Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderAdd.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderAdd.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderAdd.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderAdd.java Tue Oct 9 06:43:02 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; +import java.util.List; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -55,8 +57,8 @@ } - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); }
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderEdit.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderEdit.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderEdit.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/FolderEdit.java Tue Oct 9 06:43:02 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; +import java.util.List; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -53,8 +55,8 @@ // author perms required - public String requiredWeblogPermissions() { - return WeblogPermission.POST; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.POST); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Maintenance.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Maintenance.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Maintenance.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Maintenance.java Tue Oct 9 06:43:02 2007 @@ -18,7 +18,9 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; import java.util.Date; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.business.search.IndexManager; @@ -46,8 +48,8 @@ // admin perms required - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Members.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Members.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Members.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Members.java Tue Oct 9 06:43:02 2007 @@ -22,8 +22,6 @@ import java.util.Collections; import java.util.List; import java.util.Map; -import java.util.logging.Level; -import java.util.logging.Logger; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.WebloggerException; @@ -60,8 +58,8 @@ // admin perms required - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/MembersInvite.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/MembersInvite.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/MembersInvite.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/MembersInvite.java Tue Oct 9 06:43:02 2007 @@ -19,6 +19,7 @@ package org.apache.roller.weblogger.ui.struts2.editor; import java.util.Collections; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.WebloggerException; @@ -55,8 +56,8 @@ // admin perms required - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Referrers.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Referrers.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Referrers.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Referrers.java Tue Oct 9 06:43:02 2007 @@ -55,8 +55,8 @@ @Override - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Resources.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Resources.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Resources.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Resources.java Tue Oct 9 06:43:02 2007 @@ -81,8 +81,8 @@ // requires author role - public String requiredWeblogPermissions() { - return WeblogPermission.POST; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.POST); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java Tue Oct 9 06:43:02 2007 @@ -18,7 +18,9 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; import java.util.Date; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.WebloggerException; @@ -55,8 +57,8 @@ @Override - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateEdit.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateEdit.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateEdit.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateEdit.java Tue Oct 9 06:43:02 2007 @@ -19,6 +19,7 @@ package org.apache.roller.weblogger.ui.struts2.editor; import java.util.Arrays; +import java.util.Collections; import java.util.Date; import java.util.List; import org.apache.commons.lang.StringUtils; @@ -57,8 +58,8 @@ @Override - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateRemove.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateRemove.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateRemove.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/TemplateRemove.java Tue Oct 9 06:43:02 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.WebloggerException; @@ -51,8 +53,8 @@ // must be a weblog admin to use this action - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Templates.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Templates.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Templates.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/Templates.java Tue Oct 9 06:43:02 2007 @@ -58,8 +58,8 @@ } - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/ThemeEdit.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/ThemeEdit.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/ThemeEdit.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/ThemeEdit.java Tue Oct 9 06:43:02 2007 @@ -67,8 +67,8 @@ } - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogConfig.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogConfig.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogConfig.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogConfig.java Tue Oct 9 06:43:02 2007 @@ -69,8 +69,8 @@ // admin perms required - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogRemove.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogRemove.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogRemove.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/WeblogRemove.java Tue Oct 9 06:43:02 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.editor; +import java.util.Collections; +import java.util.List; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.business.WebloggerFactory; @@ -30,57 +32,50 @@ * Action for removing a weblog. */ public class WeblogRemove extends UIAction { - + private static Log log = LogFactory.getLog(WeblogRemove.class); - - + public WeblogRemove() { this.actionName = "weblogRemove"; this.desiredMenu = "editor"; this.pageTitle = "websiteRemove.title"; } - - + // admin perms required - public String requiredWeblogPermissions() { - return WeblogPermission.ADMIN; + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.ADMIN); } - - - /** + + /** * Show weblog remove confirmation. */ public String execute() { return "confirm"; } - - + /** * Remove a weblog. */ public String remove() { - + try { - + // remove website WebloggerFactory.getWeblogger().getWeblogManager().removeWeblog(getActionWeblog()); WebloggerFactory.getWeblogger().flush(); - + CacheManager.invalidate(getActionWeblog()); - + // TODO: i18n - addMessage("Successfully removed weblog - "+getActionWeblog().getName()); - + addMessage("Successfully removed weblog - " + getActionWeblog().getName()); + return SUCCESS; - } catch (Exception ex) { - log.error("Error removing weblog - "+getActionWeblog().getHandle(), ex); + log.error("Error removing weblog - " + getActionWeblog().getHandle(), ex); // TODO: i18n addError("Error removing weblog"); } - + return "confirm"; - } - -} +} \ No newline at end of file Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/editor/editor-menu.xml Tue Oct 9 06:43:02 2007 @@ -3,17 +3,18 @@ menu. See also, admin-menu.xml, which defines the Global Admin menu. Each menu or menu item is governed by four attrbibutes: - 1) roles: these are the global roles the are allowed to view item - - admin: the Roller site-wide admin role - - editor: the normal Roller user role - Default is roles="admin,editor" + 1) globalPerms: these are the global permissions required to view the item + Possible values: + - admin: superuser, administers server, etc. + - login: allowed to login and save profile + - weblog: is allowed to create and user weblogs + - comment: allowed to comment on weblogs Use "any" to indicate that role is not required to view ite - 2) perms: these are the website specific permissions required to view item - - editor: author and allowed to manage current website - - author: allowed to edit any part of the current website, except users - - limited: allowed only to post drafts in current website - Default is perms="admin,author" + 2) webogPerms: these are the weblog specific permissions required to view item + - post: edit and publish entries, bookmarks + - edit_draft: create and edit draft posts only + - admin: edit and publish entries, edit categories, manage users, etc. Use "any" to indicate that website perms are not required to view item 3) enable property: if true, show this menu @@ -26,41 +27,41 @@ <menu-item action="entryAdd" name="tabbedmenu.weblog.newEntry" - roles="editor" - perms="limited" + globalPerms="login" + weblogPerms="edit_draft" subactions="entryEdit,entryRemove" /> <menu-item action="entries" name="tabbedmenu.weblog.archives" - roles="editor" - perms="limited" /> + globalPerms="login" + weblogPerms="edit_draft" /> <menu-item action="comments" name="tabbedmenu.admin.commentManagement" - roles="editor" - perms="author" /> + globalPerms="login" + weblogPerms="author" /> <menu-item action="categories" name="tabbedmenu.weblog.categories" - roles="editor" - perms="author" + globalPerms="login" + perms="admin" subactions="categoryAdd,categoryEdit,categoryRemove" /> <menu-item action="bookmarks" name="tabbedmenu.bookmarks.allFolders" - roles="editor" - perms="author" + globalPerms="login" + weblogPerms="post" subactions="bookmarkAdd,bookmarkEdit,folderAdd,folderEdit,bookmarksImport" /> <menu-item action="resources" name="tabbedmenu.website.files" - roles="editor" - perms="author"/> + globalPerms="login" + perms="post"/> <menu-item action="referrers" name="tabbedmenu.weblog.referers" - roles="editor" - perms="author" + globalPerms="login" + weblogPerms="post" enabledProperty="referrers.processing.enabled" /> </menu> @@ -69,18 +70,18 @@ <menu-item action="themeEdit" name="tabbedmenu.website.themes" - roles="editor" - perms="admin" /> + globalPerms="login" + weblogPerms="admin" /> <menu-item action="stylesheetEdit" name="tabbedmenu.design.stylesheet" - roles="editor" - perms="admin" /> + globalPerms="login" + weblogPerms="admin" /> <menu-item action="templates" name="tabbedmenu.website.pages" - roles="editor" - perms="admin" + globalPerms="login" + weblogPerms="admin" subactions="templateAdd,templateEdit,templateRemove" /> </menu> @@ -90,34 +91,34 @@ <menu-item action="weblogConfig" name="tabbedmenu.website.settings" - roles="editor" - perms="admin" + globalPerms="login" + weblogPerms="admin" subactions="weblogRemove" /> <menu-item action="members" name="tabbedmenu.website.members" - roles="editor" + globalPerms="login" perms="admin" subactions="invite" enabledProperty="groupblogging.enabled"/> <menu-item action="pings" name="tabbedmenu.weblog.pingSetup" - roles="editor" - perms="admin" + globalPerms="login" + weblogPerms="admin" disabledProperty="pings.disablePingUsage" /> <menu-item action="customPingTargets" name="tabbedmenu.weblog.customPingTargets" - roles="editor" - perms="admin" + globalPerms="login" + weblogPerms="admin" subactions="customPingTargetAdd,customPingTargetEdit" disabledProperty="pings.disallowCustomTargets" /> <menu-item action="maintenance" name="tabbedmenu.website.maintenance" - roles="editor" - perms="admin" /> + globalPerms="login" + weblogPerms="admin" /> </menu> </menu-bar> Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java Tue Oct 9 06:43:02 2007 @@ -22,12 +22,16 @@ import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Collections; import java.util.List; +import org.apache.roller.weblogger.business.UserManager; import org.apache.roller.weblogger.business.WebloggerFactory; import org.apache.roller.weblogger.config.WebloggerConfig; import org.apache.roller.weblogger.config.WebloggerRuntimeConfig; +import org.apache.roller.weblogger.pojos.GlobalPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; +import org.apache.roller.weblogger.pojos.WeblogPermission; import org.apache.roller.weblogger.ui.struts2.util.UIUtils; import org.apache.roller.weblogger.ui.core.util.menu.Menu; import org.apache.roller.weblogger.ui.core.util.menu.MenuHelper; @@ -80,26 +84,30 @@ return true; } + // default action permissions, weblog is required public boolean isWeblogRequired() { return true; } - // default action permissions, "editor" role required - public String requiredUserRole() { - return "editor"; + + public List<String> requiredWeblogPermissionActions() { + return Collections.singletonList(WeblogPermission.POST); } - // default action permissions, no perms required - public String requiredWeblogPermissions() { - return null; + + public List<String> requiredGlobalPermissionActions() { + return Collections.singletonList(GlobalPermission.LOGIN); } + // convenient way to tell if user being dealt with is an admin public boolean isUserIsAdmin() { try { - return WebloggerFactory.getWeblogger().getUserManager() - .hasRole("admin", getAuthenticatedUser()); + GlobalPermission adminPerm = new GlobalPermission( + Collections.singletonList(GlobalPermission.ADMIN)); + UserManager umgr = WebloggerFactory.getWeblogger().getUserManager(); + return umgr.checkPermission(adminPerm, getAuthenticatedUser()); } catch (Exception e) {} return false; } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityEnforced.java Tue Oct 9 06:43:02 2007 @@ -18,6 +18,8 @@ package org.apache.roller.weblogger.ui.struts2.util; +import java.util.List; + /** * Implemented by struts2 actions which want to enforce some level of security @@ -51,24 +53,13 @@ /** - * What is the required user role, if any? - * - * This method only takes effect if isUserRequired() is 'true'. - * - * @return String The required user role, or null if no role required. + * List of global permission actions required to access resource. */ - public String requiredUserRole(); + public List<String> requiredWeblogPermissionActions(); - /** - * What are the required weblog permissions for this action, if any? - * Returns comma separaed list of required weblog permission actions - * - * This method only takes effect if both isUserRequired() and isWeblogRequired() - * are 'true'. - * - * @return short The required weblog permissions, or -1 if no permissions required. + /** + * List of weblog permissions required to access action if applicable. */ - public String requiredWeblogPermissions(); - + public List<String> requiredGlobalPermissionActions(); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/util/UISecurityInterceptor.java Tue Oct 9 06:43:02 2007 @@ -24,6 +24,7 @@ import org.apache.commons.logging.LogFactory; import org.apache.roller.weblogger.business.UserManager; import org.apache.roller.weblogger.business.WebloggerFactory; +import org.apache.roller.weblogger.pojos.GlobalPermission; import org.apache.roller.weblogger.pojos.User; import org.apache.roller.weblogger.pojos.Weblog; import org.apache.roller.weblogger.pojos.WeblogPermission; @@ -62,10 +63,12 @@ return "access-denied"; } - // are we also enforcing a specific role? - if (theAction.requiredUserRole() != null) { - if(!umgr.hasRole(theAction.requiredUserRole(), authenticatedUser)) { - log.debug("DENIED: user does not have role = "+theAction.requiredUserRole()); + // are we also enforcing global permissions? + if (theAction.requiredGlobalPermissionActions() != null + && !theAction.requiredGlobalPermissionActions().isEmpty()) { + GlobalPermission perm = new GlobalPermission(theAction.requiredGlobalPermissionActions()); + if (!umgr.checkPermission(perm, authenticatedUser)) { + log.debug("DENIED: user does not have permission = " + perm.toString()); return "access-denied"; } } @@ -80,16 +83,14 @@ } // are we also enforcing a specific weblog permission? - if (theAction.requiredWeblogPermissions() != null) { - + if (theAction.requiredWeblogPermissionActions() != null + && !theAction.requiredWeblogPermissionActions().isEmpty()) { WeblogPermission required = new WeblogPermission( - actionWeblog, - authenticatedUser, - theAction.requiredWeblogPermissions()); + actionWeblog, + theAction.requiredWeblogPermissionActions()); if (!umgr.checkPermission(required, authenticatedUser)) { - log.debug("DENIED: user does not have required weblog permissions = "+ - theAction.requiredWeblogPermissions()); + log.debug("DENIED: user does not have required weblog permissions = "+required); return "access-denied"; } } Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java Tue Oct 9 06:43:02 2007 @@ -104,7 +104,7 @@ Iterator websiteUserIter = websiteUsers.iterator(); while (websiteUserIter.hasNext()) { User websiteUser = (User)websiteUserIter.next(); - if (entry.getWebsite().hasUserPermissions( + if (entry.getWebsite().hasUserPermission( websiteUser, WeblogPermission.POST) && websiteUser.getEmailAddress() != null) { reviewers.add(websiteUser.getEmailAddress()); Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java Tue Oct 9 06:43:02 2007 @@ -942,7 +942,7 @@ */ private boolean canEdit(Weblog website) { try { - return website.hasUserPermissions(this.user, WeblogPermission.POST); + return website.hasUserPermission(this.user, WeblogPermission.POST); } catch (Exception e) { log.error("Checking website.hasUserPermissions()"); } Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryAdd.jsp URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryAdd.jsp?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryAdd.jsp (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryAdd.jsp Tue Oct 9 06:43:02 2007 @@ -165,7 +165,7 @@ <s:text name="weblogEdit.rightToLeft" /> <br /> - <s:if test="authenticatedUser.hasRole('admin')"> + <s:if test="authenticatedUser.hasGlobalPermission('admin')"> <s:checkbox name="bean.pinnedToMain" /> <s:text name="weblogEdit.pinnedToMain" /> <br /> Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryEdit.jsp URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryEdit.jsp?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryEdit.jsp (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/EntryEdit.jsp Tue Oct 9 06:43:02 2007 @@ -218,7 +218,7 @@ <s:text name="weblogEdit.rightToLeft" /> <br /> - <s:if test="authenticatedUser.hasRole('admin')"> + <s:if test="authenticatedUser.hasGlobalPermission('admin')"> <s:checkbox name="bean.pinnedToMain" /> <s:text name="weblogEdit.pinnedToMain" /> <br /> Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/WeblogConfig.jsp URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/WeblogConfig.jsp?rev=583167&r1=583166&r2=583167&view=diff ============================================================================== --- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/WeblogConfig.jsp (original) +++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/editor/WeblogConfig.jsp Tue Oct 9 06:43:02 2007 @@ -237,7 +237,7 @@ </tr> <%-- ***** Global admin only settings ***** --%> - <s:if test="authenticatedUser.hasRole('admin')"> + <s:if test="authenticatedUser.hasGlobalPermission('admin')"> <tr> <td colspan="3"><h2><s:text name="websiteSettings.adminSettings" /></h2></td> </tr>
