Author: mputz
Date: 2012-09-28 08:24:45 -0400 (Fri, 28 Sep 2012)
New Revision: 8850
Modified:
epp/portal/branches/EPP_5_2_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java
Log:
Resolves BZ#856083 - Adding permission check to UIApplicationList.getApplications()
method
Modified:
epp/portal/branches/EPP_5_2_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java
===================================================================
---
epp/portal/branches/EPP_5_2_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java 2012-09-19
06:42:19 UTC (rev 8849)
+++
epp/portal/branches/EPP_5_2_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIApplicationList.java 2012-09-28
12:24:45 UTC (rev 8850)
@@ -36,7 +36,6 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
-import java.util.Iterator;
import java.util.List;
/**
@@ -90,26 +89,48 @@
{
if (selectedCategory == null)
return null;
- List<Application> apps = selectedCategory.getApplications();
- //Correct IconURL of Gadget
- GadgetRegistryService gadgetService =
getApplicationComponent(GadgetRegistryService.class);
- for (Application app : apps)
+ String remoteUser = Util.getPortalRequestContext().getRemoteUser();
+ if (remoteUser == null || remoteUser.equals(""))
+ { return null; }
+
+ UserACL userACL = getApplicationComponent(UserACL.class);
+
+ List<Application> allApps = selectedCategory.getApplications();
+ List<Application> apps = new ArrayList<Application>();
+
+ for (Application app : allApps)
{
- if (ApplicationType.GADGET.equals(app.getType()))
+ List<String> accessPermission = app.getAccessPermissions();
+ if (accessPermission == null || accessPermission.size() == 0)
{
- try
+ continue;
+ }
+
+ GadgetRegistryService gadgetService =
getApplicationComponent(GadgetRegistryService.class);
+ for (String p : accessPermission)
+ {
+ if (userACL.hasPermission(p))
{
- Gadget gadget;
- gadget = gadgetService.getGadget(app.getApplicationName());
- if (gadget != null)
- app.setIconURL(gadget.getThumbnail());
+ if (ApplicationType.GADGET.equals(app.getType()))
+ {
+ try
+ {
+ Gadget gadget;
+ gadget = gadgetService.getGadget(app.getApplicationName());
+ if (gadget != null)
+ app.setIconURL(gadget.getThumbnail());
+ }
+ catch (Exception e)
+ {
+ }
+ }
+ apps.add(app);
+ break;
}
- catch (Exception e)
- {
- }
- }
+ }
}
+
return apps;
}
@@ -137,7 +158,7 @@
{ return; }
ApplicationRegistryService service =
getApplicationComponent(ApplicationRegistryService.class);
- UserACL userACL =
Util.getUIPortalApplication().getApplicationComponent(UserACL.class);
+ UserACL userACL = getApplicationComponent(UserACL.class);
final Comparator<Application> appComparator = new
Comparator<Application>()
{
@@ -166,7 +187,6 @@
continue;
}
- accessCheck:
for (String p : accessPermission)
{
if (userACL.hasPermission(p))
@@ -176,8 +196,8 @@
Collections.sort(apps, appComparator);
}
categories.add(category);
+ break;
}
- break accessCheck;
}
}
@@ -199,4 +219,4 @@
}
}
-}
\ No newline at end of file
+}
Show replies by date