diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/ContentSectionPage.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/ContentSectionPage.java
index 0bf6e499c..94b4d4701 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/ContentSectionPage.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/ContentSectionPage.java
@@ -190,8 +190,7 @@ public class ContentSectionPage extends CMSPage implements ActionListener {
m_tabbedPane.setTabVisible(
state,
m_workflowPane,
- permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW));
+ permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS));
m_tabbedPane.setTabVisible(
state,
m_categoryPane,
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseTaskForm.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseTaskForm.java
index 0b927a77c..eb90d1288 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseTaskForm.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseTaskForm.java
@@ -91,7 +91,7 @@ class BaseTaskForm extends BaseForm {
addAction(new Finish());
addAction(new Cancel());
- addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOW);
+ addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOWS);
addValidationListener(new ValidationListener());
}
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowForm.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowForm.java
index bfaecd32e..51987d2f2 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowForm.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowForm.java
@@ -49,7 +49,7 @@ class BaseWorkflowForm extends BaseForm {
addAction(new Finish());
addAction(new Cancel());
- addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOW);
+ addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOWS);
addValidationListener(new ValidationListener());
}
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowItemPane.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowItemPane.java
index d75ca8208..967151096 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowItemPane.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/BaseWorkflowItemPane.java
@@ -128,7 +128,7 @@ abstract class BaseWorkflowItemPane extends BaseItemPane {
protected class AdminVisible extends VisibilityComponent {
public AdminVisible(final Component child) {
- super(child, AdminPrivileges.ADMINISTER_WORKFLOW);
+ super(child, AdminPrivileges.ADMINISTER_WORKFLOWS);
}
}
@@ -184,7 +184,7 @@ abstract class BaseWorkflowItemPane extends BaseItemPane {
TaskDeleteForm() {
super(new Label(gz("cms.ui.workflow.task.delete_prompt")));
- addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOW);
+ addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOWS);
}
@Override
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/ItemWorkflowItemPane.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/ItemWorkflowItemPane.java
index 10ea0b1a6..b1b468913 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/ItemWorkflowItemPane.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/ItemWorkflowItemPane.java
@@ -87,8 +87,7 @@ final class ItemWorkflowItemPane extends BaseWorkflowItemPane {
final ContentSection section = CMS.getContext().getContentSection();
- return permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW, section);
+ return permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS, section);
}
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskAddRole.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskAddRole.java
index 110947e47..16916ceef 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskAddRole.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskAddRole.java
@@ -164,8 +164,7 @@ class TaskAddRole extends CMSForm {
final PermissionChecker permissionChecker = cdiUtil.findBean(
PermissionChecker.class);
- if (!permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW)) {
+ if (!permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS)) {
throw new FormProcessException(
new GlobalizedMessage(
"cms.ui.workflow.insufficient_privileges",
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskItemPane.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskItemPane.java
index 14c65461d..b246082ec 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskItemPane.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/TaskItemPane.java
@@ -119,14 +119,13 @@ final class TaskItemPane extends BaseItemPane {
final PermissionChecker permissionChecker = cdiUtil.findBean(
PermissionChecker.class);
- return permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW);
+ return permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS);
}
private class AdminVisible extends VisibilityComponent {
public AdminVisible(final Component child) {
- super(child, AdminPrivileges.ADMINISTER_WORKFLOW);
+ super(child, AdminPrivileges.ADMINISTER_WORKFLOWS);
}
}
diff --git a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/WorkflowAdminPane.java b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/WorkflowAdminPane.java
index 66bf9b690..7268269b2 100755
--- a/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/WorkflowAdminPane.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/ui/workflow/WorkflowAdminPane.java
@@ -56,7 +56,7 @@ public final class WorkflowAdminPane extends BaseAdminPane {
getDeleteLink()));
addAction(new VisibilityComponent(
- getAddLink(), AdminPrivileges.ADMINISTER_WORKFLOW));
+ getAddLink(), AdminPrivileges.ADMINISTER_WORKFLOWS));
}
private class DeleteForm extends BaseDeleteForm {
@@ -64,7 +64,7 @@ public final class WorkflowAdminPane extends BaseAdminPane {
DeleteForm() {
super(gz("cms.ui.workflow.delete_prompt"));
- addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOW);
+ addSecurityListener(AdminPrivileges.ADMINISTER_WORKFLOWS);
}
@Override
diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionManager.java b/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionManager.java
index 7582c9bd4..70c936d25 100644
--- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionManager.java
+++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionManager.java
@@ -186,7 +186,7 @@ public class ContentSectionManager {
addRoleToContentSection(section,
MANAGER,
AdminPrivileges.ADMINISTER_ROLES,
- AdminPrivileges.ADMINISTER_WORKFLOW,
+ AdminPrivileges.ADMINISTER_WORKFLOWS,
AdminPrivileges.ADMINISTER_LIFECYLES,
AdminPrivileges.ADMINISTER_CATEGORIES,
AdminPrivileges.ADMINISTER_CONTENT_TYPES,
@@ -424,7 +424,7 @@ public class ContentSectionManager {
@Transactional(Transactional.TxType.REQUIRED)
public void addWorkflowTemplateToContentSection(
final Workflow template,
- @RequiresPrivilege(AdminPrivileges.ADMINISTER_WORKFLOW)
+ @RequiresPrivilege(AdminPrivileges.ADMINISTER_WORKFLOWS)
final ContentSection section) {
Objects.requireNonNull(template);
@@ -451,7 +451,7 @@ public class ContentSectionManager {
@Transactional(Transactional.TxType.REQUIRED)
public void removeWorkflowTemplateFromContentSection(
final Workflow template,
- @RequiresPrivilege(AdminPrivileges.ADMINISTER_WORKFLOW)
+ @RequiresPrivilege(AdminPrivileges.ADMINISTER_WORKFLOWS)
final ContentSection section) {
section.removeWorkflowTemplate(template);
diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java b/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java
index 38d529a39..23ae695dd 100644
--- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java
+++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java
@@ -201,7 +201,7 @@ public class ContentSectionSetup extends AbstractCcmApplicationSetup {
grantPermissions(manager,
section,
AdminPrivileges.ADMINISTER_ROLES,
- AdminPrivileges.ADMINISTER_WORKFLOW,
+ AdminPrivileges.ADMINISTER_WORKFLOWS,
AdminPrivileges.ADMINISTER_LIFECYLES,
AdminPrivileges.ADMINISTER_CATEGORIES,
AdminPrivileges.ADMINISTER_CONTENT_TYPES);
diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/privileges/AdminPrivileges.java b/ccm-cms/src/main/java/org/librecms/contentsection/privileges/AdminPrivileges.java
index b4d5891e1..4a54f0471 100644
--- a/ccm-cms/src/main/java/org/librecms/contentsection/privileges/AdminPrivileges.java
+++ b/ccm-cms/src/main/java/org/librecms/contentsection/privileges/AdminPrivileges.java
@@ -71,7 +71,7 @@ public final class AdminPrivileges {
*
* @see ContentSection#workflowTemplates
*/
- public static final String ADMINISTER_WORKFLOW = "administer_workflow";
+ public static final String ADMINISTER_WORKFLOWS = "administer_workflows";
private AdminPrivileges() {
//Nothing
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AdminPermissionsChecker.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AdminPermissionsChecker.java
new file mode 100644
index 000000000..b09e74f6a
--- /dev/null
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AdminPermissionsChecker.java
@@ -0,0 +1,55 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.librecms.ui.contentsections;
+
+import org.libreccm.security.PermissionChecker;
+import org.librecms.contentsection.ContentSection;
+import org.librecms.contentsection.privileges.AdminPrivileges;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Jens Pelzetter
+ */
+@RequestScoped
+public class AdminPermissionsChecker {
+
+ @Inject
+ private PermissionChecker permissionChecker;
+
+ public boolean canAdministerCategories(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AdminPrivileges.ADMINISTER_CATEGORIES, section
+ );
+ }
+
+ public boolean canAdministerContentTypes(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AdminPrivileges.ADMINISTER_CONTENT_TYPES, section
+ );
+ }
+
+ public boolean canAdministerLifecycles(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AdminPrivileges.ADMINISTER_LIFECYLES, section
+ );
+ }
+
+ public boolean canAdministerRoles(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AdminPrivileges.ADMINISTER_ROLES, section
+ );
+ }
+
+ public boolean canAdministerWorkflows(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AdminPrivileges.ADMINISTER_WORKFLOWS, section
+ );
+ }
+
+}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderController.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderController.java
index 15d5cec62..36002fc76 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderController.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderController.java
@@ -5,8 +5,6 @@
*/
package org.librecms.ui.contentsections;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
import org.libreccm.l10n.GlobalizationHelper;
import org.libreccm.security.AuthorizationRequired;
import org.libreccm.security.PermissionChecker;
@@ -18,7 +16,6 @@ import org.librecms.contentsection.AssetFolderEntry;
import org.librecms.contentsection.AssetManager;
import org.librecms.contentsection.AssetRepository;
import org.librecms.contentsection.ContentSection;
-import org.librecms.contentsection.ContentSectionRepository;
import org.librecms.contentsection.Folder;
import org.librecms.contentsection.FolderManager;
import org.librecms.contentsection.FolderRepository;
@@ -46,7 +43,6 @@ import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
-
/**
*
* @author Jens Pelzetter
@@ -63,7 +59,10 @@ public class AssetFolderController {
private AssetFolderTree assetFolderTree;
@Inject
- private AssetPermissions assetPermissions;
+ private AssetPermissionsModelProvider assetPermissions;
+
+ @Inject
+ private AssetPermissionsChecker assetPermissionsChecker;
@Inject
private AssetManager assetManager;
@@ -74,9 +73,6 @@ public class AssetFolderController {
@Inject
private ContentSectionModel contentSectionModel;
- @Inject
- private ContentSectionRepository sectionRepo;
-
@Inject
private ContentSectionsUi sectionsUi;
@@ -98,19 +94,12 @@ public class AssetFolderController {
@Inject
private Models models;
- @Inject
- private PermissionChecker permissionChecker;
-
@Inject
private PermissionManager permissionManager;
@Inject
private RoleRepository roleRepo;
- private static final Logger LOGGER = LogManager.getLogger(
- AssetFolderController.class
- );
-
@GET
@Path("/")
@AuthorizationRequired
@@ -145,9 +134,7 @@ public class AssetFolderController {
}
final ContentSection section = sectionResult.get();
- if (!permissionChecker.isPermitted(
- AssetPrivileges.EDIT, section.getRootAssetsFolder()
- )) {
+ if (!assetPermissionsChecker.canEditAssets(section)) {
sectionsUi.showAccessDenied("sectionIdentifier", sectionIdentifier);
}
@@ -172,7 +159,7 @@ public class AssetFolderController {
}
}
- if (!permissionChecker.isPermitted(AssetPrivileges.EDIT, folder)) {
+ if (!assetPermissionsChecker.canEditAssets(folder)) {
return sectionsUi.showAccessDenied(
"sectionIdentifier", sectionIdentifier,
"folderPath", folderPath
@@ -200,10 +187,10 @@ public class AssetFolderController {
assetFolderModel.setPath(folderPath);
assetFolderModel.setCanCreateSubFolders(
- permissionChecker.isPermitted(AssetPrivileges.CREATE_NEW, folder)
+ assetPermissionsChecker.canCreateAssets(folder)
);
assetFolderModel.setCanCreateAssets(
- permissionChecker.isPermitted(AssetPrivileges.CREATE_NEW, folder)
+ assetPermissionsChecker.canCreateAssets(folder)
);
assetFolderModel.setGrantedPermissions(
grantedPrivileges.buildPermissionsMatrix(section, folder)
@@ -240,19 +227,17 @@ public class AssetFolderController {
@PathParam("parentFolderPath") final String parentFolderPath,
@FormParam("folderName") final String folderName
) {
- final RetrieveResult sectionResult = sectionsUi
- .retrieveContentSection(sectionIdentifier);
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
final ContentSection section;
- if (sectionResult.isSuccessful()) {
- section = sectionResult.getResult();
+ if (sectionResult.isPresent()) {
+ section = sectionResult.get();
} else {
- return sectionResult.getFailedResponseTemplate();
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
- if (!permissionChecker.isPermitted(
- AssetPrivileges.EDIT, section.getRootAssetsFolder()
- )) {
+ if (!assetPermissionsChecker.canEditAssets(section)) {
return sectionsUi.showAccessDenied(
"sectionIdentifier", sectionIdentifier
);
@@ -277,9 +262,7 @@ public class AssetFolderController {
}
}
- if (!permissionChecker.isPermitted(
- AssetPrivileges.CREATE_NEW, parentFolder
- )) {
+ if (!assetPermissionsChecker.canEditAssets(parentFolder)) {
return sectionsUi.showAccessDenied(
"sectionIdentifier", sectionIdentifier,
"folderPath", parentFolderPath
@@ -320,17 +303,15 @@ public class AssetFolderController {
@FormParam("permissions") final List permissions
) {
- final RetrieveResult sectionResult = sectionsUi
- .retrieveContentSection(sectionIdentifier);
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
final ContentSection section;
- if (sectionResult.isSuccessful()) {
- section = sectionResult.getResult();
+ if (sectionResult.isPresent()) {
+ section = sectionResult.get();
} else {
- return sectionResult.getFailedResponseTemplate();
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
- if (!permissionChecker.isPermitted(
- AssetPrivileges.EDIT, section.getRootAssetsFolder()
- )) {
+ if (!assetPermissionsChecker.canEditAssets(section)) {
models.put("sectionidentifier", sectionIdentifier);
return "org/librecms/ui/contentsection/access-denied.xhtml";
}
@@ -357,7 +338,7 @@ public class AssetFolderController {
}
}
- if (!permissionChecker.isPermitted(AssetPrivileges.EDIT, folder)) {
+ if (!assetPermissionsChecker.canEditAssets(folder)) {
models.put("sectionidentifier", sectionIdentifier);
models.put("folderPath", folderPath);
return "org/librecms/ui/contentsection/access-denied.xhtml";
@@ -405,17 +386,15 @@ public class AssetFolderController {
@PathParam("folderPath") final String folderPath,
@FormParam("folderName") final String folderName
) {
- final RetrieveResult sectionResult = sectionsUi
- .retrieveContentSection(sectionIdentifier);
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
final ContentSection section;
- if (sectionResult.isSuccessful()) {
- section = sectionResult.getResult();
+ if (sectionResult.isPresent()) {
+ section = sectionResult.get();
} else {
- return sectionResult.getFailedResponseTemplate();
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
- if (!permissionChecker.isPermitted(
- AssetPrivileges.EDIT, section.getRootAssetsFolder()
- )) {
+ if (!assetPermissionsChecker.canEditAssets(section)) {
models.put("sectionidentifier", sectionIdentifier);
return "org/librecms/ui/contentsection/access-denied.xhtml";
}
@@ -437,7 +416,7 @@ public class AssetFolderController {
return "org/librecms/ui/contentsection/assetfolder/assetfolder-not-found.xhtml";
}
- if (!permissionChecker.isPermitted(AssetPrivileges.EDIT, folder)) {
+ if (!assetPermissionsChecker.canEditAssets(folder)) {
models.put("sectionidentifier", sectionIdentifier);
models.put("folderPath", folderPath);
return "org/librecms/ui/contentsection/access-denied.xhtml";
@@ -459,31 +438,6 @@ public class AssetFolderController {
);
}
-// private Optional retrieveContentSection(
-// final String sectionIdentifier
-// ) {
-// final Identifier identifier = identifierParser.parseIdentifier(
-// sectionIdentifier
-// );
-//
-// final Optional sectionResult;
-// switch (identifier.getType()) {
-// case ID:
-// sectionResult = sectionRepo.findById(
-// Long.parseLong(identifier.getIdentifier())
-// );
-// break;
-// case UUID:
-// sectionResult = sectionRepo.findByUuid(identifier
-// .getIdentifier());
-// break;
-// default:
-// sectionResult = sectionRepo.findByLabel(identifier
-// .getIdentifier());
-// break;
-// }
-// return sectionResult;
-// }
private String showAssetFolderNotFound(
final ContentSection section, final String folderPath
) {
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderTree.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderTree.java
index 2c35cb49d..82ed66de5 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderTree.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetFolderTree.java
@@ -20,7 +20,7 @@ public class AssetFolderTree
extends AbstractFolderTree {
@Inject
- private AssetPermissions assetPermissions;
+ private AssetPermissionsModelProvider assetPermissions;
@Override
public AssetFolderTreeNode newFolderTreeNode() {
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsChecker.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsChecker.java
new file mode 100644
index 000000000..19d861c8d
--- /dev/null
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsChecker.java
@@ -0,0 +1,117 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.librecms.ui.contentsections;
+
+import org.libreccm.security.PermissionChecker;
+import org.librecms.contentsection.Asset;
+import org.librecms.contentsection.ContentSection;
+import org.librecms.contentsection.Folder;
+import org.librecms.contentsection.privileges.AssetPrivileges;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Jens Pelzetter
+ */
+@RequestScoped
+public class AssetPermissionsChecker {
+
+ @Inject
+ private PermissionChecker permissionChecker;
+
+ public boolean canCreateAssets(final Asset asset) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.CREATE_NEW, asset
+ );
+ }
+
+ public boolean canCreateAssets(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.CREATE_NEW, section.getRootAssetsFolder()
+ );
+ }
+
+ public boolean canCreateAssets(final Folder folder) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.CREATE_NEW, folder
+ );
+ }
+
+ public boolean canDeleteAssets(final Asset asset) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.DELETE, asset
+ );
+ }
+
+ public boolean canDeleteAssets(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.DELETE, section.getRootAssetsFolder()
+ );
+ }
+
+ public boolean canDeleteAssets(final Folder folder) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.DELETE, folder
+ );
+ }
+
+ public boolean canUseAssets(final Asset asset) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.USE, asset
+ );
+ }
+
+ public boolean canUseAssets(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.USE, section.getRootAssetsFolder()
+ );
+ }
+
+ public boolean canUseAssets(final Folder folder) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.USE, folder
+ );
+ }
+
+ public boolean canEditAssets(final Asset asset) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.EDIT, asset
+ );
+ }
+
+ public boolean canEditAssets(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.EDIT, section.getRootAssetsFolder()
+ );
+ }
+
+ public boolean canEditAssets(final Folder folder) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.EDIT, folder
+ );
+ }
+
+ public boolean canViewAssets(final Asset asset) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.VIEW, asset
+ );
+ }
+
+ public boolean canViewAssets(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.VIEW, section.getRootAssetsFolder()
+ );
+ }
+
+ public boolean canViewAssets(final Folder folder) {
+ return permissionChecker.isPermitted(
+ AssetPrivileges.VIEW, folder
+ );
+ }
+
+}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissions.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsModelProvider.java
similarity index 59%
rename from ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissions.java
rename to ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsModelProvider.java
index fac5243e8..52e9ed1bc 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissions.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/AssetPermissionsModelProvider.java
@@ -5,10 +5,8 @@
*/
package org.librecms.ui.contentsections;
-import org.libreccm.security.PermissionChecker;
import org.librecms.contentsection.Asset;
import org.librecms.contentsection.Folder;
-import org.librecms.contentsection.privileges.AssetPrivileges;
import javax.enterprise.context.Dependent;
import javax.inject.Inject;
@@ -18,29 +16,29 @@ import javax.inject.Inject;
* @author Jens Pelzetter
*/
@Dependent
-class AssetPermissions {
+class AssetPermissionsModelProvider {
@Inject
- private PermissionChecker permissionChecker;
+ private AssetPermissionsChecker permissionChecker;
public AssetPermissionsModel buildAssetPermissionsModel(
final Folder folder
) {
final AssetPermissionsModel model = new AssetPermissionsModel();
model.setGrantedCreateNew(
- permissionChecker.isPermitted(AssetPrivileges.CREATE_NEW, folder)
+ permissionChecker.canCreateAssets(folder)
);
model.setGrantedDelete(
- permissionChecker.isPermitted(AssetPrivileges.DELETE, folder)
+ permissionChecker.canDeleteAssets(folder)
);
model.setGrantedEdit(
- permissionChecker.isPermitted(AssetPrivileges.EDIT, folder)
+ permissionChecker.canEditAssets(folder)
);
model.setGrantedUse(
- permissionChecker.isPermitted(AssetPrivileges.USE, folder)
+ permissionChecker.canUseAssets(folder)
);
model.setGrantedView(
- permissionChecker.isPermitted(AssetPrivileges.VIEW, folder)
+ permissionChecker.canViewAssets(folder)
);
return model;
@@ -51,19 +49,19 @@ class AssetPermissions {
) {
final AssetPermissionsModel model = new AssetPermissionsModel();
model.setGrantedCreateNew(
- permissionChecker.isPermitted(AssetPrivileges.CREATE_NEW, asset)
+ permissionChecker.canCreateAssets(asset)
);
model.setGrantedDelete(
- permissionChecker.isPermitted(AssetPrivileges.DELETE, asset)
+ permissionChecker.canDeleteAssets(asset)
);
model.setGrantedEdit(
- permissionChecker.isPermitted(AssetPrivileges.EDIT, asset)
+ permissionChecker.canEditAssets(asset)
);
model.setGrantedUse(
- permissionChecker.isPermitted(AssetPrivileges.USE, asset)
+ permissionChecker.canUseAssets(asset)
);
model.setGrantedView(
- permissionChecker.isPermitted(AssetPrivileges.VIEW, asset)
+ permissionChecker.canViewAssets(asset)
);
return model;
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ConfigurationController.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ConfigurationController.java
index 04d134b3f..3f104fe4f 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ConfigurationController.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ConfigurationController.java
@@ -105,8 +105,7 @@ public class ConfigurationController {
|| permissionChecker.isPermitted(
AdminPrivileges.ADMINISTER_ROLES, section
)
- || permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW, section
+ || permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS, section
);
}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionModel.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionModel.java
index 6ff46cb66..88f4dc7d1 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionModel.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionModel.java
@@ -94,8 +94,7 @@ public class ContentSectionModel {
}
public boolean getCanAdministerWorkflows() {
- return permissionChecker.isPermitted(
- AdminPrivileges.ADMINISTER_WORKFLOW, section
+ return permissionChecker.isPermitted(AdminPrivileges.ADMINISTER_WORKFLOWS, section
);
}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionsUi.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionsUi.java
index 0bc6cfb89..5ab8f055d 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionsUi.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ContentSectionsUi.java
@@ -7,11 +7,12 @@ package org.librecms.ui.contentsections;
import org.libreccm.api.Identifier;
import org.libreccm.api.IdentifierParser;
+import org.libreccm.security.PermissionChecker;
import org.librecms.contentsection.ContentSection;
import org.librecms.contentsection.ContentSectionRepository;
-import java.util.HashMap;
import java.util.Map;
+import java.util.Objects;
import java.util.Optional;
import javax.enterprise.context.RequestScoped;
@@ -33,11 +34,16 @@ class ContentSectionsUi {
private Models models;
+ private PermissionChecker permissionChecker;
+
public Optional findContentSection(
final String identifierParam
) {
final Identifier sectionIdentifier = identifierParser.parseIdentifier(
- identifierParam
+ Objects.requireNonNull(
+ identifierParam,
+ "Can't retrieve a ContentSection for identifier null."
+ )
);
switch (sectionIdentifier.getType()) {
@@ -82,42 +88,41 @@ class ContentSectionsUi {
return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
}
- public RetrieveResult retrieveContentSection(
- final String identifierParam
- ) {
- final Identifier sectionIdentifier = identifierParser.parseIdentifier(
- identifierParam
- );
-
- final Optional sectionResult;
- switch (sectionIdentifier.getType()) {
- case ID:
- sectionResult = sectionRepo.findById(
- Long.parseLong(
- sectionIdentifier.getIdentifier()
- )
- );
- break;
- case UUID:
- sectionResult = sectionRepo.findByUuid(
- sectionIdentifier.getIdentifier()
- );
- break;
- default:
- sectionResult = sectionRepo.findByLabel(
- sectionIdentifier.getIdentifier()
- );
- break;
- }
-
- if (sectionResult.isPresent()) {
- return RetrieveResult.successful(sectionResult.get());
- } else {
- models.put("sectionIdentifier", sectionIdentifier);
- return RetrieveResult.failed(
- "org/librecms/ui/contentsection/contentsection-not-found.xhtml"
- );
- }
- }
-
+// public RetrieveResult retrieveContentSection(
+// final String identifierParam
+// ) {
+// final Identifier sectionIdentifier = identifierParser.parseIdentifier(
+// identifierParam
+// );
+//
+// final Optional sectionResult;
+// switch (sectionIdentifier.getType()) {
+// case ID:
+// sectionResult = sectionRepo.findById(
+// Long.parseLong(
+// sectionIdentifier.getIdentifier()
+// )
+// );
+// break;
+// case UUID:
+// sectionResult = sectionRepo.findByUuid(
+// sectionIdentifier.getIdentifier()
+// );
+// break;
+// default:
+// sectionResult = sectionRepo.findByLabel(
+// sectionIdentifier.getIdentifier()
+// );
+// break;
+// }
+//
+// if (sectionResult.isPresent()) {
+// return RetrieveResult.successful(sectionResult.get());
+// } else {
+// models.put("sectionIdentifier", sectionIdentifier);
+// return RetrieveResult.failed(
+// "org/librecms/ui/contentsection/contentsection-not-found.xhtml"
+// );
+// }
+// }
}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/DocumentFolderController.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/DocumentFolderController.java
index 45c9b1207..d699366f8 100644
--- a/ccm-cms/src/main/java/org/librecms/ui/contentsections/DocumentFolderController.java
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/DocumentFolderController.java
@@ -84,6 +84,9 @@ public class DocumentFolderController {
@Inject
private ContentSectionModel contentSectionModel;
+ @Inject
+ private ContentSectionsUi sectionsUi;
+
@Inject
private ContentTypeRepository contentTypeRepo;
@@ -102,9 +105,6 @@ public class DocumentFolderController {
@Inject
private Models models;
- @Inject
- private ContentSectionRepository sectionRepo;
-
@Inject
private IdentifierParser identifierParser;
@@ -129,6 +129,9 @@ public class DocumentFolderController {
@Inject
private CurrentUserDocumentPermissions currentUserPermissions;
+ @Inject
+ private ItemPermissionChecker itemPermissionChecker;
+
@GET
@Path("/")
@AuthorizationRequired
@@ -156,24 +159,21 @@ public class DocumentFolderController {
@QueryParam("maxResults") @DefaultValue("20") final int maxResults
) {
final long start = System.currentTimeMillis();
- final Optional sectionResult = retrieveContentSection(
- sectionIdentifier
- );
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
LOGGER.info("Retrieved content section in {} ms",
System.currentTimeMillis() - start
);
if (!sectionResult.isPresent()) {
- models.put("sectionIdentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
final ContentSection section = sectionResult.get();
- if (!permissionChecker.isPermitted(
- ItemPrivileges.EDIT, section.getRootDocumentsFolder()
- )) {
- models.put("sectionidentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(section)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier
+ );
}
contentSectionModel.setSection(section);
@@ -194,16 +194,15 @@ public class DocumentFolderController {
documentFolderModel.setBreadcrumbs(buildBreadcrumbs(folderPath));
} else {
- models.put("contentSection", section.getLabel());
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/documentfolder/documentfolder-not-found.xhtml";
+ return showDocumentFolderNotFound(section, folderPath);
}
}
- if (!permissionChecker.isPermitted(ItemPrivileges.EDIT, folder)) {
- models.put("sectionidentifier", sectionIdentifier);
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(folder)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier,
+ "folderPath", folderPath
+ );
}
final List folderEntries = folderRepo
@@ -232,19 +231,13 @@ public class DocumentFolderController {
documentFolderModel.setPath(folderPath);
documentFolderModel.setCanCreateSubFolders(
- permissionChecker.isPermitted(
- ItemPrivileges.CREATE_NEW, folder
- )
+ itemPermissionChecker.canCreateNewItems(folder)
);
documentFolderModel.setCanCreateItems(
- permissionChecker.isPermitted(
- ItemPrivileges.CREATE_NEW, folder
- )
+ itemPermissionChecker.canCreateNewItems(folder)
);
documentFolderModel.setCanAdminister(
- permissionChecker.isPermitted(
- ItemPrivileges.ADMINISTER, folder
- )
+ itemPermissionChecker.canAdministerItems(folder)
);
documentFolderModel.setGrantedPermissions(
grantedPrivileges.buildPermissionsMatrix(section, folder)
@@ -266,32 +259,12 @@ public class DocumentFolderController {
public String createTestData(
@PathParam("sectionIdentifier") final String sectionIdentifier
) {
- final Identifier identifier = identifierParser.parseIdentifier(
- sectionIdentifier
- );
- final Optional sectionResult;
- switch (identifier.getType()) {
- case ID:
- sectionResult = sectionRepo.findById(
- Long.parseLong(identifier.getIdentifier())
- );
- break;
- case UUID:
- sectionResult = sectionRepo.findByUuid(identifier
- .getIdentifier());
- break;
- default:
- sectionResult = sectionRepo.findByLabel(identifier
- .getIdentifier());
- break;
- }
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
if (sectionResult.isPresent()) {
final ContentSection section = sectionResult.get();
-
- if (permissionChecker.isPermitted(
- ItemPrivileges.EDIT, section.getRootDocumentsFolder()
- )) {
+ if (itemPermissionChecker.canEditItems(section)) {
if (section.getRootDocumentsFolder().getObjects().isEmpty()) {
folderManager.createFolder(
"folder-1", section.getRootDocumentsFolder()
@@ -343,12 +316,12 @@ public class DocumentFolderController {
return "org/librecms/ui/contentsection/documentfolder/testdata.xhtml";
}
} else {
- models.put("sectionidentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier
+ );
}
} else {
- models.put("sectionIdentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
}
@@ -374,21 +347,17 @@ public class DocumentFolderController {
@PathParam("parentFolderPath") final String parentFolderPath,
@FormParam("folderName") final String folderName
) {
- final Optional sectionResult = retrieveContentSection(
- sectionIdentifier
- );
-
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
if (!sectionResult.isPresent()) {
- models.put("sectionIdentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
final ContentSection section = sectionResult.get();
- if (!permissionChecker.isPermitted(
- ItemPrivileges.EDIT, section.getRootDocumentsFolder()
- )) {
- models.put("sectionidentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(section)) {
+ return sectionsUi.showAccessDenied(
+ "sectionIdentifier", sectionIdentifier
+ );
}
final Folder parentFolder;
@@ -404,18 +373,15 @@ public class DocumentFolderController {
if (parentFolderResult.isPresent()) {
parentFolder = parentFolderResult.get();
} else {
- models.put("contentSection", section.getLabel());
- models.put("folderPath", parentFolderPath);
- return "org/librecms/ui/contentsection/documentfolder/documentfolder-not-found.xhtml";
+ return showDocumentFolderNotFound(section, folderName);
}
}
- if (!permissionChecker.isPermitted(
- ItemPrivileges.CREATE_NEW, parentFolder
- )) {
- models.put("sectionidentifier", sectionIdentifier);
- models.put("folderPath", parentFolderPath);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canCreateNewItems(parentFolder)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier,
+ "folderPath", parentFolderPath
+ );
}
folderManager.createFolder(folderName, parentFolder);
@@ -451,20 +417,15 @@ public class DocumentFolderController {
@PathParam("role") final String roleParam,
@FormParam("permissions") final List permissions
) {
- final Optional sectionResult = retrieveContentSection(
- sectionIdentifier
- );
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
if (!sectionResult.isPresent()) {
- models.put("sectionIdentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
final ContentSection section = sectionResult.get();
- if (!permissionChecker.isPermitted(
- ItemPrivileges.EDIT, section.getRootDocumentsFolder()
- )) {
- models.put("sectionidentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(section)) {
+ sectionsUi.showAccessDenied("sectionidentifier", sectionIdentifier);
}
final Folder folder;
@@ -483,16 +444,15 @@ public class DocumentFolderController {
documentFolderModel.setBreadcrumbs(buildBreadcrumbs(folderPath));
} else {
- models.put("contentSection", section.getLabel());
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/documentfolder/documentfolder-not-found.xhtml";
+ return showDocumentFolderNotFound(section, folderPath);
}
}
- if (!permissionChecker.isPermitted(ItemPrivileges.ADMINISTER, folder)) {
- models.put("sectionidentifier", sectionIdentifier);
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canAdministerItems(folder)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier,
+ "folderPath", folderPath
+ );
}
final Optional roleResult = roleRepo.findByName(roleParam);
@@ -537,20 +497,17 @@ public class DocumentFolderController {
@PathParam("folderPath") final String folderPath,
@FormParam("folderName") final String folderName
) {
- final Optional sectionResult = retrieveContentSection(
- sectionIdentifier
- );
+ final Optional sectionResult = sectionsUi
+ .findContentSection(sectionIdentifier);
if (!sectionResult.isPresent()) {
- models.put("sectionIdentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/contentsection-not-found.xhtml";
+ return sectionsUi.showContentSectionNotFound(sectionIdentifier);
}
final ContentSection section = sectionResult.get();
- if (!permissionChecker.isPermitted(
- ItemPrivileges.EDIT, section.getRootDocumentsFolder()
- )) {
- models.put("sectionidentifier", sectionIdentifier);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(section)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier
+ );
}
final Folder folder;
@@ -565,15 +522,14 @@ public class DocumentFolderController {
documentFolderModel.setBreadcrumbs(buildBreadcrumbs(folderPath));
} else {
- models.put("contentSection", section.getLabel());
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/documentfolder/documentfolder-not-found.xhtml";
+ return showDocumentFolderNotFound(section, folderPath);
}
- if (!permissionChecker.isPermitted(ItemPrivileges.EDIT, folder)) {
- models.put("sectionidentifier", sectionIdentifier);
- models.put("folderPath", folderPath);
- return "org/librecms/ui/contentsection/access-denied.xhtml";
+ if (!itemPermissionChecker.canEditItems(folder)) {
+ return sectionsUi.showAccessDenied(
+ "sectionidentifier", sectionIdentifier,
+ "folderPath", folderPath
+ );
}
folder.setName(folderName);
@@ -592,32 +548,6 @@ public class DocumentFolderController {
);
}
- private Optional retrieveContentSection(
- final String sectionIdentifier
- ) {
- final Identifier identifier = identifierParser.parseIdentifier(
- sectionIdentifier
- );
-
- final Optional sectionResult;
- switch (identifier.getType()) {
- case ID:
- sectionResult = sectionRepo.findById(
- Long.parseLong(identifier.getIdentifier())
- );
- break;
- case UUID:
- sectionResult = sectionRepo.findByUuid(identifier
- .getIdentifier());
- break;
- default:
- sectionResult = sectionRepo.findByLabel(identifier
- .getIdentifier());
- break;
- }
- return sectionResult;
- }
-
private List buildBreadcrumbs(
final String folderPath
) {
@@ -767,4 +697,12 @@ public class DocumentFolderController {
return row;
}
+ private String showDocumentFolderNotFound(
+ final ContentSection section, final String folderPath
+ ) {
+ models.put("contentSection", section.getLabel());
+ models.put("folderPath", folderPath);
+ return "org/librecms/ui/contentsection/documentfolder/documentfolder-not-found.xhtml";
+ }
+
}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/ItemPermissionChecker.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ItemPermissionChecker.java
new file mode 100644
index 000000000..d68d480c2
--- /dev/null
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/ItemPermissionChecker.java
@@ -0,0 +1,214 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.librecms.ui.contentsections;
+
+import org.libreccm.security.PermissionChecker;
+import org.librecms.contentsection.ContentItem;
+import org.librecms.contentsection.ContentSection;
+import org.librecms.contentsection.Folder;
+import org.librecms.contentsection.privileges.ItemPrivileges;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Jens Pelzetter
+ */
+@RequestScoped
+public class ItemPermissionChecker {
+
+ @Inject
+ private PermissionChecker permissionChecker;
+
+ public boolean canAdministerItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.ADMINISTER, item
+ );
+ }
+
+ public boolean canAdministerItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.ADMINISTER, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canAdministerItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.ADMINISTER, folder
+ );
+ }
+
+ public boolean canApplyAlternateWorkflowItems(
+ final ContentSection section
+ ) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPLY_ALTERNATE_WORKFLOW,
+ section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canApplyAlternateWorkflowItems(
+ final ContentItem item
+ ) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPLY_ALTERNATE_WORKFLOW, item
+ );
+ }
+
+ public boolean canApplyAlternateWorkflowItems(
+ final Folder folder
+ ) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPLY_ALTERNATE_WORKFLOW, folder
+ );
+ }
+
+ public boolean canApproveItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPROVE, item
+ );
+ }
+
+ public boolean canApproveItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPROVE, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canApproveItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.APPROVE, folder
+ );
+ }
+
+ public boolean canCategorizeItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CATEGORIZE, item
+ );
+ }
+
+ public boolean canCategorizeItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CATEGORIZE, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canCategorizeItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CATEGORIZE, folder
+ );
+ }
+
+ public boolean canCreateNewItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CREATE_NEW, item
+ );
+ }
+
+ public boolean canCreateNewItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CREATE_NEW, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canCreateNewItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.CREATE_NEW, folder
+ );
+ }
+
+ public boolean canDeleteItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.DELETE, item
+ );
+ }
+
+ public boolean canDeleteItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.DELETE, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canDeleteItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.DELETE, folder
+ );
+ }
+
+ public boolean canEditItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.EDIT, item
+ );
+ }
+
+ public boolean canEditItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.EDIT, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canEditItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.EDIT, folder
+ );
+ }
+
+ public boolean canPreviewItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PREVIEW, item
+ );
+ }
+
+ public boolean canPreviewItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PREVIEW, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canPreviewItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PREVIEW, folder
+ );
+ }
+
+ public boolean canPublishItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PUBLISH, item
+ );
+ }
+
+ public boolean canPublishItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PUBLISH, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canPublishItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.PUBLISH, folder
+ );
+ }
+
+ public boolean canViewPublishedItems(final ContentItem item) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.VIEW_PUBLISHED, item
+ );
+ }
+
+ public boolean canViewPublishedItems(final ContentSection section) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.VIEW_PUBLISHED, section.getRootDocumentsFolder()
+ );
+ }
+
+ public boolean canViewPublishedItems(final Folder folder) {
+ return permissionChecker.isPermitted(
+ ItemPrivileges.VIEW_PUBLISHED, folder
+ );
+ }
+
+}
diff --git a/ccm-cms/src/main/java/org/librecms/ui/contentsections/TypePermissionsChecker.java b/ccm-cms/src/main/java/org/librecms/ui/contentsections/TypePermissionsChecker.java
new file mode 100644
index 000000000..e4bbecd27
--- /dev/null
+++ b/ccm-cms/src/main/java/org/librecms/ui/contentsections/TypePermissionsChecker.java
@@ -0,0 +1,31 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.librecms.ui.contentsections;
+
+import org.libreccm.security.PermissionChecker;
+import org.librecms.contentsection.ContentType;
+import org.librecms.contentsection.privileges.TypePrivileges;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+
+/**
+ *
+ * @author Jens Pelzetter
+ */
+@RequestScoped
+public class TypePermissionsChecker {
+
+ @Inject
+ private PermissionChecker permissionChecker;
+
+ public boolean canUseType(final ContentType type) {
+ return permissionChecker.isPermitted(
+ TypePrivileges.USE_TYPE, type
+ );
+ }
+
+}