[Yanel-commits] rev 49965 - public/yanel/trunk/src/resources/user-mgmt/src/java/org/wyona/yanel/impl/resources

Fri May 28 09:30:44 CEST 2010

Author: michi
Date: 2010-05-28 09:30:43 +0200 (Fri, 28 May 2010)
New Revision: 49965

Modified:
   public/yanel/trunk/src/resources/user-mgmt/src/java/org/wyona/yanel/impl/resources/CreateUserResource.java
Log:
also create a policy if a user is created

Modified: public/yanel/trunk/src/resources/user-mgmt/src/java/org/wyona/yanel/impl/resources/CreateUserResource.java
===================================================================

--- public/yanel/trunk/src/resources/user-mgmt/src/java/org/wyona/yanel/impl/resources/CreateUserResource.java	2010-05-28 06:59:30 UTC (rev 49964)
+++ public/yanel/trunk/src/resources/user-mgmt/src/java/org/wyona/yanel/impl/resources/CreateUserResource.java	2010-05-28 07:30:43 UTC (rev 49965)
@@ -46,13 +46,28 @@
         String email = getParameterAsString(PARAM_EMAIL);
         String password = getParameterAsString(PARAM_PASSWORD1);
         try {
+            // Create user
             if (log.isDebugEnabled()) {
                 log.debug("creating user: " + id + " " + name + " " + email);
             }
             userManager.createUser(id, name, email, password);
+
+            // Create access policy
+            org.wyona.security.core.api.PolicyManager policyManager = getRealm().getPolicyManager();
+            org.wyona.security.core.api.Policy policy = policyManager.createEmptyPolicy();
+            org.wyona.security.core.UsecasePolicy usecasePolicy = new org.wyona.security.core.UsecasePolicy("view");
+            usecasePolicy.addIdentity(new org.wyona.security.core.api.Identity(id), true);
+            policy.addUsecasePolicy(usecasePolicy);
+            // TODO: Replace "/users" by org.wyona.yanel.servlet.YanelGlobalResourceTypeMatcher#usersPathPrefix
+            policyManager.setPolicy("/" + getYanel().getReservedPrefix() + "/users/" + id + ".html", policy);
+
             addInfoMessage("User '" + id + "' (" + name + ") created successfully. (IMPORTANT: Please make sure to add user either to an existing group or to an access policy, because otherwise user will not have any explicite rights.)");
         } catch (AccessManagementException e) {
+            log.error(e, e);
             throw new UsecaseException(e.getMessage(), e);
+        } catch (Exception e) {
+            log.error(e, e);
+            throw new UsecaseException(e.getMessage(), e);
         }
     }
 

