Is there any purpose for checking portlet view permission in
StatefulPortletWrapper.isClosed and in StatefulPortletWrapper.isMinimized:
/**
* Returns true if this portlet is currently closed
*/
public final boolean isClosed(RunData rundata)
{
if( checkPermission(rundata,
JetspeedSecurity.PERMISSION_VIEW ) )
{
return wrappedState.isClosed( rundata );
}
else
{
//FIXME: for the moment we will allow this call to succeed...
//throw new TurbineRuntimeException( "Security check failed" );
return wrappedState.isClosed( rundata );
}
}
/**
* Returns true if this portlet is currently minimized
*/
public boolean isMinimized(RunData rundata)
{
if( checkPermission(rundata,
JetspeedSecurity.PERMISSION_VIEW ) )
{
return wrappedState.isMinimized( rundata );
}
else
{
//FIXME: for the moment we will allow this call to succeed...
//throw new TurbineRuntimeException( "Security check failed" );
return wrappedState.isMinimized( rundata );
}
}
I can't see a reason why to do this and it screws up the portlet access
logging (each portlet view is logged 3 times per page). Does anyone have any
objections to remove this check?
Best regards,
Mark Orciuch - [EMAIL PROTECTED]
Jakarta Jetspeed - Enterprise Portal in Java
http://jakarta.apache.org/jetspeed/
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
