You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2016/01/27 01:02:46 UTC

svn commit: r1726927 - /portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java

Author: taylor
Date: Wed Jan 27 00:02:46 2016
New Revision: 1726927

URL: http://svn.apache.org/viewvc?rev=1726927&view=rev
Log:
call standard checkPrivilege method for jetspeed rest apis, so that the proper UNAUTHORIZED status is returned

Modified:
    portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java?rev=1726927&r1=1726926&r2=1726927&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java Wed Jan 27 00:02:46 2016
@@ -19,7 +19,6 @@ package org.apache.jetspeed.services.res
 import org.apache.jetspeed.Jetspeed;
 import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.administration.PortalConfigurationConstants;
-import org.apache.jetspeed.exception.JetspeedException;
 import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
 import org.apache.jetspeed.om.folder.Folder;
 import org.apache.jetspeed.page.PageManager;
@@ -28,7 +27,6 @@ import org.apache.jetspeed.profiler.Prof
 import org.apache.jetspeed.profiler.Profiler;
 import org.apache.jetspeed.profiler.rules.PrincipalRule;
 import org.apache.jetspeed.profiler.rules.ProfilingRule;
-import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.Group;
 import org.apache.jetspeed.security.GroupManager;
 import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
@@ -558,14 +556,4 @@ public class UserManagerService extends
         return templates;
     }
 
-    protected void checkPrivilege(HttpServletRequest servletRequest, String action)
-    {
-        RequestContext requestContext = (RequestContext) servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
-
-        if (securityBehavior != null && !securityBehavior.checkAccess(requestContext, action))
-        {
-            throw new WebApplicationException(new JetspeedException("Insufficient privilege to access this REST service."));
-        }
-    }
-
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org