[gatein-commits] gatein SVN: r3266 - in portal/trunk: portlet/exoadmin/src/main/java/org/exoplatform/navigation/webui/component and 2 other directories.

Author: trong.tran Date: 2010-06-09 00:47:51 -0400 (Wed, 09 Jun 2010) New Revision: 3266 Modified: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACL.java portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACLMetaData.java portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/navigation/webui/component/UIGroupNavigationManagement.java portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIAdminToolbarPortlet.java portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java Log: GTNPORTAL-1287 Remove the hardcode that only allow manager:/platform/administrators to add new page to Portal's navigation Modified: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACL.java =================================================================== --- portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACL.java 2010-06-09 04:32:19 UTC (rev 3265) +++ portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACL.java 2010-06-09 04:47:51 UTC (rev 3266) @@ -43,8 +43,6 @@ { public final static String EVERYONE = "Everyone"; - public final static String MANAGER = "manager"; - protected static Log log = ExoLogger.getLogger("organization:UserACL"); private final Collection<MembershipEntry> NO_MEMBERSHIP = Collections.emptyList(); @@ -74,27 +72,8 @@ @SuppressWarnings("unchecked") public UserACL(InitParams params) { - UserACLMetaData md = new UserACLMetaData(); - ValueParam superUserParam = params.getValueParam("super.user"); - if (superUserParam != null) - { - md.setSuperUser(superUserParam.getValue()); - } - ValueParam guestGroupParam = params.getValueParam("guests.group"); - if (guestGroupParam != null) - { - md.setGuestsGroups(guestGroupParam.getValue()); - } - ValueParam navCretorParam = params.getValueParam("navigation.creator.membership.type"); - if (navCretorParam != null) - { - md.setNavigationCreatorMembershipType(navCretorParam.getValue()); - } - ValueParam portalCretorGroupsParam = params.getValueParam("portal.creator.groups"); - if (portalCretorGroupsParam != null) - { - md.setPortalCreateGroups(portalCretorGroupsParam.getValue()); - } + UserACLMetaData md = new UserACLMetaData(params); + ValuesParam mandatoryGroupsParam = params.getValuesParam("mandatory.groups"); if (mandatoryGroupsParam != null) { @@ -244,12 +223,27 @@ public boolean hasPermission(PortalConfig pconfig) { - return hasPermission(getIdentity(), pconfig); + Identity identity = getIdentity(); + if (hasPermission(identity, pconfig.getEditPermission())) + { + pconfig.setModifiable(true); + return true; + } + pconfig.setModifiable(false); + String[] accessPerms = (pconfig.getAccessPermissions()); + for (String per : accessPerms) + { + if (hasPermission(identity, per)) + { + return true; + } + } + return false; } public boolean hasEditPermission(PortalConfig pconfig) { - return hasEditPermission(getIdentity(), pconfig); + return hasPermission(getIdentity(), pconfig.getEditPermission()); } /** @@ -279,118 +273,11 @@ public boolean hasCreatePortalPermission() { - return hasCreatePortalPermission(getIdentity()); - } - - public boolean hasEditPermission(PageNavigation pageNav) - { - return hasEditPermission(getIdentity(), pageNav); - } - - public boolean hasPermission(Page page) - { - return hasPermission(getIdentity(), page); - } - - public boolean hasEditPermission(Page page) - { - return hasEditPermission(getIdentity(), page); - } - - /** - * - * Minh Hoang TO - This method is equivalent to - * <code>hasEditPermission(Page)</code>. It allows us to check edit - * permission with a UIPage, without converting UIPage into Page via - * PortalDataMapper - * - */ - public boolean hasEditPermissionOnPage(String ownerType, String ownerId, String editPermExpression) - { - Identity identity = this.getIdentity(); - - if (PortalConfig.USER_TYPE.equals(ownerType)) - { - if (ownerId.equals(identity.getUserId())) - { - return true; - } - return false; - } - - return hasPermission(identity, editPermExpression); - } - - public boolean hasPermission(String expPerm) - { - return hasPermission(getIdentity(), expPerm); - } - - /** - * @param group - * @return - */ - public boolean isUserInGroup(String group) - { - ConversationState conv = ConversationState.getCurrent(); - Identity id = null; - if (conv != null) - { - id = conv.getIdentity(); - } - - if (id == null) - { - return false; - } - - Iterator<String> iter = id.getGroups().iterator(); - - while (iter.hasNext()) - { - if (iter.next().equals(group)) - { - return true; - } - } - - return false; - } - - private boolean hasPermission(Identity identity, PortalConfig pconfig) - { - if (hasPermission(identity, pconfig.getEditPermission())) - { - pconfig.setModifiable(true); - return true; - } - pconfig.setModifiable(false); - String[] accessPerms = (pconfig.getAccessPermissions()); - for (String per : accessPerms) - { - if (hasPermission(identity, per)) - { - return true; - } - } - return false; - } - - private boolean hasEditPermission(Identity identity, PortalConfig pconfig) - { + Identity identity = getIdentity(); if (superUser_.equals(identity.getUserId())) { return true; } - return hasPermission(identity, pconfig.getEditPermission()); - } - - private boolean hasCreatePortalPermission(Identity identity) - { - if (superUser_.equals(identity.getUserId())) - { - return true; - } if (portalCreatorGroups_ == null || portalCreatorGroups_.size() < 1) { return false; @@ -405,8 +292,9 @@ return false; } - private boolean hasEditPermission(Identity identity, PageNavigation pageNav) + public boolean hasEditPermission(PageNavigation pageNav) { + Identity identity = getIdentity(); if (superUser_.equals(identity.getUserId())) { pageNav.setModifiable(true); @@ -414,17 +302,8 @@ } String ownerType = pageNav.getOwnerType(); - if(PortalConfig.PORTAL_TYPE.equals(ownerType)) + if (PortalConfig.GROUP_TYPE.equals(ownerType)) { - //For portal navigation, only manager of admin group has edit permission - String adminGroup = getAdminGroups(); - if(adminGroup == null){ - return false; - } - return identity.isMemberOf(adminGroup, UserACL.MANAGER); - } - else if (PortalConfig.GROUP_TYPE.equals(ownerType)) - { String temp = pageNav.getOwnerId().trim(); String expAdminGroup = getAdminGroups(); String expPerm = null; @@ -451,9 +330,10 @@ } return false; } - - private boolean hasPermission(Identity identity, Page page) + + public boolean hasPermission(Page page) { + Identity identity = getIdentity(); if (PortalConfig.USER_TYPE.equals(page.getOwnerType())) { if (page.getOwnerId().equals(identity.getUserId())) @@ -467,7 +347,7 @@ page.setModifiable(true); return true; } - if (hasEditPermission(identity, page)) + if (hasEditPermission(page)) { page.setModifiable(true); return true; @@ -487,8 +367,9 @@ return false; } - private boolean hasEditPermission(Identity identity, Page page) + public boolean hasEditPermission(Page page) { + Identity identity = getIdentity(); if (PortalConfig.USER_TYPE.equals(page.getOwnerType())) { if (page.getOwnerId().equals(identity.getUserId())) @@ -507,6 +388,66 @@ return false; } + /** + * + * Minh Hoang TO - This method is equivalent to + * <code>hasEditPermission(Page)</code>. It allows us to check edit + * permission with a UIPage, without converting UIPage into Page via + * PortalDataMapper + * + */ + public boolean hasEditPermissionOnPage(String ownerType, String ownerId, String editPermExpression) + { + Identity identity = this.getIdentity(); + + if (PortalConfig.USER_TYPE.equals(ownerType)) + { + if (ownerId.equals(identity.getUserId())) + { + return true; + } + return false; + } + + return hasPermission(identity, editPermExpression); + } + + public boolean hasPermission(String expPerm) + { + return hasPermission(getIdentity(), expPerm); + } + + /** + * @param group + * @return + */ + public boolean isUserInGroup(String group) + { + ConversationState conv = ConversationState.getCurrent(); + Identity id = null; + if (conv != null) + { + id = conv.getIdentity(); + } + + if (id == null) + { + return false; + } + + Iterator<String> iter = id.getGroups().iterator(); + + while (iter.hasNext()) + { + if (iter.next().equals(group)) + { + return true; + } + } + + return false; + } + private Identity getIdentity() { ConversationState conv = ConversationState.getCurrent(); @@ -546,10 +487,6 @@ { return true; } - if (identity == null) - { - return false; - } String membership = permission.getMembership(); return identity.isMemberOf(groupId, membership); } Modified: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACLMetaData.java =================================================================== --- portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACLMetaData.java 2010-06-09 04:32:19 UTC (rev 3265) +++ portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserACLMetaData.java 2010-06-09 04:47:51 UTC (rev 3266) @@ -19,6 +19,9 @@ package org.exoplatform.portal.config; +import org.exoplatform.container.xml.InitParams; +import org.exoplatform.container.xml.ValueParam; + /** * A metadata class to describe security configuration. * @@ -40,6 +43,40 @@ /** . */ private String portalCreateGroups; + public UserACLMetaData() + { + } + + /** + * Initialize the metadata for UserACL service base on + * the {@link InitParams} params passed to the constructor + * + * @param params + */ + public UserACLMetaData(InitParams params) + { + ValueParam superUserParam = params.getValueParam("super.user"); + if (superUserParam != null) + { + setSuperUser(superUserParam.getValue()); + } + ValueParam guestGroupParam = params.getValueParam("guests.group"); + if (guestGroupParam != null) + { + setGuestsGroups(guestGroupParam.getValue()); + } + ValueParam navCretorParam = params.getValueParam("navigation.creator.membership.type"); + if (navCretorParam != null) + { + setNavigationCreatorMembershipType(navCretorParam.getValue()); + } + ValueParam portalCretorGroupsParam = params.getValueParam("portal.creator.groups"); + if (portalCretorGroupsParam != null) + { + setPortalCreateGroups(portalCretorGroupsParam.getValue()); + } + } + public String getSuperUser() { return superUser; Modified: portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/navigation/webui/component/UIGroupNavigationManagement.java =================================================================== --- portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/navigation/webui/component/UIGroupNavigationManagement.java 2010-06-09 04:32:19 UTC (rev 3265) +++ portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/navigation/webui/component/UIGroupNavigationManagement.java 2010-06-09 04:47:51 UTC (rev 3266) @@ -198,7 +198,7 @@ OrganizationService orgService = this.getApplicationComponent(OrganizationService.class); try { - Collection<?> groups = orgService.getGroupHandler().findGroupByMembership(remoteUser, UserACL.MANAGER); + Collection<?> groups = orgService.getGroupHandler().findGroupByMembership(remoteUser, userACL.getMakableMT()); if (groups != null && groups.size() > 0) { return true; Modified: portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIAdminToolbarPortlet.java =================================================================== --- portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIAdminToolbarPortlet.java 2010-06-09 04:32:19 UTC (rev 3265) +++ portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIAdminToolbarPortlet.java 2010-06-09 04:47:51 UTC (rev 3266) @@ -76,6 +76,10 @@ } else { + if (PortalConfig.PORTAL_TYPE.equals(selectedNavigation.getOwnerType())) + { + return hasEditPermissionOnPortal(); + } return userACL.hasEditPermission(selectedNavigation); } } Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java =================================================================== --- portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java 2010-06-09 04:32:19 UTC (rev 3265) +++ portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java 2010-06-09 04:47:51 UTC (rev 3266) @@ -27,8 +27,6 @@ import org.exoplatform.portal.config.UserACL; import org.exoplatform.portal.config.model.ApplicationType; import org.exoplatform.portal.webui.util.Util; -import org.exoplatform.services.security.Identity; -import org.exoplatform.services.security.IdentityRegistry; import org.exoplatform.webui.config.annotation.ComponentConfig; import org.exoplatform.webui.config.annotation.EventConfig; import org.exoplatform.webui.core.UIContainer; @@ -61,10 +59,6 @@ if (remoteUser == null || remoteUser.equals("")) return; UserACL userACL = Util.getUIPortalApplication().getApplicationComponent(UserACL.class); - IdentityRegistry identityRegistry = Util.getUIPortalApplication().getApplicationComponent(IdentityRegistry.class); - Identity identity = identityRegistry.getIdentity(remoteUser); - if (identity == null) - return; PortletComparator portletComparator = new PortletComparator(); categories = service.getApplicationCategories(remoteUser); @@ -86,7 +80,7 @@ } for (String permssion : accessPermission) { - hasPermission = userACL.hasPermission(identity, permssion); + hasPermission = userACL.hasPermission(permssion); if (hasPermission) break; }