[
https://jira.jboss.org/jira/browse/GTNPORTAL-1025?page=com.atlassian.jira...
]
Minh Hoang TO commented on GTNPORTAL-1025:
------------------------------------------
UserACL userACL = uicomp.getApplicationComponent(UserACL.class);
if (!userACL.hasEditPermission(portalConfig))
{
uiApplication.addMessage(new
ApplicationMessage("UISiteManagement.msg.Invalid-editPermission", null));;
return;
}
Above is the check edit permission i cited from EditNavigationActionListener in
UISiteManagement.java, the permission check MUST BE DONE ON PageNavigation and NOT ON THE
PortalConfig ( which must be used with EditLayoutActionListener)
Let 's see what has been happening:
1. There is not yet a clear and non disputable spec on the stuff ( i refer to a
wiki-page)
2. Testers/new developers run tests on EditLayoutActionListener and think that nothing is
wrong ( which is wrong in fact), then testers/developers base on those test result to
update sniff tests and to write analogous code.
Don't show site editor menu when user does not have right to add
new page
-------------------------------------------------------------------------
Key: GTNPORTAL-1025
URL:
https://jira.jboss.org/jira/browse/GTNPORTAL-1025
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Affects Versions: 3.0.0-GA
Reporter: Hang Nguyen
Assignee: Minh Hoang TO
Fix For: 3.1.0-GA
Original Estimate: 4 hours
Remaining Estimate: 4 hours
Steps:
- Create new user with membership is not "Manager"
- Add new page for portal
- Login by root
- Go to edit navigation
- Create new node & select added page for that node
- Login by new user
=> Don't show site menu item ( It must be displayed : Edit page and edit layout of
page).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira