LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-cms: Fixed some test failures 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4701 8810af33-2d31-482b-a856-94f89814c4df
jensp 2017-05-02 13:16:31 +00:00
parent 72827e8e3d
commit a734e0eee7
2 changed files with 43 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ccm-cms/src/test/java/org/librecms/contentsection/ContentItemManagerTest.java
View File

@ -234,6 +234,7 @@ public class ContentItemManagerTest {
"workflow_id" "workflow_id"
}) })
public void createContentItem() { public void createContentItem() {
shiro.getSystemUser().execute(() -> { shiro.getSystemUser().execute(() -> {
final ContentSection section = sectionRepo final ContentSection section = sectionRepo
.findByLabel("info") .findByLabel("info")
@ -553,6 +554,7 @@ public class ContentItemManagerTest {
"workflow_id" "workflow_id"
}) })
public void moveItem() { public void moveItem() {
final Optional<ContentItem> item = itemRepo.findById(-10100L); final Optional<ContentItem> item = itemRepo.findById(-10100L);
assertThat(item.isPresent(), is(true)); assertThat(item.isPresent(), is(true));

68
ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java
View File

@ -72,11 +72,15 @@ public class PermissionChecker {
* @param privilege The privilege granted by the permission. * @param privilege The privilege granted by the permission.
* *
* @return {@code true} if the current subject has a permission granting the * @return {@code true} if the current subject has a permission granting the
* provided {@code privilege}, {@code false} otherwise. * provided {@code privilege}, {@code false} otherwise.
*/ */
public boolean isPermitted(final String privilege) { public boolean isPermitted(final String privilege) {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
return subject.isPermitted(generatePermissionString(privilege)); if (shiro.isSystemUser()) {
return true;
} else {
return subject.isPermitted(generatePermissionString(privilege));
}
} else { } else {
return shiro.getPublicUser().isPermitted(generatePermissionString( return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege)); privilege));
@ -88,11 +92,11 @@ public class PermissionChecker {
* provided {@code privilege}. * provided {@code privilege}.
* *
* @param privilege The privilege granted by the permission. * @param privilege The privilege granted by the permission.
* @param role The role to check for a permission granting the * @param role The role to check for a permission granting the
* {@code privilege}. * {@code privilege}.
* *
* @return {@code true} if the role has a permission granting the provided * @return {@code true} if the role has a permission granting the provided
* {@code privilege}, {@code false} otherwise. * {@code privilege}, {@code false} otherwise.
*/ */
@Transactional(Transactional.TxType.REQUIRED) @Transactional(Transactional.TxType.REQUIRED)
public boolean isPermitted(final String privilege, final Role role) { public boolean isPermitted(final String privilege, final Role role) {
@ -130,16 +134,19 @@ public class PermissionChecker {
* {@code privilege} on the provided {@code object}. * {@code privilege} on the provided {@code object}.
* *
* @param privilege The granted privilege. * @param privilege The granted privilege.
* @param object The object on which the privilege is granted. * @param object The object on which the privilege is granted.
* *
* @return {@code true} if the there is a permission granting the provided * @return {@code true} if the there is a permission granting the provided
* {@code privilege} on the provided {@code object} to the current * {@code privilege} on the provided {@code object} to the current subject.
* subject.
*/ */
public boolean isPermitted(final String privilege, final CcmObject object) { public boolean isPermitted(final String privilege, final CcmObject object) {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
return subject.isPermitted(generatePermissionString( if (shiro.isSystemUser()) {
privilege, object)); return true;
} else {
return subject.isPermitted(generatePermissionString(
privilege, object));
}
} else { } else {
return shiro.getPublicUser().isPermitted(generatePermissionString( return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege, object)); privilege, object));
@ -151,13 +158,13 @@ public class PermissionChecker {
* provided {@code privilege} on the provided object. * provided {@code privilege} on the provided object.
* *
* @param privilege The granted privilege. * @param privilege The granted privilege.
* @param object The object on which the {@code privilege} is granted. * @param object The object on which the {@code privilege} is granted.
* @param role The role to check for a permission granting the * @param role The role to check for a permission granting the
* {@code privilege}. * {@code privilege}.
* *
* @return {@code true} if the there is a permission granting the provided * @return {@code true} if the there is a permission granting the provided
* {@code privilege} on the provided {@code object} to the provided * {@code privilege} on the provided {@code object} to the provided
* {@code role}. * {@code role}.
*/ */
public boolean isPermitted(final String privilege, public boolean isPermitted(final String privilege,
final CcmObject object, final CcmObject object,
@ -180,8 +187,8 @@ public class PermissionChecker {
final TypedQuery<Long> query = entityManager.createNamedQuery( final TypedQuery<Long> query = entityManager.createNamedQuery(
"Permission.existsForPrivilegeRoleObject", Long.class); "Permission.existsForPrivilegeRoleObject", Long.class);
query.setParameter("privilege", privilege); query.setParameter("privilege", privilege);
query.setParameter("grantee" ,role); query.setParameter("grantee", role);
query.setParameter("object" ,object); query.setParameter("object", object);
return query.getSingleResult() > 0; return query.getSingleResult() > 0;
} }
@ -194,12 +201,14 @@ public class PermissionChecker {
* @param privilege The privilege to check for. * @param privilege The privilege to check for.
* *
* @throws AuthorizationException If the current subject has not permission * @throws AuthorizationException If the current subject has not permission
* granting the provided privilege. * granting the provided privilege.
*/ */
public void checkPermission(final String privilege) public void checkPermission(final String privilege)
throws AuthorizationException { throws AuthorizationException {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
subject.checkPermission(generatePermissionString(privilege)); if (!shiro.isSystemUser()) {
subject.checkPermission(generatePermissionString(privilege));
}
} else { } else {
shiro.getPublicUser().checkPermission(generatePermissionString( shiro.getPublicUser().checkPermission(generatePermissionString(
privilege)); privilege));
@ -212,17 +221,20 @@ public class PermissionChecker {
* *
* *
* @param privilege The privilege to check for. * @param privilege The privilege to check for.
* @param object The object on which the privilege is granted. * @param object The object on which the privilege is granted.
* *
* @throws AuthorizationException If there is no permission granting the * @throws AuthorizationException If there is no permission granting the
* provided privilege to the current subject * provided privilege to the current subject on the provided object..
* on the provided object..
*/ */
public void checkPermission(final String privilege, public void checkPermission(final String privilege,
final CcmObject object) final CcmObject object)
throws AuthorizationException { throws AuthorizationException {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
subject.checkPermission(generatePermissionString(privilege, object)); if (!shiro.isSystemUser()) {
subject.checkPermission(generatePermissionString(privilege,
object));
}
} else { } else {
shiro.getPublicUser().checkPermission(generatePermissionString( shiro.getPublicUser().checkPermission(generatePermissionString(
privilege, object)); privilege, object));
@ -236,13 +248,13 @@ public class PermissionChecker {
* placeholder object is returned with the {@link CcmObject#displayName} * placeholder object is returned with the {@link CcmObject#displayName}
* property set the {@code Access denied}. * property set the {@code Access denied}.
* *
* @param <T> The type of the object to check. * @param <T> The type of the object to check.
* @param privilege The privilige to check for. * @param privilege The privilige to check for.
* @param object The object on which the privilege is granted. * @param object The object on which the privilege is granted.
* @param clazz The class of the object. * @param clazz The class of the object.
* *
* @return The object if the current subject is permitted to access, a * @return The object if the current subject is permitted to access, a
* placeholder object if not. * placeholder object if not.
*/ */
public <T extends CcmObject> T checkPermission(final String privilege, public <T extends CcmObject> T checkPermission(final String privilege,
final T object, final T object,
@ -258,7 +270,7 @@ public class PermissionChecker {
* @param object The object to check. * @param object The object to check.
* *
* @return {@code true} if the object is a <i>Access denied</i> object, * @return {@code true} if the object is a <i>Access denied</i> object,
* {@code false} if not. * {@code false} if not.
*/ */
public boolean isAccessDeniedObject(final CcmObject object) { public boolean isAccessDeniedObject(final CcmObject object) {
if (object == null) { if (object == null) {