You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@usergrid.apache.org by sn...@apache.org on 2014/01/16 18:30:34 UTC

[38/51] [abbrv] git commit: ug-2766 : should check permission when putting a new entity to collection

ug-2766 : should check permission when putting a new entity to collection


Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/46dbb163
Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/46dbb163
Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/46dbb163

Branch: refs/pull/27/merge
Commit: 46dbb163ee7fc1aa289d9dca5eb7f743b6993b62
Parents: e2ee790
Author: Jackson Chung <ja...@apigee.com>
Authored: Wed Jan 15 17:24:31 2014 -0800
Committer: Jackson Chung <ja...@apigee.com>
Committed: Wed Jan 15 17:24:31 2014 -0800

----------------------------------------------------------------------
 .../java/org/usergrid/services/AbstractCollectionService.java     | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/46dbb163/stack/services/src/main/java/org/usergrid/services/AbstractCollectionService.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/usergrid/services/AbstractCollectionService.java b/stack/services/src/main/java/org/usergrid/services/AbstractCollectionService.java
index 7a84653..73c7cbd 100644
--- a/stack/services/src/main/java/org/usergrid/services/AbstractCollectionService.java
+++ b/stack/services/src/main/java/org/usergrid/services/AbstractCollectionService.java
@@ -294,6 +294,9 @@ public class AbstractCollectionService extends AbstractService {
         EntityRef ref = em.getAlias( getEntityType(), name );
         Entity entity;
         if ( ref == null ) {
+        	// null entity ref means we tried to put a non-existing entity
+        	// before we create a new entity for it, we should check for permission
+        	checkPermissionsForCollection(context);
             Map<String, Object> properties = context.getPayload().getProperties();
             if ( !properties.containsKey( "name" ) || !( ( String ) properties.get( "name" ) ).trim().equalsIgnoreCase(
                     name ) ) {