Versions Compared

Old Version 6

changes.mady.by.user David Johnson

Saved on

compared with

New Version 7

changes.mady.by.user David Johnson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

So that it can stand-alone without an external user repository, Roller stores users and role information in it's own database tables.

Code Block
    create table rolleruser (
        id              varchar(48) not null primary key,
        username        varchar(255) not null,
        passphrase      varchar(255) not null,
        screenname      varchar(255) not null,
        fullname        varchar(255) not null,
        emailaddress    varchar(255) not null,
        activationcode	varchar(48),
        datecreated     timestamp not null,
        locale          varchar(20),  
        timezone        varchar(50),    
        isenabled       boolean not null
    )
    create table userrole (
        id               varchar(48) not null primary key,
        rolename         varchar(255) not null,
        username         varchar(255) not null,
        userid           varchar(48) not null
    )

There are two distinct roles:

...

Reduce the User class down to just two fields, id and username. Everything else goes into a new UserProfile class. UserProfiles can be stored externally so Roller should obtain them through a new User Respotory API

...

User

...

Respository

...

API,

...

part

...

1/2

...

UserRespository

...

interface

...

methods

Code Block


      public UserProfile getUserProfile(String userid)
      public void saveUserProfile(UserProfile userProfile)

UserProfile

...

bean

...

properties

Code Block

username
password
screenName
emailAddress
locale
timezone
biography

      username
      password
      screenName
      emailAddress
      locale
      timezone
      biography
      etc.

Roller authentication is manages via Acegi

...

These rules in Acegi's configuration (security.xml) file govern URI based
authorization used in Roller.

Code Block
    /roller-ui/login-redirect**=admin,editor
    /roller-ui/profile**=admin,editor
    /roller-ui/createWeblog**=admin,editor
    /roller-ui/menu**=admin,editor
    /roller-ui/authoring/**=admin,editor
    /roller-ui/admin/**=admin
    /rewrite-status*=admin

The Problem? There's no problem here. When operating without Acegi, Roller will
have to be configured with a web.xml file that specifies those contraints.

...

The RollerSession provides access to the session's authenticated user:

Code Block
    public User getAuthenticatedUser()

The User object provides read/write access to user's roles:

Code Block
    public boolean hasRole(String roleName)
    public void grantRole(String roleName)
    public Set getRoles()

As of Roller 4.0, Roller calls hasRole() for one reason, to ensure that only
those with the admin role can:

...

UserManager interface methods

Code Block
      public boolean isUserInRole(String username)
      public Set<String> getUserRoles(String username)
      public void revokeRole(String userid, String rolename)
      public void grantRole(String userid, String rolename)

...

UserRespository interface methods

Code Block
      public boolean isUserInRole(String username)
      public Set<String> getUserRoles(String username)
      public void revokeRole(String userid, String rolename)
      public void grantRole(String userid, String rolename)

...