Update of /cvsroot/cobricks/cobricks2/src/org/cobricks/category
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23729/cobricks/category
Modified Files:
CategoryAccessHandler.java
Log Message:
Index: CategoryAccessHandler.java
===================================================================
RCS file: /cvsroot/cobricks/cobricks2/src/org/cobricks/category/CategoryAccessHandler.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- CategoryAccessHandler.java 23 Oct 2004 15:46:20 -0000 1.1
+++ CategoryAccessHandler.java 20 Dec 2005 18:10:23 -0000 1.2
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2004 Cobricks Group. All rights reserved.
+ * Copyright (c) 2004-2005 Cobricks Group. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted under the terms of the Cobricks Software
@@ -14,13 +14,18 @@
import java.util.*;
-import org.apache.log4j.*;
+import org.apache.log4j.Logger;
+import org.cobricks.core.ComponentDirectory;
import org.cobricks.core.CoreManager;
import org.cobricks.core.db.DBAccess;
import org.cobricks.core.util.LogUtil;
+import org.cobricks.user.AccessControl;
import org.cobricks.user.AccessHandler;
import org.cobricks.user.AccessHandlerAdaptor;
+import org.cobricks.user.AccessPermission;
+import org.cobricks.user.User;
+import org.cobricks.user.UserManager;
/**
* The access handler for the "category" domain - i.e. for determining who has
@@ -41,20 +46,21 @@
"delete", "update" };
static final String[][] domainactionattrs = {
// *
- { "categoryid", "categoryclass" },
+ { "categoryid", "categoryclass", "creator" },
// read
- { "categoryid", "categoryclass" },
+ { "categoryid", "categoryclass", "creator" },
// create
{ "categoryclass" },
// delete
- { "categoryid", "categoryclass" },
+ { "categoryid", "categoryclass", "creator" },
// update
- { "categoryid", "categoryclass" }
+ { "categoryid", "categoryclass", "creator" }
};
List actions;
Map actionAttrs;
+ UserManager userManager;
/**
*
@@ -78,6 +84,15 @@
}
actionAttrs.put(domainactions[i], attrs);
}
+
+ try {
+ ComponentDirectory componentDirectory =
+ coreManager.getComponentDirectory();
+ userManager = (UserManager)
+ componentDirectory.getManager("userManager");
+ } catch (Throwable e) {
+ logger.warn("failed getting user manager");
+ }
}
public String getDomain()
@@ -102,21 +117,19 @@
// we might construct a matching select here to let the database do
// some optimization ... TBD
- /*
// get permissions of user
AccessControl ac = userManager.getAccessControl();
List permissions = ac.getAccessPermissionsByUser(userid);
+ User user = userManager.getUser(userid);
Iterator i = permissions.iterator();
while (i.hasNext()) {
AccessPermission perm = (AccessPermission)i.next();
// check if this is the requested permission
- if (perm.contains(domain, action, attrs)) return true;
+ if (perm.contains(user, domain, action, attrs)) return true;
}
return false;
- */
- return true;
}
}
|
