[Yanel-commits] rev 45010 - public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu

michi at wyona.com michi at wyona.com
Wed Oct 14 10:33:33 CEST 2009 

Author: michi
Date: 2009-10-14 10:33:33 +0200 (Wed, 14 Oct 2009)
New Revision: 45010

Modified:
   public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
Log:
check policies re user and group management in order to disable/enable links

Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java	2009-10-14 08:32:53 UTC (rev 45009)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/menu/Menu.java	2009-10-14 08:33:33 UTC (rev 45010)
@@ -50,8 +50,20 @@
         sb.append("<li><a href=\"?yanel.policy=update\">Edit Access Policy</a></li>");
         sb.append("</ul>");
         sb.append("</li>");
-        sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
-        sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
+
+        org.wyona.security.core.api.PolicyManager pm = resource.getRealm().getPolicyManager();
+        if (pm.authorize("/" + reservedPrefix + "/admin/list-users.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
+            sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-users.html\">User Management</a></li>");
+        } else {
+            sb.append("<li>User Management</li>");
+        }
+
+        if (pm.authorize("/" + reservedPrefix + "/admin/list-groups.html", resource.getEnvironment().getIdentity(), new org.wyona.security.core.api.Usecase("view"))) {
+            sb.append("<li><a href=\"" + backToRealm + reservedPrefix + "/admin/list-groups.html\">Group Management</a></li>");
+        } else {
+            sb.append("<li>Group Management</li>");
+        }
+
         sb.append("<li><a href=\"?yanel.toolbar=off\">Turn off toolbar</a></li>");
         Identity identity = getIdentity(request, map);
         if (identity != null) {

More information about the Yanel-commits mailing list