Robert von Burg
471cc1f37f
[New] added getter for EncryptionHandler and return SystemUserAction
2015-10-08 12:26:31 +02:00
Robert von Burg
bf15669ef2
[New] Added new Privileges for enforcing same organisation access
2015-09-01 19:20:22 +02:00
Robert von Burg
65992ce0eb
[Minor] changed logger for logged in system user
2015-08-11 13:44:56 +02:00
Robert von Burg
21d640e081
[Minor] fixed broken test
...
- the test has changed because default encoding is now UTF-8 instead of
utf-8
2015-07-09 19:31:46 +02:00
Robert von Burg
d9dc5261e7
[Minor] fixed broken test
...
- the test has changed because default encoding is now UTF-8 instead of
utf-8
2015-07-09 19:29:45 +02:00
Robert von Burg
0c7315b713
[Major] SystemUserAction is now a normal privilege
...
which is added as follows:
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction"
policy="DefaultPrivilege">
<Allow>ch.eitchnet.privilege.test.model.TestSystemUserAction</Allow>
<Deny>ch.eitchnet.privilege.test.model.TestSystemUserActionDeny</Deny>
</Privilege>
2015-06-03 23:25:30 +02:00
Robert von Burg
4c6434f475
[Major] Setting user password, locale and state are now separate privs
2015-04-05 00:13:16 +02:00
Robert von Burg
2607bbef3f
[Bugfix] fixed bug where stream was not configured correctly
2015-03-18 20:40:10 +01:00
Robert von Burg
3f7636428d
[Minor] added JavaDoc to new policies
2015-03-18 20:11:45 +01:00
Robert von Burg
2076675ca5
[Minor] fixed broken tests
2015-03-17 21:47:22 +01:00
Robert von Burg
e076ced839
[New] Added UsernameFromCertificatePrivilege policy
2015-03-15 11:03:37 +01:00
Robert von Burg
6ccb4425cc
[New] changed session ID to be a UUID
2015-03-15 11:03:23 +01:00
Robert von Burg
c2f4d7468b
[Major] changed Certificate to use Date and not long
2015-03-14 21:22:20 +01:00
Robert von Burg
9870513beb
[New] Added new param "privilegeConflictResolution"
...
- privilegeConflictResolution is used to configure how conflicts of
privileges on multiple roles are handled.
- Implemented is STRICT where if a privilege with the same name exists
on a role used by the same user occurs, then an exception is thrown.
- Next is MERGE where if a conflict occurs, then the privileges are
merged: allAllowed overrides, allow and deny list are merged
2015-03-14 00:18:59 +01:00
Robert von Burg
7ff8ba6779
[Bugfix] Fixed bad parsing of Allow on multiple privileges per Role
2015-03-12 18:31:14 +01:00
Robert von Burg
fa40671b8c
[Major] removed the need for a role PrivilegeAdmin - now use privileges
...
- this solves the situation where a user might be allowed to add a user
with a specific role, but not change a role and other such use cases
Now there are privileges for every use case with two new
PrivilegePolicies:
- RoleAccessPrivilege
- UserAccessPrivilege
both of these policies expect a ch.eitchnet.utils.collections.Tuple as
privilege value. The Tuple is a simple wrapper for two values: first and
second. Each privilege has its own requirement on the actual values
Special privilege actions:
- PrivilegeAction -> privilege vlaue: String
- Persist (required Allow)
- Reload (required Allow)
- GetPolicies (required Allow)
Role specific privileges:
- PrivilegeGetRole -> privilege value: Tuple(null, newRole)
- PrivilegeAddRole -> privilege value: Tuple(null, newRole)
- PrivilegeRemoveRole -> privilege value: Tuple(null, newRole)
- PrivilegeModifyRole -> privilege value: Tuple(oldRole, newRole)
Use specific privileges:
- PrivilegeGetUser -> privilege value: Tuple(null, newUser)
- PrivilegeAddUser -> privilege value: Tuple(null, newUser)
- PrivilegeRemoveUser -> privilege value: Tuple(null, newUser)
- PrivilegeModifyUser -> privilege value: Tuple(oldUser, newUser)
- NOTE: without modifying roles, only fields and properties!
- PrivilegeAddRoleToUser -> privilege value: Tuple(oldUser, roleName)
- PrivilegeRemoveRoleFromUser -> privilege value: Tuple(oldUser,
roleName)
2015-03-12 17:32:06 +01:00
Robert von Burg
a3d76d4cd8
[Major] allow user to change their own locale incl. auto persist
2015-03-08 21:44:21 +01:00
Robert von Burg
5ef43eaebe
[Major] All methods in PrivilegeHandler now return a value after op
...
- also fixed JAXB (un)marshalling of list values on UserRep and RoleRep
2015-03-08 20:51:10 +01:00
Robert von Burg
eeb3356372
[Minor] fixed broken test
2015-03-08 13:39:27 +01:00
Robert von Burg
5940a345d4
[Major] refactoring Privilege
...
- All reps are now JAXB enabled
- replaced addOrReplace with add and repalace methods
- added some more tests
2015-03-08 13:38:15 +01:00
Robert von Burg
83740b59e2
[Minor] ch.eitchnet.utils version is a propery for easier versioning
2015-03-05 22:42:17 +01:00
Reto Breitenmoser
b5fac57dd8
[Minor] updated version to 1.1.0-SNAPSHOT
2015-03-02 19:46:13 +01:00
Reto Breitenmoser
5b462c6140
[Minor] updated version to 1.0.0 from utils
2015-03-02 19:34:55 +01:00
Robert von Burg
a28dec47fd
[Project] Bumped version to 1.1.0-SNAPSHOT
2015-03-02 13:43:06 +01:00
Robert von Burg
811423eee6
[Bugfix] fixed not adding firstname and last name to sys user cert
2015-02-09 00:35:01 +01:00
Robert von Burg
87239afa2a
[New] added certificate.getUserRoles()
2014-12-31 16:38:00 +01:00
Robert von Burg
67271d611e
[New] Added Certificate.getLastAccess() and
...
PrivilegeHandler.checkPassword()
2014-09-27 12:23:38 +02:00
Robert von Burg
aa16887d67
[New] Added new Certificate.getProperty()-method
2014-09-26 18:23:23 +02:00
Robert von Burg
c8816472fc
[Project] clean up
2014-09-20 00:35:00 +02:00
Robert von Burg
a70b430986
[Minor] set parent version to 1.0.0-SNAPSHOT
2014-09-19 21:12:03 +02:00
Robert von Burg
e3dab98b3f
[Minor] code cleanup
2014-09-14 12:19:34 +02:00
Robert von Burg
901c2c86f2
[New] added PrivilegeContext.getFlatAllowList()
...
This allows to query all the allows which can be used to define which
UIs and buttons to show on a client
2014-09-08 13:35:02 +02:00
Robert von Burg
dd9824f130
[Project] set version to 1.0.0-SNAPSHOT
2014-08-24 18:17:35 +02:00
Robert von Burg
7e4adffb4c
[Project] set version to 1.0.0-SNAPSHOT
2014-08-24 17:21:29 +02:00
Robert von Burg
bb949f38af
[Minor] Added check for user's referencing inexistant oles
2014-08-22 22:28:33 +02:00
Robert von Burg
d2faed1d2e
[Major] added firstname and lastname to certificate
...
Also renamed model attribute from surname to lastname
2014-08-22 20:36:18 +02:00
Robert von Burg
b47d3e3dcd
[Minor] firstname and lastname are not required for SYSTEM users
2014-08-22 18:54:10 +02:00
Robert von Burg
828d725a69
[Project] using parent version 1.1.0-SNAPSHOT
2014-08-14 16:22:15 +02:00
Robert von Burg
32c2c43fbd
[New] added Certificate.sessionDataMap for mutable session information
2014-08-04 00:44:09 +02:00
Robert von Burg
2e1412de93
[Major] Removed the use of a ThreadLocal for the PrivilegeContext
...
ThreadLocals are bad idea when ClassLoaders come into play, so removing
the need makes Privilege better usable in different contexts.
2014-04-15 19:18:11 +02:00
Robert von Burg
77f631a2dc
[Project] fixed urls of projects
2014-03-14 14:36:07 +01:00
Robert von Burg
58b742d5d9
[Minor] using Deque instead of Stack
2014-02-01 13:47:04 +01:00
Robert von Burg
5e6423c443
[Bugfix] fixed NPE when Certificate is created with null properties
2014-01-28 22:19:15 +01:00
Robert von Burg
4627f59a80
[Minor] properties are read-only on Certificate
2014-01-28 22:07:04 +01:00
Robert von Burg
1f28237091
[Project] added Jenkins build badge to README.md
2014-01-23 22:59:42 +01:00
Robert von Burg
11f53cb272
[Minor] removed the use of the authPass in the certificate
2013-12-29 23:12:37 +01:00
Robert von Burg
bab1e4b119
[Bugfix] fixed a bug where the role were not properly read from XML
...
Added tests for reading the model from XML
2013-12-28 12:16:48 +01:00
Robert von Burg
5d59a52eeb
[Minor] Throwing explicit exception system user tries to login
...
Further enforcing that a system user may not have a password
2013-12-28 10:55:58 +01:00
Robert von Burg
3727d3545f
[Minor] cleaned up all compiler warnings
2013-12-25 14:37:22 +01:00
Robert von Burg
15a245d94e
[Minor] added new initialization to PrivilegeInitializationHelper
...
Configuration can now be parsed and then passed to an initialization
method
2013-12-25 13:10:58 +01:00