Author: taylor
Date: Wed Mar 31 00:21:39 2010
New Revision: 929345
URL: http://svn.apache.org/viewvc?rev=929345&view=rev
Log:
https://issues.apache.org/jira/browse/JS2-1100
only allow delegated user managers to assign roles and groups in which they
already belong
exception is administrator, who can assign all regardless
Modified:
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/security/JetspeedPrincipalManagementPortlet.java
Modified:
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/security/JetspeedPrincipalManagementPortlet.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/security/JetspeedPrincipalManagementPortlet.java?rev=929345&r1=929344&r2=929345&view=diff
==============================================================================
---
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/security/JetspeedPrincipalManagementPortlet.java
(original)
+++
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/security/JetspeedPrincipalManagementPortlet.java
Wed Mar 31 00:21:39 2010
@@ -17,6 +17,7 @@
package org.apache.jetspeed.portlets.security;
import java.io.Serializable;
+import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
@@ -29,6 +30,8 @@ import java.util.Map;
import javax.portlet.PortletPreferences;
import org.apache.commons.lang.StringUtils;
+import org.apache.jetspeed.administration.PortalConfiguration;
+import org.apache.jetspeed.administration.PortalConfigurationConstants;
import org.apache.jetspeed.audit.AuditActivity;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.om.folder.FolderNotFoundException;
@@ -1533,7 +1536,7 @@ public class JetspeedPrincipalManagement
protected JetspeedPrincipal associationPrincipal;
- protected JetspeedPrincipalAssociationType assoicationType;
+ protected JetspeedPrincipalAssociationType associationType;
protected boolean associationsFrom;
@@ -1593,12 +1596,12 @@ public class JetspeedPrincipalManagement
}
public AssociationTypePanel(String id,
- JetspeedPrincipalAssociationType assoicationType)
+ JetspeedPrincipalAssociationType AssociationType)
{
super(id);
- this.assoicationType = assoicationType;
- associationName = assoicationType.getAssociationName();
- final String assoctionName = assoicationType.getAssociationName();
+ this.associationType = AssociationType;
+ associationName = AssociationType.getAssociationName();
+ final String assoctionName = AssociationType.getAssociationName();
refreshList();
ListView commentListView = new ListView("comments",
new PropertyModel(this, "associations"))
@@ -1639,11 +1642,11 @@ public class JetspeedPrincipalManagement
listItem.add(deleteLink);
}
};
- if(assoicationType.getFromPrincipalType().equals(principalType))
+ if(AssociationType.getFromPrincipalType().equals(principalType))
{
- add(new Label("principalReleation",new
ResourceModel(assoicationType.getToPrincipalType().getName())));
+ add(new Label("principalReleation",new
ResourceModel(AssociationType.getToPrincipalType().getName())));
}else{
- add(new Label("principalReleation",new
ResourceModel(assoicationType.getFromPrincipalType().getName())));
+ add(new Label("principalReleation",new
ResourceModel(AssociationType.getFromPrincipalType().getName())));
}
add(commentListView);
add(new FeedbackPanel("feedback"));
@@ -1697,17 +1700,33 @@ public class JetspeedPrincipalManagement
private void refreshList()
{
- names.clear();
- if (!principal.getType().equals(
- assoicationType.getFromPrincipalType()))
+ List filter = null;
+ names.clear();
+ String adminRole =
getServiceLocator().getPortalConfiguration().getString(PortalConfigurationConstants.ROLES_DEFAULT_ADMIN);
+ if
(associationType.getFromPrincipalType().getName().equals(JetspeedPrincipalType.USER)
&&
+
(associationType.getToPrincipalType().getName().equals(JetspeedPrincipalType.ROLE)
||
+
associationType.getToPrincipalType().getName().equals(JetspeedPrincipalType.GROUP)))
+ {
+ if (!getPortletRequest().isUserInRole(adminRole))
+ {
+ Principal currentUser =
getPortletRequest().getUserPrincipal();
+ filter = getBaseManager(
+ associationType.getToPrincipalType())
+ .getAssociatedFrom(currentUser.getName(),
+ principal.getType(),
+ associationType.getAssociationName());
+ }
+ }
+ if (!principal.getType().equals(
+ associationType.getFromPrincipalType()))
{
- associations = getBaseManager(
- assoicationType.getFromPrincipalType())
+ associations = getBaseManager(
+ associationType.getFromPrincipalType())
.getAssociatedTo(principal.getName(),
principal.getType(),
- assoicationType.getAssociationName());
+ associationType.getAssociationName());
List tempNames = getBaseManager(
- assoicationType.getFromPrincipalType()).getPrincipals(
+ associationType.getFromPrincipalType()).getPrincipals(
"");
for (int index = 0; index < tempNames.size(); index++)
{
@@ -1716,13 +1735,13 @@ public class JetspeedPrincipalManagement
associationsFrom = false;
} else
{
- associations = getBaseManager(
- assoicationType.getToPrincipalType())
+ associations = getBaseManager(
+ associationType.getToPrincipalType())
.getAssociatedFrom(principal.getName(),
principal.getType(),
- assoicationType.getAssociationName());
+ associationType.getAssociationName());
List tempNames = getBaseManager(
-
assoicationType.getToPrincipalType()).getPrincipals("");
+
associationType.getToPrincipalType()).getPrincipals("");
for (int index = 0; index < tempNames.size(); index++)
{
names.add(tempNames.get(index));
@@ -1743,6 +1762,24 @@ public class JetspeedPrincipalManagement
}
}
}
+ if (filter != null)
+ {
+ List copy = new ArrayList();
+ for (int index = 0; index < names.size(); index++)
+ {
+ JetspeedPrincipal listPrincipal = (JetspeedPrincipal)
names.get(index);
+ for (int count = 0; count < filter.size(); count++)
+ {
+ JetspeedPrincipal tmpPrincipal = (JetspeedPrincipal)
filter.get(count);
+ if
(listPrincipal.getName().equals(tmpPrincipal.getName()))
+ {
+ copy.add(listPrincipal);
+ break;
+ }
+ }
+ }
+ names = copy;
+ }
}
}
@@ -1768,61 +1805,61 @@ public class JetspeedPrincipalManagement
this.selectedAssociationType = selectedAssociationType;
}
- private List<JetspeedPrincipalAssociationType> assoicationTypes;
+ private List<JetspeedPrincipalAssociationType> associationTypes;
private String selectedAssociationType;
/**
- * @return the assoicationTypes
+ * @return the associationTypes
*/
- public List<JetspeedPrincipalAssociationType> getAssoicationTypes()
+ public List<JetspeedPrincipalAssociationType> getAssociationTypes()
{
- return assoicationTypes;
+ return associationTypes;
}
public PrincipalAssociationsPanel(String id)
{
super(id);
tabs = new ArrayList();
- this.assoicationTypes = ((JetspeedPrincipalManager) getManager())
+ this.associationTypes = ((JetspeedPrincipalManager) getManager())
.getAssociationTypes();
ITab tab;
- for (JetspeedPrincipalAssociationType assoicationType :
this.assoicationTypes)
+ for (JetspeedPrincipalAssociationType associationType :
this.associationTypes)
{
// if
- //
(!assoicationType.getToPrincipalType().equals(principalType))
+ //
(!associationType.getToPrincipalType().equals(principalType))
// {
- final JetspeedPrincipalAssociationType tempAssosciation =
assoicationType;
- final JetspeedPrincipalType fromAssoicationType =
assoicationType
+ final JetspeedPrincipalAssociationType tempAssociation =
associationType;
+ final JetspeedPrincipalType fromAssociationType =
associationType
.getFromPrincipalType();
- final JetspeedPrincipalType toAssoicationType = assoicationType
+ final JetspeedPrincipalType toAssociationType = associationType
.getToPrincipalType();
- final String associationName = assoicationType
+ final String associationName = associationType
.getAssociationName();
- if (fromAssoicationType.getName().equals(
+ if (fromAssociationType.getName().equals(
getPrincipal().getType().getName()))
{
- tab = new AbstractTab(new Model(toAssoicationType.getName()
- + " - " + assoicationType.getAssociationName()))
+ tab = new AbstractTab(new Model(toAssociationType.getName()
+ + " - " + associationType.getAssociationName()))
{
public Panel getPanel(String panelId)
{
return new AssociationTypePanel(panelId,
- tempAssosciation);
+ tempAssociation);
}
};
} else
{
- tab = new AbstractTab(new Model(fromAssoicationType
+ tab = new AbstractTab(new Model(fromAssociationType
.getName()
- + " - " + assoicationType.getAssociationName()))
+ + " - " + associationType.getAssociationName()))
{
public Panel getPanel(String panelId)
{
return new AssociationTypePanel(panelId,
- tempAssosciation);
+ tempAssociation);
}
};
}
@@ -1833,12 +1870,12 @@ public class JetspeedPrincipalManagement
}
/**
- * @param assoicationTypes
- * the assoicationTypes to set
+ * @param AssociationTypes
+ * the AssociationTypes to set
*/
- public void setAssoicationTypes(List assoicationTypes)
+ public void setAssociationTypes(List AssociationTypes)
{
- this.assoicationTypes = assoicationTypes;
+ this.associationTypes = AssociationTypes;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
