LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: Fixed permission check for Assets (#2801) 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@5324 8810af33-2d31-482b-a856-94f89814c4df
jensp 2018-03-02 15:32:44 +00:00
parent dd8f95061f
commit d91e414389
1 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
ccm-cms/src/main/java/org/librecms/contentsection/AssetRepository.java
View File

@ -18,6 +18,8 @@
*/ */
package org.librecms.contentsection; package org.librecms.contentsection;
import com.arsdigita.kernel.KernelConfig;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.libreccm.auditing.AbstractAuditedEntityRepository; import org.libreccm.auditing.AbstractAuditedEntityRepository;
@ -25,6 +27,7 @@ import org.libreccm.categorization.Categorization;
import org.libreccm.categorization.Category; import org.libreccm.categorization.Category;
import org.libreccm.categorization.CategoryManager; import org.libreccm.categorization.CategoryManager;
import org.libreccm.categorization.ObjectNotAssignedToCategoryException; import org.libreccm.categorization.ObjectNotAssignedToCategoryException;
import org.libreccm.configuration.ConfigurationManager;
import org.libreccm.core.CcmObjectRepository; import org.libreccm.core.CcmObjectRepository;
import org.libreccm.core.UnexpectedErrorException; import org.libreccm.core.UnexpectedErrorException;
import org.libreccm.security.AuthorizationRequired; import org.libreccm.security.AuthorizationRequired;
@ -33,8 +36,10 @@ import org.libreccm.security.PermissionChecker;
import org.libreccm.security.PermissionManager; import org.libreccm.security.PermissionManager;
import org.libreccm.security.RequiresPrivilege; import org.libreccm.security.RequiresPrivilege;
import org.libreccm.security.Role; import org.libreccm.security.Role;
import org.libreccm.security.RoleManager;
import org.libreccm.security.Shiro; import org.libreccm.security.Shiro;
import org.libreccm.security.User; import org.libreccm.security.User;
import org.libreccm.security.UserRepository;
import org.librecms.contentsection.privileges.AssetPrivileges; import org.librecms.contentsection.privileges.AssetPrivileges;
import org.librecms.contentsection.rs.Assets; import org.librecms.contentsection.rs.Assets;
@ -74,6 +79,9 @@ public class AssetRepository
@Inject @Inject
private CcmObjectRepository ccmObjectRepo; private CcmObjectRepository ccmObjectRepo;
@Inject
private ConfigurationManager confManager;
@Inject @Inject
private EntityManager entityManager; private EntityManager entityManager;
@ -86,9 +94,15 @@ public class AssetRepository
@Inject @Inject
private PermissionManager permissionManager; private PermissionManager permissionManager;
@Inject
private RoleManager roleManager;
@Inject @Inject
private Shiro shiro; private Shiro shiro;
@Inject
private UserRepository userRepository;
@Override @Override
public Long getEntityId(final Asset asset) { public Long getEntityId(final Asset asset) {
return asset.getObjectId(); return asset.getObjectId();
@ -677,7 +691,25 @@ public class AssetRepository
.map(membership -> membership.getRole()) .map(membership -> membership.getRole())
.collect(Collectors.toList()); .collect(Collectors.toList());
} else { } else {
roles = Collections.emptyList();
final Optional<User> publicUser;
final KernelConfig kernelConfig = confManager
.findConfiguration(KernelConfig.class);
final String principal = (String) shiro
.getPublicUser()
.getPrincipal();
if (kernelConfig.emailIsPrimaryIdentifier()) {
publicUser = userRepository.findByEmailAddress(principal);
} else {
publicUser = userRepository.findByName(principal);
}
if (publicUser.isPresent()) {
roles = roleManager.findAllRolesForUser(publicUser.get());
} else {
roles = Collections.emptyList();
}
} }
final boolean isSystemUser = shiro.isSystemUser(); final boolean isSystemUser = shiro.isSystemUser();