cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/services/security JetspeedDBSecurityService.java

Thu, 29 Nov 2001 06:04:56 -0800 

kimptoc     01/11/29 05:47:19

  Modified:    src/java/org/apache/jetspeed/portal BasePortletSet.java
               src/java/org/apache/jetspeed/services/security
                        JetspeedDBSecurityService.java
  Log:
  bugzilla bug 4747: add ability to restrict access to tab customizers when security 
is enabled
  
  Revision  Changes    Path
  1.13      +9 -2      
jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java
  
  Index: BasePortletSet.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- BasePortletSet.java       2001/07/30 05:47:58     1.12
  +++ BasePortletSet.java       2001/11/29 13:47:18     1.13
  @@ -63,6 +63,7 @@
   import org.apache.jetspeed.capability.*;
   import org.apache.jetspeed.util.*;
   import org.apache.jetspeed.portal.expire.*;
  +import org.apache.jetspeed.services.JetspeedSecurity;
   
   //turbine stuff
   import org.apache.turbine.util.Log;
  @@ -80,7 +81,7 @@
    *
    * @author <a href="mailto:[EMAIL PROTECTED]";>Rapha�l Luta</a>
    * @author <a href="mailto:[EMAIL PROTECTED]";>Kevin A. Burton</a>
  - * @version $Id: BasePortletSet.java,v 1.12 2001/07/30 05:47:58 taylor Exp $
  + * @version $Id: BasePortletSet.java,v 1.13 2001/11/29 13:47:18 kimptoc Exp $
    */
   public class BasePortletSet implements PortletSet, Portlet, PortletState
   {
  @@ -525,7 +526,13 @@
        */
       public boolean allowCustomize( RunData rundata )
       {
  -        return ( (rundata.getUser() != null) && rundata.getUser().hasLoggedIn() );
  +        if ( (rundata.getUser() == null) || !rundata.getUser().hasLoggedIn() )
  +        {
  +            return false; //No permission if user not logged in
  +        }
  +        return (JetspeedSecurity.checkPermission(rundata, 
  +                                                 JetspeedSecurity.PERMISSION_INFO,
  +                                                 this));
       }
   
       /**
  
  
  
  1.12      +37 -2     
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
  
  Index: JetspeedDBSecurityService.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- JetspeedDBSecurityService.java    2001/09/05 05:48:06     1.11
  +++ JetspeedDBSecurityService.java    2001/11/29 13:47:18     1.12
  @@ -58,6 +58,8 @@
   
   import org.apache.turbine.services.security.db.*;
   import org.apache.jetspeed.portal.Portlet;
  +import org.apache.jetspeed.portal.PortletSet;
  +import org.apache.jetspeed.portal.PortletController;
   import org.apache.jetspeed.services.Registry;
   import org.apache.jetspeed.om.registry.*;
   import org.apache.turbine.om.security.User;
  @@ -83,7 +85,7 @@
    *
    * @author <a href="mailto:[EMAIL PROTECTED]";>David Sean Taylor</a>
    * @author <a href="mailto:[EMAIL PROTECTED]";>Santiago Gala</a>
  - * @version $Id: JetspeedDBSecurityService.java,v 1.11 2001/09/05 05:48:06 taylor 
Exp $
  + * @version $Id: JetspeedDBSecurityService.java,v 1.12 2001/11/29 13:47:18 kimptoc 
Exp $
    */
   
   
  @@ -118,7 +120,21 @@
       public boolean checkPermission(RunData runData, String permission, Portlet 
portlet)
       {
           String portletName = portlet.getName();
  -        PortletEntry entry = (PortletEntry)Registry.getEntry(Registry.PORTLET, 
portletName);
  +        RegistryEntry entry = (RegistryEntry)Registry.getEntry(Registry.PORTLET, 
portletName);
  +        //portlet is not a portlet - probably a controller or control
  +        if (entry==null) {
  +            PortletSet ps  = portlet.getPortletConfig().getPortletSet();
  +            if (ps != null) {
  +                PortletController pc = ps.getController();
  +                if (pc != null) {
  +                    portletName = pc.getConfig().getName();
  +                    entry = 
(RegistryEntry)Registry.getEntry(Registry.PORTLET_CONTROLLER, portletName);
  +                }
  +            }
  +        }
  +        if (entry==null) {
  +            return checkPermission(runData, permission);
  +        }
           return checkPermission(runData, permission, entry);   
       }
   
  @@ -146,6 +162,25 @@
               return false;
   
           if (!acl.hasRole( securityRole, JetspeedSecurity.JETSPEED_GROUP ))
  +            return false;
  +
  +        return checkPermission(runData,permission);
  +    }
  +
  +    /**
  +     * given the rundata, checks if the currently logged on user has access for the 
given action
  +     *
  +     * @param rundata the request rundata.
  +     * @param permission the jetspeed-action (view, edit, customize, delete...) for 
which permission is being checked.
  +     * @param entry the registry entry from the registry.
  +     * @exception Sends a RegistryException if the manager can't add
  +     *            the provided entry
  +     */
  +    public boolean checkPermission(RunData runData, String permission)
  +    {        
  +        // determine if user has specified role
  +        AccessControlList acl = runData.getACL();
  +        if (null == acl)
               return false;
   
           // check for role having permission
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to