[jboss-cvs] JBossBlog SVN: r220 - in trunk: resources/WEB-INF and 8 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Feb 26 04:13:35 EST 2008
Author: adamw
Date: 2008-02-26 04:13:35 -0500 (Tue, 26 Feb 2008)
New Revision: 220
Added:
trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java
Removed:
trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java
Modified:
trunk/resources/META-INF/security.drl
trunk/resources/WEB-INF/pages.xml
trunk/src/action/org/jboss/blog/session/feed/mod/AggregatedFeedModBean.java
trunk/src/action/org/jboss/blog/session/feed/mod/FeedModBean.java
trunk/src/action/org/jboss/blog/session/feed/mod/PropositionsCountBean.java
trunk/src/action/org/jboss/blog/session/feed/mod/RemoteFeedModBean.java
trunk/src/action/org/jboss/blog/session/update/UpdateManager.java
trunk/view/manage/feed_mod.xhtml
trunk/view/manage/group/group_list.xhtml
trunk/view/manage/proposition/proposition_list.xhtml
trunk/view/view/post.xhtml
Log:
Modified: trunk/resources/META-INF/security.drl
===================================================================
--- trunk/resources/META-INF/security.drl 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/resources/META-INF/security.drl 2008-02-26 09:13:35 UTC (rev 220)
@@ -30,7 +30,7 @@
rule CanProposeFeed
when
c: PermissionCheck(name == "feed", action == "add") and
- feed : Feed(accepted == false)
+ Feed(accepted == false)
then
c.grant();
end;
@@ -40,7 +40,8 @@
c: PermissionCheck(name == "feed", action == "edit") and
(
(
- feed : Feed() and
+ group : Group() and
+ feed : Feed(group == group) and
FeedsCombinedRole(role == FeedsSecurityRole.FEED_ADMIN, id == feed.id)
) or
(
@@ -52,6 +53,16 @@
c.grant();
end;
+rule CanDeleteUnacceptedFeed
+when
+ c: PermissionCheck(name == "feed", action == "delete") and
+ Feed(accepted == false) and
+ group : Group() and
+ FeedsCombinedRole(role == FeedsSecurityRole.GROUP_ADMIN, id == group.id)
+then
+ c.grant();
+end;
+
rule CanAddGroup
when
c: PermissionCheck(name == "group", action == "add") and
Modified: trunk/resources/WEB-INF/pages.xml
===================================================================
--- trunk/resources/WEB-INF/pages.xml 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/resources/WEB-INF/pages.xml 2008-02-26 09:13:35 UTC (rev 220)
@@ -42,18 +42,20 @@
<!-- Manage main -->
- <page view-id="/manage/index.xhtml" />
+ <page view-id="/manage/index.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('management', 'view')}</restrict>
+ </page>
<!-- Manage feeds -->
- <page view-id="/manage/feed_add.xhtml" conversation-required="true">
+ <page view-id="/manage/feed_add.xhtml" conversation-required="true" login-required="true">
<navigation from-action="#{feedMod.saveNew}">
<end-conversation />
<redirect view-id="/manage/index.xhtml" />
</navigation>
</page>
- <page view-id="/manage/feed_propose.xhtml" conversation-required="true">
+ <page view-id="/manage/feed_propose.xhtml" conversation-required="true" login-required="true">
<navigation from-action="#{feedMod.saveNew}">
<end-conversation />
<raise-event type="org.jboss.blog.feed.proposed" />
@@ -61,17 +63,19 @@
</navigation>
</page>
- <page view-id="/manage/feed_edit.xhtml">
+ <page view-id="/manage/feed_edit.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<param name="name" converterId="feedConverter" value="#{feedMod.feed}" />
+ <restrict>#{identity.hasPermission('feed', 'edit', feedMod.feed, feedMod.feed.group)}</restrict>
<navigation from-action="#{feedMod.saveExisting}">
<end-conversation />
<redirect view-id="/manage/index.xhtml" />
</navigation>
</page>
- <page view-id="/manage/feed_delete.xhtml">
+ <page view-id="/manage/feed_delete.xhtml" login-required="true">
<param name="name" converterId="feedConverter" value="#{feedMod.feed}" />
+ <restrict>#{identity.hasPermission('feed', 'delete', feedMod.feed, feedMod.feed.group)}</restrict>
<navigation from-action="#{feedMod.delete}">
<redirect view-id="/manage/index.xhtml" />
</navigation>
@@ -79,7 +83,8 @@
<!-- Manage propositions -->
- <page view-id="/manage/proposition/proposition_accept.xhtml">
+ <page view-id="/manage/proposition/proposition_accept.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('feed', 'edit', feedMod.feed, feedMod.feed.group)}</restrict>
<begin-conversation flush-mode="manual" join="true" />
<param name="name" converterId="feedConverter" value="#{feedMod.feed}" />
<navigation from-action="#{feedMod.saveExisting}">
@@ -91,16 +96,17 @@
<!-- Manage remote feeds -->
- <page view-id="/manage/remote/remote_add.xhtml">
+ <page view-id="/manage/remote/remote_add.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<navigation from-action="#{remoteFeedMod.saveNew}">
<redirect view-id="/manage/feed_add.xhtml" />
</navigation>
</page>
- <page view-id="/manage/remote/remote_edit.xhtml">
+ <page view-id="/manage/remote/remote_edit.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<param name="name" converterId="feedConverter" value="#{feedMod.feed}" />
+ <restrict>#{identity.hasPermission('feed', 'edit', feedMod.feed, feedMod.feed.group)}</restrict>
<navigation from-action="#{remoteFeedMod.saveExisting}">
<end-conversation />
<redirect view-id="/manage/index.xhtml" />
@@ -111,7 +117,7 @@
</navigation>
</page>
- <page view-id="/manage/remote/remote_propose.xhtml">
+ <page view-id="/manage/remote/remote_propose.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<action execute="#{remoteFeedMod.unsetAccepted}" />
<navigation from-action="#{remoteFeedMod.saveNew}">
@@ -121,7 +127,7 @@
<!-- Manage aggregated feeds -->
- <page view-id="/manage/aggregated/aggregated_add.xhtml">
+ <page view-id="/manage/aggregated/aggregated_add.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<navigation from-action="#{aggregatedFeedMod.saveNew}">
<redirect view-id="/manage/feed_add.xhtml" />
@@ -142,9 +148,10 @@
</navigation>
</page>
- <page view-id="/manage/aggregated/aggregated_edit.xhtml">
+ <page view-id="/manage/aggregated/aggregated_edit.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<param name="name" converterId="feedConverter" value="#{feedMod.feed}" />
+ <restrict>#{identity.hasPermission('feed', 'edit', feedMod.feed, feedMod.feed.group)}</restrict>
<navigation from-action="#{aggregatedFeedMod.saveExisting}">
<end-conversation />
<redirect view-id="/manage/index.xhtml" />
@@ -167,7 +174,7 @@
<!-- Add filters -->
- <page view-id="/manage/aggregated/filter_add.xhtml" conversation-required="true">
+ <page view-id="/manage/aggregated/filter_add.xhtml" conversation-required="true" login-required="true">
<!-- Should be done using a wildcard, but they aren't supported -->
<navigation from-action="#{filterAdd.add(filterAdd.podcastFilter)}">
<raise-event type="org.jboss.blog.restoreView" />
@@ -197,7 +204,8 @@
</navigation>
</page>
- <page view-id="/manage/group/group_list.xhtml">
+ <page view-id="/manage/group/group_list.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('management_groups', 'view')}</restrict>
<param name="id" converterId="groupConverter" value="#{groupMod.group}" />
<navigation from-action="#{groupMod.edit}">
<begin-conversation nested="true" flush-mode="manual" />
@@ -208,23 +216,26 @@
</navigation>
</page>
- <page view-id="/manage/group/group_add.xhtml">
+ <page view-id="/manage/group/group_add.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('group', 'add')}</restrict>
<navigation from-action="#{groupMod.saveNew}">
<end-conversation />
<raise-event type="org.jboss.blog.restoreView" />
</navigation>
</page>
- <page view-id="/manage/group/group_edit.xhtml">
+ <page view-id="/manage/group/group_edit.xhtml" login-required="true">
<param name="id" converterId="groupConverter" value="#{groupMod.group}" />
+ <restrict>#{identity.hasPermission('group', 'edit', groupMod.group)}</restrict>
<navigation from-action="#{groupMod.saveExisting}">
<end-conversation />
<raise-event type="org.jboss.blog.restoreView" />
</navigation>
</page>
- <page view-id="/manage/group/group_delete.xhtml">
+ <page view-id="/manage/group/group_delete.xhtml" login-required="true">
<param name="id" converterId="groupConverter" value="#{groupMod.group}" />
+ <restrict>#{identity.hasPermission('group', 'delete', groupMod.group)}</restrict>
<navigation from-action="#{groupMod.delete}">
<redirect view-id="/manage/group/group_list.xhtml" />
</navigation>
@@ -232,7 +243,12 @@
<!-- Manage templates -->
- <page view-id="/manage/template/template_add.xhtml">
+ <page view-id="/manage/template/template_list.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('management_template', 'view')}</restrict>
+ </page>
+
+ <page view-id="/manage/template/template_add.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('template', 'add')}</restrict>
<begin-conversation flush-mode="manual" join="true" />
<navigation from-action="#{templateMod.saveNew}">
<end-conversation />
@@ -240,17 +256,19 @@
</navigation>
</page>
- <page view-id="/manage/template/template_edit.xhtml">
+ <page view-id="/manage/template/template_edit.xhtml" login-required="true">
<begin-conversation flush-mode="manual" join="true" />
<param name="id" converterId="templateConverter" value="#{templateMod.template}" />
+ <restrict>#{identity.hasPermission('template', 'edit', templateMod.template)}</restrict>
<navigation from-action="#{templateMod.saveExisting}">
<end-conversation />
<redirect view-id="/manage/template/template_list.xhtml" />
</navigation>
</page>
- <page view-id="/manage/template/template_delete.xhtml">
+ <page view-id="/manage/template/template_delete.xhtml" login-required="true">
<param name="id" converterId="templateConverter" value="#{templateMod.template}" />
+ <restrict>#{identity.hasPermission('template', 'delete', templateMod.template)}</restrict>
<navigation from-action="#{templateMod.delete}">
<redirect view-id="/manage/template/template_list.xhtml" />
</navigation>
@@ -258,7 +276,9 @@
<!-- Manage updates -->
- <page view-id="/manage/update_manager.xhtml" />
+ <page view-id="/manage/update_manager.xhtml" login-required="true">
+ <restrict>#{identity.hasPermission('admin', '')}</restrict>
+ </page>
<!-- Exceptions -->
Modified: trunk/src/action/org/jboss/blog/session/feed/mod/AggregatedFeedModBean.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/feed/mod/AggregatedFeedModBean.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/action/org/jboss/blog/session/feed/mod/AggregatedFeedModBean.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -199,7 +199,6 @@
getAggregatedFeed().setGlobalFilter(new AndFilter(globalFilters));
}
- @Restrict("#{identity.hasPermission('feed', 'add', feedMod.feed, feedMod.feed.group)}")
public void saveNew() {
save();
}
Modified: trunk/src/action/org/jboss/blog/session/feed/mod/FeedModBean.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/feed/mod/FeedModBean.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/action/org/jboss/blog/session/feed/mod/FeedModBean.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -84,7 +84,7 @@
facesMessages.addFromResourceBundle(FacesMessage.SEVERITY_INFO, "blog.feed.proposed", getFeed().getName());
}
- @Restrict("#{identity.hasPermission('feed', 'add', feedMod.feed.group)}")
+ @Restrict("#{identity.hasPermission('feed', 'add', feedMod.feed, feedMod.feed.group)}")
public void saveNew() {
Lock feedLock = feedsLocks.getLockForFeed(feed.getName());
feedLock.lock();
Modified: trunk/src/action/org/jboss/blog/session/feed/mod/PropositionsCountBean.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/feed/mod/PropositionsCountBean.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/action/org/jboss/blog/session/feed/mod/PropositionsCountBean.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -6,6 +6,7 @@
import org.jboss.seam.ScopeType;
import org.jboss.blog.service.GroupsService;
import org.jboss.blog.model.Group;
+import org.jboss.blog.session.security.GroupsSecurity;
/**
* @author <a href="mailto:adam at warski.org">Adam Warski</a>
@@ -16,10 +17,13 @@
@In
private GroupsService groupsService;
+ @In
+ private GroupsSecurity groupsSecurity;
+
public int getPendingPropositions() {
int total = 0;
- for (Group group : groupsService.getAllGroups()) {
+ for (Group group : groupsSecurity.filterForFeedMod(groupsService.getAllGroups())) {
total += groupsService.unacceptedFeeds(group).size();
}
Modified: trunk/src/action/org/jboss/blog/session/feed/mod/RemoteFeedModBean.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/feed/mod/RemoteFeedModBean.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/action/org/jboss/blog/session/feed/mod/RemoteFeedModBean.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -119,7 +119,6 @@
}
}
- @Restrict("#{identity.hasPermission('feed', 'add', feedMod.feed.group)}")
public void saveNew() {
getRemoteFeed().setAuthor(parsedFeed.getAuthor());
getRemoteFeed().setDescription(parsedFeed.getDescription());
Added: trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java (rev 0)
+++ trunk/src/action/org/jboss/blog/session/security/GroupsSecurity.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -0,0 +1,48 @@
+package org.jboss.blog.session.security;
+
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.AutoCreate;
+import org.jboss.seam.annotations.In;
+import org.jboss.seam.ScopeType;
+import org.jboss.blog.model.Group;
+import org.jboss.blog.model.feed.Feed;
+
+import java.util.List;
+import java.util.ArrayList;
+
+/**
+ * @author <a href="mailto:adam at warski.org">Adam Warski</a>
+ */
+ at Name("groupsSecurity")
+ at Scope(ScopeType.STATELESS)
+ at AutoCreate
+public class GroupsSecurity {
+ @In
+ private FeedsIdentity identity;
+
+ public List<Group> filterForFeedMod(List<Group> groups) {
+ List<Group> allowedGroups = new ArrayList<Group>();
+
+ for (Group group : groups) {
+ if (identity.hasPermission("feed", "add", group)) {
+ allowedGroups.add(group);
+ }
+ }
+
+ return allowedGroups;
+ }
+
+ public List<Group> filterForFeedMod(Feed feed, List<Group> groups, boolean add) {
+ List<Group> allowedGroups = new ArrayList<Group>();
+
+ for (Group group : groups) {
+ if ((identity.hasPermission("feed", "add", feed, group)) ||
+ ((!add) && identity.hasPermission("feed", "edit", feed, group))) {
+ allowedGroups.add(group);
+ }
+ }
+
+ return allowedGroups;
+ }
+}
Modified: trunk/src/action/org/jboss/blog/session/update/UpdateManager.java
===================================================================
--- trunk/src/action/org/jboss/blog/session/update/UpdateManager.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/action/org/jboss/blog/session/update/UpdateManager.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -4,6 +4,7 @@
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.annotations.*;
import org.jboss.seam.annotations.Observer;
+import org.jboss.seam.annotations.security.Restrict;
import org.jboss.blog.session.configuration.ConfigurationManager;
import javax.faces.application.FacesMessage;
@@ -125,6 +126,7 @@
return configurationManager.getConfiguration().getUpdateInterval();
}
+ @Restrict("#{identity.hasPermission('admin', null)}")
public void setUpdateInterval(int updateInterval) {
configurationManager.getConfiguration().setUpdateInterval(updateInterval);
}
@@ -133,6 +135,7 @@
return configurationManager.getConfiguration().getConnectionTimeout();
}
+ @Restrict("#{identity.hasPermission('admin', null)}")
public void setConnectionTimeout(int connectionTimeout) {
configurationManager.getConfiguration().setConnectionTimeout(connectionTimeout);
}
@@ -141,6 +144,7 @@
return configurationManager.getConfiguration().getReadTimeout();
}
+ @Restrict("#{identity.hasPermission('admin', null)}")
public void setReadTimeout(int readTimeout) {
configurationManager.getConfiguration().setReadTimeout(readTimeout);
}
@@ -155,6 +159,7 @@
return baos.toString();
}
+ @Restrict("#{identity.hasPermission('admin', null)}")
public void save() {
restartUpdateThread();
facesMessages.addFromResourceBundle(FacesMessage.SEVERITY_INFO, "blog.configuration.saved");
Deleted: trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java
===================================================================
--- trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/src/model/org/jboss/blog/model/security/SecurityRoles.java 2008-02-26 09:13:35 UTC (rev 220)
@@ -1,10 +0,0 @@
-package org.jboss.blog.model.security;
-
-/**
- * @author <a href="mailto:adam at warski.org">Adam Warski</a>
- */
-public enum SecurityRoles {
- ADMIN,
- GROUP_ADMIN,
- FEED_ADMIN
-}
Modified: trunk/view/manage/feed_mod.xhtml
===================================================================
--- trunk/view/manage/feed_mod.xhtml 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/view/manage/feed_mod.xhtml 2008-02-26 09:13:35 UTC (rev 220)
@@ -83,7 +83,7 @@
<h:selectOneMenu id="group" required="true" value="#{feedMod.feed.group}">
<a:support event="onblur" reRender="groupMessage" ajaxSingle="true" bypassUpdates="true"/>
<s:convertEntity />
- <s:selectItems var="group" value="#{groupsService.allGroups}"
+ <s:selectItems var="group" value="#{groupsSecurity.filterForFeedMod(feedMod.feed, groupsService.allGroups, new)}"
label="#{group.displayName}" />
</h:selectOneMenu>
Modified: trunk/view/manage/group/group_list.xhtml
===================================================================
--- trunk/view/manage/group/group_list.xhtml 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/view/manage/group/group_list.xhtml 2008-02-26 09:13:35 UTC (rev 220)
@@ -30,21 +30,26 @@
</tr>
<a:repeat var="group" value="#{groupsService.allGroups}" rowKeyVar="rowNumber">
- <tr class="#{(rowNumber%2 == 0) ? 'evenRow' : 'oddRow'}">
- <td class="rowlinefirst" style="font-weight:bold;">#{group.displayName}</td>
- <td class="rowline">#{group.name}</td>
- <td class="rowline">
- <s:link action="#{groupMod.edit}" value="Edit">
- <f:param name="id" value="#{group.id}" />
- </s:link>
- </td>
- <td class="rowline">
- <s:link view="/manage/group/group_delete.xhtml" action="#{groupMod.delete}" value="Delete"
- onclick="if (!confirm('Are you sure you want to delete this group?')) return false">
- <f:param name="id" value="#{group.id}" />
- </s:link>
- </td>
- </tr>
+ <s:fragment rendered="#{identity.hasPermission('group', 'edit', group) ||
+ identity.hasPermission('group', 'delete', group)}">
+ <tr class="#{(rowNumber%2 == 0) ? 'evenRow' : 'oddRow'}">
+ <td class="rowlinefirst" style="font-weight:bold;">#{group.displayName}</td>
+ <td class="rowline">#{group.name}</td>
+ <td class="rowline">
+ <s:link action="#{groupMod.edit}" value="Edit"
+ rendered="#{identity.hasPermission('group', 'edit', group)}">
+ <f:param name="id" value="#{group.id}" />
+ </s:link>
+ </td>
+ <td class="rowline">
+ <s:link view="/manage/group/group_delete.xhtml" action="#{groupMod.delete}" value="Delete"
+ onclick="if (!confirm('Are you sure you want to delete this group?')) return false"
+ rendered="#{identity.hasPermission('group', 'delete', group)}">
+ <f:param name="id" value="#{group.id}" />
+ </s:link>
+ </td>
+ </tr>
+ </s:fragment>
</a:repeat>
</table>
</ui:define>
Modified: trunk/view/manage/proposition/proposition_list.xhtml
===================================================================
--- trunk/view/manage/proposition/proposition_list.xhtml 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/view/manage/proposition/proposition_list.xhtml 2008-02-26 09:13:35 UTC (rev 220)
@@ -23,7 +23,7 @@
</tr>
<ui:repeat var="group" value="#{groupsService.allGroups}">
- <s:fragment>
+ <s:fragment rendered="#{identity.hasPermission('management_group', 'view', group, groupsService.acceptedFeeds(group))}">
<tr>
<td colspan="7" class="categoryRow">#{group.displayName}</td>
</tr>
@@ -35,22 +35,27 @@
</s:fragment>
<a:repeat var="feed" value="#{groupsService.unacceptedFeeds(group)}" rowKeyVar="rowNumber">
- <tr class="#{(rowNumber%2 == 0) ? 'evenRow' : 'oddRow'}">
- <td class="rowlinefirst" style="font-weight:bold;">#{feed.title}</td>
- <td class="rowline">#{feed.name}</td>
- <td class="rowline"><h:outputLink value="#{feed.remoteLink}">#{feed.remoteLink}</h:outputLink></td>
- <td class="rowline">
- <s:link view="/manage/proposition/proposition_accept.xhtml" value="Accept">
- <f:param name="name" value="#{feed.name}" />
- </s:link>
- </td>
- <td class="rowline">
- <s:link view="/manage/feed_delete.xhtml" action="#{feedMod.delete}" value="Delete"
- onclick="if (!confirm('Are you sure you want to delete this feed?')) return false">
- <f:param name="name" value="#{feed.name}" />
- </s:link>
- </td>
- </tr>
+ <s:fragment rendered="#{identity.hasPermission('feed', 'edit', feed, group) ||
+ identity.hasPermission('feed', 'delete', feed, group)}">
+ <tr class="#{(rowNumber%2 == 0) ? 'evenRow' : 'oddRow'}">
+ <td class="rowlinefirst" style="font-weight:bold;">#{feed.title}</td>
+ <td class="rowline">#{feed.name}</td>
+ <td class="rowline"><h:outputLink value="#{feed.remoteLink}">#{feed.remoteLink}</h:outputLink></td>
+ <td class="rowline">
+ <s:link view="/manage/proposition/proposition_accept.xhtml" value="Accept"
+ rendered="#{identity.hasPermission('feed', 'edit', feed, group)}">
+ <f:param name="name" value="#{feed.name}" />
+ </s:link>
+ </td>
+ <td class="rowline">
+ <s:link view="/manage/feed_delete.xhtml" action="#{feedMod.delete}" value="Delete"
+ onclick="if (!confirm('Are you sure you want to delete this feed?')) return false"
+ rendered="#{identity.hasPermission('feed', 'delete', feed, group)}">
+ <f:param name="name" value="#{feed.name}" />
+ </s:link>
+ </td>
+ </tr>
+ </s:fragment>
</a:repeat>
</s:fragment>
</ui:repeat>
Modified: trunk/view/view/post.xhtml
===================================================================
--- trunk/view/view/post.xhtml 2008-02-25 20:30:13 UTC (rev 219)
+++ trunk/view/view/post.xhtml 2008-02-26 09:13:35 UTC (rev 220)
@@ -25,7 +25,8 @@
</li>
<li>
<s:link value="Delete post" action="#{postView.delete}"
- onclick="if (!confirm('Are you sure you want to delete this post?')) return false"/>
+ onclick="if (!confirm('Are you sure you want to delete this post?')) return false"
+ rendered="#{identity.hasPermission('post', 'delete', post, post.feed, post.feed.group)}"/>
</li>
</ul>
</div>
More information about the jboss-cvs-commits
mailing list