adri...@apache.org wrote: > Author: adrianc > Date: Wed Jan 13 22:06:46 2010 > New Revision: 898965 > > URL: http://svn.apache.org/viewvc?rev=898965&view=rev > Log: > Implemented permission filters. Added a user group to the Example component. > Main navigation is controlled by the new security design. > > Added: > > ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java > (with props) > Modified: > ofbiz/branches/executioncontext20091231/BranchReadMe.txt > > ofbiz/branches/executioncontext20091231/framework/api/src/org/ofbiz/api/context/ThreadContext.java > > ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/AccessControllerImpl.java > > ofbiz/branches/executioncontext20091231/framework/example/data/ExampleSecurityData.xml > > ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/appbar.ftl > > ofbiz/branches/executioncontext20091231/themes/bizznesstime/includes/secondary-appbar.ftl > > ofbiz/branches/executioncontext20091231/themes/bluelight/includes/appbarOpen.ftl > > ofbiz/branches/executioncontext20091231/themes/droppingcrumbs/includes/appbarOpen.ftl > > ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/appbar.ftl > > ofbiz/branches/executioncontext20091231/themes/flatgrey/includes/footer.ftl
> Added: > ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java > URL: > http://svn.apache.org/viewvc/ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java?rev=898965&view=auto > ============================================================================== > --- > ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java > (added) > +++ > ofbiz/branches/executioncontext20091231/framework/context/src/org/ofbiz/context/ContextUtil.java > Wed Jan 13 22:06:46 2010 > @@ -0,0 +1,57 @@ > + > *******************************************************************************/ > +package org.ofbiz.context; > + > +import static org.ofbiz.api.authorization.BasicPermissions.Access; > + > +import java.util.List; > + > +import javolution.util.FastList; > + > +import org.ofbiz.api.authorization.AccessController; > +import org.ofbiz.api.context.ArtifactPath; > +import org.ofbiz.api.context.ThreadContext; > +import org.ofbiz.base.component.ComponentConfig; > +import org.ofbiz.base.component.ComponentConfig.WebappInfo; > + > +/** > + * ExecutionContext utility methods. > + * > + */ > +public class ContextUtil { > + > + public static List<WebappInfo> getAppBarWebInfos(String serverName, > String menuName) { > + List<WebappInfo> webInfos = > ComponentConfig.getAppBarWebInfos(serverName, menuName); > + String [] pathArray = {ArtifactPath.PATH_ROOT_NODE_NAME, null}; > + ArtifactPath artifactPath = new ArtifactPath(pathArray); > + AccessController accessController = > ThreadContext.getAccessController(); > + List<WebappInfo> resultList = FastList.newInstance(); > + for (WebappInfo webAppInfo : webInfos) { > + pathArray[1] = webAppInfo.getContextRoot().replace("/", ""); > + artifactPath.saveState(); > + try { > + accessController.checkPermission(Access, artifactPath); > + resultList.add(webAppInfo); > + } catch (Exception e) {} > + artifactPath.restoreState(); > + } > + return resultList; > + } > + > +} restoreState should be in finally. You don't handle runtime exception. If it was in finally, you wouldn't need the catch. It's also bad that you don't log the exception, or rethrow it.
