[Yanel-commits] rev 33224 - public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet

michi at wyona.com michi at wyona.com
Tue Mar 11 04:18:37 CET 2008


Author: michi
Date: 2008-03-11 04:18:36 +0100 (Tue, 11 Mar 2008)
New Revision: 33224

Modified:
   public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
Log:
check permissions

Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java	2008-03-11 03:17:56 UTC (rev 33223)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java	2008-03-11 03:18:36 UTC (rev 33224)
@@ -2391,19 +2391,23 @@
         org.wyona.security.core.UsecasePolicy[] up = p.getUsecasePolicies();
         if (up != null && up.length > 0) {
             for (int i = 0; i < up.length; i++) {
-                Identity[] ids = up[i].getIdentities();
-                for (int j = 0; j < ids.length; j++) {
-                    if (ids[j].isWorld()) {
+                org.wyona.security.core.IdentityPolicy[] idps = up[i].getIdentityPolicies();
+                for (int j = 0; j < idps.length; j++) {
+                    //log.debug("Usecase Identity Policy: " + up[i].getName() + ", " + idps[j].getIdentity().getUsername() + ", " + idps[j].getPermission());
+
+                    if (idps[j].getIdentity().isWorld()) {
                         world.add(up[i].getName());
                     } else {
                         Vector userRights;
-                        if ((userRights = (Vector) users.get(ids[j].getUsername())) != null) {
-                            log.debug("User has already been added: " + ids[j].getUsername());
+                        if ((userRights = (Vector) users.get(idps[j].getIdentity().getUsername())) != null) {
+                            log.debug("User has already been added: " + idps[j].getIdentity().getUsername());
                         } else {
                             userRights = new Vector();
-                            users.put(ids[j].getUsername(), userRights);
+                            users.put(idps[j].getIdentity().getUsername(), userRights);
                         }
-                        userRights.add(up[i].getName());
+                        if (idps[j].getPermission()) {
+                            userRights.add(up[i].getName());
+                        }
                     }
                 }
             }
@@ -2420,7 +2424,8 @@
             sb.append("<user id=\""+userName+"\">");
             Vector rights = (Vector) users.get(userName);
             for (int k = 0; k < rights.size(); k++) {
-            sb.append("<right id=\"" + (String) rights.elementAt(k) + "\"/>");
+                // TODO: Do not hardcode permission
+                sb.append("<right id=\"" + (String) rights.elementAt(k) + "\" permission=\"true\"/>");
             }
             sb.append("</user>");
         }
@@ -2445,7 +2450,9 @@
                         groupRights = new Vector();
                         groups.put(ids[j].getId(), groupRights);
                     }
-                    groupRights.add(up[i].getName());
+                    if (ids[j].getPermission()) {
+                        groupRights.add(up[i].getName());
+                    }
                 }
             }
         } else {
@@ -2460,7 +2467,8 @@
             sb.append("<group id=\""+userName+"\">");
             Vector rights = (Vector) groups.get(userName);
             for (int k = 0; k < rights.size(); k++) {
-            sb.append("<right id=\"" + (String) rights.elementAt(k) + "\"/>");
+                //TODO: Do not hardcode permission!
+                sb.append("<right id=\"" + (String) rights.elementAt(k) + "\" permission=\"true\"/>");
             }
             sb.append("</group>");
         }



More information about the Yanel-commits mailing list