Permissions on Organization objects

Foren

H. William Connors II, geändert vor 12 Jahren.

Permissions on Organization objects

New Member Beiträge: 24 Beitrittsdatum: 03.02.11 Neueste Beiträge

I am trying to setup a Liferay environment where we have external clients accessing the system and we have decided to create each client as an Organization. I have that piece working fine but I'm having an issues getting permissions working the way I want. What I would like to do is be able to set permissions on the Organization objects such that certain users from certain organizations can see certain other organizations but only those they have permissions to. My thought was to create a Group/Community and assign organizations that should be able to see each other to the community. The problem that I'm having is that when I execute OrganizationLocalServiceUtil.findAll() I get back all of the organizations regardless of how any permissions are set.

Here is the code I'm using to create the Organization and the Group, I realize at the moment I haven't assigned any organization to the group, my assumption was therefore that no Users should see Organization when I invoke findAll() and in fact everyone sees everything. What I find more interesting is that when I invoked hasPermission on the PermissionChecker for the Organization it returned false for all Organizations including the one the User was assigned to. Can anyone help me with what I'm missing or if there is a better way to do this altogether?


ServiceContext serviceContext = new ServiceContext();
     
serviceContext.setAddCommunityPermissions(true);
serviceContext.setAddGuestPermissions(false);

Organization newOrganization = OrganizationLocalServiceUtil.addOrganization(userId, -1, sponsorName, OrganizationConstants.TYPE_REGULAR_ORGANIZATION, true, 0, 0, statusId, null, serviceContext);

OrganizationLocalServiceUtil.addOrganizationResources(userId, newOrganization);
 
GroupServiceUtil.addGroup(sponsorName, "", GroupConstants.TYPE_COMMUNITY_PRIVATE, "", true, serviceContext);

Paul Liesse, geändert vor 12 Jahren.

RE: Permissions on Organization objects

New Member Beiträge: 2 Beitrittsdatum: 12.04.11 Neueste Beiträge

Hi William,

We are doing exactly the same thing with our extranet, and I just finished code that almost does what you're looking for.

H. William Connors II:

The problem that I'm having is that when I execute OrganizationLocalServiceUtil.findAll() I get back all of the organizations regardless of how any permissions are set.

I think this is because the xLocalServiceUtil classes bypass the permissions and run privileged. This is actually a good thing since I have a login hook that needs to create organizations for new users.

What I'm doing is creating an Organization for each client company. I then assign the organization to the user and the portal to the organization.


long defaultUserId = UserLocalServiceUtil.getDefaultUserId(companyId);
org = OrganizationLocalServiceUtil.addOrganization(defaultUserId,  OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID,
                         custName, OrganizationConstants.TYPE_REGULAR_ORGANIZATION, recursable, regionId, countryId,
                         ListTypeConstants.ORGANIZATION_STATUS_DEFAULT, comments,  serviceContext);
long[] orgIds = { org.getOrganizationId() };
// add the user to the new organization
UserLocalServiceUtil.updateOrganizations(user.getUserId(),  orgIds);
// add the organization to the portal
OrganizationLocalServiceUtil.addGroupOrganizations(portalId, orgIds);

Hope that helps...

paul