LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-cms: Fixed some test failures 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4701 8810af33-2d31-482b-a856-94f89814c4df
ccm-docs
jensp 2017-05-02 13:16:31 +00:00
parent 2f1341ddc4
commit be5c0739f3
2 changed files with 43 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ccm-cms/src/test/java/org/librecms/contentsection/ContentItemManagerTest.java
View File

@ -234,6 +234,7 @@ public class ContentItemManagerTest {
"workflow_id" "workflow_id"
}) })
public void createContentItem() { public void createContentItem() {
shiro.getSystemUser().execute(() -> { shiro.getSystemUser().execute(() -> {
final ContentSection section = sectionRepo final ContentSection section = sectionRepo
.findByLabel("info") .findByLabel("info")
@ -553,6 +554,7 @@ public class ContentItemManagerTest {
"workflow_id" "workflow_id"
}) })
public void moveItem() { public void moveItem() {
final Optional<ContentItem> item = itemRepo.findById(-10100L); final Optional<ContentItem> item = itemRepo.findById(-10100L);
assertThat(item.isPresent(), is(true)); assertThat(item.isPresent(), is(true));

26
ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java
View File

@ -76,7 +76,11 @@ public class PermissionChecker {
*/ */
public boolean isPermitted(final String privilege) { public boolean isPermitted(final String privilege) {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
if (shiro.isSystemUser()) {
return true;
} else {
return subject.isPermitted(generatePermissionString(privilege)); return subject.isPermitted(generatePermissionString(privilege));
}
} else { } else {
return shiro.getPublicUser().isPermitted(generatePermissionString( return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege)); privilege));
@ -133,13 +137,16 @@ public class PermissionChecker {
* @param object The object on which the privilege is granted. * @param object The object on which the privilege is granted.
* *
* @return {@code true} if the there is a permission granting the provided * @return {@code true} if the there is a permission granting the provided
* {@code privilege} on the provided {@code object} to the current * {@code privilege} on the provided {@code object} to the current subject.
* subject.
*/ */
public boolean isPermitted(final String privilege, final CcmObject object) { public boolean isPermitted(final String privilege, final CcmObject object) {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
if (shiro.isSystemUser()) {
return true;
} else {
return subject.isPermitted(generatePermissionString( return subject.isPermitted(generatePermissionString(
privilege, object)); privilege, object));
}
} else { } else {
return shiro.getPublicUser().isPermitted(generatePermissionString( return shiro.getPublicUser().isPermitted(generatePermissionString(
privilege, object)); privilege, object));
@ -180,8 +187,8 @@ public class PermissionChecker {
final TypedQuery<Long> query = entityManager.createNamedQuery( final TypedQuery<Long> query = entityManager.createNamedQuery(
"Permission.existsForPrivilegeRoleObject", Long.class); "Permission.existsForPrivilegeRoleObject", Long.class);
query.setParameter("privilege", privilege); query.setParameter("privilege", privilege);
query.setParameter("grantee" ,role); query.setParameter("grantee", role);
query.setParameter("object" ,object); query.setParameter("object", object);
return query.getSingleResult() > 0; return query.getSingleResult() > 0;
} }
@ -199,7 +206,9 @@ public class PermissionChecker {
public void checkPermission(final String privilege) public void checkPermission(final String privilege)
throws AuthorizationException { throws AuthorizationException {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
if (!shiro.isSystemUser()) {
subject.checkPermission(generatePermissionString(privilege)); subject.checkPermission(generatePermissionString(privilege));
}
} else { } else {
shiro.getPublicUser().checkPermission(generatePermissionString( shiro.getPublicUser().checkPermission(generatePermissionString(
privilege)); privilege));
@ -215,14 +224,17 @@ public class PermissionChecker {
* @param object The object on which the privilege is granted. * @param object The object on which the privilege is granted.
* *
* @throws AuthorizationException If there is no permission granting the * @throws AuthorizationException If there is no permission granting the
* provided privilege to the current subject * provided privilege to the current subject on the provided object..
* on the provided object..
*/ */
public void checkPermission(final String privilege, public void checkPermission(final String privilege,
final CcmObject object) final CcmObject object)
throws AuthorizationException { throws AuthorizationException {
if (subject.isAuthenticated()) { if (subject.isAuthenticated()) {
subject.checkPermission(generatePermissionString(privilege, object)); if (!shiro.isSystemUser()) {
subject.checkPermission(generatePermissionString(privilege,
object));
}
} else { } else {
shiro.getPublicUser().checkPermission(generatePermissionString( shiro.getPublicUser().checkPermission(generatePermissionString(
privilege, object)); privilege, object));