amy/venice-main-classic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

*** empty log message ***

Browse Source
This commit is contained in:
Eric J. Bowersox
2001-01-31 20:55:37 +00:00
parent cb2d194940
commit 946f3fb493
205 changed files with 297131 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/com/silverwrist/venice/security/Audit.java Normal file
View File

@@ -0,0 +1,58 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public interface Audit
{
// Codes 0-100 - System events
// Codes 101-200 - Login/user events
public static final int LOGIN_OK = 101;
public static final int LOGIN_FAIL = 102;
public static final int ACCOUNT_CREATE = 103;
public static final int VERIFY_OK = 104;
public static final int VERIFY_FAIL = 105;
public static final int USER_CONTACT_INFO = 106;
public static final int RESEND_CONFIRM = 107;
public static final int PASSWORD_CHANGE = 108;
// Codes 201-300 - SIG events
public static final int CREATE_SIG = 201;
public static final int SET_MEMBERSHIP = 202;
public static final int SIG_CONTACT_INFO = 203;
public static final int SIG_FEATURE_SET = 204;
public static final int SIG_NAME = 205;
public static final int SIG_ALIAS = 206;
public static final int SIG_CATEGORY = 207;
public static final int SIG_HIDE_INFO = 208;
public static final int SIG_MEMBERS_ONLY = 209;
public static final int SIG_JOIN_KEY = 210;
public static final int SIG_SECURITY = 211;
// Codes 301-400 - Conference events
public static final int CREATE_CONF = 301;
public static final int CONF_SECURITY = 302;
public static final int CONF_NAME = 303;
public static final int CONF_ALIAS = 304;
public static final int CONF_MEMBERSHIP = 305;
public static final int CREATE_TOPIC = 306;
public static final int DELETE_TOPIC = 307;
public static final int TOPIC_FREEZE = 308;
public static final int TOPIC_ARCHIVE = 309;
} // end interface Audit

241
src/com/silverwrist/venice/security/AuditRecord.java Normal file
View File

@@ -0,0 +1,241 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
import java.sql.*;
import java.util.*;
import com.silverwrist.venice.db.SQLUtil;
import com.silverwrist.venice.core.InternalStateError;
public class AuditRecord implements Audit
{
/*--------------------------------------------------------------------------------
* Attributes
*--------------------------------------------------------------------------------
*/
private long record; // audit record identifier
private java.util.Date when; // the date/time of this audit event
private int type; // the audit event type
private int uid; // the user ID
private int sigid; // the SIG ID
private String ip; // the IP address of the user
private String[] data; // the data values associated with the record
private String descr = null; // audit record description
/*--------------------------------------------------------------------------------
* Constructors
*--------------------------------------------------------------------------------
*/
public AuditRecord(int type, int uid, String ip, int sigid, String data1, String data2, String data3,
String data4)
{
setBaseData(type,uid,ip);
this.sigid = sigid;
setData(data1,data2,data3,data4);
} // end constructor
public AuditRecord(int type, int uid, String ip, int sigid, String data1, String data2, String data3)
{
setBaseData(type,uid,ip);
this.sigid = sigid;
setData(data1,data2,data3,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, int sigid, String data1, String data2)
{
setBaseData(type,uid,ip);
this.sigid = sigid;
setData(data1,data2,null,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, int sigid, String data1)
{
setBaseData(type,uid,ip);
this.sigid = sigid;
setData(data1,null,null,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, int sigid)
{
setBaseData(type,uid,ip);
this.sigid = sigid;
setData(null,null,null,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, String data1, String data2, String data3, String data4)
{
setBaseData(type,uid,ip);
this.sigid = 0;
setData(data1,data2,data3,data4);
} // end constructor
public AuditRecord(int type, int uid, String ip, String data1, String data2, String data3)
{
setBaseData(type,uid,ip);
this.sigid = 0;
setData(data1,data2,data3,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, String data1, String data2)
{
setBaseData(type,uid,ip);
this.sigid = 0;
setData(data1,data2,null,null);
} // end constructor
public AuditRecord(int type, int uid, String ip, String data1)
{
setBaseData(type,uid,ip);
this.sigid = 0;
setData(data1,null,null,null);
} // end constructor
public AuditRecord(int type, int uid, String ip)
{
setBaseData(type,uid,ip);
this.sigid = 0;
setData(null,null,null,null);
} // end constructor
/*--------------------------------------------------------------------------------
* Internal functions
*--------------------------------------------------------------------------------
*/
private void setBaseData(int type, int uid, String ip)
{
this.record = 0;
this.when = null;
this.type = type;
this.uid = uid;
this.ip = ip;
} // end setBaseData
private void setData(String data1, String data2, String data3, String data4)
{
data = new String[4];
data[0] = data1;
data[1] = data2;
data[2] = data3;
data[3] = data4;
} // end setData
/*--------------------------------------------------------------------------------
* External operations
*--------------------------------------------------------------------------------
*/
public long getRecord()
{
return record;
} // end getRecord
public java.util.Date getDateTime()
{
return when;
} // end getDateTime
public int getType()
{
return type;
} // end getType
public int getUID()
{
return uid;
} // end getType
public int getSIGID()
{
return sigid;
} // end getType
public String getIPAddress()
{
return ip;
} // end getIPAddress
public String getData(int ndx)
{
return data[ndx];
} // end getData
public String getDescription()
{
return descr;
} // end getDescription
public void store(Connection conn) throws SQLException
{
if (record!=0)
throw new InternalStateError("audit record " + String.valueOf(record) + " already stored!");
Statement stmt = conn.createStatement();
stmt.executeUpdate("LOCK TABLES audit WRITE;");
try
{ // attempt to insert a record into the audit table
StringBuffer sql = new StringBuffer("INSERT INTO audit (on_date, event, uid, sigid, ip, data1, data2, "
+ "data3, data4) VALUES ('");
java.util.Date now = new java.util.Date();
sql.append(SQLUtil.encodeDate(now)).append("', ").append(type).append(", ").append(uid).append(", ");
sql.append(sigid).append(", '").append(SQLUtil.encodeString(ip)).append("', ");
sql.append(SQLUtil.encodeStringArg(data[0])).append(", ").append(SQLUtil.encodeStringArg(data[1]));
sql.append(", ").append(SQLUtil.encodeStringArg(data[2])).append(", ");
sql.append(SQLUtil.encodeStringArg(data[3])).append(");");
stmt.executeUpdate(sql.toString());
ResultSet rs = stmt.executeQuery("SELECT LAST_INSERT_ID();");
if (!(rs.next()))
throw new InternalStateError("AuditRecord.store bogus query - must return at least 1 row!");
record = rs.getLong(1);
when = now;
} // end try
finally
{ // make sure we unlock the tables before we go
Statement ulk_stmt = conn.createStatement();
ulk_stmt.executeUpdate("UNLOCK TABLES;");
} // end finally
} // end store
} // end class AuditRecord

100
src/com/silverwrist/venice/security/Capability.java Normal file
View File

@@ -0,0 +1,100 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public class Capability implements SecLevels
{
public static boolean canDesignatePFYs(int level)
{
return (level>=GLOBAL_BOFH);
} // end canDesignatePFYs
public static boolean isCommunityAdmin(int level)
{
return (level>=SIG_ANYADMIN);
} // end isCommunityAdmin
public static boolean hideHiddenCategories(int level)
{
return (level<GLOBAL_ANYADMIN);
} // end hideHiddenCategories
public static boolean exemptFromEmailVerification(int level)
{
return (level>=GLOBAL_ANYADMIN);
} // end exemptFromEmailVerification
public static boolean canSeeHiddenContactFields(int level)
{
return (level>=GLOBAL_ANYADMIN);
} // end canSeeHiddenContactFields
public static boolean exemptFromMembershipRequirement(int level)
{
return (level>=GLOBAL_ANYADMIN);
} // end exemptFromMembershipRequirement
public static boolean hideHiddenSearchSIGs(int level)
{
return (level<GLOBAL_ANYADMIN);
} // end hideHiddenSearchSIGs
public static boolean hideHiddenDirectorySIGs(int level)
{
return (level<GLOBAL_ANYADMIN);
} // end hideHiddenSearchSIGs
public static boolean canJoinPrivateSIGWithoutKey(int level)
{
return (level>=GLOBAL_ANYADMIN);
} // end canJoinPrivateSIGWithoutKey
public static boolean showHiddenSearchCategories(int level)
{
return (level>=GLOBAL_ANYADMIN);
} // end hideHiddenSearchSIGs
public static boolean showHiddenSIGMembers(int level)
{
return (level>=SIG_ANYADMIN);
} // end showHiddenSIGMembers
public static boolean canCreateSIG(int level)
{
return (level>=GLOBAL_NORMAL);
} // end canCreateSIG
public static boolean hideHiddenConferences(int level)
{
return (level<SIG_ANYADMIN);
} // end hideHiddenConferences
} // end class Capability

148
src/com/silverwrist/venice/security/DefaultLevels.java Normal file
View File

@@ -0,0 +1,148 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public class DefaultLevels implements SecLevels
{
public static int newUser()
{
return GLOBAL_UNVERIFIED;
} // end newUser
public static int memberSIG()
{
return SIG_MEMBER;
} // end memberSIG
public static int PFY()
{
return GLOBAL_PFY;
} // end PFY
public static int afterEmailVerification()
{
return GLOBAL_NORMAL;
} // end afterEmailVerification
public static int afterEmailAddressChange()
{
return GLOBAL_UNVERIFIED;
} // end afterEmailAddressChange
public static int newSIGRead()
{
return SIG_MEMBER;
} // end newSIGRead
public static int newSIGWrite()
{
return SIG_COHOST;
} // end newSIGWrite
public static int newSIGCreate()
{
return SIG_COHOST;
} // end newSIGCreate
public static int newSIGDelete()
{
return SIG_HOST;
} // end newSIGDelete
public static int newSIGJoin()
{
return GLOBAL_NORMAL;
} // end newSIGJoin
public static int creatorSIG()
{
return SIG_HOST;
} // end creatorSIG
public static int hostPrivsConference()
{
return CONFERENCE_ANYADMIN;
} // end hostPrivsConference
public static int memberConference()
{
return CONFERENCE_MEMBER;
} // end memberConference
public static int hostConference()
{
return CONFERENCE_HOST;
} // end hostConference
public static int newConferenceRead(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : SIG_MEMBER);
} // end newConferenceRead
public static int newConferencePost(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : SIG_MEMBER);
} // end newConferencePost
public static int newConferenceCreate(boolean pvt)
{
return (pvt ? CONFERENCE_MEMBER : SIG_MEMBER);
} // end newConferencePost
public static int newConferenceHide()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceNuke()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceChange()
{
return CONFERENCE_HOST;
} // end newConferenceHide
public static int newConferenceDelete()
{
return SIG_COHOST;
} // end newConferenceHide
} // end class DefaultLevels

137
src/com/silverwrist/venice/security/PasswordHash.java Normal file
View File

@@ -0,0 +1,137 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
import java.security.MessageDigest;
public class PasswordHash
{
// Attributes
private String value; // the hashed password value
public PasswordHash()
{
value = "";
} // end constructor
public PasswordHash(String password)
{
if ((password!=null) && (password.length()>0))
{ // hash the password and save the hash value
MessageDigest hasher;
try
{ // get a hasher implementing the Secure Hashing Algorithm
hasher = MessageDigest.getInstance("SHA");
} // end try
catch (java.security.NoSuchAlgorithmException e)
{ // SHA should be a standard algorithm...if it isn't, we're h0sed
throw new RuntimeException("HOSED JRE - SHA should be a standard algorithm");
} // end catch
try
{ // update the hasher with the UTF-8 bytes of the password
hasher.update(password.getBytes("UTF8"));
} // end try
catch (java.io.UnsupportedEncodingException e)
{ // WTF? How can the JRE NOT know about UTF-8? HOW?!?
throw new RuntimeException("HOSED JRE - UTF-8 encoding should be supported");
} // end catch
// Retrieve the raw hash value (should be 160 bits, or 20 bytes)
byte[] raw_hash = hasher.digest();
// Convert the hash value to a hexadecimal string (40 chars in length)
StringBuffer hash_buf = new StringBuffer(raw_hash.length * 2);
StringBuffer tmp_buf = new StringBuffer();
String tmp;
for (int i=0; i<raw_hash.length; i++)
{ // N.B.: Integer.toHexString does not zero-pad on the left, so that's why this is
// a little complex
tmp_buf.setLength(0);
tmp_buf.append("00").append(Integer.toHexString(raw_hash[i]).trim());
tmp = tmp_buf.toString();
hash_buf.append(tmp.substring(tmp.length()-2));
} // end for
// finally, save off the password hash value
value = hash_buf.toString().toUpperCase();
} // end if
else // no password
value = "";
} // end constructor
protected void finalize()
{
value = null;
} // end finalize
public String toString()
{
return value;
} // end toString
public boolean equals(Object obj)
{
if (obj==null)
return false; // trivial case
else if (obj==(Object)this)
return true; // trivial case
if (obj instanceof PasswordHash)
{ // compare value of PasswordHash argument to value
PasswordHash other = (PasswordHash)obj;
return value.equals(other.value);
} // end if
else if (obj instanceof String)
{ // compare string argument to value
String os = (String)obj;
return value.equals(os);
} // end else if
else
return false;
} // end equals
public static void main(String[] args)
{
if (args.length<1)
{ // no password specified
System.err.println("usage: PasswordHash password");
System.exit(1);
} // end if
PasswordHash foo = new PasswordHash(args[0]);
System.out.println(foo.toString());
System.exit(0);
} // end main
} // end class PasswordHash

281
src/com/silverwrist/venice/security/Role.java Normal file
View File

@@ -0,0 +1,281 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
import java.util.*;
public class Role implements Comparable, SecLevels
{
/*--------------------------------------------------------------------------------
* Private implementation of ReadOnlyVector
*--------------------------------------------------------------------------------
*/
static class ReadOnlyVector extends AbstractList
{
private Vector my_vec; // local vector
ReadOnlyVector(Vector vec)
{
my_vec = vec;
my_vec.trimToSize();
} // end constructor
protected void finalize() throws Throwable
{
my_vec = null;
super.finalize();
} // end finalize
public Object get(int index)
{
return my_vec.elementAt(index);
} // end get
public int size()
{
return my_vec.size();
} // end size
} // end class ReadOnlyVector
/*--------------------------------------------------------------------------------
* Static data members
*--------------------------------------------------------------------------------
*/
private static Role no_access = null;
private static Role unrestricted_user = null;
private static Vector global_low = null;
private static Vector global_high = null;
private static Vector sig_low = null;
private static Vector sig_high = null;
private static Vector conf_low = null;
private static Vector conf_high = null;
/*--------------------------------------------------------------------------------
* Attributes
*--------------------------------------------------------------------------------
*/
private int level;
private String name;
/*--------------------------------------------------------------------------------
* Constructor
*--------------------------------------------------------------------------------
*/
protected Role(int level, String name)
{
this.level = level;
this.name = name;
} // end constructor
/*--------------------------------------------------------------------------------
* Internal functions
*--------------------------------------------------------------------------------
*/
private static void initAllSets()
{
if (no_access==null)
no_access = new Role(NO_ACCESS,"No Access");
if (unrestricted_user==null)
unrestricted_user = new Role(UNRESTRICTED_USER,"'Unrestricted' User");
if (global_low==null)
{ // initialize the "global lowband" vector
global_low = new Vector(3);
global_low.addElement(new Role(GLOBAL_ANONYMOUS,"Anonymous User"));
global_low.addElement(new Role(GLOBAL_UNVERIFIED,"Unauthenticated User"));
global_low.addElement(new Role(GLOBAL_NORMAL,"Normal User"));
global_low.trimToSize();
} // end if
if (global_high==null)
{ // initialize the "global highband" vector
global_high = new Vector(3);
global_high.addElement(new Role(GLOBAL_ANYADMIN,"Any System Administrator"));
global_high.addElement(new Role(GLOBAL_PFY,"System Assistant Administrator"));
global_high.addElement(new Role(GLOBAL_BOFH,"Global System Administrator"));
global_high.trimToSize();
} // end if
if (sig_low==null)
{ // initialize the "SIG lowband" vector
sig_low = new Vector(1);
sig_low.addElement(new Role(SIG_MEMBER,"SIG Member"));
sig_low.trimToSize();
} // end if
if (sig_high==null)
{ // initialize the "SIG highband" vector
sig_high = new Vector(3);
sig_high.addElement(new Role(SIG_ANYADMIN,"Any SIG Administrator"));
sig_high.addElement(new Role(SIG_COHOST,"SIG Co-Host"));
sig_high.addElement(new Role(SIG_HOST,"SIG Host"));
sig_high.trimToSize();
} // end if
if (conf_low==null)
{ // initialize the "conference lowband" vector
conf_low = new Vector(1);
conf_low.addElement(new Role(CONFERENCE_MEMBER,"Conference Member"));
conf_low.trimToSize();
} // end if
if (conf_high==null)
{ // initialize the "conference highband" vector
conf_high = new Vector(1);
conf_high.addElement(new Role(CONFERENCE_ANYADMIN,"Any Conference Administrator"));
conf_high.addElement(new Role(CONFERENCE_HOST,"Conference Host"));
conf_high.trimToSize();
} // end if
} // end initAllSets
/*--------------------------------------------------------------------------------
* External operations
*--------------------------------------------------------------------------------
*/
public int getLevel()
{
return level;
} // end getLevel
public String getName()
{
return name;
} // end getName
public String toString()
{
StringBuffer buf = new StringBuffer(name);
buf.append('[').append(level).append(']');
return buf.toString();
} // end toString
public boolean equals(Object obj)
{
if (obj==null)
return false;
else if (obj==this)
return true;
if (obj instanceof Role)
{ // compare levels
Role other = (Role)obj;
return (level==other.getLevel());
} // end if
return obj.toString().equals(toString());
} // end equals
public int hashCode()
{
return level;
} // end hashCode
public int compareTo(Object obj)
{
if (!(obj instanceof Role))
throw new ClassCastException("comparing non-Role to Role");
Role other = (Role)obj;
return level - other.getLevel();
} // end compareTo
/*--------------------------------------------------------------------------------
* External static operations which generate lists of roles
*--------------------------------------------------------------------------------
*/
public static List getSIGReadList()
{
initAllSets();
Vector rc = new Vector();
rc.addAll(global_low);
rc.addAll(sig_low);
rc.add(unrestricted_user);
rc.addAll(sig_high);
rc.add(global_high.firstElement());
return new ReadOnlyVector(rc);
} // end getSIGReadList
public static List getSIGWriteList()
{
initAllSets();
Vector rc = new Vector();
rc.addAll(sig_high);
rc.addAll(global_high);
return new ReadOnlyVector(rc);
} // end getSIGWriteList
public static List getSIGCreateList()
{
initAllSets();
Vector rc = new Vector();
rc.add(global_low.lastElement());
rc.addAll(sig_low);
rc.add(unrestricted_user);
rc.addAll(sig_high);
rc.add(global_high.firstElement());
return new ReadOnlyVector(rc);
} // end getSIGCreateList
public static List getSIGDeleteList()
{
initAllSets();
Vector rc = new Vector();
rc.addAll(sig_high);
rc.addAll(global_high);
rc.add(no_access);
return new ReadOnlyVector(rc);
} // end getSIGDeleteList
public static List getSIGJoinList()
{
initAllSets();
return new ReadOnlyVector(global_low);
} // end getSIGJoinList
} // end class Role

98
src/com/silverwrist/venice/security/SecLevels.java Normal file
View File

@@ -0,0 +1,98 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Community System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.security;
public interface SecLevels
{
/**
* Indicates "no access" (not even to the global system administrator). Used as the
* "delete" level for the Administration SIG, so it can't be accidentally deleted.
*/
public static final int NO_ACCESS = 65500;
/**
* Indicates a user with unrestricted access to all objects, but no admin privilege.
* (Above the "low bands" of all scopes, but below the "high bands" of any of them.)
*/
public static final int UNRESTRICTED_USER = 32500;
/**
* Indicates a user that has not logged in ("Anonymous Honyak"). Can be used as a
* permission level for SIGs and conferences to permit public reading and/or anonymous
* posting.
*/
public static final int GLOBAL_ANONYMOUS = 100;
/**
* Indicates a user that has been registered, but has not yet had their email address
* verified.
*/
public static final int GLOBAL_UNVERIFIED = 500;
/**
* Indicates a user that has registered and been verified. Can be used as a permission
* level for SIGs and conferences to permit reading and/or posting by nonmembers.
*/
public static final int GLOBAL_NORMAL = 1000;
/**
* The security level of the global system administrator ("Administrator" account, sometimes
* known as the "BOFH" (Bastard Operator From Hell) account).
*/
public static final int GLOBAL_BOFH = 64999;
/**
* A security level for "assistant admin" accounts (sometimes known as "PFY" (Pimply-
* Faced Youth) accounts).
*/
public static final int GLOBAL_PFY = 64000;
/**
* A security level used to indicate any account with global admin privileges. Used
* to control access to the Administration community.
*/
public static final int GLOBAL_ANYADMIN = 63000;
/**
* The security level assigned to members of a SIG within that SIG.
*/
public static final int SIG_MEMBER = 6500;
/**
* The security level assigned to cohosts of a SIG within that SIG.
*/
public static final int SIG_COHOST = 58000;
/**
* The security level assigned to hosts of a SIG within that SIG.
*/
public static final int SIG_HOST = 58500;
/**
* A security level used to indicate any account with admin privileges over a specific SIG.
*/
public static final int SIG_ANYADMIN = 57000;
/**
* The maximum level in the "high band" of the SIG scope; used to test if a user already has
* maximum privs within the SIG (because of being an admin at global scope, perhaps).
*/
public static final int SIG_MAXADMIN = 58999;
/**
* The security level assigned to members of a (private) conference within that conference.
*/
public static final int CONFERENCE_MEMBER = 12500;
/**
* The security level assigned to hosts of a conference within that conference.
*/
public static final int CONFERENCE_HOST = 52500;
/**
* A security level used to indicate any account with admin privileges over a specific
* conference.
*/
public static final int CONFERENCE_ANYADMIN = 51000;
} // end interface SecLevels