留言板
How to check custom permissions of an organization role?
Thomas Weckert,修改在13 年前。
How to check custom permissions of an organization role?
Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
Hi all,
I want to check custom permissions of an organization role, but somehow I am lost in the API and a little confused. Here is what I did:
- I added an action DO_SOMETHING in resource-actions.xml for my portlet
- I created a role MY_ROLE of type Organization
- I created an organization MY_ORGANIZATION
- I created a user Tom
- I added the role MY_ROLE as an "Organization Role" to user Tom
- I added user Tom to MY_ORGANIZATION
- I added the permission DO_SOMETHING as a portlet permission to role MY_ROLE
In brief: role MY_ROLE has portlet permission DO_SOMETHING, and Tom is a member of MY_ROLE. Now I want to check if Tom has DO_SOMETHING permissions, but it returns always false.
Here is the service call that I am using:
portletId is the ID of the portlet instance.
Edit: I am using Liferay 5.2.3
Any hints are appreciated!
Regards,
/thomas
I want to check custom permissions of an organization role, but somehow I am lost in the API and a little confused. Here is what I did:
- I added an action DO_SOMETHING in resource-actions.xml for my portlet
- I created a role MY_ROLE of type Organization
- I created an organization MY_ORGANIZATION
- I created a user Tom
- I added the role MY_ROLE as an "Organization Role" to user Tom
- I added user Tom to MY_ORGANIZATION
- I added the permission DO_SOMETHING as a portlet permission to role MY_ROLE
In brief: role MY_ROLE has portlet permission DO_SOMETHING, and Tom is a member of MY_ROLE. Now I want to check if Tom has DO_SOMETHING permissions, but it returns always false.
Here is the service call that I am using:
PortletPermissionUtil.contains(permissionChecker, plid, portletId, "DO_SOMETHING");
portletId is the ID of the portlet instance.
Edit: I am using Liferay 5.2.3
Any hints are appreciated!
Regards,
/thomas
Pierpaolo Cira,修改在13 年前。
RE: How to check custom permissions of an organization role?
Regular Member 帖子: 141 加入日期: 10-2-26 最近的帖子Thomas Weckert:
PortletPermissionUtil.contains(permissionChecker, plid, portletId, "DO_SOMETHING");
Why you don't use
permissionChecker.hasPermission(...);
where
permissionChecker = themeDisplay.getPermissionChecker();
PS: there is a bug in 5.1.2 (I don't know if it's present in other versions) so you should use
String name = PortalUtil.getPortletId(_request);
String primKey = _themeDisplay.getLayout().getPlid() + PortletSessionImpl.LAYOUT_SEPARATOR + name;
Boolean hasPermission = _permissionChecker.hasPermission(_themeDisplay.getScopeGroupId(), name, primKey, action);
instead of
Boolean hasPermission = _permissionChecker.hasPermission(_themeDisplay.getScopeGroupId(), _portletDisplay.getRootPortletId(), _portletDisplay.getResourcePK(), action);
Thomas Weckert,修改在13 年前。
RE: How to check custom permissions of an organization role?
Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
No, that doesn't work
After hours of debugging, I don't see the difference between PortletPermissionUtil.contains(...) and permissionChecker.hasPermission(...), because PortletPermissionUtil finally ends up in permissionChecker.hasPermission(...) anyway.
What I found out: the PermissionCheckerBag that gets filled in getUserBag(...) in the AdvancedPermissionChecker does not contain the organization role MY_ROLE.
So I think either there is a bug in the code, or I did something wrong with assigning roles and organizations in the control panel, or I just didn't understand the concept behind organization roles.
Cheers
/thomas
After hours of debugging, I don't see the difference between PortletPermissionUtil.contains(...) and permissionChecker.hasPermission(...), because PortletPermissionUtil finally ends up in permissionChecker.hasPermission(...) anyway.
What I found out: the PermissionCheckerBag that gets filled in getUserBag(...) in the AdvancedPermissionChecker does not contain the organization role MY_ROLE.
So I think either there is a bug in the code, or I did something wrong with assigning roles and organizations in the control panel, or I just didn't understand the concept behind organization roles.
Cheers
/thomas
Pierpaolo Cira,修改在13 年前。
RE: How to check custom permissions of an organization role?
Regular Member 帖子: 141 加入日期: 10-2-26 最近的帖子
I hope this wiki page can be useful for you:
https://www.liferay.com/community/wiki/-/wiki/Main/Using+Liferay%27s+Permission+System+from+a+portlet
https://www.liferay.com/community/wiki/-/wiki/Main/Using+Liferay%27s+Permission+System+from+a+portlet
Thomas Weckert,修改在13 年前。
RE: How to check custom permissions of an organization role?
Junior Member 帖子: 54 加入日期: 09-8-10 最近的帖子
Hi, I tried something new:
I get all organization roles for the current user:
In the debugger I can see that the organization role MY_ROLE is contained in the list. For each of these roles I check whether it has DO_SOMETHING permission:
For all these organization roles RolePermissionUtil returns false, even for MY_ROLE.
I am running out of ideas
/thomas
I get all organization roles for the current user:
List<usergrouprole> organizationRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId);</usergrouprole>
In the debugger I can see that the organization role MY_ROLE is contained in the list. For each of these roles I check whether it has DO_SOMETHING permission:
RolePermissionUtil.contains(permissionChecker, roleId, actionId);
For all these organization roles RolePermissionUtil returns false, even for MY_ROLE.
I am running out of ideas
/thomas
Sanketh Iyer,修改在9 年前。
RE: How to check custom permissions of an organization role?
Junior Member 帖子: 25 加入日期: 12-2-2 最近的帖子
Hi Thomas,
I am facing a similar issue.
Did you mange to solve your issue?
Thanks and regards,
Sanketh
I am facing a similar issue.
Did you mange to solve your issue?
Thanks and regards,
Sanketh
Jan Geißler,修改在9 年前。
RE: How to check custom permissions of an organization role?
Liferay Master 帖子: 735 加入日期: 11-7-5 最近的帖子
Even though you are gravediggin in this thread:
you should use permissionChecker to check for permissions.
Permission Checker is retrieved via the themeDisplay object.
you should use permissionChecker to check for permissions.
if (permissionChecker.hasPermission(
scopeGroupId, "com.liferay.portlet.blogs.model",
scopeGroupId, "ADD_ENTRY") {
// Show add entry button
}
Permission Checker is retrieved via the themeDisplay object.
Diogo Salazar,修改在8 年前。
RE: How to check custom permissions of an organization role?
Junior Member 帖子: 51 加入日期: 13-8-28 最近的帖子Jan Geißler:
Even though you are gravediggin in this thread:
you should use permissionChecker to check for permissions.if (permissionChecker.hasPermission( scopeGroupId, "com.liferay.portlet.blogs.model", scopeGroupId, "ADD_ENTRY") { // Show add entry button }
Permission Checker is retrieved via the themeDisplay object.
How does that work if your actions were defined for the portlet and not for a model?
Tks,