SEC-51 and SEC-67 related changes. Tested all functions of "filters" version in web browser OK.

2005-11-04 04:15:57 +00:00 · 2005-11-04 04:15:57 +00:00 · 2d74db9a0c
parent 9be82a3d8f
commit 2d74db9a0c
12 changed files with 64 additions and 54 deletions
--- a/samples/contacts-tiger/src/main/java/sample/contact/annotation/ContactManagerBackend.java
+++ b/samples/contacts-tiger/src/main/java/sample/contact/annotation/ContactManagerBackend.java
@ -87,7 +87,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport
    @Secured ({"ROLE_USER","AFTER_ACL_READ"})
    @Transactional(readOnly=true)
-    public Contact getById(Integer id) {
+    public Contact getById(Long id) {
        if (logger.isDebugEnabled()) {
            logger.debug("Returning contact with id: " + id);
        }
@ -143,7 +143,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport
    @Secured ({"ROLE_USER"})
    public void create(Contact contact) {
        // Create the Contact itself
-        contact.setId(new Integer(counter++));
+        contact.setId(new Long(counter++));
        contactDao.create(contact);
        // Grant the current principal access to the contact 
--- a/samples/contacts/src/main/java/sample/contact/AddPermissionController.java
+++ b/samples/contacts/src/main/java/sample/contact/AddPermissionController.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -21,13 +21,14 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
 import org.springframework.validation.BindException;
 import org.springframework.web.bind.RequestUtils;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.SimpleFormController;
 import org.springframework.web.servlet.view.RedirectView;
 import org.springframework.util.Assert;
 import java.util.HashMap;
 import java.util.Iterator;
@ -61,7 +62,8 @@ public class AddPermissionController extends SimpleFormController
    }
    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(contactManager, "A ContactManager implementation is required");
+        Assert.notNull(contactManager,
            "A ContactManager implementation is required");
    }
    protected ModelAndView disallowDuplicateFormSubmission(
@ -80,7 +82,7 @@ public class AddPermissionController extends SimpleFormController
        int contactId = RequestUtils.getRequiredIntParameter(request,
                "contactId");
-        Contact contact = contactManager.getById(new Integer(contactId));
+        Contact contact = contactManager.getById(new Long(contactId));
        AddPermission addPermission = new AddPermission();
        addPermission.setContact(contact);
--- a/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java
+++ b/samples/contacts/src/main/java/sample/contact/AdminPermissionController.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -20,10 +20,11 @@ import net.sf.acegisecurity.acl.AclManager;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.RequestUtils;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.Controller;
 import org.springframework.util.Assert;
 import java.io.IOException;
@ -66,7 +67,8 @@ public class AdminPermissionController implements Controller, InitializingBean {
    }
    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(contactManager, "A ContactManager implementation is required");
+        Assert.notNull(contactManager,
            "A ContactManager implementation is required");
        Assert.notNull(aclManager, "An aclManager implementation is required");
    }
@ -74,7 +76,7 @@ public class AdminPermissionController implements Controller, InitializingBean {
        HttpServletResponse response) throws ServletException, IOException {
        int id = RequestUtils.getRequiredIntParameter(request, "contactId");
-        Contact contact = contactManager.getById(new Integer(id));
+        Contact contact = contactManager.getById(new Long(id));
        AclEntry[] acls = aclManager.getAcls(contact);
        Map model = new HashMap();
--- a/samples/contacts/src/main/java/sample/contact/Contact.java
+++ b/samples/contacts/src/main/java/sample/contact/Contact.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -27,7 +27,7 @@ import java.io.Serializable;
 public class Contact implements Serializable {
    //~ Instance fields ========================================================
-    private Integer id;
+    private Long id;
    private String email;
    private String name;
@ -60,7 +60,7 @@ public class Contact implements Serializable {
        return email;
    }
-    public void setId(Integer id) {
+    public void setId(Long id) {
        this.id = id;
    }
@ -69,7 +69,7 @@ public class Contact implements Serializable {
     *
     * @return Returns the id.
     */
-    public Integer getId() {
+    public Long getId() {
        return id;
    }
--- a/samples/contacts/src/main/java/sample/contact/ContactDao.java
+++ b/samples/contacts/src/main/java/sample/contact/ContactDao.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -27,11 +27,11 @@ import java.util.List;
 public interface ContactDao {
    //~ Methods ================================================================
-    public Contact getById(Integer id);
+    public Contact getById(Long id);
    public void create(Contact contact);
-    public void delete(Integer contactId);
+    public void delete(Long contactId);
    public List findAll();
--- a/samples/contacts/src/main/java/sample/contact/ContactDaoSpring.java
+++ b/samples/contacts/src/main/java/sample/contact/ContactDaoSpring.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -48,8 +48,8 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
    //~ Methods ================================================================
-    public Contact getById(Integer id) {
+    public Contact getById(Long id) {
-        List list = contactsByIdQuery.execute(id.intValue());
+        List list = contactsByIdQuery.execute(id.longValue());
        if (list.size() == 0) {
            return null;
@ -59,10 +59,12 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
    }
    public void create(Contact contact) {
        System.out.println("creating contact w/ id " + contact.getId() + " "
            + contact.getEmail());
        contactInsert.insert(contact);
    }
-    public void delete(Integer contactId) {
+    public void delete(Long contactId) {
        contactDelete.delete(contactId);
    }
@ -109,14 +111,14 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
        protected Object mapRow(ResultSet rs, int rownum)
            throws SQLException {
-            return new Integer(rs.getInt("id"));
+            return new Long(rs.getLong("id"));
        }
    }
    protected class AclObjectIdentityInsert extends SqlUpdate {
        protected AclObjectIdentityInsert(DataSource ds) {
            super(ds, "INSERT INTO acl_object_identity VALUES (?, ?, ?, ?)");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.INTEGER));
            declareParameter(new SqlParameter(Types.VARCHAR));
@ -124,7 +126,7 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
        }
        protected int insert(String objectIdentity,
-            Integer parentAclObjectIdentity, String aclClass) {
+            Long parentAclObjectIdentity, String aclClass) {
            Object[] objs = new Object[] {null, objectIdentity, parentAclObjectIdentity, aclClass};
            super.update(objs);
@ -135,19 +137,19 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
    protected class ContactDelete extends SqlUpdate {
        protected ContactDelete(DataSource ds) {
            super(ds, "DELETE FROM contacts WHERE id = ?");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            compile();
        }
-        protected void delete(Integer contactId) {
+        protected void delete(Long contactId) {
-            super.update(contactId.intValue());
+            super.update(contactId.longValue());
        }
    }
    protected class ContactInsert extends SqlUpdate {
        protected ContactInsert(DataSource ds) {
            super(ds, "INSERT INTO contacts VALUES (?, ?, ?)");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.VARCHAR));
            compile();
@ -166,7 +168,7 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
                "UPDATE contacts SET contact_name = ?, address = ? WHERE id = ?");
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.VARCHAR));
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            compile();
        }
@ -186,7 +188,7 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
        protected Object mapRow(ResultSet rs, int rownum)
            throws SQLException {
            Contact contact = new Contact();
-            contact.setId(new Integer(rs.getInt("id")));
+            contact.setId(new Long(rs.getLong("id")));
            contact.setName(rs.getString("contact_name"));
            contact.setEmail(rs.getString("email"));
@ -198,14 +200,14 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
        protected ContactsByIdQuery(DataSource ds) {
            super(ds,
                "SELECT id, contact_name, email FROM contacts WHERE id = ? ORDER BY id");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            compile();
        }
        protected Object mapRow(ResultSet rs, int rownum)
            throws SQLException {
            Contact contact = new Contact();
-            contact.setId(new Integer(rs.getInt("id")));
+            contact.setId(new Long(rs.getLong("id")));
            contact.setName(rs.getString("contact_name"));
            contact.setEmail(rs.getString("email"));
@ -217,12 +219,12 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
        protected PermissionDelete(DataSource ds) {
            super(ds,
                "DELETE FROM acl_permission WHERE ACL_OBJECT_IDENTITY = ? AND RECIPIENT = ?");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            declareParameter(new SqlParameter(Types.VARCHAR));
            compile();
        }
-        protected void delete(Integer aclObjectIdentity, String recipient) {
+        protected void delete(Long aclObjectIdentity, String recipient) {
            super.update(new Object[] {aclObjectIdentity, recipient});
        }
    }
@ -230,14 +232,14 @@ public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
    protected class PermissionInsert extends SqlUpdate {
        protected PermissionInsert(DataSource ds) {
            super(ds, "INSERT INTO acl_permission VALUES (?, ?, ?, ?);");
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
-            declareParameter(new SqlParameter(Types.INTEGER));
+            declareParameter(new SqlParameter(Types.BIGINT));
            declareParameter(new SqlParameter(Types.VARCHAR));
            declareParameter(new SqlParameter(Types.INTEGER));
            compile();
        }
-        protected int insert(Integer aclObjectIdentity, String recipient,
+        protected int insert(Long aclObjectIdentity, String recipient,
            Integer mask) {
            Object[] objs = new Object[] {null, aclObjectIdentity, recipient, mask};
            super.update(objs);
--- a/samples/contacts/src/main/java/sample/contact/ContactManager.java
+++ b/samples/contacts/src/main/java/sample/contact/ContactManager.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -31,7 +31,7 @@ public interface ContactManager {
    public List getAllRecipients();
-    public Contact getById(Integer id);
+    public Contact getById(Long id);
    public Contact getRandomContact();
--- a/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
+++ b/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
@ -45,7 +45,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport
    private BasicAclExtendedDao basicAclExtendedDao;
    private ContactDao contactDao;
-    private int counter = 100;
+    private int counter = 1000;
    //~ Methods ================================================================
@ -76,7 +76,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport
        return basicAclExtendedDao;
    }
-    public Contact getById(Integer id) {
+    public Contact getById(Long id) {
        if (logger.isDebugEnabled()) {
            logger.debug("Returning contact with id: " + id);
        }
@ -130,7 +130,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport
    public void create(Contact contact) {
        // Create the Contact itself
-        contact.setId(new Integer(counter++));
+        contact.setId(new Long(counter++));
        contactDao.create(contact);
        // Grant the current principal access to the contact 
--- a/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
+++ b/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
@ -65,7 +65,7 @@ public class DataSourcePopulator implements InitializingBean {
        JdbcTemplate template = new JdbcTemplate(dataSource);
        template.execute(
-            "CREATE TABLE CONTACTS(ID INTEGER NOT NULL PRIMARY KEY, CONTACT_NAME VARCHAR_IGNORECASE(50) NOT NULL, EMAIL VARCHAR_IGNORECASE(50) NOT NULL)");
+            "CREATE TABLE CONTACTS(ID BIGINT NOT NULL PRIMARY KEY, CONTACT_NAME VARCHAR_IGNORECASE(50) NOT NULL, EMAIL VARCHAR_IGNORECASE(50) NOT NULL)");
        template.execute(
            "INSERT INTO contacts VALUES (1, 'John Smith', 'john@somewhere.com');"); // marissa
        template.execute(
@ -93,7 +93,7 @@ public class DataSourcePopulator implements InitializingBean {
        }
        template.execute(
-            "CREATE TABLE ACL_OBJECT_IDENTITY(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 100)  NOT NULL PRIMARY KEY,OBJECT_IDENTITY VARCHAR_IGNORECASE(250) NOT NULL,PARENT_OBJECT INTEGER,ACL_CLASS VARCHAR_IGNORECASE(250) NOT NULL,CONSTRAINT UNIQUE_OBJECT_IDENTITY UNIQUE(OBJECT_IDENTITY),CONSTRAINT SYS_FK_3 FOREIGN KEY(PARENT_OBJECT) REFERENCES ACL_OBJECT_IDENTITY(ID))");
+            "CREATE TABLE ACL_OBJECT_IDENTITY(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100)  NOT NULL PRIMARY KEY,OBJECT_IDENTITY VARCHAR_IGNORECASE(250) NOT NULL,PARENT_OBJECT BIGINT,ACL_CLASS VARCHAR_IGNORECASE(250) NOT NULL,CONSTRAINT UNIQUE_OBJECT_IDENTITY UNIQUE(OBJECT_IDENTITY),CONSTRAINT SYS_FK_3 FOREIGN KEY(PARENT_OBJECT) REFERENCES ACL_OBJECT_IDENTITY(ID))");
        template.execute(
            "INSERT INTO acl_object_identity VALUES (1, 'sample.contact.Contact:1', null, 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');");
        template.execute(
@ -120,7 +120,7 @@ public class DataSourcePopulator implements InitializingBean {
        }
        template.execute(
-            "CREATE TABLE ACL_PERMISSION(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 100)  NOT NULL PRIMARY KEY,ACL_OBJECT_IDENTITY INTEGER NOT NULL,RECIPIENT VARCHAR_IGNORECASE(100) NOT NULL,MASK INTEGER NOT NULL,CONSTRAINT UNIQUE_RECIPIENT UNIQUE(ACL_OBJECT_IDENTITY,RECIPIENT),CONSTRAINT SYS_FK_7 FOREIGN KEY(ACL_OBJECT_IDENTITY) REFERENCES ACL_OBJECT_IDENTITY(ID))");
+            "CREATE TABLE ACL_PERMISSION(ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100)  NOT NULL PRIMARY KEY,ACL_OBJECT_IDENTITY BIGINT NOT NULL,RECIPIENT VARCHAR_IGNORECASE(100) NOT NULL,MASK INTEGER NOT NULL,CONSTRAINT UNIQUE_RECIPIENT UNIQUE(ACL_OBJECT_IDENTITY,RECIPIENT),CONSTRAINT SYS_FK_7 FOREIGN KEY(ACL_OBJECT_IDENTITY) REFERENCES ACL_OBJECT_IDENTITY(ID))");
        template.execute(
            "INSERT INTO acl_permission VALUES (null, 1, 'marissa', 1);"); // administer
        template.execute(
--- a/samples/contacts/src/main/java/sample/contact/DeleteController.java
+++ b/samples/contacts/src/main/java/sample/contact/DeleteController.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -17,10 +17,11 @@ package sample.contact;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.RequestUtils;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.Controller;
 import org.springframework.util.Assert;
 import java.io.IOException;
@ -51,13 +52,14 @@ public class DeleteController implements Controller, InitializingBean {
    }
    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(contactManager, "A ContactManager implementation is required");
+        Assert.notNull(contactManager,
            "A ContactManager implementation is required");
    }
    public ModelAndView handleRequest(HttpServletRequest request,
        HttpServletResponse response) throws ServletException, IOException {
        int id = RequestUtils.getRequiredIntParameter(request, "contactId");
-        Contact contact = contactManager.getById(new Integer(id));
+        Contact contact = contactManager.getById(new Long(id));
        contactManager.delete(contact);
        return new ModelAndView("deleted", "contact", contact);
--- a/samples/contacts/src/main/java/sample/contact/DeletePermissionController.java
+++ b/samples/contacts/src/main/java/sample/contact/DeletePermissionController.java
@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -19,10 +19,11 @@ import net.sf.acegisecurity.acl.AclManager;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.RequestUtils;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.Controller;
 import org.springframework.util.Assert;
 import java.io.IOException;
@ -65,7 +66,8 @@ public class DeletePermissionController implements Controller, InitializingBean
    }
    public void afterPropertiesSet() throws Exception {
-        Assert.notNull(contactManager, "A ContactManager implementation is required");
+        Assert.notNull(contactManager,
            "A ContactManager implementation is required");
        Assert.notNull(aclManager, "An aclManager implementation is required");
    }
@ -76,7 +78,7 @@ public class DeletePermissionController implements Controller, InitializingBean
        String recipient = RequestUtils.getRequiredStringParameter(request,
                "recipient");
-        Contact contact = contactManager.getById(new Integer(contactId));
+        Contact contact = contactManager.getById(new Long(contactId));
        contactManager.deletePermission(contact, recipient);
--- a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp
+++ b/samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp
@ -3,7 +3,7 @@
 <html>
 <head><title>Your Contacts</title></head>
 <body>
-<h1><authz:authentication operation="principal"/>'s Contacts</h1>
+<h1><authz:authentication operation="username"/>'s Contacts</h1>
 <P>
 <table cellpadding=3 border=0>
 <tr><td><b>id</b></td><td><b>Name</b></td><td><b>Email</b></td></tr>