DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16956>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16956 checkPermission() of TurbineAccessController lacks of implementation Summary: checkPermission() of TurbineAccessController lacks of implementation Product: Jetspeed Version: 1.4b3 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Security AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] The below checkPermission() method of the org.apache.jetspeed.services.security.turbine.TurbineAccessController class does not cover all possible cases: public boolean checkPermission(JetspeedUser user, PortalResource resource, String action) { switch (resource.getResourceType()) { case PortalResource.TYPE_ENTRY: return checkPermission(user, resource.getEntry(), action); case PortalResource.TYPE_REGISTRY: return checkPermission(user, resource.getRegistryEntry(), action); case PortalResource.TYPE_REGISTRY_PARAMETER: return checkPermission(user, resource.getRegistryParameter(), action); } return false; } The two following options: ... case PortalResource.TYPE_PORTLET return checkPermission(user, resource.getPortlet(), action); case PortalResource.TYPE_ENTRY_PARAMETER: return checkPermission(user, resource.getEntryParameter(), action); ... are NOT IMPLEMENTED. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
