留言板

  1. 主页
  2. Development
  3. How to check custom permissions of an organization role?

How to check custom permissions of an organization role?

Thomas Weckert,修改在13 年前。

How to check custom permissions of an organization role?

Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
Hi all,

I want to check custom permissions of an organization role, but somehow I am lost in the API and a little confused. Here is what I did:

- I added an action DO_SOMETHING in resource-actions.xml for my portlet
- I created a role MY_ROLE of type Organization
- I created an organization MY_ORGANIZATION
- I created a user Tom
- I added the role MY_ROLE as an "Organization Role" to user Tom
- I added user Tom to MY_ORGANIZATION
- I added the permission DO_SOMETHING as a portlet permission to role MY_ROLE

In brief: role MY_ROLE has portlet permission DO_SOMETHING, and Tom is a member of MY_ROLE. Now I want to check if Tom has DO_SOMETHING permissions, but it returns always false.

Here is the service call that I am using:

PortletPermissionUtil.contains(permissionChecker, plid, portletId, "DO_SOMETHING");

portletId is the ID of the portlet instance.

Edit: I am using Liferay 5.2.3

Any hints are appreciated!

Regards,
/thomas
thumbnail
Pierpaolo Cira,修改在13 年前。

RE: How to check custom permissions of an organization role?

Regular Member 帖子: 141 加入日期: 10-2-26 最近的帖子
Thomas Weckert:

PortletPermissionUtil.contains(permissionChecker, plid, portletId, "DO_SOMETHING");



Why you don't use
permissionChecker.hasPermission(...);

where
permissionChecker = themeDisplay.getPermissionChecker();


PS: there is a bug in 5.1.2 (I don't know if it's present in other versions) so you should use
String name = PortalUtil.getPortletId(_request);
		String primKey = _themeDisplay.getLayout().getPlid() + PortletSessionImpl.LAYOUT_SEPARATOR + name;
		Boolean hasPermission = _permissionChecker.hasPermission(_themeDisplay.getScopeGroupId(), name, primKey, action);

instead of
Boolean hasPermission = _permissionChecker.hasPermission(_themeDisplay.getScopeGroupId(), _portletDisplay.getRootPortletId(), _portletDisplay.getResourcePK(), action);
Thomas Weckert,修改在13 年前。

RE: How to check custom permissions of an organization role?

Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
No, that doesn't work emoticon

After hours of debugging, I don't see the difference between PortletPermissionUtil.contains(...) and permissionChecker.hasPermission(...), because PortletPermissionUtil finally ends up in permissionChecker.hasPermission(...) anyway.

What I found out: the PermissionCheckerBag that gets filled in getUserBag(...) in the AdvancedPermissionChecker does not contain the organization role MY_ROLE.

So I think either there is a bug in the code, or I did something wrong with assigning roles and organizations in the control panel, or I just didn't understand the concept behind organization roles.

Cheers
/thomas
thumbnail
Pierpaolo Cira,修改在13 年前。

RE: How to check custom permissions of an organization role?

Regular Member 帖子: 141 加入日期: 10-2-26 最近的帖子
I hope this wiki page can be useful for you:
https://www.liferay.com/community/wiki/-/wiki/Main/Using+Liferay%27s+Permission+System+from+a+portlet
Thomas Weckert,修改在13 年前。

RE: How to check custom permissions of an organization role?

Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
Hi, I tried something new:

I get all organization roles for the current user:

List<usergrouprole> organizationRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId);</usergrouprole>


In the debugger I can see that the organization role MY_ROLE is contained in the list. For each of these roles I check whether it has DO_SOMETHING permission:

RolePermissionUtil.contains(permissionChecker, roleId, actionId);


For all these organization roles RolePermissionUtil returns false, even for MY_ROLE.

I am running out of ideas emoticon

/thomas
Sanketh Iyer,修改在9 年前。

RE: How to check custom permissions of an organization role?

Junior Member 帖子: 25 加入日期: 12-2-2 最近的帖子
Hi Thomas,

I am facing a similar issue.
Did you mange to solve your issue?

Thanks and regards,
Sanketh
thumbnail
Jan Geißler,修改在9 年前。

RE: How to check custom permissions of an organization role?

Liferay Master 帖子: 735 加入日期: 11-7-5 最近的帖子
Even though you are gravediggin in this thread:

you should use permissionChecker to check for permissions.


if (permissionChecker.hasPermission(
    scopeGroupId, "com.liferay.portlet.blogs.model",
    scopeGroupId, "ADD_ENTRY") {
    // Show add entry button
}


Permission Checker is retrieved via the themeDisplay object.
Diogo Salazar,修改在8 年前。

RE: How to check custom permissions of an organization role?

Junior Member 帖子: 51 加入日期: 13-8-28 最近的帖子
Jan Geißler:
Even though you are gravediggin in this thread:

you should use permissionChecker to check for permissions.


if (permissionChecker.hasPermission(
    scopeGroupId, "com.liferay.portlet.blogs.model",
    scopeGroupId, "ADD_ENTRY") {
    // Show add entry button
}


Permission Checker is retrieved via the themeDisplay object.



How does that work if your actions were defined for the portlet and not for a model?

Tks,