Author: julien(a)jboss.com Date: 2006-12-12 17:44:20 -0500 (Tue, 12 Dec 2006) New Revision: 5813 Modified: trunk/core/src/main/org/jboss/portal/core/impl/model/instance/PersistentInstanceContainer.java trunk/core/src/main/org/jboss/portal/core/model/instance/InstancePermission.java trunk/security/src/main/org/jboss/portal/security/PortalSecurityException.java Log: - JBPORTAL-1158 : Secure instances in dashboard configurator - made portal security exception unchecked Modified: trunk/core/src/main/org/jboss/portal/core/impl/model/instance/PersistentInstanceContainer.java =================================================================== --- trunk/core/src/main/org/jboss/portal/core/impl/model/instance/PersistentInstanceContainer.java 2006-12-12 21:37:36 UTC (rev 5812) +++ trunk/core/src/main/org/jboss/portal/core/impl/model/instance/PersistentInstanceContainer.java 2006-12-12 22:44:20 UTC (rev 5813) @@ -37,6 +37,7 @@ import org.jboss.portal.core.model.instance.InstanceDefinition; import org.jboss.portal.core.model.instance.InstancePermission; import org.jboss.portal.core.model.instance.NoSuchInstanceException; +import org.jboss.portal.core.model.instance.Instance; import org.jboss.portal.jems.as.system.AbstractJBossService; import org.jboss.portal.jems.hibernate.ObjectContextualizer; import org.jboss.portal.portlet.PortletContext; @@ -52,6 +53,7 @@ import org.jboss.portal.security.SecurityConstants; import org.jboss.portal.security.impl.JBossAuthorizationDomainRegistry; import org.jboss.portal.security.spi.auth.PortalAuthorizationManagerFactory; +import org.jboss.portal.security.spi.auth.PortalAuthorizationManager; import org.jboss.portal.security.spi.provider.AuthorizationDomain; import org.jboss.portal.security.spi.provider.DomainConfigurator; import org.jboss.portal.security.spi.provider.PermissionFactory; @@ -432,8 +434,26 @@ public Collection getInstances() { + // + PortalAuthorizationManager mgr = portalAuthorizationManagerFactory.getManager(); + + // Session session = ctx.getCurrentSession(); - return session.createQuery("from InstanceDefinitionImpl").list(); + List list = session.createQuery("from InstanceDefinitionImpl").list(); + + // Filter the list + for (Iterator i = list.iterator();i.hasNext();) + { + Instance instance = (Instance)i.next(); + InstancePermission perm = new InstancePermission(instance.getId(), InstancePermission.VIEW_ACTION); + if (mgr.checkPermission(perm) == false) + { + i.remove(); + } + } + + // + return list; } PortletInvocationResponse invoke(PortletInvocation invocation) throws PortletInvokerException Modified: trunk/core/src/main/org/jboss/portal/core/model/instance/InstancePermission.java =================================================================== --- trunk/core/src/main/org/jboss/portal/core/model/instance/InstancePermission.java 2006-12-12 21:37:36 UTC (rev 5812) +++ trunk/core/src/main/org/jboss/portal/core/model/instance/InstancePermission.java 2006-12-12 22:44:20 UTC (rev 5813) @@ -48,9 +48,33 @@ /** The view action name. */ public static final String VIEW_ACTION = "view"; + /** The create action name. */ + public static final String CREATE_ACTION = "create"; + + /** The destroy action name. */ + public static final String DESTROY_ACTION = "destroy"; + + /** The customize action name. */ + public static final String CUSTOMIZE_ACTION = "customize"; + + /** The customize action name. */ + public static final String ADMIN_ACTION = "admin"; + /** . */ public static final int VIEW_MASK = 0x01; + /** . */ + public static final int CREATE_MASK = 0x02; + + /** . */ + public static final int DESTROY_MASK = 0x04; + + /** . */ + public static final int CUSTOMIZE_MASK = 0x08; + + /** . */ + public static final int ADMIN_MASK = VIEW_MASK | CREATE_MASK | DESTROY_MASK | CUSTOMIZE_MASK; + /** The imply mask. */ private int mask; @@ -61,7 +85,7 @@ public static final String PERMISSION_TYPE = "instance"; /** The action names. */ - private static final String[] ACTION_NAMES = {VIEW_ACTION}; + private static final String[] ACTION_NAMES = {VIEW_ACTION,CREATE_ACTION,DESTROY_ACTION,CUSTOMIZE_ACTION}; public InstancePermission(PortalPermissionCollection collection) { @@ -113,6 +137,22 @@ { mask |= VIEW_MASK; } + else if (CREATE_ACTION.equals(action)) + { + mask |= CREATE_MASK; + } + else if (DESTROY_ACTION.equals(action)) + { + mask |= DESTROY_MASK; + } + else if (CUSTOMIZE_ACTION.equals(action)) + { + mask |= CUSTOMIZE_MASK; + } + else if (ADMIN_ACTION.equals(action)) + { + mask |= ADMIN_MASK; + } else { throw new IllegalArgumentException("Illegal action " + action); Modified: trunk/security/src/main/org/jboss/portal/security/PortalSecurityException.java =================================================================== --- trunk/security/src/main/org/jboss/portal/security/PortalSecurityException.java 2006-12-12 21:37:36 UTC (rev 5812) +++ trunk/security/src/main/org/jboss/portal/security/PortalSecurityException.java 2006-12-12 22:44:20 UTC (rev 5813) @@ -28,7 +28,7 @@ * @author <a href="mailto:julien@jboss.org">Julien Viet</a> * @version $Revision$ */ -public class PortalSecurityException extends Exception +public class PortalSecurityException extends RuntimeException { /** The serialVersionUID */ private static final long serialVersionUID = -6743601619857049697L;