Mailing-List: contact jetspeed-dev-help@portals.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Jetspeed Developers List" <jetspeed-dev@portals.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1735352 - in
 /portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search:
 PortletToPageMap.java SearchPortlet.java
Date: Thu, 17 Mar 2016 00:24:11 -0000
To: jetspeed-dev@portals.apache.org
From: taylor@apache.org
Message-Id: <20160317002411.7691E3A0734@svn01-us-west.apache.org>

Author: taylor
Date: Thu Mar 17 00:24:11 2016
New Revision: 1735352

URL: http://svn.apache.org/viewvc?rev=1735352&view=rev
Log:
JS2-1348: filtering search results by secured access to PSML page

Modified:
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/PortletToPageMap.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/SearchPortlet.java

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/PortletToPageMap.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/PortletToPageMap.java?rev=1735352&r1=1735351&r2=1735352&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/PortletToPageMap.java (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/PortletToPageMap.java Thu Mar 17 00:24:11 2016
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package org.apache.jetspeed.portlets.search;
 
 import java.util.ArrayList;

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/SearchPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/SearchPortlet.java?rev=1735352&r1=1735351&r2=1735352&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/SearchPortlet.java (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/search/SearchPortlet.java Thu Mar 17 00:24:11 2016
@@ -17,7 +17,10 @@
 package org.apache.jetspeed.portlets.search;
 
 import org.apache.jetspeed.CommonPortletServices;
+import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.administration.PortalAdministration;
+import org.apache.jetspeed.administration.PortalConfiguration;
+import org.apache.jetspeed.administration.PortalConfigurationConstants;
 import org.apache.jetspeed.components.portletregistry.PortletRegistry;
 import org.apache.jetspeed.om.folder.Folder;
 import org.apache.jetspeed.om.page.BaseFragmentElement;
@@ -63,6 +66,7 @@ public class SearchPortlet extends Gener
     private PortalAdministration admin;
     private PageManager pageManager;
     private PortletRegistry portletRegistry;
+    private PortalConfiguration configuration;
 
     private String filePreference;
     private String portletClass;
@@ -76,20 +80,26 @@ public class SearchPortlet extends Gener
             throw new PortletException(
                     "Could not get instance of portal Search Engine component");
         }
-        admin = (PortalAdministration) getPortletContext().getAttribute(
-                CommonPortletServices.CPS_PORTAL_ADMINISTRATION);
+        admin = (PortalAdministration) getPortletContext().getAttribute(CommonPortletServices.CPS_PORTAL_ADMINISTRATION);
         if (null == admin) {
             throw new PortletException(
                     "Failed to find the Portal Administration on portlet initialization");
         }
         pageManager = (PageManager) context.getAttribute(CommonPortletServices.CPS_PAGE_MANAGER_COMPONENT);
-        if (pageManager == null)
+        if (pageManager == null) {
             throw new PortletException(
                     "Could not get instance of portal PageManager component");
+        }
         portletRegistry = (PortletRegistry) context.getAttribute(CommonPortletServices.CPS_REGISTRY_COMPONENT);
-        if (portletRegistry == null)
+        if (portletRegistry == null) {
             throw new PortletException(
                     "Could not get instance of portal PortletRegistry component");
+        }
+        configuration = (PortalConfiguration) getPortletContext().getAttribute(CommonPortletServices.CPS_PORTAL_CONFIGURATION);
+        if (null == configuration) {
+            throw new PortletException(
+                    "Failed to find the Portal Configuration on portlet initialization");
+        }
         filePreference = config.getInitParameter("FilePreference");
         portletClass = config.getInitParameter("PortletClass");
         mountPoint = config.getInitParameter("MountPoint");
@@ -126,8 +136,18 @@ public class SearchPortlet extends Gener
                 String key = result.getKey().substring(result.getKey().indexOf("::") + 2);
                 List<String> links = getPortletToPageMap().getPortlet(key);
                 String link = getBestLink(links);
-                searchInfoResults.add(new SearchInfo(result.getTitle(), result.getType(), key, result.getScore(), result.getDescription(),
-                        admin.getPortalURL(request, actionResponse, link)));
+                boolean error = false;
+                try {
+                    Page page = pageManager.getPage(link);
+                    page.checkAccess(JetspeedActions.VIEW);
+                }
+                catch(Exception e) {
+                    error = true;
+                }
+                if (!error) {
+                    searchInfoResults.add(new SearchInfo(result.getTitle(), result.getType(), key, result.getScore(), result.getDescription(),
+                            admin.getPortalURL(request, actionResponse, link)));
+                }
             }
         }
         request.getPortletSession().setAttribute(SEARCH_RESULTS, searchInfoResults, PortletSession.APPLICATION_SCOPE);
@@ -158,7 +178,6 @@ public class SearchPortlet extends Gener
         try {
             Folder root = pageManager.getFolder("/");
             traverse(root, map);
-
         } catch (Exception e) {
             e.printStackTrace();
         }
@@ -232,7 +251,7 @@ public class SearchPortlet extends Gener
 
     private String getBestLink(List<String> links) {
         if (links == null || links.size() == 0) {
-            return "/";
+            return configuration.getString("/" + PortalConfigurationConstants.PSML_PAGE_DEFAULT, "/default-page.psml");
         }
         String best = links.get(0);
         for (String link: links) {


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org