[gatein-issues] [JBoss JIRA] (GTNPORTAL-2899) The membership type "*" is not interpreted

Vu Viet Phuong (JIRA) jira-events at lists.jboss.org
Tue Apr 9 05:29:42 EDT 2013 

    [ https://issues.jboss.org/browse/GTNPORTAL-2899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12765733#comment-12765733 ] 

Vu Viet Phuong commented on GTNPORTAL-2899:
-------------------------------------------

We don't have concept "*" and don't consider it as "wildcard" membership type in GateIn. Not only the page management portlet, no GateIn's portlet do care about "*" membership type. 

Fix that portlet is not a complete solution, this seem to be a "feature request", and we need to discuss more about bring this fix to gatein portlet (fix all the places that work with membership). Should we deffer this one ?, and see if we can fix it in next version
                
> The membership type "*" is not interpreted 
> -------------------------------------------
>
>                 Key: GTNPORTAL-2899
>                 URL: https://issues.jboss.org/browse/GTNPORTAL-2899
>             Project: GateIn Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>    Affects Versions: 3.5.3.Final
>         Environment: eXo Platform 4.0.0-Beta2
>            Reporter: Hela Zekri
>            Assignee: Vu Viet Phuong
>            Priority: Blocker
>              Labels: portal-s70
>
> {color:red}
> In eXo Platform, we have the membership type "*". If user has this membership type in a group, it means that he has all membership types in this group.
> {color}
> *Please try this scenario :*
> Add a user that has the membership type "manager" in "/platform/administrators" group and the membership type "*" in "/platform/users" group. 
> When this user clicks "add page" in "Page Management", he has the possibility to choose the owner type "group" or "portal". If he chooses "group", the expected output is that he gets as "Owner Id", a selectbox that contains all groups in which he has the membership type "manager".
> (!) The membership type "manager" is set in "portal-configuration.xml" as value-param to UserACL component :
> {code:xml}
>       <value-param>
>         <name>navigation.creator.membership.type</name>
>         <description>specific membership type have full permission with group navigation</description>
>         <value>manager</value>
>       </value-param>
> {code}
> In this case, user should get as "Owner Id" a selectbox that contains "/platform/administrators" and "/platform/users" groups(The membership type "*"  includes "manager" membership type). 
> But the current behavior is that the selectbox of "Owner Id" contains only the group "/platform/administator". This is due to the fact that the relationship "*" is considered as a String and not interpreted.
> *There are two possible solutions to this problem :*
> 1- Set the possibility to put many values for "navigation.creator.membership.type" value-param. So that we could do for example :
> {code:xml}
>       <value-param>
>         <name>navigation.creator.membership.type</name>
>         <description>specific membership type have full permission with group navigation</description>
>         <value>*,manager</value>
>       </value-param>
> {code} 
> 2- In "_findRoles_" method in "_org.picketlink.idm.impl.api.session.managers.RoleManagerImpl_" class :
> In the code bellow, each relationship of a user is compared to roleType ("manager"). If it is equal, it will be added to the list that will be returned. So even "*" is compared to "manager", it is not equal, so it won't be added.
> {code}
> for (IdentityObjectRelationship relationship : relationships)
>       {
>          if (roleType != null)
>          {
>             if (roleType.getName().equals(relationship.getName()))
>             {
>                roles.add(new SimpleRole(new SimpleRoleType(relationship.getName()), createUser(relationship.getToIdentityObject()), createGroup(relationship.getFromIdentityObject())));
>             }
>          }
>          else
>          {
>             roles.add(new SimpleRole(new SimpleRoleType(relationship.getName()), createUser(relationship.getToIdentityObject()), createGroup(relationship.getFromIdentityObject())));
>          }
>       }
> {code}
> We created [https://issues.jboss.org/browse/PLIDM-40] in which we propose a patch that adds a test on "*" value.
> In the patch, we changed :
> {code}
> if (roleType.getName().equals(relationship.getName()))
> {code}
> to :
> {code}
> if ((roleType.getName().equals(relationship.getName())) || relationship.getName().equals("*"))
> {code}
>  

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list