taylor 2002/07/22 22:30:04
Modified: src/java/org/apache/jetspeed/modules/localization
JetspeedLocalization_de.properties
JetspeedLocalization_en.properties
JetspeedLocalization_es.properties
JetspeedLocalization_fr.properties
src/java/org/apache/jetspeed/portal BasePortletSet.java
webapp/WEB-INF/conf JetspeedSecurity.properties
webapp/WEB-INF/psml/group/apache/html news.psml
webapp/WEB-INF/psml/role/admin/html default.psml
Log:
- Added patch from Scott Weaver to BasePortletSet to complete PSML page-level
security.
- Localized error messages
- As example, Added "user-only" security-ref to group/apache/page/news page.
- As example, Added "admin-only" security-ref to role/admin page.
Revision Changes Path
1.6 +2 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties
Index: JetspeedLocalization_de.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_de.properties,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JetspeedLocalization_de.properties 25 Feb 2002 04:38:12 -0000 1.5
+++ JetspeedLocalization_de.properties 23 Jul 2002 05:30:04 -0000 1.6
@@ -21,6 +21,8 @@
LOGOUTUSER_THANKS=Vielen Dank f�r Ihren Besuch. Bitte kommen Sie bald wieder.
+SECURITY_NO_ACCESS=Sie haben nicht Access zu diesen portlets.
+
SENDCONFIRMATIONEMAIL_BODY1=Herzlich Willkommen bei Jyve\n\n\
Ihr neuer Zugang wurde erstellt.\n\n\
Dies ist Ihr Authorisierungscode:\n\n\
1.18 +2 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties
Index: JetspeedLocalization_en.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- JetspeedLocalization_en.properties 30 Jun 2002 05:23:19 -0000 1.17
+++ JetspeedLocalization_en.properties 23 Jul 2002 05:30:04 -0000 1.18
@@ -14,6 +14,8 @@
LOGINHELP_TITLE=Account Login Assistance
LOGINHELP_NOTICE=If you need additional assistance, please send email to the
address below.
+SECURITY_NO_ACCESS=You do not have access to these portlets.
+
PASSWORDREMINDER_EMAIL_HEADER=Hello
PASSWORDREMINDER_EMAIL_BODY1=Your jetspeed account password is:
PASSWORDREMINDER_EMAIL_BODY2=You can now go to the jetspeed site and login.
1.6 +3 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties
Index: JetspeedLocalization_es.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_es.properties,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JetspeedLocalization_es.properties 25 Feb 2002 04:38:12 -0000 1.5
+++ JetspeedLocalization_es.properties 23 Jul 2002 05:30:04 -0000 1.6
@@ -21,6 +21,8 @@
CREATENEWUSERANDCONFIRM_PWNOTMATCH=Sorry, the passwords do not match.
CREATENEWUSERANDCONFIRM_DUPLICATEMSG=Elija otro nombre de usuario.
+SECURITY_NO_ACCESS=Usted no tiene acceso a estas portlets.
+
DISPLAYUSER_EMAILMSG=Your Email:
DISPLAYUSER_INFOMSG=Below is the information you requested:
DISPLAYUSER_LOGINMSG=Last Login:
1.8 +2 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties
Index: JetspeedLocalization_fr.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_fr.properties,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- JetspeedLocalization_fr.properties 21 Mar 2002 11:13:11 -0000 1.7
+++ JetspeedLocalization_fr.properties 23 Jul 2002 05:30:04 -0000 1.8
@@ -24,6 +24,8 @@
LOGOUTUSER_THANKS=Merci d'avoir utilisé le système. A bient�t.
+SECURITY_NO_ACCESS=Vous n'avez pas acces a ces portlets.
+
SENDCONFIRMATIONEMAIL_BODY1=Bienvenue sur Jetspeed\n\n\
Votre nouveau compte a été créé.\n\n\
Votre clef secrète est :\n\n
1.23 +21 -4
jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java
Index: BasePortletSet.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/portal/BasePortletSet.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- BasePortletSet.java 1 Jul 2002 06:04:28 -0000 1.22
+++ BasePortletSet.java 23 Jul 2002 05:30:04 -0000 1.23
@@ -64,19 +64,21 @@
import org.apache.jetspeed.services.JetspeedSecurity;
import org.apache.jetspeed.util.MetaData;
import org.apache.jetspeed.util.MimeType;
+import org.apache.turbine.services.localization.Localization;
import org.apache.jetspeed.services.persistence.PersistenceManager;
import org.apache.jetspeed.services.persistence.PortalPersistenceException;
-import org.apache.jetspeed.portal.PortletInstance;
//turbine stuff
import org.apache.turbine.util.Log;
import org.apache.turbine.util.RunData;
import org.apache.jetspeed.services.resources.JetspeedResources;
+import org.apache.jetspeed.services.rundata.JetspeedRunData;
import org.apache.jetspeed.services.portletcache.Cacheable;
//ECS stuff
import org.apache.ecs.ConcreteElement;
+import org.apache.ecs.StringElement;
/**
* The PortletSet is basically a wrapper around an array of portlets. It provides
@@ -316,9 +318,24 @@
*/
public ConcreteElement getContent(RunData rundata)
{
+ ConcreteElement content = null;
+ PortletController controller = getController();
- ConcreteElement content = null;
- PortletController controller = getController();
+ if(!JetspeedSecurity.checkPermission((JetspeedRunData) rundata,
+ JetspeedSecurity.PERMISSION_VIEW, this))
+ {
+ Log.debug("Unauthorized access by user
\""+rundata.getUser().getUserName()+"+\"");
+ // Clear any portlets that exist in this set
+ if(this.portlets != null)
+ {
+ this.portlets.clear();
+ }
+ return new StringElement(Localization.getString("SECURITY_NO_ACCESS"));
+ }
+ else
+ {
+ Log.debug("User \""+rundata.getUser().getUserName()+" is authorized to
portlet set "+getID());
+ }
if ( controller == null )
{
1.21 +0 -0 jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties
Index: JetspeedSecurity.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
1.2 +1 -0 jakarta-jetspeed/webapp/WEB-INF/psml/group/apache/html/news.psml
Index: news.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/group/apache/html/news.psml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- news.psml 23 Jul 2002 00:03:55 -0000 1.1
+++ news.psml 23 Jul 2002 05:30:04 -0000 1.2
@@ -3,6 +3,7 @@
<metainfo>
<title>Default Apache News page</title>
</metainfo>
+ <security-ref parent="user-only"/>
<skin name="orange-red" />
1.2 +2 -0
jakarta-jetspeed/webapp/WEB-INF/psml/role/admin/html/default.psml
Index: default.psml
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/psml/role/admin/html/default.psml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- default.psml 23 Jul 2002 00:03:55 -0000 1.1
+++ default.psml 23 Jul 2002 05:30:04 -0000 1.2
@@ -1,6 +1,8 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<portlets user="default" xmlns="http://xml.apache.org/jetspeed/2000/psml";>
+ <security-ref parent="admin-only"/>
+
<controller name="TwoColumns" />
<skin name="orange-red" />
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
