Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
-
|
|
|
1 | 1 | begin; |
2 | 2 | set constraints all deferred; |
3 | 3 | |
4 | | insert into experimenter (id,version,omename,firstname,lastname) |
5 | | values (0,0,'root','root','root'); |
6 | | insert into event (id,time,status,experimenter) values (0,now(),'BOOTSTRAP',0); |
| 4 | insert into experimenter (id,permissions,version,omename,firstname,lastname) |
| 5 | values (0,0,0,'root','root','root'); |
| 6 | insert into event (id,permissions,time,status,experimenter) values (0,0,now(),'BOOTSTRAP',0); |
7 | 7 | insert into experimentergroup (id,permissions,version,owner_id,group_id,creation_id,update_id,name) |
8 | 8 | values (0,-35,0,0,0,0,0,'system'); |
9 | 9 | insert into experimentergroup (id,permissions,version,owner_id,group_id,creation_id,update_id,name) |
-
|
|
|
10 | 10 | <!DOCTYPE hibernate-mapping PUBLIC |
11 | 11 | "-//Hibernate/Hibernate Mapping DTD 3.0//EN" |
12 | 12 | "http://hibernate.sourceforge.net/hibernate-mapping-3.0.dtd" > |
13 | | |
| 13 | |
14 | 14 | <hibernate-mapping> |
15 | 15 | #if($type.superclass)<joined-subclass |
16 | 16 | #else<class |
17 | 17 | #end |
18 | | name="${type.id}" |
| 18 | name="${type.id}" |
19 | 19 | table="${type.table}" |
20 | 20 | abstract="$type.abstract" |
21 | 21 | select-before-update="true" |
… |
… |
|
32 | 32 | public final static String OWNER_FILTER = "${ofilter}"; |
33 | 33 | public final static String GROUP_FILTER = "${gfilter}"; |
34 | 34 | public final static String EVENT_FILTER = "${efilter}"; |
35 | | public final static String PERMS_FILTER = "${pfilter}"; |
| 35 | public final static String PERMS_FILTER = "${pfilter}"; |
36 | 36 | #foreach( $prop in $type.properties) |
37 | 37 | #if($prop.one2Many) |
38 | 38 | #set( $UC_NAME = "${prop.name.toUpperCase()}") |
… |
… |
|
44 | 44 | #end |
45 | 45 | </meta> |
46 | 46 | #end |
47 | | <meta attribute="class-code"> |
| 47 | <meta attribute="class-code"> |
48 | 48 | /* These values are defined in dsl/resources/ome/dsl/mapping.vm: |
49 | 49 | * ------------------------------------------------------------- |
50 | 50 | * Explanation of serialVersionUID ex 0000000 03 00 00 01 03 01 L; |
… |
… |
|
55 | 55 | * 14-15 : release type (M) |
56 | 56 | * 16-17 : release number (2) |
57 | 57 | * 18-19 : increment per delta // any changes to the dsl or mapping files |
58 | | */ |
59 | | private static final long serialVersionUID = 0000000030000010301L; |
| 58 | */ |
| 59 | private static final long serialVersionUID = 0000000030000010301L; |
60 | 60 | </meta> |
61 | 61 | ## |
62 | 62 | ## INTERFACES: |
… |
… |
|
72 | 72 | #set( $name_idx = ${type.id.lastIndexOf(".")} ) |
73 | 73 | #set( $name_idx = ${name_idx} + 1 ) |
74 | 74 | #set( $name_max = ${type.id.length()} ) |
75 | | #set( $name_end = ${type.id.substring($name_idx,$name_max)} ) |
| 75 | #set( $name_end = ${type.id.substring($name_idx,$name_max)} ) |
76 | 76 | public $name_end (String value) { |
77 | 77 | setValue(value); |
78 | 78 | } |
… |
… |
|
85 | 85 | #foreach( $prop in $type.properties) |
86 | 86 | #if($prop.class.name == "ome.dsl.LinkParent") |
87 | 87 | <meta attribute="link-parent">$prop.type</meta> |
88 | | #elseif($prop.class.name == "ome.dsl.LinkChild") |
89 | | <meta attribute="link-child">$prop.type</meta> |
| 88 | #elseif($prop.class.name == "ome.dsl.LinkChild") |
| 89 | <meta attribute="link-child">$prop.type</meta> |
90 | 90 | #end |
91 | 91 | #end |
92 | 92 | #end |
… |
… |
|
95 | 95 | COMMON |
96 | 96 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> |
97 | 97 | #####################################################################INHERITANCE |
98 | | #if(!$type.superclass) |
| 98 | #if(!$type.superclass) |
99 | 99 | <id name="id" type="java.lang.Long" column="id"> |
100 | | <meta attribute="setter-scope">protected</meta> |
| 100 | <meta attribute="setter-scope">protected</meta> |
101 | 101 | <meta attribute="field-description"> |
102 | 102 | The DB unique identifier for this object. You are not responsible for |
103 | | setting the id; however, it can be useful for creating "unloaded" |
104 | | versions of your objects. |
| 103 | setting the id; however, it can be useful for creating "unloaded" |
| 104 | versions of your objects. |
105 | 105 | </meta> |
106 | 106 | <generator class="sequence"> |
107 | 107 | <param name="sequence">seq_${type.table}</param> |
… |
… |
|
110 | 110 | |
111 | 111 | #* |
112 | 112 | #if(!$type.immutable) |
113 | | <version name="version" type="java.lang.Integer" |
| 113 | <version name="version" type="java.lang.Integer" |
114 | 114 | column="version" unsaved-value="negative"> |
115 | 115 | <meta attribute="setter-scope">protected</meta> |
116 | 116 | <meta attribute="field-description"> |
117 | 117 | This version number is controlled by the database for optimisitic |
118 | 118 | locking. |
119 | 119 | </meta> |
120 | | </version> |
| 120 | </version> |
121 | 121 | #end |
122 | 122 | *# |
123 | 123 | |
124 | 124 | <component name="details" class="ome.model.internal.Details"> |
125 | 125 | <meta attribute="field-description"> |
126 | | The details of this object correspond to low-level system |
127 | | information. Owner, permissions, |
128 | | </meta> |
| 126 | The details of this object correspond to low-level system |
| 127 | information. Owner, permissions, |
| 128 | </meta> |
129 | 129 | <meta attribute="default-value">new Details()</meta> |
130 | | #if(!$type.global) |
131 | | <many-to-one name="owner" class="ome.model.meta.Experimenter" |
| 130 | #if(!$type.global) |
| 131 | <many-to-one name="owner" class="ome.model.meta.Experimenter" |
132 | 132 | column="owner_id" not-null="true" cascade="$cascade_settings"/> |
133 | | <many-to-one name="group" class="ome.model.meta.ExperimenterGroup" |
| 133 | <many-to-one name="group" class="ome.model.meta.ExperimenterGroup" |
134 | 134 | column="group_id" not-null="true" cascade="$cascade_settings"/> |
135 | 135 | <!-- creationEvent is not updateable --> |
136 | | <many-to-one name="creationEvent" class="ome.model.meta.Event" |
| 136 | <many-to-one name="creationEvent" class="ome.model.meta.Event" |
137 | 137 | column="creation_id" update="false" |
138 | | not-null="true" cascade="$cascade_settings"/> |
| 138 | not-null="true" cascade="$cascade_settings"/> |
139 | 139 | #if(!$type.immutable) |
140 | | <many-to-one name="updateEvent" class="ome.model.meta.Event" |
| 140 | <many-to-one name="updateEvent" class="ome.model.meta.Event" |
141 | 141 | column="update_id" update="true" |
142 | | not-null="true" cascade="$cascade_settings"/> |
| 142 | not-null="true" cascade="$cascade_settings"/> |
143 | 143 | #end |
| 144 | #end |
144 | 145 | <component name="permissions" class="ome.model.internal.Permissions"> |
145 | 146 | <!-- meta is ignored. We control Details --> |
146 | 147 | <meta attribute="default-value">new Permissions(Permissions.DEFAULT)</meta> |
147 | | <property name="perm1" not-null="true" |
148 | | type="long" column="permissions"/> |
| 148 | <property name="perm1" not-null="true" |
| 149 | type="long" column="permissions"/> |
149 | 150 | <!-- TODO possibly just default CHMOD here --> |
150 | 151 | </component> |
151 | | #end |
152 | 152 | <!-- Even global objects can have external info --> |
153 | 153 | <many-to-one name="externalInfo" class="ome.model.meta.ExternalInfo" |
154 | 154 | column="external_id" not-null="false" unique="true" |
155 | 155 | cascade="$cascade_settings,delete"/> |
156 | 156 | </component> |
157 | | |
| 157 | |
158 | 158 | #else ###############################################################INHERITANCE |
159 | 159 | #set($superId = ${type.typeToColumn($type.superclass)} ) |
160 | 160 | <key column="${superId}_id"/> |
161 | | #end |
| 161 | #end |
162 | 162 | #####################################################################INHERITANCE |
163 | 163 | <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
164 | 164 | INTERFACE-BASED |
… |
… |
|
173 | 173 | #end |
174 | 174 | |
175 | 175 | #if($type.named) |
176 | | <property name="name" type="java.lang.String" |
| 176 | <property name="name" type="java.lang.String" |
177 | 177 | column="name" not-null="true" length="256"/> |
178 | 178 | #end |
179 | 179 | |
180 | 180 | #if($type.described) |
181 | | <property name="description" type="text" |
| 181 | <property name="description" type="text" |
182 | 182 | column="description" length="256"/> |
183 | 183 | #end |
184 | | |
| 184 | |
185 | 185 | <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
186 | 186 | SPECIFIC |
187 | 187 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> |
… |
… |
|
191 | 191 | #if($prop.class.name == "ome.dsl.EntryField") #############################TYPE |
192 | 192 | ## This is handled by ome/dsl/data.vm |
193 | 193 | ###########################################################################TYPE |
194 | | #elseif($prop.one2Many && $prop.tag) |
| 194 | #elseif($prop.one2Many && $prop.tag) |
195 | 195 | |
196 | 196 | <one-to-one |
197 | 197 | name="${prop.name}" |
… |
… |
|
201 | 201 | lazy="false" |
202 | 202 | > |
203 | 203 | <meta attribute="scope-set">protected</meta> |
204 | | <formula>'true'</formula> |
| 204 | <formula>'true'</formula> |
205 | 205 | <formula>id</formula> |
206 | 206 | </one-to-one> |
207 | 207 | |
… |
… |
|
234 | 234 | inverse="true" |
235 | 235 | #if($prop.class.name == "ome.dsl.ChildLink" ) |
236 | 236 | cascade="all-delete-orphan"> |
237 | | <meta attribute="link-add-method">${prop.target}</meta> |
238 | | <meta attribute="link-add-order">this,addition</meta> |
| 237 | <meta attribute="link-add-method">${prop.target}</meta> |
| 238 | <meta attribute="link-add-order">this,addition</meta> |
239 | 239 | <meta attribute="link-add-next">parent</meta> |
240 | | <meta attribute="link-add-other">child</meta> |
241 | | #elseif($prop.class.name == "ome.dsl.ParentLink") |
| 240 | <meta attribute="link-add-other">child</meta> |
| 241 | #elseif($prop.class.name == "ome.dsl.ParentLink") |
242 | 242 | cascade="all-delete-orphan"> |
243 | | <meta attribute="link-add-method">${prop.target}</meta> |
| 243 | <meta attribute="link-add-method">${prop.target}</meta> |
244 | 244 | <meta attribute="link-add-order">addition,this</meta> |
245 | | <meta attribute="link-add-next">child</meta> |
246 | | <meta attribute="link-add-other">parent</meta> |
| 245 | <meta attribute="link-add-next">child</meta> |
| 246 | <meta attribute="link-add-other">parent</meta> |
247 | 247 | #else |
248 | 248 | cascade="$cascade_settings"> |
249 | | <meta attribute="set-add-method">${prop.inverse}</meta> |
| 249 | <meta attribute="set-add-method">${prop.inverse}</meta> |
250 | 250 | #end |
251 | 251 | <key column="${prop.foreignKey}" not-null="${prop.required}"/> |
252 | 252 | <one-to-many class="${prop.type}"/> |
… |
… |
|
258 | 258 | <filter name="${pfilter}_${UC_NAME}" condition=":permsStr = permissions"/> |
259 | 259 | #end |
260 | 260 | </set> |
261 | | |
| 261 | |
262 | 262 | #end ## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ORDERED |
263 | 263 | #elseif($prop.foreignKey) ## REGULAR M-1 ##################################TYPE |
264 | 264 | |
… |
… |
|
266 | 266 | #if($prop.tag) |
267 | 267 | <properties name="${prop.tag}Tag"> |
268 | 268 | <property name="${prop.tag}" type="java.lang.Boolean"/> |
269 | | #end |
| 269 | #end |
270 | 270 | <many-to-one |
271 | 271 | name="${prop.name}" |
272 | 272 | class="${prop.type}" |
… |
… |
|
275 | 275 | unique="${prop.unique}" |
276 | 276 | cascade="$cascade_settings" |
277 | 277 | insert="${prop.insert}" |
278 | | update="${prop.update}" |
| 278 | update="${prop.update}" |
279 | 279 | > |
280 | 280 | |
281 | | #if($prop.class.name == "ome.dsl.LinkParent" || $prop.class.name == "ome.dsl.LinkChild") |
| 281 | #if($prop.class.name == "ome.dsl.LinkParent" || $prop.class.name == "ome.dsl.LinkChild") |
282 | 282 | <meta attribute="property-type">IObject</meta> |
283 | 283 | #elseif($prop.inverse && $prop.tag) |
284 | 284 | <meta attribute="WORKAROUND">${prop.inverse}</meta> |
… |
… |
|
292 | 292 | |
293 | 293 | #else ## REGULAR PROPERTY #################################################TYPE |
294 | 294 | |
295 | | <property name="${prop.name}" type="${prop.type}" |
296 | | not-null="${prop.required}" unique="${prop.unique}" |
| 295 | <property name="${prop.name}" type="${prop.type}" |
| 296 | not-null="${prop.required}" unique="${prop.unique}" |
297 | 297 | update="${prop.update}" |
298 | 298 | /> |
299 | 299 | |
… |
… |
|
316 | 316 | <filter-def name="${ofilter}"> |
317 | 317 | <filter-param type="java.lang.Long" name="ownerId"/> |
318 | 318 | </filter-def> |
319 | | |
| 319 | |
320 | 320 | <filter-def name="${gfilter}"> |
321 | 321 | <filter-param type="java.lang.Long" name="groupId"/> |
322 | 322 | </filter-def> |
323 | | |
| 323 | |
324 | 324 | <filter-def name="${efilter}"> |
325 | | <filter-param type="java.lang.Long" name="eventId"/> |
| 325 | <filter-param type="java.lang.Long" name="eventId"/> |
326 | 326 | </filter-def> |
327 | | |
| 327 | |
328 | 328 | <filter-def name="${pfilter}"> |
329 | 329 | <filter-param type="java.lang.String" name="permsStr"/> |
330 | 330 | </filter-def> |
331 | | |
| 331 | |
332 | 332 | #foreach( $prop in $type.properties ) |
333 | 333 | #if($prop.one2Many) |
334 | 334 | #set( $UC_NAME = "${prop.name.toUpperCase()}") |
335 | 335 | <filter-def name="${ofilter}_${UC_NAME}"> |
336 | 336 | <filter-param type="java.lang.Long" name="ownerId"/> |
337 | 337 | </filter-def> |
338 | | |
| 338 | |
339 | 339 | <filter-def name="${gfilter}_${UC_NAME}"> |
340 | 340 | <filter-param type="java.lang.Long" name="groupId"/> |
341 | 341 | </filter-def> |
342 | | |
| 342 | |
343 | 343 | <filter-def name="${efilter}_${UC_NAME}"> |
344 | | <filter-param type="java.lang.Long" name="eventId"/> |
| 344 | <filter-param type="java.lang.Long" name="eventId"/> |
345 | 345 | </filter-def> |
346 | | |
| 346 | |
347 | 347 | <filter-def name="${pfilter}_${UC_NAME}"> |
348 | 348 | <filter-param type="java.lang.String" name="permsStr"/> |
349 | 349 | </filter-def> |
-
|
|
|
58 | 58 | private transient BeanHelper beanHelper = new BeanHelper(this.getClass()); |
59 | 59 | |
60 | 60 | /** Interceptors that are determinined at compile time by server/build.xml |
61 | | * The REPLACE token will be replaced with a (possibly) empty comma- |
| 61 | * The string "ome.security.basic.BasicSecurityWiring" may be replaced by a |
62 | 62 | * comma separated list of strings representing the class names of |
63 | 63 | * HardWiredInterceptor subclasses which are prepended to the list of |
64 | 64 | * interceptors for each call. Note: these interceptors will NOT be applied |
65 | 65 | * to server internal calls. |
66 | 66 | */ |
67 | 67 | private final static List<HardWiredInterceptor> CPTORS = HardWiredInterceptor |
68 | | .parse(new String[] { /* @REPLACE@ */}); |
| 68 | .parse(new String[] { "ome.security.basic.BasicSecurityWiring"}); |
69 | 69 | |
70 | 70 | private transient Log logger = LogFactory.getLog(this.getClass()); |
71 | 71 | |
… |
… |
|
114 | 114 | protected final Object loginAndSpringWrap(InvocationContext context) |
115 | 115 | throws Exception { |
116 | 116 | try { |
117 | | login(); |
118 | 117 | return call(context); |
119 | 118 | } catch (Throwable t) { |
120 | 119 | throw beanHelper.translateException(t); |
121 | | } finally { |
122 | | logout(); |
123 | 120 | } |
124 | 121 | |
125 | 122 | } |
126 | 123 | |
127 | | private void login() { |
128 | | Principal p; |
129 | | if (sessionContext.getCallerPrincipal() instanceof Principal) { |
130 | | p = (Principal) sessionContext.getCallerPrincipal(); |
131 | | securitySystem.login(p); |
132 | | if (logger.isDebugEnabled()) { |
133 | | logger.debug("Running with user: " + p.getName()); |
134 | | } |
135 | | } else { |
136 | | throw new ApiUsageException( |
137 | | "ome.system.Principal instance must be provided on login."); |
138 | | } |
139 | | |
140 | | } |
141 | | |
142 | | private void logout() { |
143 | | securitySystem.logout(); |
144 | | } |
145 | | |
146 | 124 | private Object call(InvocationContext context) throws Throwable { |
147 | 125 | |
148 | 126 | Object bean = context.getBean(); |
-
|
|
|
8 | 8 | package ome.security; |
9 | 9 | |
10 | 10 | // Java imports |
| 11 | import java.security.Principal; |
| 12 | |
11 | 13 | import javax.security.auth.login.LoginException; |
12 | 14 | |
13 | 15 | // Third-party libraries |
… |
… |
|
18 | 20 | /** |
19 | 21 | * configured in jboss-login.xml to add logic to the JBoss authentication |
20 | 22 | * procedure. |
21 | | * |
| 23 | * |
22 | 24 | * Specifically, we override {@link #validatePassword(String, String)} here in |
23 | 25 | * order to interpret empty string passwords as "open", i.e. any password will |
24 | 26 | * be accepted. This eases entry into the system in that passwords can be |
25 | 27 | * initially ignored. |
26 | | * |
| 28 | * |
27 | 29 | * @author Josh Moore <a |
28 | 30 | * href="mailto:josh.moore@gmx.de">josh.moore@gmx.de</a> |
29 | 31 | * @version 1.0 <small> (<b>Internal version:</b> $Rev$ $Date$) </small> |
… |
… |
|
56 | 58 | : expectedPassword.trim()); |
57 | 59 | } |
58 | 60 | |
| 61 | @Override |
| 62 | public boolean login() throws LoginException { |
| 63 | // TODO Auto-generated method stub |
| 64 | boolean b = super.login(); |
| 65 | if (!b) { |
| 66 | Object username = sharedState.get("javax.security.auth.login.name"); |
| 67 | Object password = sharedState.get("javax.security.auth.login.password"); |
| 68 | System.err.println("Login failed:"+username+"//"+password); |
| 69 | } |
| 70 | return b; |
| 71 | } |
| 72 | |
59 | 73 | } |
-
|
|
|
39 | 39 | * user must be set (the creation of a new user is only allowed if the current |
40 | 40 | * user is set to root; root always exists. QED.) The event must also be set. |
41 | 41 | * Umask is optional. |
42 | | * |
| 42 | * |
43 | 43 | * This information is stored in a Details object, but unlike Details which |
44 | 44 | * assumes that an empty value signifies increased security levels, empty values |
45 | 45 | * here signifiy reduced security levels. E.g., |
46 | | * |
| 46 | * |
47 | 47 | * Details: user == null ==> object belongs to root CurrentDetails: user == null |
48 | 48 | * ==> current user is "nobody" (anonymous) |
49 | | * |
| 49 | * |
50 | 50 | */ |
51 | 51 | class CurrentDetails { |
52 | 52 | private static Log log = LogFactory.getLog(CurrentDetails.class); |
… |
… |
|
106 | 106 | l.setEntityType(klass.getName()); // TODO could be id to Type entity |
107 | 107 | l.setEntityId(id); |
108 | 108 | l.setEvent(getCreationEvent()); |
| 109 | Details d = new Details(); |
| 110 | d.setPermissions(new Permissions()); |
| 111 | l.setDetails(d); |
109 | 112 | list.add(l); |
110 | 113 | } |
111 | 114 | |
-
|
|
|
1 | 1 | /* |
2 | 2 | * $Id$ |
3 | 3 | * |
4 | | * Copyright 2006 University of Dundee. All rights reserved. |
| 4 | * Copyright 2007 Glencoe Software, Inc. All rights reserved. |
5 | 5 | * Use is subject to license terms supplied in LICENSE.txt |
6 | 6 | */ |
7 | 7 | |
8 | | package ome.services.icy.fire; |
| 8 | package ome.security.basic; |
9 | 9 | |
10 | 10 | import ome.conditions.ApiUsageException; |
11 | 11 | import ome.logic.HardWiredInterceptor; |
… |
… |
|
60 | 60 | securitySystem.logout(); |
61 | 61 | } |
62 | 62 | |
63 | | } |
64 | | No newline at end of file |
| 63 | } |
Download in other formats:
1.3.13-PRO © 2008-2011
Agilo Software all
rights reserved
(this page was served in: 0.23140 sec.)