User Story #328 (new)
Opened 18 years ago
Last modified 14 years ago
Rework SecuritySystem — at Version 5
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | 3.0-M3 |
Component: | Security | Keywords: | iteration5 |
Cc: | Story Points: | n.a. | |
Sprint: | n.a. | Importance: | n.a. |
Total Remaining Time: | n.a. | Estimated Remaining Time: | n.a. |
Description (last modified by jmoore)
The SecuritySystem can be substantially simplified and have a good deal of its logic hidden now that its API is stabilizing. It has accumulated too many responsibilities (like being the holder for thread context rather than event context). As well, #326 requires serializable, read-only event context state.
Work items:
- Add ome.security.basic package (possibly ome.services.security.basic)
- Move BasicSecuritySystem to *.basic
- Move ThreadLocalEventContext to *.basic or have *.basic.CurrentDetails implement EventContext
- Add all needed methods to EventContext
- Make SimpleEventContext serializable
- Add getEventContext to StatefulServiceInterface
- Add EventContext.copy()
- Add SecuritySystem.getEventContext()
- Add SecuritySystem.getSecurityRoles() (Serializable)
- Add IAdmin.getSecurityRoles()
- Refactor some of EventHandler to SessionHandler
- Add SecuritySystem.getInternal().getACLEventListener() and co. (remove allow* and throw* from API) or BasicSecuritySystem as FactoryBean
- Remove attempted save from setCurrentDetails and instead pass in the readOnly status
Change History (5)
comment:1 Changed 18 years ago by jmoore
comment:2 Changed 18 years ago by jmoore
And cleanup items:
- Remove OneTimeTokens (in line with privileged/tainted documentation)
comment:3 Changed 18 years ago by jmoore
Also possible to remove lockCandidates from SecuritySystem and instead have the events and the interceptor work together via EventSource.getInterceptor().
comment:4 Changed 18 years ago by jmoore
r939 begins this process.
- Makes EventLog and EventDiff global (system) types (meta.ome.xml)
- Removes Permissions and filters from global (system) types (mapping.vm)
- Removes Permissions from data.vm and common/build.xml
- Fixes null pointers (due to null details due to null permissions) where needed
- Switched to StatelessSession for saving EventLogs (EventHandler)
- Refactored (simpliciation and fixed EventLogs) CurrentDetails
- Minor Locking fixes -- no locking system types (since no permissions)
- Minor Details fixes -- nulls are always replaced
- Minor TypesImpl fix -- for creating enumerations. (Needs work)
The access to the EventLogs via SecuritySystem will need to be removed with the final reworking.
comment:5 Changed 18 years ago by jmoore
- Description modified (diff)
More work items:
( ? with methods that take this ? )