[Yanel-commits] rev 45010 -
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu
michi at wyona.com
michi at wyona.com
Wed Oct 14 10:33:33 CEST 2009
Author: michi
Date: 2009-10-14 10:33:33 +0200 (Wed, 14 Oct 2009)
New Revision: 45010
Modified:
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
Log:
check policies re user and group management in order to disable/enable links
Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java 2009-10-14 08:32:53 UTC (rev 45009)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java 2009-10-14 08:33:33 UTC (rev 45010)
@@ -50,8 +50,20 @@
sb.append("<li><a href=\"?yanel.policy=update\">Edit Access Policy</a></li>");
sb.append("</ul>");
sb.append("</li>");
- sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
- sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
+
+ org.wyona.security.core.api.PolicyManager pm = resource.getRealm().getPolicyManager();
+ if (pm.authorize("/" + reservedPrefix + "/admin/list-users.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
+ sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
+ } else {
+ sb.append("<li>User Management</li>");
+ }
+
+ if (pm.authorize("/" + reservedPrefix + "/admin/list-groups.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
+ sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
+ } else {
+ sb.append("<li>Group Management</li>");
+ }
+
sb.append("<li><a href=\"?yanel.toolbar=off\">Turn off toolbar</a></li>");
Identity identity = getIdentity(request, map);
if (identity != null) {
More information about the Yanel-commits
mailing list