[portal-commits] JBoss Portal SVN: r11837 - branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command.
portal-commits at lists.jboss.org
portal-commits at lists.jboss.org
Tue Sep 9 06:47:24 EDT 2008
Author: thomas.heute at jboss.com
Date: 2008-09-09 06:47:23 -0400 (Tue, 09 Sep 2008)
New Revision: 11837
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java
Log:
JBPORTAL-2153: Secure rights are not properly checked when creating new files/folders
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java 2008-09-09 04:26:13 UTC (rev 11836)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java 2008-09-09 10:47:23 UTC (rev 11837)
@@ -28,6 +28,7 @@
import org.jboss.portal.cms.security.Criteria;
import org.jboss.portal.cms.security.Permission;
import org.jboss.portal.cms.security.PortalCMSSecurityContext;
+import org.jboss.portal.cms.util.NodeUtil;
import org.jboss.portal.cms.workflow.ApprovePublish;
import org.jboss.portal.identity.Role;
import org.jboss.portal.identity.User;
@@ -268,7 +269,14 @@
}
else if (command instanceof FolderCreateCommand)
{
- path = ((FolderCreateCommand)command).mFolder.getBasePath();
+ try
+ {
+ path = NodeUtil.getParentPath(((FolderCreateCommand)command).mFolder.getBasePath());
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
}
else if (command instanceof FileUpdateCommand)
{
@@ -280,7 +288,14 @@
}
else if (command instanceof NewFileCommand)
{
- path = ((NewFileCommand)command).getPath();
+ try
+ {
+ path = NodeUtil.getParentPath(((NewFileCommand)command).getPath());
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
}
else if (command instanceof UpdateFileCommand)
{
More information about the portal-commits
mailing list