[gatein-issues] [JBoss JIRA] Created: (GTNPORTAL-1163) Missing permission check on displayed item in 'portalnavigation' node 's page

Thursday, 6 May 2010

Missing permission check on displayed item in 'portalnavigation' node 's page
-----------------------------------------------------------------------------

                 Key: GTNPORTAL-1163
                 URL: https://jira.jboss.org/jira/browse/GTNPORTAL-1163
             Project: GateIn Portal
          Issue Type: Bug
    Affects Versions: 3.0.0-GA
            Reporter: Minh Hoang TO

 When user clicks on 'Site' node, the page content shows portal sites for which
he/she has edit permission either on navigation or layout. The current Java code check
only edit permissions on PortalConfig

// Get portals without edit permission
      UserACL userACL = getApplicationComponent(UserACL.class);
      Iterator<PortalConfig> iterPortals = tempArrayList.iterator();
      PortalConfig portalConfig;
      while (iterPortals.hasNext())
      {
         portalConfig = iterPortals.next();
         if (!userACL.hasEditPermission(portalConfig))
         {
            iterPortals.remove();
         }
      }

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[gatein-issues] [JBoss JIRA] Created: (GTNPORTAL-1163) Missing permission check on displayed item in 'portalnavigation' node 's page