[gatein-issues] [JBoss JIRA] Commented: (GTNPORTAL-1163) Missing permission check on displayed item in 'portalnavigation' node 's page

[ https://jira.jboss.org/jira/browse/GTNPORTAL-1163?page=com.atlassian.jira... ] Minh Hoang TO commented on GTNPORTAL-1163: ------------------------------------------ At the moment, cheking edit layout and edit navigation permissions simultaneously is quite complex as PortalConfig and PageNavigation are not linked together. The 'find' methods in DataStorage do not allow us to get the couple <PortalConfig, PageNavigation> within one query. For this issue, i suggest two solutions 1. Remove the 'Edit Layout' link (which is not really useful), then the UISiteManagement plays the same roles as UIGroupNavigationManagement and could be merged into a single class. Some ugly Java code in UIPortalComposer could be thrown away too! 2. Define a wrapper of PortalConfig and PageNavigation, and ofcourse methods to load this wrapper in DataStorage. That should be st like SiteConfig{ PortalConfig siteLayout; PageNavigation siteNavigation; public boolean couldEditSiteNavigation() public boolean couldEditSiteLayout() } Personally, i vote for (1). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira