[Yanel-commits] rev 48125 -
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet
michi at wyona.com
michi at wyona.com
Tue Mar 16 14:10:33 CET 2010
Author: michi
Date: 2010-03-16 14:10:33 +0100 (Tue, 16 Mar 2010)
New Revision: 48125
Modified:
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
Log:
also allow other users to delete checkout locks if they have the right permissions
Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java 2010-03-16 13:09:25 UTC (rev 48124)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java 2010-03-16 13:10:33 UTC (rev 48125)
@@ -329,8 +329,11 @@
if (ResourceAttributeHelper.hasAttributeImplemented(resource, "Versionable", "2")) {
VersionableV2 versionable = (VersionableV2)resource;
String checkoutUserID = versionable.getCheckoutUserID();
- String userID = getEnvironment(request, response).getIdentity().getUsername();
- if (checkoutUserID.equals(userID)) {
+ Identity identity = getEnvironment(request, response).getIdentity();
+ String userID = identity.getUsername();
+ Usecase usecase = new Usecase(RELEASE_LOCK);
+ String path = resource.getPath();
+ if (checkoutUserID.equals(userID) || resource.getRealm().getPolicyManager().authorize(path, identity, usecase)) {
try {
versionable.cancelCheckout();
log.debug("Lock has been released.");
@@ -346,12 +349,18 @@
throw new ServletException("Releasing the lock of <" + resource.getPath() + "> failed because of: " + e.getMessage(), e);
}
} else {
- String eMessage = "Releasing the lock of '" + resource.getPath() + "' failed because checkout user '" + checkoutUserID + "' and session user '" + userID + "' are not the same!";
+ String eMessage = "Releasing the lock of '" + resource.getPath() + "' failed because";
+ if (checkoutUserID.equals(userID)) {
+ eMessage = " user '" + userID + "' has no right to release her/his own lock!";
+ } else {
+ eMessage = " checkout user '" + checkoutUserID + "' and session user '" + userID + "' are not the same and session user '" + userID + "' has no right to release the lock of the checkout user '" + checkoutUserID + "'!";
+ }
log.warn(eMessage);
throw new ServletException(eMessage);
}
+ } else {
+ throw new ServletException("Resource '" + resource.getPath() + "' is not VersionableV2!");
}
- return;
} else if (value != null && value.equals("roll-back")) {
log.debug("Roll back ...");
org.wyona.yanel.core.util.VersioningUtil.rollBack(resource, request.getParameter(YANEL_RESOURCE_REVISION), getIdentity(request, map).getUsername());
More information about the Yanel-commits
mailing list