You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2006/01/23 07:21:52 UTC
svn commit: r371470 - in
/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl:
PortletActionSecurityPathBehavior.java
PortletActionSecurityPathMergeBehavior.java
Author: taylor
Date: Sun Jan 22 22:21:51 2006
New Revision: 371470
URL: http://svn.apache.org/viewcvs?rev=371470&view=rev
Log:
Abstracted out PortletActionSecurityBehavior for specialized handling
of creation of new pages when you don't have access to shared (role) pages
on live edit
Added:
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
Modified:
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathBehavior.java
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathBehavior.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathBehavior.java?rev=371470&r1=371469&r2=371470&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathBehavior.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathBehavior.java Sun Jan 22 22:21:51 2006
@@ -15,6 +15,8 @@
*/
package org.apache.jetspeed.layout.impl;
+import javax.security.auth.Subject;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
@@ -56,6 +58,11 @@
return true;
}
+ public Subject getSubject(RequestContext context)
+ {
+ return context.getSubject();
+ }
+
public boolean createNewPageOnEdit(RequestContext context)
{
Page page = context.getPage();
@@ -67,14 +74,12 @@
// make sure we are not copying from user area
if (path.indexOf(Folder.USER_FOLDER) == -1)
{
- System.out.println("Changing ROLE Folder");
- this.pageManager.createUserHomePagesFromRoles(context.getSubject());
+ this.pageManager.createUserHomePagesFromRoles(getSubject(context));
page = this.pageManager.getPage(Folder.USER_FOLDER
+ context.getRequest().getUserPrincipal().getName()
+ Folder.PATH_SEPARATOR
+ "default-page.psml"); // FIXME: dont hard code
context.setPage(new ContentPageImpl(page));
- System.out.println("new page set: Changing ROLE Folder " + page.getPath());
}
}
catch (Exception e)
Added: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java?rev=371470&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java (added)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java Sun Jan 22 22:21:51 2006
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2000-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.layout.impl;
+
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
+import org.apache.jetspeed.page.PageManager;
+import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.security.RolePrincipal;
+import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.UserPrincipal;
+import org.apache.jetspeed.security.impl.RolePrincipalImpl;
+
+/**
+ * Abstracted behavior of security checks when used with the
+ * profiling rule "user-rolecombo". This behavior merges
+ * all roles into a single role combo.
+ *
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
+ * @version $Id: $
+ */
+public class PortletActionSecurityPathMergeBehavior
+ extends PortletActionSecurityPathBehavior
+ implements PortletActionSecurityBehavior
+{
+ protected Log log = LogFactory.getLog(PortletActionSecurityPathMergeBehavior.class);
+ protected PageManager pageManager;
+
+ public PortletActionSecurityPathMergeBehavior(PageManager pageManager)
+ {
+ super(pageManager);
+ }
+
+ public Subject getSubject(RequestContext context)
+ {
+ Subject currentSubject = context.getSubject();
+ Iterator roles = currentSubject.getPrincipals(RolePrincipalImpl.class).iterator();
+ StringBuffer combo = new StringBuffer();
+ int count = 0;
+ while (roles.hasNext())
+ {
+ RolePrincipal role = (RolePrincipal)roles.next();
+ if (count > 0)
+ {
+ combo.append("-");
+ }
+ combo.append(role.getName());
+ count++;
+ }
+ Set principals = new HashSet();
+ principals.add(SecurityHelper.getBestPrincipal(currentSubject, UserPrincipal.class));
+ principals.add(new RolePrincipalImpl(combo.toString()));
+ Subject subject =
+ new Subject(true, principals, new HashSet(), new HashSet());
+ return subject;
+ }
+
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org