CCM NG/ccm-cms: FolderBrowser now shows up. Needs testing.

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4557 8810af33-2d31-482b-a856-94f89814c4df

ccm-cms/src/main/java/com/arsdigita/cms/ui/BrowsePane.java

@@ -18,17 +18,21 @@
  */
 package com.arsdigita.cms.ui;
 
+import com.arsdigita.bebop.Component;
 import com.arsdigita.bebop.Label;
 import com.arsdigita.bebop.Page;
 import com.arsdigita.bebop.PageState;
 import com.arsdigita.bebop.Resettable;
 import com.arsdigita.bebop.SegmentedPanel;
 import com.arsdigita.bebop.SingleSelectionModel;
+import com.arsdigita.bebop.Text;
+import com.arsdigita.bebop.Tree;
 import com.arsdigita.bebop.event.FormProcessListener;
 import com.arsdigita.bebop.event.FormSectionEvent;
 import com.arsdigita.bebop.event.FormSubmissionListener;
 import com.arsdigita.bebop.event.ActionEvent;
 import com.arsdigita.bebop.event.ActionListener;
+import com.arsdigita.bebop.tree.TreeCellRenderer;
 import com.arsdigita.cms.CMS;
 import com.arsdigita.cms.ui.folder.FolderRequestLocal;
 import com.arsdigita.cms.ui.folder.FolderSelectionModel;
@@ -40,6 +44,7 @@ import com.arsdigita.util.Assert;
 import org.libreccm.categorization.Category;
 import org.libreccm.core.CcmObject;
 import org.librecms.CmsConstants;
+import org.librecms.contentsection.Folder;
 
 /**
  * A pane that contains a folder tree on the left and a folder manipulator on
@@ -61,6 +66,29 @@ public class BrowsePane extends LayoutPanel implements Resettable {
 
         /* The folder tree displayed on the left side / left column           */
         tree = new BaseTree(new FolderTreeModelBuilder());
+        tree.setCellRenderer(new TreeCellRenderer() {
+
+            @Override
+            public Component getComponent(final Tree tree,
+                                          final PageState state,
+                                          final Object value,
+                                          final boolean isSelected,
+                                          final boolean isExpanded,
+                                          final boolean isLeaf,
+                                          final Object key) {
+                if (value instanceof Folder) {
+                    final Folder folder = (Folder) value;
+                    if (folder.getParentCategory() == null) {
+                        return new Text("/");
+                    } else {
+                        return new Text(folder.getName());
+                    }
+                } else {
+                    return new Text(value.toString());
+                }
+            }
+
+        });
         selectionModel = tree.getSelectionModel();
         folderModel = new FolderSelectionModel(selectionModel);
         folderRequestLocal = new FolderRequestLocal(folderModel);
@@ -70,7 +98,7 @@ public class BrowsePane extends LayoutPanel implements Resettable {
 
         final Label heading = new Label(
             new GlobalizedMessage("cms.ui.folder_browser",
-                                  CmsConstants.CMS_FOLDER_BUNDLE));
+                                  CmsConstants.CMS_BUNDLE));
         left.addSegment(heading, tree);
 
         flatItemList = new FlatItemList(folderRequestLocal, folderModel);

ccm-cms/src/main/java/com/arsdigita/cms/ui/folder/FolderTreeModelBuilder.java

@@ -32,7 +32,6 @@ import com.arsdigita.util.LockableImpl;
 import java.util.Collections;
 import java.util.Iterator;
 
-import org.libreccm.categorization.Category;
 import org.libreccm.cdi.utils.CdiUtil;
 import org.librecms.contentsection.Folder;
 

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsPane.java

@@ -245,7 +245,7 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
         if (permissionsTable != null) {
             return permissionsTable;
         }
-        
+
         final BoxPanel panel = new BoxPanel(BoxPanel.VERTICAL);
         final Label header = new Label(new GlobalizedMessage(
             "cms.ui.permissions.table.header",
@@ -264,6 +264,8 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
                          new Label(new GlobalizedMessage(
                              "cms.ui.permissions.table.role_header",
                              CmsConstants.CMS_BUNDLE)));
+        headerLabels.add(new Label(new GlobalizedMessage(
+            "cms.ui.permissions.table.remove_all.header")));
         final Table table = new Table(new CMSPermissionsTableModelBuilder(this),
                                       headerLabels.toArray());
         table.setClassAttr("dataTable");
@@ -281,7 +283,9 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 
                     final ControlLink link = new ControlLink("");
 
-                    if ((boolean) value) {
+                    final CMSPermissionsTableColumn col
+                                                        = (CMSPermissionsTableColumn) value;
+                    if (col.isPermitted()) {
                         link.setClassAttr("checkBoxChecked");
                     } else {
                         link.setClassAttr("checkBoxUnchecked");
@@ -303,9 +307,12 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
                                           final Object key,
                                           final int row,
                                           final int column) {
-                final ControlLink link = new ControlLink((String) value);
+                final ControlLink link = new ControlLink(new Label(
+                    new GlobalizedMessage(
+                        "cms.ui.permissions.table.actions.remove_all",
+                        CmsConstants.CMS_BUNDLE)));
                 link.setConfirmation(new GlobalizedMessage(
-                    "permissions.table.actions.removeAll",
+                    "cms.ui.permissions.table.actions.remove_all.confirm",
                     CmsConstants.CMS_BUNDLE));
 
                 return link;
@@ -424,7 +431,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //            .getPermissions(CMSPermissionsConstants.INHERITED);
 //        return inheritedPermissions;
 //    }
-
     public SimpleContainer getAdminListingPanel() {
         if (adminListing == null) {
             adminListing = new ObjectAdminListing(selectionModel);
@@ -511,7 +517,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //        }
 //        return contextPanel;
 //    }
-
     ParameterModel getSearchString() {
         return searchString;
     }
@@ -537,7 +542,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //        getPermissionGrantPanel().setVisible(state, false);
 //        getNoSearchResultPanel().setVisible(state, true);
 //    }
-
 //    /**
 //     * Show the Grant privileges panel
 //     *
@@ -551,7 +555,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //        getNoSearchResultPanel().setVisible(state, false);
 //        getPermissionGrantPanel().setVisible(state, true);
 //    }
-
 //    /**
 //     * Shows the administration page of permissions to one object.
 //     *
@@ -595,7 +598,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //
 //        getPermissionGrantPanel().setVisible(state, false);
 //    }
-
     @Override
     public void actionPerformed(final ActionEvent event) {
 
@@ -637,7 +639,6 @@ public class CMSPermissionsPane extends SimpleContainer implements Resettable,
 //            getAdminListingPanel().setVisible(state, false);
 //        }
 //    }
-
     public String getPrivilegeName(final String privilege) {
         return privilegeNameMap.get(privilege);
     }

ccm-cms/src/main/java/com/arsdigita/cms/ui/permissions/CMSPermissionsTableModel.java

@@ -71,7 +71,7 @@ class CMSPermissionsTableModel implements TableModel {
         } else if (columnIndex == getColumnCount() - 1) {
             return "Remove all";
         } else {
-            return currentRow.getColumns().get(columnIndex - 2);
+            return currentRow.getColumns().get(columnIndex - 1);
         }
     }
 
@@ -80,7 +80,7 @@ class CMSPermissionsTableModel implements TableModel {
         if (columnIndex == 0 || columnIndex == getColumnCount() - 1) {
             return currentRow.getRoleName();
         } else {
-            return currentRow.getColumns().get(columnIndex).getPrivilege();
+            return currentRow.getColumns().get(columnIndex - 1).getPrivilege();
         }
     }
 

ccm-cms/src/main/java/org/librecms/contentsection/ContentSectionSetup.java

@@ -234,6 +234,29 @@ public class ContentSectionSetup extends AbstractCcmApplicationSetup {
         getEntityManager().persist(publisher);
         getEntityManager().persist(contentReader);
 
+        section.addRole(alertRecipient);
+        section.addRole(author);
+        section.addRole(editor);
+        section.addRole(manager);
+        section.addRole(publisher);
+        section.addRole(contentReader);
+
+        
+
+        final String itemResolverClassName;
+        if (getIntegrationProps().containsKey(String.format("%s.item_resolver",
+                                                            sectionName))) {
+            itemResolverClassName = getIntegrationProps().getProperty(
+                String.format("%s.item_resolver",
+                              sectionName));
+        } else if(getIntegrationProps().containsKey("default_item_resolver")) {
+            itemResolverClassName = getIntegrationProps().getProperty("default_item_resolver_name");
+        } else {
+            itemResolverClassName = MultilingualItemResolver.class.getName();
+        }
+        section.setItemResolverClass(itemResolverClassName);
+        
+        getEntityManager().merge(section);
     }
 
 }

ccm-cms/src/main/resources/org/librecms/CmsResources.properties

@@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
 cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
 cms.ui.contentcenter.location=Location
 cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
+cms.ui.browse=Documents
+cms.ui.search=Search
+cms.ui.roles=Roles
+cms.ui.workflows=Workflows
+cms.ui.lifecycles=Lifecycles
+cms.ui.content_types=Content types
+cms.ui.cse=Soon expired
+cms.ui.reports=Reports
+cms.ui.permissions=Permissions
+cms.ui.permissions.table.header=The following permissions have been granted on the current object:
+cms.ui.permissions.table.role_header=Role
+cms.ui.permissions.table.privilege.headers.administer_items=Administer items
+cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Apply alternate workflow
+cms.ui.permissions.table.privilege.headers.approve_items=Approve items
+cms.ui.permissions.table.privilege.headers.categorize_items=Categorise items
+cms.ui.permissions.table.privilege.headers.create_new_items=Create new items
+cms.ui.permissions.table.privilege.headers.delete_items=Delete items
+cms.ui.permissions.table.privilege.headers.edit_items=Edit items
+cms.ui.permissions.table.privilege.headers.preview_items=Preview items
+cms.ui.permissions.table.privilege.headers.publish_items=Publish items
+cms.ui.permissions.table.privilege.headers.view_published_items=View published items
+cms.ui.folder_browser=Folders
+cms.ui.permissions.table.actions.remove_all=Remove all permissions
+cms.ui.permissions.table.actions.remove_all.confirm=Are you sure to remove all permissions for this role from the current object?
+cms.ui.permissions.table.remove_all.header=Remove all

ccm-cms/src/main/resources/org/librecms/CmsResources_de.properties

@@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
 cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
 cms.ui.contentcenter.location=Ort
 cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
+cms.ui.browse=Dokumente
+cms.ui.search=Suche
+cms.ui.roles=Rollen
+cms.ui.workflows=Arbeitsabl\u00e4ufe
+cms.ui.lifecycles=Ver\u00f6ffentlichungszyklen
+cms.ui.content_types=Dokumenttypen
+cms.ui.cse=Bald abgelaufen
+cms.ui.reports=Berichte
+cms.ui.permissions=Berechtigungen
+cms.ui.permissions.table.header=Die folgenden Berechtigungen wurden f\u00fcr das aktuelle Objekt erteilt:
+cms.ui.permissions.table.role_header=Rolle
+cms.ui.permissions.table.privilege.headers.administer_items=Dokumente verwalten
+cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Alternative Arbeitsablauf zuweisen
+cms.ui.permissions.table.privilege.headers.approve_items=Dokumente genehmigen
+cms.ui.permissions.table.privilege.headers.categorize_items=Dokumente kategorisieren
+cms.ui.permissions.table.privilege.headers.create_new_items=Neue Dokumente anlegen
+cms.ui.permissions.table.privilege.headers.delete_items=Dokumente l\u00f6schen
+cms.ui.permissions.table.privilege.headers.edit_items=Dokumente bearbeiten
+cms.ui.permissions.table.privilege.headers.preview_items=Vorschau betrachten
+cms.ui.permissions.table.privilege.headers.publish_items=Dokumente ver\u00f6ffentlichen
+cms.ui.permissions.table.privilege.headers.view_published_items=Ver\u00f6ffentlichte Dokumente betrachten
+cms.ui.folder_browser=Ordner
+cms.ui.permissions.table.actions.remove_all=Alle Berechtigungen entfernen
+cms.ui.permissions.table.actions.remove_all.confirm=Sind Sie sicher, dass Sie alle Berechtigungen f\u00fcr diese Rolle von dem aktuellen Objekt entfernen wollen?
+cms.ui.permissions.table.remove_all.header=Alle entfernen

ccm-cms/src/main/resources/org/librecms/CmsResources_fr.properties

@@ -16,3 +16,28 @@ cms.ui.admin_center=Admin Center
 cms.ui.contentcenter.section_hint=All documents are organized in one or more contect sections. Each content section may have its own system of permission and its own administrators, independent from each other. Select a section where you will edit a document or create a new one.
 cms.ui.contentcenter.location=Location
 cms.ui.contentcenter.location_hint=In Legacy mode links to public pages.
+cms.ui.browse=Documents
+cms.ui.search=Search
+cms.ui.roles=Roles
+cms.ui.workflows=Workflows
+cms.ui.lifecycles=Lifecycles
+cms.ui.content_types=Content types
+cms.ui.cse=Soon expired
+cms.ui.reports=Reports
+cms.ui.permissions=Permissions
+cms.ui.permissions.table.header=The following permissions have been granted on the current object:
+cms.ui.permissions.table.role_header=Role
+cms.ui.permissions.table.privilege.headers.administer_items=Administer items
+cms.ui.permissions.table.privilege.headers.apply_alternate_workflow=Apply alternate workflow
+cms.ui.permissions.table.privilege.headers.approve_items=Approve items
+cms.ui.permissions.table.privilege.headers.categorize_items=Categorise items
+cms.ui.permissions.table.privilege.headers.create_new_items=Create new items
+cms.ui.permissions.table.privilege.headers.delete_items=Delete items
+cms.ui.permissions.table.privilege.headers.edit_items=Edit items
+cms.ui.permissions.table.privilege.headers.preview_items=Preview items
+cms.ui.permissions.table.privilege.headers.publish_items=Publish items
+cms.ui.permissions.table.privilege.headers.view_published_items=View published items
+cms.ui.folder_browser=Folders
+cms.ui.permissions.table.actions.remove_all=Remove all permissions
+cms.ui.permissions.table.actions.remove_all.confirm=Are you sure to remove all permissions for this role from the current object?
+cms.ui.permissions.table.remove_all.header=Remove all

ccm-core/src/main/java/org/libreccm/security/Permission.java

@@ -60,6 +60,12 @@ import javax.persistence.OneToOne;
 @Table(name = "PERMISSIONS", schema = DB_SCHEMA)
 @NamedQueries({
     @NamedQuery(name = "Permission.existsForPrivilegeRoleObject",
+                query = "SELECT COUNT(p) FROM Permission p "
+                            + "WHERE p.grantedPrivilege = :privilege "
+                            + "AND p.grantee = :grantee "
+                            + "AND p.object = :object")
+    ,
+    @NamedQuery(name = "Permission.existsDirectForPrivilegeRoleObject",
                 query = "SELECT COUNT(p) FROM Permission p "
                             + "WHERE p.grantedPrivilege = :privilege "
                             + "AND p.grantee = :grantee "

ccm-core/src/main/java/org/libreccm/security/PermissionChecker.java

@@ -29,9 +29,15 @@ import java.util.Optional;
 import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
 import javax.transaction.Transactional;
+
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
+import java.util.Objects;
+
+import javax.persistence.EntityManager;
+import javax.persistence.TypedQuery;
+
 /**
  * An utility class for checking permissions. Uses the current {@link Subject}
  * as provided by the {@link Shiro} bean useless otherwise indicated.
@@ -42,7 +48,7 @@ import org.apache.logging.log4j.Logger;
 public class PermissionChecker {
 
     private static final Logger LOGGER = LogManager.getLogger(
-            PermissionChecker.class);
+        PermissionChecker.class);
 
     /**
      * The current subject as provided by {@link Shiro#getSubject()}.
@@ -50,6 +56,9 @@ public class PermissionChecker {
     @Inject
     private Subject subject;
 
+    @Inject
+    private EntityManager entityManager;
+
     @Inject
     private Shiro shiro;
 
@@ -63,14 +72,14 @@ public class PermissionChecker {
      * @param privilege The privilege granted by the permission.
      *
      * @return {@code true} if the current subject has a permission granting the
-     * provided {@code privilege}, {@code false} otherwise.
+     *         provided {@code privilege}, {@code false} otherwise.
      */
     public boolean isPermitted(final String privilege) {
         if (subject.isAuthenticated()) {
             return subject.isPermitted(generatePermissionString(privilege));
         } else {
             return shiro.getPublicUser().isPermitted(generatePermissionString(
-                    privilege));
+                privilege));
         }
     }
 
@@ -79,22 +88,22 @@ public class PermissionChecker {
      * provided {@code privilege}.
      *
      * @param privilege The privilege granted by the permission.
-     * @param role The role to check for a permission granting the
+     * @param role      The role to check for a permission granting the
-     * {@code privilege}.
+     *                  {@code privilege}.
      *
      * @return {@code true} if the role has a permission granting the provided
-     * {@code privilege}, {@code false} otherwise.
+     *         {@code privilege}, {@code false} otherwise.
      */
     @Transactional(Transactional.TxType.REQUIRED)
     public boolean isPermitted(final String privilege, final Role role) {
         if (privilege == null || privilege.trim().isEmpty()) {
             throw new IllegalArgumentException(
-                    "Can't check permission null (or empty)");
+                "Can't check permission null (or empty)");
         }
 
         if (role == null) {
             throw new IllegalArgumentException(
-                    "Can't check permission for role null.");
+                "Can't check permission for role null.");
         }
 
         //Ensure that we have a none detached entity
@@ -108,10 +117,10 @@ public class PermissionChecker {
         }
 
         final Optional<Permission> permission = theRole.get().getPermissions()
-                .stream()
+            .stream()
-                .filter(granted -> privilege.equals(granted.
+            .filter(granted -> privilege.equals(granted.
-                getGrantedPrivilege()))
+            getGrantedPrivilege()))
-                .findFirst();
+            .findFirst();
 
         return permission.isPresent();
     }
@@ -121,18 +130,19 @@ public class PermissionChecker {
      * {@code privilege} on the provided {@code object}.
      *
      * @param privilege The granted privilege.
-     * @param object The object on which the privilege is granted.
+     * @param object    The object on which the privilege is granted.
      *
      * @return {@code true} if the there is a permission granting the provided
-     * {@code privilege} on the provided {@code object} to the current subject.
+     *         {@code privilege} on the provided {@code object} to the current
+     *         subject.
      */
     public boolean isPermitted(final String privilege, final CcmObject object) {
         if (subject.isAuthenticated()) {
             return subject.isPermitted(generatePermissionString(
-                    privilege, object));
+                privilege, object));
         } else {
             return shiro.getPublicUser().isPermitted(generatePermissionString(
-                    privilege, object));
+                privilege, object));
         }
     }
 
@@ -141,48 +151,39 @@ public class PermissionChecker {
      * provided {@code privilege} on the provided object.
      *
      * @param privilege The granted privilege.
-     * @param object The object on which the {@code privilege} is granted.
+     * @param object    The object on which the {@code privilege} is granted.
-     * @param role The role to check for a permission granting the
+     * @param role      The role to check for a permission granting the
-     * {@code privilege}.
+     *                  {@code privilege}.
      *
      * @return {@code true} if the there is a permission granting the provided
-     * {@code privilege} on the provided {@code object} to the provided
+     *         {@code privilege} on the provided {@code object} to the provided
-     * {@code role}.
+     *         {@code role}.
      */
     public boolean isPermitted(final String privilege,
                                final CcmObject object,
                                final Role role) {
         if (privilege == null || privilege.trim().isEmpty()) {
             throw new IllegalArgumentException(
-                    "Can't check permission null (or empty)");
+                "Can't check permission null (or empty)");
         }
 
         if (role == null) {
             throw new IllegalArgumentException(
-                    "Can't check permission for role null.");
+                "Can't check permission for role null.");
         }
 
         if (object == null) {
             throw new IllegalArgumentException(
-                    "Can verify permissions for object null.");
+                "Can verify permissions for object null.");
         }
 
-        //Ensure that we have a none detached entity
+        final TypedQuery<Long> query = entityManager.createNamedQuery(
-        final Optional<Role> theRole = roleRepo.findById(role.getRoleId());
+            "Permission.existsForPrivilegeRoleObject", Long.class);
-        if (!theRole.isPresent()) {
+        query.setParameter("privilege", privilege);
-            //If the role is not found in the database print a warning in the 
+        query.setParameter("grantee" ,role);
-            //and return false
+        query.setParameter("object" ,object);
-            LOGGER.warn("To provided role {} was not found in the database.",
+        
-                        role.toString());
+        return query.getSingleResult() > 0;
-            return false;
-        }
-
-        final Optional<Permission> permission = theRole.get().getPermissions()
-                .stream()
-                .filter(granted -> granted.getObject() != null)
-                .filter(granted -> object.equals(granted.getObject()))
-                .findFirst();
-        return permission.isPresent();
     }
 
     /**
@@ -193,15 +194,15 @@ public class PermissionChecker {
      * @param privilege The privilege to check for.
      *
      * @throws AuthorizationException If the current subject has not permission
-     * granting the provided privilege.
+     *                                granting the provided privilege.
      */
     public void checkPermission(final String privilege)
-            throws AuthorizationException {
+        throws AuthorizationException {
         if (subject.isAuthenticated()) {
             subject.checkPermission(generatePermissionString(privilege));
         } else {
             shiro.getPublicUser().checkPermission(generatePermissionString(
-                    privilege));
+                privilege));
         }
     }
 
@@ -211,19 +212,20 @@ public class PermissionChecker {
      *
      *
      * @param privilege The privilege to check for.
-     * @param object The object on which the privilege is granted.
+     * @param object    The object on which the privilege is granted.
      *
      * @throws AuthorizationException If there is no permission granting the
-     * provided privilege to the current subject on the provided object..
+     *                                provided privilege to the current subject
+     *                                on the provided object..
      */
     public void checkPermission(final String privilege,
                                 final CcmObject object)
-            throws AuthorizationException {
+        throws AuthorizationException {
         if (subject.isAuthenticated()) {
             subject.checkPermission(generatePermissionString(privilege, object));
         } else {
             shiro.getPublicUser().checkPermission(generatePermissionString(
-                    privilege, object));
+                privilege, object));
         }
     }
 
@@ -234,13 +236,13 @@ public class PermissionChecker {
      * placeholder object is returned with the {@link CcmObject#displayName}
      * property set the {@code Access denied}.
      *
-     * @param <T> The type of the object to check.
+     * @param <T>       The type of the object to check.
      * @param privilege The privilige to check for.
-     * @param object The object on which the privilege is granted.
+     * @param object    The object on which the privilege is granted.
-     * @param clazz The class of the object.
+     * @param clazz     The class of the object.
      *
      * @return The object if the current subject is permitted to access, a
-     * placeholder object if not.
+     *         placeholder object if not.
      */
     public <T extends CcmObject> T checkPermission(final String privilege,
                                                    final T object,
@@ -256,7 +258,7 @@ public class PermissionChecker {
      * @param object The object to check.
      *
      * @return {@code true} if the object is a <i>Access denied</i> object,
-     * {@code false} if not.
+     *         {@code false} if not.
      */
     public boolean isAccessDeniedObject(final CcmObject object) {
         if (object == null) {

ccm-core/src/main/java/org/libreccm/security/PermissionManager.java

@@ -536,7 +536,7 @@ public class PermissionManager {
                                      final Role grantee,
                                      final CcmObject object) {
         final TypedQuery<Long> query = entityManager.createNamedQuery(
-            "Permission.existsForPrivilegeRoleObject", Long.class);
+            "Permission.existsDirectForPrivilegeRoleObject", Long.class);
         query.setParameter(QUERY_PARAM_PRIVILEGE, privilege);
         query.setParameter(QUERY_PARAM_GRANTEE, grantee);
         query.setParameter(QUERY_PARAM_OBJECT, object);