity="sec$Profile" name="group-browse">
<property name="name"/>
</view>
</views>

57
modules/web/src/com/haulmont/cuba/web/app/ui/security/group/browse/security-group-browse.xml
View File

@ -1,57 +0,0 @@
<window class="com.haulmont.cuba.web.app.ui.security.group.browse.SecurityGroupBrowser">
<metadataContext>
<deployViews name="/com/haulmont/cuba/web/app/ui/security/group/browse/security-group-browse.views.xml"/>
</metadataContext>
<dsContext>
<collectionDatasource
id="groups"
class="com.haulmont.cuba.security.entity.Group"
view="group-browse">
<query>
<![CDATA[select g from sec$Group g]]>
</query>
</collectionDatasource>
<collectionDatasource
id="profiles"
class="com.haulmont.cuba.security.entity.Profile"
view="group-browse">
<query>select p from sec$Profile p where p.group.id = :ds$groups</query>
</collectionDatasource>
<collectionDatasource
id="subjects"
class="com.haulmont.cuba.security.entity.Subject"
view="group-browse">
<query>select s from sec$Subject s join fetch s.user where s.profile.id = :ds$profiles</query>
</collectionDatasource>
</dsContext>
<layout>
<hbox id="tree-panel" expand="table">
<split orientation="horizontal">
<vbox>
<tree id="groups">
<treechildren datasource="groups" property="name" parent="parent"/>
</tree>
</vbox>
<split orientation="vertical">
<table id="profiles">
<columns>
<column id="name" caption="Profile"/>
</columns>
<rows datasource="profiles"/>
</table>
<table id="subjects">
<columns>
<column id="user" caption="User" onClick="sec$User.edit"/>
<column id="defaultSubject" caption="Default"/>
</columns>
<rows datasource="subjects"/>
</table>
</split>
</split>
</hbox>
</layout>
</window>

64
modules/web/src/com/haulmont/cuba/web/app/ui/security/role/browse/RoleBrowser.java Normal file
View File

@ -0,0 +1,64 @@
/*
* Copyright (c) 2009 Haulmont Technology Ltd. All Rights Reserved.
* Haulmont Technology proprietary and confidential.
* Use is subject to license terms.
* Author: Konstantin Krivopustov
* Created: 14.02.2009 22:38:29
*
* $Id$
*/
package com.haulmont.cuba.web.app.ui.security.role.browse;
import com.haulmont.cuba.gui.components.*;
import com.haulmont.cuba.gui.WindowManager;
import com.haulmont.cuba.security.entity.Role;
import java.util.Set;
public class RoleBrowser extends AbstractWindow
{
public RoleBrowser(IFrame frame) {
super(frame);
}
protected void init() {
final Table table = getComponent("roles");
table.addAction(
new AbstractAction("edit")
{
public String getCaption() {
return "Edit";
}
public boolean isEnabled() {
return true;
}
public void actionPerform(Component component) {
final Set selected = table.getSelected();
if (selected.size() == 1) {
Role user = (Role) selected.iterator().next();
openEditor("sec$Role.edit", user, WindowManager.OpenType.THIS_TAB);
}
}
});
table.addAction(
new AbstractAction("refresh")
{
public String getCaption() {
return "Refresh";
}
public boolean isEnabled() {
return true;
}
public void actionPerform(Component component) {
table.getDatasource().refresh();
}
});
}
}

33
modules/web/src/com/haulmont/cuba/web/app/ui/security/role/browse/role-browse.xml Normal file
View File

@ -0,0 +1,33 @@
<window
class="com.haulmont.cuba.web.app.ui.security.role.browse.RoleBrowser">
<metadataContext>
<view entity="sec$Role" name="role-browse">
<property name="name"/>
</view>
</metadataContext>
<dsContext>
<collectionDatasource
id="roles" class="com.haulmont.cuba.security.entity.Role" view="role-browse">
<query>
select r from sec$Role r
</query>
</collectionDatasource>
</dsContext>
<layout>
<vbox id="table-panel" expand="roles">
<hbox>
<button action="roles.edit"/>
<button action="roles.refresh"/>
</hbox>
<table id="roles" editable="false">
<columns>
<column id="name" caption="Name"/>
</columns>
<rows datasource="roles"/>
</table>
</vbox>
</layout>
</window>

8
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/SecurityUserBrowser.java → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/UserBrowser.java
View File

@ -13,12 +13,11 @@ import com.haulmont.cuba.gui.WindowManager;
import com.haulmont.cuba.gui.components.*; import com.haulmont.cuba.gui.components.*;
import com.haulmont.cuba.security.entity.User; import com.haulmont.cuba.security.entity.User;
import com.haulmont.cuba.web.components.ComponentsHelper; import com.haulmont.cuba.web.components.ComponentsHelper;
import com.haulmont.cuba.web.ui.GenericEditorWindow;
import java.util.Set; import java.util.Set;
public class SecurityUserBrowser extends AbstractLookup { public class UserBrowser extends AbstractLookup {
public SecurityUserBrowser(Window frame) { public UserBrowser(Window frame) {
super(frame); super(frame);
} }
@ -40,8 +39,7 @@ public class SecurityUserBrowser extends AbstractLookup {
if (selected.size() == 1) { if (selected.size() == 1) {
User user = (User) selected.iterator().next(); User user = (User) selected.iterator().next();
// openEditor(GenericEditorWindow.class, user, WindowManager.OpenType.THIS_TAB); // openEditor(GenericEditorWindow.class, user, WindowManager.OpenType.THIS_TAB);
openEditor("/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.xml", openEditor("sec$User.edit", user, WindowManager.OpenType.THIS_TAB);
user, WindowManager.OpenType.THIS_TAB);
} }
} }
}); });

35
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/ds.xml
View File

@ -1,35 +0,0 @@
<context
enableCommit="true"
>
<datasource
id="job"
entityClass=""
entityView=""
query="from History where driver=${driver} and date between ${fromDate} and ${tillDate}"
sqlQuery="from History where driver=${driver} and date between ${fromDate} and ${tillDate}"
queryBean="com.haulmont.cuba.app.history.HistoryService"
queryMethod="loadHistory(${driver}, ${fromDate}, ${tillDate})"
enableCommit="true"
commitBean=""
commitMethod="commit()"
>
<dependents>
<datasource id="contract" dependentBy="">
</datasource>
</dependents>
<nested>
<datasource id="stops" property="stops">
</datasource>
<datasource id="jobActors" property="jobActors">
</datasource>
</nested>
</datasource>
</context>

13
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse.views.xml
View File

@ -1,13 +0,0 @@
<views>
<view entity="sec$User" name="user-browse">
<property name="name"/>
<property name="login"/>
</view>
<view entity="sec$Subject" name="user-browse">
<property name="defaultSubject"/>
<property name="profile" view="user-browse"/>
</view>
<view entity="sec$Profile" name="user-browse">
<property name="name"/>
</view>
</views>

57
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse.xml
View File

@ -1,57 +0,0 @@
<window
class="com.haulmont.cuba.web.app.ui.security.user.browse.SecurityUserBrowser"
lookupComponent="users"
>
<metadataContext>
<deployViews name="/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse.views.xml"/>
</metadataContext>
<dsContext>
<collectionDatasource
id="users"
class="com.haulmont.cuba.security.entity.User"
view="user-browse"
>
<query>
<![CDATA[select u from sec$User u where <#if component$filter.name?has_content>u.name like :component$filter.name<#else>1=1</#if>]]>
</query>
</collectionDatasource>
<collectionDatasource
id="subjects"
class="com.haulmont.cuba.security.entity.Subject"
view="user-browse"
>
<query>select s from sec$Subject s where s.user.id = :ds$users</query>
</collectionDatasource>
</dsContext>
<layout>
<vbox expand="table-panel">
<iframe id="filter" src="/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse-filter.xml"/>
<hbox id="table-panel" expand="table">
<split orientation="horizontal">
<vbox expand="users">
<hbox>
<button action="users.edit"/>
</hbox>
<table id="users" editable="false">
<columns>
<column id="name" caption="Name"/>
</columns>
<rows datasource="users"/>
</table>
</vbox>
<vbox expand="subjects">
<table id="subjects">
<columns>
<column id="defaultSubject" caption="Default"/>
</columns>
<rows datasource="subjects"/>
</table>
</vbox>
</split>
</hbox>
</vbox>
</layout>
</window>

0
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse-filter.xml → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse-filter.xml
View File

7
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse.views.xml Normal file
View File

@ -0,0 +1,7 @@
<views>
<view entity="sec$User" name="user-browse">
<property name="name"/>
<property name="login"/>
<property name="activeDirectoryUser"/>
</view>
</views>

39
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse.xml Normal file
View File

@ -0,0 +1,39 @@
<window
class="com.haulmont.cuba.web.app.ui.security.user.browse.UserBrowser"
lookupComponent="users"
>
<metadataContext>
<deployViews name="/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse.views.xml"/>
</metadataContext>
<dsContext>
<collectionDatasource
id="users"
class="com.haulmont.cuba.security.entity.User"
view="user-browse"
>
<query>
<![CDATA[select u from sec$User u where <#if component$filter.name?has_content>u.name like :component$filter.name<#else>1=1</#if>]]>
</query>
</collectionDatasource>
</dsContext>
<layout>
<vbox expand="table-panel">
<iframe id="filter" src="/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse-filter.xml"/>
<vbox id="table-panel" expand="users">
<hbox>
<button action="users.edit"/>
</hbox>
<table id="users" editable="false">
<columns>
<column id="name" caption="Name"/>
<column id="login" caption="Login"/>
<column id="activeDirectoryUser" caption="ActiveDirectory User"/>
</columns>
<rows datasource="users"/>
</table>
</vbox>
</vbox>
</layout>
</window>

6
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/SecurityUserEditor.java → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/UserEditor.java
View File

@ -15,8 +15,8 @@ import com.haulmont.cuba.security.entity.User;
import java.util.Collection; import java.util.Collection;
public class SecurityUserEditor extends AbstractEditor { public class UserEditor extends AbstractEditor {
public SecurityUserEditor(Window frame) { public UserEditor(Window frame) {
super(frame); super(frame);
} }
@ -32,7 +32,7 @@ public class SecurityUserEditor extends AbstractEditor {
} }
public void actionPerform(Component component) { public void actionPerform(Component component) {
openLookup("/com/haulmont/cuba/web/app/ui/security/user/browse/security-user-browse.xml", new Lookup.Handler() { openLookup("/com/haulmont/cuba/web/app/ui/security/user/browse/user-browse.xml", new Lookup.Handler() {
public void handleLookup(Collection items) { public void handleLookup(Collection items) {
if (items.size() == 1) { if (items.size() == 1) {
final User item = (User) items.iterator().next(); final User item = (User) items.iterator().next();

0
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.properties → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/user-edit.properties
View File

0
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.views.xml → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/user-edit.views.xml
View File

2
modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.xml → modules/web/src/com/haulmont/cuba/web/app/ui/security/user/edit/user-edit.xml
View File

@ -2,7 +2,7 @@
resourceBundle="com.haulmont.cuba.web.app.ui.security.user.edit.security-user-edit" resourceBundle="com.haulmont.cuba.web.app.ui.security.user.edit.security-user-edit"
datasource="user" datasource="user"
caption="Edit User '${parameter$item.name}'" caption="Edit User '${parameter$item.name}'"
class="com.haulmont.cuba.web.app.ui.security.user.edit.SecurityUserEditor" class="com.haulmont.cuba.web.app.ui.security.user.edit.UserEditor"
> >
<metadataContext> <metadataContext>
<deployViews name="/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.views.xml"/> <deployViews name="/com/haulmont/cuba/web/app/ui/security/user/edit/security-user-edit.views.xml"/>

4
modules/web/src/com/haulmont/cuba/web/resource/messages.properties
View File

@ -9,9 +9,9 @@ application.caption=CUBA Application
#welcomeLabel=Hello from Cuba! #welcomeLabel=Hello from Cuba!
navBtn=Navigator navBtn=Navigator
profileBtn=Change profile
logoutBtn=Logout logoutBtn=Logout
loggedInLabel=Logged in as %s (%s) logoLabel=CUBA Application
loggedInLabel=Logged in as %s
viewLogBtn=View Log viewLogBtn=View Log
closeBtn=Close closeBtn=Close