portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From woon...@apache.org
Subject svn commit: r887964 - /portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java
Date Mon, 07 Dec 2009 15:50:02 GMT
Author: woonsan
Date: Mon Dec  7 15:50:01 2009
New Revision: 887964

URL: http://svn.apache.org/viewvc?rev=887964&view=rev
Log:
JS2-1087: Adds the existing portlet filtering out logic by role

Modified:
    portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java?rev=887964&r1=887963&r2=887964&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java
(original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/PortletRegistryService.java
Mon Dec  7 15:50:01 2009
@@ -36,6 +36,7 @@
 import org.apache.commons.lang.math.NumberUtils;
 import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.components.portletregistry.PortletRegistry;
+import org.apache.jetspeed.om.portlet.LocalizedField;
 import org.apache.jetspeed.om.portlet.PortletApplication;
 import org.apache.jetspeed.om.portlet.PortletDefinition;
 import org.apache.jetspeed.search.ParsedObject;
@@ -219,7 +220,7 @@
                 }
             }
             
-            Collection<PortletDefinition> filteredPortletDefinitions = filterPortletDefinitionsBySecurityAccess(searchedPortletDefinitions,
JetspeedActions.MASK_VIEW);
+            Collection<PortletDefinition> filteredPortletDefinitions = filterPortletDefinitionsBySecurityAccess(searchedPortletDefinitions,
JetspeedActions.MASK_VIEW, servletRequest);
             pdBeans.setTotalSize(filteredPortletDefinitions.size());
             
             for (PortletDefinition pd : (Collection<PortletDefinition>) PaginationUtils.subCollection(filteredPortletDefinitions,
beginIndex, maxResults))
@@ -231,7 +232,7 @@
         {
             if (StringUtils.isBlank(applicationName) && StringUtils.isBlank(definitionName))
             {
-                Collection<PortletDefinition> pds = filterPortletDefinitionsBySecurityAccess(portletRegistry.getAllPortletDefinitions(),
JetspeedActions.MASK_VIEW);
+                Collection<PortletDefinition> pds = filterPortletDefinitionsBySecurityAccess(portletRegistry.getAllPortletDefinitions(),
JetspeedActions.MASK_VIEW, servletRequest);
                 pdBeans.setTotalSize(pds.size());
                 
                 for (PortletDefinition pd : (Collection<PortletDefinition>) PaginationUtils.subCollection(pds,
beginIndex, maxResults))
@@ -247,7 +248,7 @@
                 {
                     if (StringUtils.isBlank(definitionName))
                     {
-                        Collection<PortletDefinition> pds = filterPortletDefinitionsBySecurityAccess(pa.getPortlets(),
JetspeedActions.MASK_VIEW);
+                        Collection<PortletDefinition> pds = filterPortletDefinitionsBySecurityAccess(pa.getPortlets(),
JetspeedActions.MASK_VIEW, servletRequest);
                         pdBeans.setTotalSize(pds.size());
                         
                         for (PortletDefinition pd : (List<PortletDefinition>) PaginationUtils.subCollection(pds,
beginIndex, maxResults))
@@ -274,7 +275,7 @@
         return pdBeans;
     }
     
-    private Collection<PortletDefinition> filterPortletDefinitionsBySecurityAccess(Collection<PortletDefinition>
collection, int mask)
+    private Collection<PortletDefinition> filterPortletDefinitionsBySecurityAccess(Collection<PortletDefinition>
collection, int mask, HttpServletRequest servletRequest)
     {
         if (securityAccessController == null)
         {
@@ -290,6 +291,11 @@
         
         for (PortletDefinition pd : collection)
         {
+            if (isFilteredOutByRole(pd, servletRequest))
+            {
+                continue;
+            }
+            
             if (securityAccessController.checkPortletAccess(pd, mask))
             {
                 filteredCollection.add(pd);
@@ -299,4 +305,31 @@
         return filteredCollection;
     }
     
+    private boolean isFilteredOutByRole(PortletDefinition pd, HttpServletRequest servletRequest)
+    {
+        boolean filteredOut = false;
+        
+        Collection<LocalizedField> fields = pd.getMetadata().getFields("selector.conditional.role");
+        
+        if (fields != null && !fields.isEmpty()) 
+        {
+            LocalizedField field = fields.iterator().next();
+            String role = field.getValue();
+            
+            if (!StringUtils.isBlank(role))
+            {
+                if (role.equals("*"))
+                {
+                    filteredOut = true;
+                }
+                else
+                {
+                    filteredOut = (!servletRequest.isUserInRole(role));
+                }
+            }
+        }
+        
+        return filteredOut;
+    }
+    
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message