You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2016/01/27 01:02:46 UTC
svn commit: r1726927 -
/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Author: taylor
Date: Wed Jan 27 00:02:46 2016
New Revision: 1726927
URL: http://svn.apache.org/viewvc?rev=1726927&view=rev
Log:
call standard checkPrivilege method for jetspeed rest apis, so that the proper UNAUTHORIZED status is returned
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java?rev=1726927&r1=1726926&r2=1726927&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/services/rest/UserManagerService.java Wed Jan 27 00:02:46 2016
@@ -19,7 +19,6 @@ package org.apache.jetspeed.services.res
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.JetspeedActions;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
-import org.apache.jetspeed.exception.JetspeedException;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.page.PageManager;
@@ -28,7 +27,6 @@ import org.apache.jetspeed.profiler.Prof
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
-import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipalQueryContext;
@@ -558,14 +556,4 @@ public class UserManagerService extends
return templates;
}
- protected void checkPrivilege(HttpServletRequest servletRequest, String action)
- {
- RequestContext requestContext = (RequestContext) servletRequest.getAttribute(RequestContext.REQUEST_PORTALENV);
-
- if (securityBehavior != null && !securityBehavior.checkAccess(requestContext, action))
- {
- throw new WebApplicationException(new JetspeedException("Insufficient privilege to access this REST service."));
- }
- }
-
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org