Rework SecuritySystem

[jamoore]

The SecuritySystem can be substantially simplified and have a good deal of its logic hidden now that its API is stabilizing. It has accumulated too many responsibilities (like being the holder for thread context rather than event context). As well, #326 requires serializable, read-only event context state.

Work items:

• Add ome.security.basic package (possibly ome.services.security.basic) DONE
• Move BasicSecuritySystem to *.basic DONE
• Move ThreadLocalEventContext to *.basic or have *.basic.CurrentDetails implement EventContext DONE
• Add all needed methods to EventContext DONE
• Make SimpleEventContext serializable DONE
• Add getEventContext to StatefulServiceInterface OPEN
• Add EventContext.copy() DONE (copy ctor in SimpleEventCtx)
• Add SecuritySystem.getEventContext() DONE
• Add SecuritySystem.getSecurityRoles() (Serializable) DONE
• Add IAdmin.getSecurityRoles() DONE
• Refactor some of EventHandler to SessionHandler OPEN
• Add SecuritySystem.getInternal().getACLEventListener() and co. (remove allow* and throw* from API) or BasicSecuritySystem as FactoryBean DONE (using package privates)
• Remove attempted save from setCurrentDetails and instead pass in the readOnly status DONE

[jmoore]

More work items:

• Update utests.SecuritySystemTest (esp! managedDetails)
• Possible SecuritySystemCallback interface (for event listeners, interceptor, ...)
  ( ? with methods that take this ? )
• rename login to setLogin, setCurrentDetails to load (similar for logout,unload)

[jmoore]

And cleanup items:

• Remove OneTimeTokens (in line with privileged/tainted documentation)

[jmoore]

Also possible to remove lockCandidates from SecuritySystem and instead have the events and the interceptor work together via EventSource.getInterceptor().

[jmoore]

r939 begins this process.

• Makes EventLog and EventDiff global (system) types (meta.ome.xml)
• Removes Permissions and filters from global (system) types (mapping.vm)
• Removes Permissions from data.vm and common/build.xml
• Fixes null pointers (due to null details due to null permissions) where needed
• Switched to StatelessSession for saving EventLogs (EventHandler)
• Refactored (simpliciation and fixed EventLogs) CurrentDetails
• Minor Locking fixes -- no locking system types (since no permissions)
• Minor Details fixes -- nulls are always replaced
• Minor TypesImpl fix -- for creating enumerations. (Needs work)

The access to the EventLogs via SecuritySystem will need to be removed with the final reworking.

[jmoore]

r951 Adds ome.system.Roles for defining the privileged accounts.

[jmoore]

r952 satisfies most of the reworking requirements. Most importantly, the SecuritySystem interface has now lost many of its methods (a good thing). In addition to the main description changes (marked "DONE"), also:

• From comments:
  • removes OneTimeTokens
  • removes non-package access to EventLogs
• Misc.
  • Removes spurious Event saves. (there were at least 3!)
  • Refactors to HibernateUtils (renamed from Reloader)
  • Moves the newly (r939) refactored CurrentDetails.data to BasicEventContext
  • CurrentDetails no longer static
  • Removed EventLogHolder (possibly HUGE memory leak)
  • Fixes all test compilation issues

Remaining are:

• remove and rename a few last methods in SecuritySystem
• possibly remove the new ACLVoter, moving logic to ACLEventListener
• addition to StatefulServiceInterface
• EventHandler/SessionHandler refactoring
• handling setEventContext() rather than lookup for stateful services (#326)
• the proper handling of EventContext copying
• documentation

[jmoore]

r957 adds IAdmin.getEventContext by adding a copy constructor to SimpleEventContext. EventContext.copy is no longer needed.

[jmoore]

r957 also fixes the spelling of isReadyOnly. Heh.

[jmoore]

r958 removes ThreadLocalEventContext (fixes build)

[jmoore]

r992 removes and renames last of SecuritySystem interface methods

[jmoore]

Pushing to milestone:3.0-M4 for the last few event context changes.

[jmoore]

This seems to be largely done (esp. w/ the work on #1434) and otherwise too vague.