LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-cms: 

- ContentSectionManager#addContentTypeToSection: Create permissions allowing type use for all roles of the contentsection when adding a content type to a content section.
- ContentItemManager#createContentItem: Verify that current user is allowed to use the provided type when creating a content item.


git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4456 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2016-11-25 08:56:29 +00:00
parent b39aa8152f
commit 45c8296282
2 changed files with 105 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ccm-cms/src/main/java/org/librecms/contentsection/ContentItemManager.java
View File

@ -68,6 +68,9 @@ import java.util.UUID;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.TypedQuery; import javax.persistence.TypedQuery;
import javax.transaction.Transactional; import javax.transaction.Transactional;
import org.libreccm.security.PermissionChecker;
import org.libreccm.security.PermissionManager;
import org.librecms.contentsection.privileges.TypePrivileges;
/** /**
* Manager class providing several methods to manipulate {@link ContentItem}s. * Manager class providing several methods to manipulate {@link ContentItem}s.
@ -113,6 +116,9 @@ public class ContentItemManager {
@Inject @Inject
private AssetManager assetManager; private AssetManager assetManager;
@Inject
private PermissionChecker permissionChecker;
/** /**
* Creates a new content item in the provided content section and folder * Creates a new content item in the provided content section and folder
* with the workflow. * with the workflow.
@ -198,6 +204,10 @@ public class ContentItemManager {
type.getName())); type.getName()));
} }
//Check if the current user is allowed to use the content type
permissionChecker.checkPermission(TypePrivileges.USE_TYPE,
contentType.get());
if (name == null || name.trim().isEmpty()) { if (name == null || name.trim().isEmpty()) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"The name of a content item can't be blank."); "The name of a content item can't be blank.");

21
ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionManager.java
View File

@ -51,6 +51,7 @@ import org.librecms.contentsection.privileges.ItemPrivileges;
import org.librecms.lifecycle.LifecycleDefinition; import org.librecms.lifecycle.LifecycleDefinition;
import java.util.Optional; import java.util.Optional;
import org.librecms.contentsection.privileges.TypePrivileges;
import static org.librecms.contentsection.ContentSection.*; import static org.librecms.contentsection.ContentSection.*;
@ -459,18 +460,15 @@ public class ContentSectionManager {
* {@link CmsConstants#AdminPrivileges.ADMINISTER_CONTENT_TYPES} for the * {@link CmsConstants#AdminPrivileges.ADMINISTER_CONTENT_TYPES} for the
* provided content section. * provided content section.
* *
* @param type The type to add (a subclass of * @param type The type to add (a subclass of {@link ContentItem}.
* {@link ContentItem}.
* @param section The section to which the type is added. * @param section The section to which the type is added.
* @param defaultLifecycle The default lifecycle for items of the provided * @param defaultLifecycle The default lifecycle for items of the provided
* type in the provided content section. The * type in the provided content section. The lifecycle must be part of the
* lifecycle must be part of the provided section. * provided section. Otherwise an {@link IllegalArgumentException} is
* Otherwise an {@link IllegalArgumentException} is
* thrown. * thrown.
* @param defaultWorkflow The default workflow for items of the provided * @param defaultWorkflow The default workflow for items of the provided
* type in the provided content section. The * type in the provided content section. The workflow must be part of the
* workflow must be part of the provided section. * provided section. Otherwise an {@link IllegalArgumentException} is
* Otherwise an {@link IllegalArgumentException} is
* thrown. * thrown.
* *
* @return The new {@link ContentType} instance. * @return The new {@link ContentType} instance.
@ -544,6 +542,10 @@ public class ContentSectionManager {
section.addContentType(contentType); section.addContentType(contentType);
section.getRoles().stream()
.forEach(role -> permissionManager.grantPrivilege(
TypePrivileges.USE_TYPE, role, contentType));
sectionRepo.save(section); sectionRepo.save(section);
typeRepo.save(contentType); typeRepo.save(contentType);
@ -587,8 +589,7 @@ public class ContentSectionManager {
* @param section The section from which the type is removed. * @param section The section from which the type is removed.
* *
* @throws IllegalArgumentException if the provided {@link ContentType} is * @throws IllegalArgumentException if the provided {@link ContentType} is
* in use or the parameters or otherwise * in use or the parameters or otherwise illegal.
* illegal.
* @see * @see
* ContentTypeRepository#delete(org.librecms.contentsection.ContentType) * ContentTypeRepository#delete(org.librecms.contentsection.ContentType)
*/ */