[gatein-issues] [JBoss JIRA] Updated: (GTNPORTAL-1163) Missing permission check on displayed items in 'portalnavigation' node 's page
[
https://jira.jboss.org/jira/browse/GTNPORTAL-1163?page=com.atlassian.jira...
]
Minh Hoang TO updated GTNPORTAL-1163:
-------------------------------------
Summary: Missing permission check on displayed items in 'portalnavigation'
node 's page (was: Missing permission check on displayed item in
'portalnavigation' node 's page)
Missing permission check on displayed items in
'portalnavigation' node 's page
-------------------------------------------------------------------------------
Key: GTNPORTAL-1163
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-1163
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-GA
Reporter: Minh Hoang TO
Assignee: Minh Hoang TO
When user clicks on 'Site' node, the page content shows portal sites for which
he/she has edit permission either on navigation or layout. The current Java code check
only edit permissions on PortalConfig
// Get portals without edit permission
UserACL userACL = getApplicationComponent(UserACL.class);
Iterator<PortalConfig> iterPortals = tempArrayList.iterator();
PortalConfig portalConfig;
while (iterPortals.hasNext())
{
portalConfig = iterPortals.next();
if (!userACL.hasEditPermission(portalConfig))
{
iterPortals.remove();
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira