simon/adl
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Still struggline with getting everything working with database layer security.

Browse source
This commit is contained in:
sb 2009-02-06 17:48:58 +00:00
parent 7a977d5acd
commit 5f129c98fc
4 changed files with 233 additions and 115 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

67
transforms/adl2controllerclasses.xslt
View file

@ -9,8 +9,8 @@
Transform ADL into (partial) controller classes
$Author: sb $
$Revision: 1.26 $
$Date: 2009-02-06 12:08:28 $
$Revision: 1.27 $
$Date: 2009-02-06 17:48:58 $
-->
<!-- WARNING WARNING WARNING: Do NOT reformat this file!
@ -70,7 +70,7 @@
//
// Automatically generated abstract super class for controllers for the
// <xsl:value-of select="/adl:application/@name"/> application; generated using
// adl2controllerclasses.xslt version <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
// adl2controllerclasses.xslt version <xsl:value-of select="substring( '$Revision: 1.27 $', 10)"/>
//
// <xsl:value-of select="/adl:application/@revision"/>
//
@ -181,7 +181,7 @@
//
// Controller for auto-generated forms for editing <xsl:value-of select="@name"/>s
// Automatically generated from application description using
// adl2controllerclasses.xslt version <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
// adl2controllerclasses.xslt version <xsl:value-of select="substring( '$Revision: 1.27 $', 10)"/>
//
// This file is automatically generated; DO NOT EDIT IT.
//
@ -439,7 +439,9 @@
{
record.<xsl:value-of select="@name"/> = <xsl:call-template name="fetch-property-instance">
<xsl:with-param name="property" select="."/>
<xsl:with-param name="value">Form[ "<xsl:value-of select="concat( 'instance.', @name)"/>"]</xsl:with-param>
<xsl:with-param name="value">
Form[ "<xsl:value-of select="concat( 'instance.', @name)"/>"]
</xsl:with-param>
</xsl:call-template>;
}
</xsl:when>
@ -454,15 +456,27 @@
<xsl:for-each select="descendant::adl:property[@type='link']">
<xsl:variable name="farentityname" select="@entity"/>
<xsl:variable name="farkey" select="//adl:entity[@name=$farentityname]/adl:key/adl:property[position()=1]/@name"/>
<xsl:variable name="entity" select="//adl:entity[@name=$farentityname]"/>
<xsl:variable name="farkey" select="$entity/adl:key/adl:property[position()=1]/@name"/>
<xsl:variable name="farkeybasetype">
<xsl:call-template name="base-type">
<xsl:with-param name="property" select="//adl:entity[@name=$farentityname]/adl:key/adl:property[position()=1]"/>
</xsl:call-template>
</xsl:variable>
<xsl:variable name="deletegroups">
<xsl:call-template name="entity-delete-groups">
<xsl:with-param name="entity" select="$entity"/>
</xsl:call-template>
</xsl:variable>
/* to update a link table which has no other data than the near and far keys, it is
* sufficient to smash the existing values and create new ones. It's also a lot easier! */
<xsl:if test="$authentication-layer = 'Database'">
if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">
InGroup( "<xsl:value-of select="./@name"/>") ||
</xsl:for-each> false) {
/* however, we cannot do anything unless we have delete permissions on the table, so
* should not try. */
</xsl:if>
string[] <xsl:value-of select="concat(@name, 'Values')"/> = Form.GetValues( "<xsl:value-of select="concat( 'instance.', @name)"/>");
/* update the linking table for my <xsl:value-of select="@name"/>; first smash the old values */
@ -473,7 +487,7 @@
else
{
<xsl:value-of select="concat( 'record.', @name)"/> = new HashedSet&lt;<xsl:value-of select="concat( $entityns, '.', @entity)"/>&gt;();
}
} /* if ( <xsl:value-of select="concat( 'record.', @name)"/> != null) */
if ( <xsl:value-of select="concat(@name, 'Values')"/> != null)
{
@ -487,13 +501,19 @@
<xsl:with-param name="value" select="'index'"/>
</xsl:call-template>
.UniqueResult&lt;<xsl:value-of select="concat( $entityns, '.', @entity)"/>&gt;());
}
}
} /* foreach ( string index in <xsl:value-of select="concat(@name, 'Values')"/>) */
} /* if ( <xsl:value-of select="concat(@name, 'Values')"/> != null) */
<xsl:if test="$authentication-layer = 'Database'">
} /* if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">
InGroup( "<xsl:value-of select="./@name"/>") ||
</xsl:for-each> false) */
</xsl:if>
</xsl:for-each>
<xsl:for-each select="descendant::adl:property[@type='list']">
<xsl:variable name="farentityname" select="@entity"/>
<xsl:variable name="farkey" select="//adl:entity[@name=$farentityname]/adl:key/adl:property[position()=1]/@name"/>
<xsl:variable name="entity" select="//adl:entity[@name=$farentityname]"/>
<xsl:variable name="farkey" select="$entity/adl:key/adl:property[position()=1]/@name"/>
<xsl:variable name="farkeybasetype">
<xsl:call-template name="base-type">
<xsl:with-param name="property" select="//adl:entity[@name=$farentityname]/adl:key/adl:property[position()=1]"/>
@ -511,8 +531,19 @@
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:variable name="deletegroups">
<xsl:call-template name="entity-delete-groups">
<xsl:with-param name="entity" select="$entity"/>
</xsl:call-template>
</xsl:variable>
/* with a list we cannot just smash the old values! Instead we need to check
* each one and exclude it if no longer required */
* each one and exclude it if no longer required; */
<xsl:if test="$authentication-layer = 'Database'">
if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">
InGroup( "<xsl:value-of select="./@name"/>") ||
</xsl:for-each> false) {
/* but once again only if we can delete and create entities at the far end. */
</xsl:if>
if ( Form.GetValues( "<xsl:value-of select="concat( 'instance.', @name)"/>") != null)
{
string[] <xsl:value-of select="concat(@name, 'Values')"/> = Form.GetValues( "<xsl:value-of select="concat( 'instance.', @name)"/>");
@ -568,6 +599,10 @@
}
} /* foreach ( string index... */
} /* if ( Form.GetValues( "<xsl:value-of select="concat( 'instance.', @name)"/>") != null) */
<xsl:if test="$authentication-layer = 'Database'">
} /* if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">InGroup( "<xsl:value-of select="./@name"/>") ||</xsl:for-each> false) */
</xsl:if>
</xsl:for-each>
/* write the record to the database, in order to guarantee we have a valid key */
@ -578,10 +613,14 @@
messages.Add( "<xsl:call-template name="i18n-record-saved"/>");
} /* try actually commit */
catch ( Exception any) {
tx.Rollback();
messages.Add( "<xsl:call-template name="i18n-record-not-saved"/>");
throw any;
AddError( any);
try {
tx.Rollback();
} catch ( ObjectDisposedException ode) {
AddError( ode);
}
} /* catch ( Exception any) */
} /* if ( record != null) */
else {
throw new ApplicationException( String.Format( "<xsl:call-template name="i18n-record-not-found">

19
transforms/adl2mssql.xslt
View file

@ -12,7 +12,7 @@
Convert ADL to MS-SQL
$Author: sb $
$Revision: 1.15 $
$Revision: 1.16 $
-->
<xsl:output indent="no" encoding="UTF-8" method="text"/>
@ -112,7 +112,7 @@
-- <xsl:value-of select="$product-version"/>
--
-- Database for application <xsl:value-of select="@name"/> version <xsl:value-of select="@version"/>
-- Generated for MS-SQL 2000+ using adl2mssql.xslt <xsl:value-of select="substring('$Revision: 1.15 $', 12)"/>
-- Generated for MS-SQL 2000+ using adl2mssql.xslt <xsl:value-of select="substring('$Revision: 1.16 $', 12)"/>
-- THIS FILE IS AUTOMATICALLY GENERATED: DO NOT EDIT IT.
--
-- <xsl:value-of select="@revision"/>
@ -161,21 +161,6 @@
<xsl:apply-templates select="adl:documentation"/>
execute sp_addrole @rolename = '<xsl:value-of select="@name"/>'
GO
-------------------------------------------------------------------------------------------------
-- dummy table accessible only to members of <xsl:value-of select="@name"/>, to allow
-- a hard check on group membership
-------------------------------------------------------------------------------------------------
CREATE TABLE "<xsl:value-of select="concat( 'AuthCheck', @name)"/>" (
"Check" INT NOT NULL,
PRIMARY KEY( "Check")
)
GO
REVOKE ALL ON "<xsl:value-of select="concat( 'AuthCheck', @name)"/>" FROM public
GO
GRANT SELECT ON "<xsl:value-of select="concat( 'AuthCheck', @name)"/>" TO "<xsl:value-of select="@name"/>"
GO
</xsl:template>
<!-- return the table name for the entity with this entity name -->

226
transforms/adl2views.xslt
View file

@ -15,8 +15,8 @@
Transform ADL into velocity view templates
$Author: sb $
$Revision: 1.25 $
$Date: 2009-02-06 12:08:28 $
$Revision: 1.26 $
$Date: 2009-02-06 17:48:58 $
-->
<!-- WARNING WARNING WARNING: Do NOT reformat this file!
Whitespace (or lack of it) is significant! -->
@ -65,7 +65,7 @@
<xsl:param name="site-root"/>
<!-- Whether to authenticate at application or at database layer.
If not 'Application', then 'Database'. -->
<xsl:param name="authentication-layer" select="Application"/>
<xsl:param name="authentication-layer" select="'Application'"/>
<xsl:template match="adl:application">
<output>
@ -124,7 +124,7 @@
Auto generated Velocity maybe-delete form for <xsl:value-of select="@name"/>,
generated from ADL.
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
</xsl:comment>
<xsl:call-template name="maybe-delete">
<xsl:with-param name="entity" select="."/>
@ -161,7 +161,7 @@
Auto generated Velocity maybe-delete form for <xsl:value-of select="@name"/>,
generated from ADL.
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
<xsl:value-of select="/adl:application/@revision"/>
</xsl:comment>
@ -244,7 +244,7 @@
Auto generated Velocity <xsl:value-of select="@name"/> form for <xsl:value-of select="ancestor::adl:entity/@name"/>,
generated from ADL.
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
Generation parameters were:
locale: <xsl:value-of select="$locale"/>
generate-site-navigation: <xsl:value-of select="$generate-site-navigation"/>
@ -320,7 +320,7 @@
Auto generated Velocity form for <xsl:value-of select="ancestor::adl:entity/@name"/>,
generated from ADL.
Generated using adl2views.xsl <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2views.xsl <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
Generation parameters were:
locale: <xsl:value-of select="$locale"/>
generate-site-navigation: <xsl:value-of select="$generate-site-navigation"/>
@ -429,28 +429,31 @@
<xsl:apply-templates select="$form/ancestor::adl:entity/adl:property"/>
</xsl:otherwise>
</xsl:choose>
<tr class="actionSafe">
<td class="actionSafe" colspan="2">
<xsl:call-template name='i18n-save-prompt'/>
</td>
<td class="actionSafe" style="text-align:right">
<button type="submit" name="command" value="store">Save this!</button>
</td>
</tr>
<xsl:choose>
<xsl:when test="$authentication-layer='Database'">
<xsl:variable name="deletegroups">
<xsl:call-template name="entity-delete-groups">
<xsl:with-param name="entity" select="."/>
<xsl:variable name="savegroups">
<xsl:call-template name="entity-save-groups">
<xsl:with-param name="entity" select="$form/ancestor::adl:entity"/>
</xsl:call-template>
</xsl:variable>
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause
cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $savegroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="save-widget-row"/>
#end
<xsl:variable name="deletegroups">
<xsl:call-template name="entity-delete-groups">
<xsl:with-param name="entity" select="$form/ancestor::adl:entity"/>
</xsl:call-template>
</xsl:variable>
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause
cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $deletegroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="delete-widget-row"/>
#end
</xsl:when>
<xsl:when test="$authentication-layer='Application'">
<xsl:call-template name="save-widget-row"/>
<xsl:call-template name="delete-widget-row"/>
</xsl:when>
</xsl:choose>
@ -460,6 +463,19 @@
</div>
</xsl:template>
<!-- output a complete table row containing a save widget -->
<xsl:template name="save-widget-row">
<tr class="actionSafe">
<td class="actionSafe" colspan="2">
<xsl:call-template name='i18n-save-prompt'/>
</td>
<td class="actionSafe" style="text-align:right">
<button type="submit" name="command" value="store">Save this!</button>
</td>
</tr>
</xsl:template>
<!-- output a complete table row containing a delete widget -->
<xsl:template name="delete-widget-row">
<tr align="left" valign="top" class="actionDangerous">
<td class="actionDangerous" colspan="2">
@ -690,56 +706,30 @@
</xsl:call-template>")}
</td>
<td class="widget shuffle" colspan="2">
<xsl:variable name="property" select="."/>
<xsl:variable name="readgroups">
<xsl:call-template name="entity-read-groups">
<xsl:with-param name="entity" select="//adl:entity[@name=$property/@entity]"/>
</xsl:call-template>
</xsl:variable>
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause
cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
<table class="shuffle">
<tr>
<td class="widget shuffle-all" rowspan="2">
${ShuffleWidgetHelper.UnselectedOptions( "<xsl:value-of select="concat( @name, '_unselected')"/>", <xsl:value-of select="concat( '$all_', @name)"/>, $instance.<xsl:value-of select="@name"/>)}
</td>
<td class="widget shuffle-action">
<input type="button" value="include &gt;&gt;">
<xsl:attribute name="onclick">
<xsl:value-of select="concat( 'shuffle(', @name, '_unselected, ', @name, ')')"/>
</xsl:attribute>
</input>
</td>
<td class="widget shuffle-selected" rowspan="2">
<xsl:variable name="entityname" select="@entity"/>
<xsl:variable name="foreignkey" select="@farkey"/>
<xsl:variable name="allow-shuffle-back">
<xsl:choose>
<xsl:when test="@type='list' and //adl:entity[@name=$entityname]//adl:property[@name=$foreignkey and @required='true']">
<xsl:value-of select="'false'"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="'true'"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
${ShuffleWidgetHelper.SelectedOptions( "<xsl:value-of select="@name"/>", $instance.<xsl:value-of select="@name"/>, <xsl:value-of select="$allow-shuffle-back"/>)}
</td>
</tr>
<tr>
<td class="widget shuffle-action">
<input type="button" value="&lt;&lt; exclude">
<xsl:attribute name="onclick">
<xsl:value-of select="concat( 'shuffle(', @name, ', ', @name, '_unselected)')"/>
</xsl:attribute>
</input>
</td>
</tr>
</table>
#else
[Not authrised]
#end
<xsl:choose>
<xsl:when test="$authentication-layer = 'Database'">
<xsl:variable name="property" select="."/>
<xsl:variable name="readgroups">
<xsl:call-template name="entity-read-groups">
<xsl:with-param name="entity" select="//adl:entity[@name=$property/@entity]"/>
</xsl:call-template>
</xsl:variable>
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="shuffle-widget">
<xsl:with-param name="property" select="."/>
</xsl:call-template>
#else
[Not authorised]
#end
</xsl:when>
<xsl:when test="$authentication-layer = 'Application'">
<xsl:call-template name="shuffle-widget">
<xsl:with-param name="property" select="."/>
</xsl:call-template>
</xsl:when>
</xsl:choose>
</td>
</tr>
<tr>
@ -755,6 +745,48 @@
</tr>
</xsl:template>
<xsl:template name="shuffle-widget">
<xsl:param name="property" select="."/>
<table class="shuffle">
<tr>
<td class="widget shuffle-all" rowspan="2">
${ShuffleWidgetHelper.UnselectedOptions( "<xsl:value-of select="concat( $property/@name, '_unselected')"/>", <xsl:value-of select="concat( '$all_', $property/@name)"/>, $instance.<xsl:value-of select="$property/@name"/>)}
</td>
<td class="widget shuffle-action">
<input type="button" value="include &gt;&gt;">
<xsl:attribute name="onclick">
<xsl:value-of select="concat( 'shuffle(', $property/@name, '_unselected, ', $property/@name, ')')"/>
</xsl:attribute>
</input>
</td>
<td class="widget shuffle-selected" rowspan="2">
<xsl:variable name="entityname" select="$property/@entity"/>
<xsl:variable name="foreignkey" select="$property/@farkey"/>
<xsl:variable name="allow-shuffle-back">
<xsl:choose>
<xsl:when test="$property/@type='list' and //adl:entity[@name=$entityname]//adl:property[@name=$foreignkey and @required='true']">
<xsl:value-of select="'false'"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="'true'"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
${ShuffleWidgetHelper.SelectedOptions( "<xsl:value-of select="$property/@name"/>", $instance.<xsl:value-of select="$property/@name"/>, <xsl:value-of select="$allow-shuffle-back"/>)}
</td>
</tr>
<tr>
<td class="widget shuffle-action">
<input type="button" value="&lt;&lt; exclude">
<xsl:attribute name="onclick">
<xsl:value-of select="concat( 'shuffle(', @name, ', ', @name, '_unselected)')"/>
</xsl:attribute>
</input>
</td>
</tr>
</table>
</xsl:template>
<xsl:template match="adl:property">
<xsl:param name="oddness" select="odd"/>
<!-- note! this template is only intended to match properties in the context of a form:
@ -792,11 +824,11 @@
<xsl:with-param name="mode" select="'Editable'"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:when test="$authentication-layer = 'Database'">
<xsl:if test="exsl:node-set( $editgroups)/*">
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause
cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $editgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $editgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:choose>
<xsl:when test="$property/@immutable='true'">
<xsl:call-template name="property-widget">
@ -814,7 +846,7 @@
#else
</xsl:if>
<xsl:if test="exsl:node-set( $insertgroups)/*">
#if ( <xsl:for-each select="exsl:node-set( $insertgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $insertgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="property-widget">
<xsl:with-param name="property" select="."/>
<xsl:with-param name="mode" select="'Immutable'"/>
@ -822,7 +854,7 @@
#else
</xsl:if>
<xsl:if test="exsl:node-set( $readgroups)/*">
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="property-widget">
<xsl:with-param name="property" select="."/>
<xsl:with-param name="mode" select="'DisplayAndHidden'"/>
@ -839,7 +871,7 @@
<xsl:if test="exsl:node-set( $editgroups)/*">
#end
</xsl:if>
</xsl:otherwise>
</xsl:when>
</xsl:choose>
</td>
<td class="help">
@ -868,7 +900,7 @@
Auto generated Velocity list for <xsl:value-of select="@name"/>,
generated from ADL.
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2views.xslt <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
Generation parameters were:
locale: <xsl:value-of select="$locale"/>
generate-site-navigation: <xsl:value-of select="$generate-site-navigation"/>
@ -931,7 +963,7 @@
Auto generated Velocity list for <xsl:value-of select="ancestor::adl:entity/@name"/>,
generated from ADL.
Generated using adl2listview.xsl <xsl:value-of select="substring( '$Revision: 1.25 $', 10)"/>
Generated using adl2listview.xsl <xsl:value-of select="substring( '$Revision: 1.26 $', 10)"/>
Generation parameters were:
locale: <xsl:value-of select="$locale"/>
generate-site-navigation: <xsl:value-of select="$generate-site-navigation"/>
@ -1096,9 +1128,9 @@
<xsl:with-param name="fields" select="$fields"/>
</xsl:call-template>
</xsl:when>
<xsl:when test="exsl:node-set( $readgroups)/*">
<xsl:when test="$authentication-layer = 'Database'">
<!-- NOTE NOTE NOTE: This is whitespace-sensitive! -->
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:call-template name="internal-with-fields-rows">
<xsl:with-param name="instance-list" select="$instance-list"/>
<xsl:with-param name="entity" select="$entity"/>
@ -1295,14 +1327,30 @@
<xsl:with-param name="objectvar" select="$objectvar"/>
</xsl:call-template>
</xsl:when>
<xsl:when test="exsl:node-set( $readgroups)/*">
<xsl:when test="$authentication-layer = 'Database'">
<!-- NOTE NOTE NOTE: This is whitespace-sensitive! -->
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
<xsl:if test="$property/@type='entity'">
<!-- right, this is horrible. You can't read the field unless you can read the property;
but even if you can read the property, if its an entity property you still can't read it
unless you can also read the entity -->
<xsl:variable name="entityreadgroups">
<xsl:call-template name="entity-read-groups">
<xsl:with-param name="entity" select="//adl:entity[@name=$property/@entity]"/>
</xsl:call-template>
</xsl:variable>
#if ( <xsl:for-each select="exsl:node-set( $entityreadgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
</xsl:if>
<xsl:call-template name="list-field-inner">
<xsl:with-param name="entity" select="$entity"/>
<xsl:with-param name="property" select="$property"/>
<xsl:with-param name="objectvar" select="$objectvar"/>
</xsl:call-template>
<xsl:if test="$property/@type='entity'">
#else
[Not authorised]
#end
</xsl:if>
#else
[Not authorised]
#end
@ -1545,6 +1593,20 @@
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:when test="$property/@type = 'entity'">
<!-- once again, not only must you have access to the property but also to the entity -->
<xsl:variable name="readgroups">
<xsl:call-template name="entity-read-groups">
<xsl:with-param name="entity" select="//adl:entity[@name=$property/@entity]"/>
</xsl:call-template>
</xsl:variable>
<!-- NOTE! NOTE! NOTE! Whitespace is significant - any linefeeds inside the #if ( ) clause cause the Velocity parser to break! -->
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
${<xsl:value-of select="concat( $property/ancestor::adl:entity/@name, 'FieldHelper', '.', $mode, '(')"/> "<xsl:value-of select="concat( 'instance.', $property/@name)"/>", "%{class='<xsl:value-of select="normalize-space($cssclass)"/>',title='<xsl:value-of select="normalize-space($if-missing)"/>',size='<xsl:value-of select="normalize-space($size)"/>',maxlength='<xsl:value-of select="normalize-space($maxlength)"/>',rows='<xsl:value-of select="normalize-space($rows)"/>',href='<xsl:value-of select="normalize-space($href)"/>'}")}
#else
[Not authorised]
#end
</xsl:when>
<xsl:otherwise>
${<xsl:value-of select="concat( $property/ancestor::adl:entity/@name, 'FieldHelper', '.', $mode, '(')"/> "<xsl:value-of select="concat( 'instance.', $property/@name)"/>", "%{class='<xsl:value-of select="normalize-space($cssclass)"/>',title='<xsl:value-of select="normalize-space($if-missing)"/>',size='<xsl:value-of select="normalize-space($size)"/>',maxlength='<xsl:value-of select="normalize-space($maxlength)"/>',rows='<xsl:value-of select="normalize-space($rows)"/>',href='<xsl:value-of select="normalize-space($href)"/>'}")}
</xsl:otherwise>
@ -1661,8 +1723,8 @@
<xsl:with-param name="page" select="."/>
</xsl:call-template>
</xsl:variable>
<xsl:if test="$authentication-layer != 'Application'">
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")}<xsl:if test="not( position() = last())"> || </xsl:if></xsl:for-each>)
<xsl:if test="$authentication-layer = 'Database'">
#if ( <xsl:for-each select="exsl:node-set( $readgroups)/*">${SecurityHelper.InGroup( "<xsl:value-of select="./@name"/>")} ||</xsl:for-each> false)
</xsl:if>
<li class="navigation">
<a>

36
transforms/permissions-include.xslt
View file

@ -15,8 +15,8 @@
Utility templates to find permissions on various things
$Author: sb $
$Revision: 1.1 $
$Date: 2009-02-06 12:08:28 $
$Revision: 1.2 $
$Date: 2009-02-06 17:48:58 $
-->
<!-- collect all groups which can edit the specified property -->
@ -134,6 +134,38 @@
</xsl:for-each>
</xsl:template>
<!-- collect the groups which can save an entity -->
<xsl:template name="entity-save-groups">
<xsl:param name="entity"/>
<xsl:for-each select="//adl:group">
<xsl:variable name="groupname" select="@name"/>
<xsl:variable name="perm">
<xsl:choose>
<xsl:when test="$entity/adl:permission[@group=$groupname]">
<xsl:value-of select="$entity/adl:permission[@group=$groupname]/@permission"/>
</xsl:when>
<xsl:otherwise>none</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="$perm='all'">
<xsl:copy-of select="."/>
</xsl:when>
<xsl:when test="$perm='edit'">
<xsl:copy-of select="."/>
</xsl:when>
<xsl:when test="$perm='insert'">
<xsl:copy-of select="."/>
</xsl:when>
<xsl:when test="$perm='noedit'">
<xsl:copy-of select="."/>
</xsl:when>
<xsl:otherwise/>
</xsl:choose>
</xsl:for-each>
</xsl:template>
<!-- collect the groups which can delete an entity -->
<xsl:template name="entity-delete-groups">
<xsl:param name="entity"/>