Menu
▾
▴
[Aplaws-commit] r890 - in trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation: . cms
|
From: <ap...@vh...> - 2005-09-21 21:39:19
|
Author: apevec
Date: 2005-09-21 23:29:53 +0200 (Wed, 21 Sep 2005)
New Revision: 890
Modified:
trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/DataCollectionDefinition.java
trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/cms/CMSDataCollectionDefinition.java
Log:
SF patch [ 1224034 ] permission check on item list
Modified: trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/DataCollectionDefinition.java
===================================================================
--- trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/DataCollectionDefinition.java 2005-09-21 17:14:10 UTC (rev 889)
+++ trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/DataCollectionDefinition.java 2005-09-21 21:29:53 UTC (rev 890)
@@ -23,6 +23,7 @@
import com.arsdigita.kernel.ACSObject;
import com.arsdigita.kernel.Kernel;
+import com.arsdigita.kernel.Party;
import com.arsdigita.kernel.permissions.PermissionService;
import com.arsdigita.kernel.permissions.PrivilegeDescriptor;
@@ -147,7 +148,7 @@
/** Can be overridden to extract differently the category to inspect. */
protected Category getCategory(NavigationModel model) {
- return model.getCategory();
+ return model.getCategory();
}
protected void applyFilters(DataCollection objects,
@@ -192,11 +193,22 @@
}
if (m_checkPermissions) {
- PermissionService.filterObjects(objects,
- PrivilegeDescriptor.READ,
- Kernel.getContext().getParty().getOID());
+ // allow subclasses to override the permission check
+ checkPermissions(objects);
}
}
+
+ protected void checkPermissions(DataCollection objects) {
+ Party party = Kernel.getContext().getParty();
+ if (party == null) {
+ party = Kernel.getPublicUser();
+ }
+
+ PermissionService.filterObjects(
+ objects,
+ PrivilegeDescriptor.READ,
+ party.getOID());
+ }
protected String getCategorizedObjectPath(String fragment) {
return fragment;
Modified: trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/cms/CMSDataCollectionDefinition.java
===================================================================
--- trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/cms/CMSDataCollectionDefinition.java 2005-09-21 17:14:10 UTC (rev 889)
+++ trunk/ccm-ldn-navigation/src/com/arsdigita/london/navigation/cms/CMSDataCollectionDefinition.java 2005-09-21 21:29:53 UTC (rev 890)
@@ -21,11 +21,14 @@
import com.arsdigita.cms.CMS;
import com.arsdigita.cms.ContentItem;
-
+import com.arsdigita.cms.SecurityManager;
import com.arsdigita.london.navigation.DataCollectionDefinition;
import com.arsdigita.london.navigation.NavigationModel;
-
import com.arsdigita.kernel.ACSObject;
+import com.arsdigita.kernel.Kernel;
+import com.arsdigita.kernel.Party;
+import com.arsdigita.kernel.permissions.PermissionService;
+import com.arsdigita.kernel.permissions.PrivilegeDescriptor;
import com.arsdigita.persistence.DataCollection;
import com.arsdigita.persistence.Filter;
@@ -79,6 +82,20 @@
objects.addPath("masterVersion.objectType");
}
+ protected void checkPermissions(DataCollection objects) {
+ // parties are assigned the cms_read_item privilege on content items
+ // rather than the primitive READ
+ Party party = Kernel.getContext().getParty();
+ if (party == null) {
+ party = Kernel.getPublicUser();
+ }
+
+ PermissionService.filterObjects(
+ objects,
+ PrivilegeDescriptor.get(SecurityManager.CMS_READ_ITEM),
+ party.getOID());
+ }
+
protected String getCategorizedObjectPath(String fragment) {
return "parent." + fragment;
}
|
