wiki:GROUP_BASE_SECURITY_R0

Version 5 (modified by boyan, 16 years ago) (diff)

--

Error: Macro BackLinksMenu(None) failed
compressed data is corrupt

Error: Macro TicketQuery(summary=GROUP_BASE_SECURITY_R0, format=table, col=summary|owner|status|type|component|priority|effort|importance, rows=description|analysis_owners|analysis_reviewers|analysis_score|design_owners|design_reviewers|design_score|implementation_owners|implementation_reviewers|implementation_score|test_owners|test_reviewers|test_score|) failed
current transaction is aborted, commands ignored until end of transaction block

Analysis

Overview

This group of tasks covers the basic security model of Sophie, in particular users and groups. At this revision of the task, users and groups will be implemented as resources and the server application should use the new model.

Task requirements

  • Define and implement a basic security model for users and groups as resources:
    • A user should keep:
      • username (required)
      • password (required)
      • email (required)
      • full name
      • birthdate
      • description (about me)
    • A group should have:
      • name (required)
      • description
    • A user can belong to multiple groups (or to no group at all).
  • Change the server application to use the newly defined model.
  • Ensure that registration and login work through the web user interface.
  • At this revision, persistence is not required. You can keep information about the users and groups in memory.
  • Document what has been achieved in BASE_SECURITY_MODEL.

Task result

  • Source code
  • Wiki page

Implementation idea

  • Create a new module - base.model.security to hold the security model (this will include permissions at a later stage).
  • Take a look at the current server implementation of users and groups.
  • Groups can have a list of the users in the group. Users do not necessarily need to have a property that holds their group.

S2S_CORE_SECURITY_R0

How to demo

  • Run the server application and create a user.
  • Login with that user and display the user info.

Design

The security model of Sophie2 should be separated in its own module - org.sophie2.base.model.security. It will contain classes for users, groups, permissions, etc. and will be used by the server module. Two new classes will be created in this module - User and UserGroup. The following UML diagram shows the structure of these classes.

Here goes the UML diagram for users and groups.

There are currently classes for User and Group in the org.sophie2.server.persistence.entity package. These should be deleted and replaced with the new model. This means the existing code will be refactored where needed.

The web user interface provides some JSPs in the org.sophie2.server module. They should be changed to reflect the new properties for users and groups.

Here's a sketch of the structure of the BASE_SECURITY_MODEL page: 

|_Sophie2's security model - an overview of the contents of the document
|__Users - description of a user, what attributes it holds, etc.
|__Groups - the same for groups
|__Permissions - describes how permissions are applied (will not be filled as part of this task).
|_Comments

Existing unit tests can be found at: trunk/sophie2-platform/modules/org.sophie2.server/src/test/java/org/sophie2/server/service. They should pass with the new model and improved if needed.

Implementation

Describe and link the implementation results here (from the wiki or the repository).

Testing

Place the testing results here.

Comments

Write comments for this or later revisions here.