diff --git a/layout-service/src/main/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPlugin.java b/layout-service/src/main/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPlugin.java index af5d989c5..8c9872d17 100644 --- a/layout-service/src/main/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPlugin.java +++ b/layout-service/src/main/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPlugin.java @@ -77,7 +77,7 @@ public boolean hasAccessPermission(Identity userIdentity, String entityId) throw List permissions = portletInstance.getPermissions(); return CollectionUtils.isEmpty(permissions) || (userIdentity != null - && permissions.stream().anyMatch(p -> layoutAclService.isMemberOf(userIdentity.getUserId(), p))); + && permissions.stream().anyMatch(p -> layoutAclService.hasPermission(userIdentity.getUserId(), p))); } @Override diff --git a/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPlugin.java b/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPlugin.java index 7e16356b6..de696d929 100644 --- a/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPlugin.java +++ b/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPlugin.java @@ -76,7 +76,7 @@ public boolean hasAccessPermission(long id, String username) throws ObjectNotFou } List permissions = category.getPermissions(); return CollectionUtils.isEmpty(permissions) - || permissions.stream().anyMatch(p -> layoutAclService.isMemberOf(username, p)); + || permissions.stream().anyMatch(p -> layoutAclService.hasPermission(username, p)); } @Override diff --git a/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPlugin.java b/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPlugin.java index 39ffa1209..4a3b4fc4f 100644 --- a/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPlugin.java +++ b/layout-service/src/main/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPlugin.java @@ -78,7 +78,7 @@ public boolean hasAccessPermission(long id, String username) throws ObjectNotFou } List permissions = portletInstance.getPermissions(); return CollectionUtils.isEmpty(permissions) - || permissions.stream().anyMatch(p -> layoutAclService.isMemberOf(username, p)); + || permissions.stream().anyMatch(p -> layoutAclService.hasPermission(username, p)); } @Override diff --git a/layout-service/src/main/java/io/meeds/layout/rest/model/LayoutModel.java b/layout-service/src/main/java/io/meeds/layout/rest/model/LayoutModel.java index 1693b04ff..4d28257a2 100644 --- a/layout-service/src/main/java/io/meeds/layout/rest/model/LayoutModel.java +++ b/layout-service/src/main/java/io/meeds/layout/rest/model/LayoutModel.java @@ -165,10 +165,6 @@ public class LayoutModel { // Specific to container private String profiles; - private String[] moveAppsPermissions; - - private String[] moveContainersPermissions; - private List preferences; private List children; @@ -260,8 +256,6 @@ private void init(ModelObject model) { // NOSONAR this.cssClass = container.getCssClass(); this.profiles = container.getProfiles(); this.accessPermissions = container.getAccessPermissions(); - this.moveAppsPermissions = container.getMoveAppsPermissions(); - this.moveContainersPermissions = container.getMoveContainersPermissions(); this.children = container.getChildren().stream().map(LayoutModel::new).toList(); ApplicationBackgroundStyle appCssStyle = container.getAppBackgroundStyle(); @@ -344,8 +338,6 @@ public static ModelObject toModelObject(LayoutModel layoutModel) { // NOSONAR container.setCssClass(layoutModel.getCssClass()); container.setProfiles(layoutModel.getProfiles()); container.setAccessPermissions(layoutModel.getAccessPermissions()); - container.setMoveAppsPermissions(layoutModel.getMoveAppsPermissions()); - container.setMoveContainersPermissions(layoutModel.getMoveContainersPermissions()); container.setCssStyle(cssStyle); container.setAppBackgroundStyle(mapToAppStyle(layoutModel)); if (layoutModel.getChildren() != null) { diff --git a/layout-service/src/main/java/io/meeds/layout/service/LayoutAclService.java b/layout-service/src/main/java/io/meeds/layout/service/LayoutAclService.java index 5e91ee551..0e36777c1 100644 --- a/layout-service/src/main/java/io/meeds/layout/service/LayoutAclService.java +++ b/layout-service/src/main/java/io/meeds/layout/service/LayoutAclService.java @@ -18,61 +18,33 @@ */ package io.meeds.layout.service; -import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import org.exoplatform.container.ExoContainerContext; import org.exoplatform.portal.config.UserACL; import org.exoplatform.portal.config.model.Page; import org.exoplatform.portal.config.model.PortalConfig; import org.exoplatform.portal.mop.SiteKey; import org.exoplatform.portal.mop.page.PageKey; import org.exoplatform.portal.mop.service.LayoutService; -import org.exoplatform.services.security.Authenticator; import org.exoplatform.services.security.ConversationState; -import org.exoplatform.services.security.Identity; -import org.exoplatform.services.security.IdentityConstants; -import org.exoplatform.services.security.IdentityRegistry; +import org.exoplatform.social.core.identity.model.Identity; import org.exoplatform.social.core.manager.IdentityManager; -import jakarta.annotation.PostConstruct; -import lombok.Setter; -import lombok.SneakyThrows; - @Service public class LayoutAclService { @Autowired - private UserACL userAcl; - - @Autowired - private LayoutService layoutService; + private LayoutService layoutService; @Autowired - private Authenticator authenticator; + private IdentityManager identityManager; @Autowired - private IdentityManager identityManager; - - @Setter - private IdentityRegistry identityRegistry; - - @PostConstruct - public void init() { - // Can't be autowired from Kernel IoC, thus inject it once Spring Bean - // initialized - setIdentityRegistry(ExoContainerContext.getService(IdentityRegistry.class)); - } + private UserACL userAcl; public boolean canAddSite(String username) { - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasCreatePortalPermission(); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.hasCreatePortalPermission(userAcl.getUserIdentity(username)); } public boolean canEditSite(SiteKey siteKey, String username) { @@ -80,13 +52,7 @@ public boolean canEditSite(SiteKey siteKey, String username) { if (portalConfig == null) { return false; } - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasEditPermission(portalConfig); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.hasEditPermission(portalConfig, userAcl.getUserIdentity(username)); } public boolean canViewSite(SiteKey siteKey, String username) { @@ -94,43 +60,15 @@ public boolean canViewSite(SiteKey siteKey, String username) { if (portalConfig == null) { return false; } - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasPermission(portalConfig); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.hasAccessPermission(portalConfig, userAcl.getUserIdentity(username)); } public boolean canEditNavigation(SiteKey siteKey, String username) { - PortalConfig portalConfig = layoutService.getPortalConfig(siteKey); - if (portalConfig == null) { - return false; - } - - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasEditPermission(portalConfig) || userAcl.hasEditPermissionOnNavigation(siteKey); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return canEditSite(siteKey, username); } public boolean canViewNavigation(SiteKey siteKey, PageKey pageKey, String username) { - PortalConfig portalConfig = layoutService.getPortalConfig(siteKey); - if (portalConfig == null) { - return false; - } - Page page = pageKey == null ? null : layoutService.getPage(pageKey); - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasAccessPermission(portalConfig) && (page == null || userAcl.hasPermission(page)); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return canViewSite(siteKey, username) && (pageKey == null || canViewPage(pageKey, username)); } public boolean canViewPage(PageKey pageKey, String username) { @@ -138,14 +76,7 @@ public boolean canViewPage(PageKey pageKey, String username) { if (page == null) { return false; } - - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasPermission(page); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.hasAccessPermission(page, userAcl.getUserIdentity(username)); } public boolean canEditPage(PageKey pageKey, String username) { @@ -153,34 +84,15 @@ public boolean canEditPage(PageKey pageKey, String username) { if (page == null) { return false; } - - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasEditPermission(page); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.hasEditPermission(page, userAcl.getUserIdentity(username)); } public boolean isAdministrator(String username) { - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.isSuperUser() || userAcl.isUserInGroup(getAdministratorsGroup()); - } finally { - ConversationState.setCurrent(currentConversationState); - } + return userAcl.isAdministrator(userAcl.getUserIdentity(username)); } - public boolean isMemberOf(String username, String expression) { - ConversationState currentConversationState = ConversationState.getCurrent(); - ConversationState.setCurrent(getConversationState(username)); - try { - return userAcl.hasPermission(expression); - } finally { - ConversationState.setCurrent(currentConversationState); - } + public boolean hasPermission(String username, String expression) { + return userAcl.hasPermission(userAcl.getUserIdentity(username), expression); } public String getAdministratorsGroup() { @@ -188,31 +100,12 @@ public String getAdministratorsGroup() { } public ConversationState getSuperUserConversationState() { - return new ConversationState(getUserIdentity(userAcl.getSuperUser())); + return new ConversationState(userAcl.getUserIdentity(userAcl.getSuperUser())); } public long getSuperUserIdentityId() { - org.exoplatform.social.core.identity.model.Identity userIdentity = - identityManager.getOrCreateUserIdentity(userAcl.getSuperUser()); - String id = userIdentity == null ? null : userIdentity.getId(); - return id == null ? 0 : Long.parseLong(id); - } - - private ConversationState getConversationState(String username) { - return new ConversationState(getUserIdentity(username)); - } - - @SneakyThrows - private Identity getUserIdentity(String username) { - if (StringUtils.isBlank(username) || IdentityConstants.ANONIM.equals(username)) { - return null; - } - Identity identity = identityRegistry.getIdentity(username); - if (identity != null) { - return identity; - } else { - return authenticator.createIdentity(username); - } + Identity userIdentity = identityManager.getOrCreateUserIdentity(userAcl.getSuperUser()); + return userIdentity == null ? 0l : Long.parseLong(userIdentity.getId()); } } diff --git a/layout-service/src/main/java/io/meeds/layout/service/PageLayoutService.java b/layout-service/src/main/java/io/meeds/layout/service/PageLayoutService.java index f30060963..ab2dcc754 100644 --- a/layout-service/src/main/java/io/meeds/layout/service/PageLayoutService.java +++ b/layout-service/src/main/java/io/meeds/layout/service/PageLayoutService.java @@ -296,8 +296,6 @@ public void updatePageLink(PageKey pageKey, pageState.getFactoryId(), pageState.getAccessPermissions(), pageState.getEditPermission(), - pageState.getMoveAppsPermissions(), - pageState.getMoveContainersPermissions(), pageState.getType(), link)); layoutService.save(pageContext); @@ -323,8 +321,6 @@ public void updatePagePermissions(PageKey pageKey, pageState.getFactoryId(), accessPermissionsList, editPermission, - pageState.getMoveAppsPermissions(), - pageState.getMoveContainersPermissions(), pageState.getType(), pageState.getLink())); layoutService.save(pageContext); diff --git a/layout-service/src/main/java/io/meeds/layout/service/PortletInstanceService.java b/layout-service/src/main/java/io/meeds/layout/service/PortletInstanceService.java index 3d771c575..35dc25791 100644 --- a/layout-service/src/main/java/io/meeds/layout/service/PortletInstanceService.java +++ b/layout-service/src/main/java/io/meeds/layout/service/PortletInstanceService.java @@ -329,7 +329,7 @@ public List getApplicationPreferences(long applicatio } if (!layoutAclService.isAdministrator(username) && Arrays.stream(application.getAccessPermissions()) - .noneMatch(permission -> layoutAclService.isMemberOf(username, permission))) { + .noneMatch(permission -> layoutAclService.hasPermission(username, permission))) { throw new IllegalAccessException(String.format("Application with id %s access denied", applicationId)); } return getApplicationPreferences(application); @@ -453,13 +453,13 @@ private boolean hasPermission(PortletInstance portletInstance, String username) List permissions = portletInstance.getPermissions(); return CollectionUtils.isEmpty(permissions) || permissions.equals(EVERYONE_PERMISSIONS_LIST) - || (StringUtils.isNotBlank(username) && permissions.stream().anyMatch(p -> layoutAclService.isMemberOf(username, p))); + || (StringUtils.isNotBlank(username) && permissions.stream().anyMatch(p -> layoutAclService.hasPermission(username, p))); } private boolean hasPermission(PortletInstanceCategory category, String username) { List permissions = category.getPermissions(); return CollectionUtils.isEmpty(permissions) || permissions.equals(EVERYONE_PERMISSIONS_LIST) - || (StringUtils.isNotBlank(username) && permissions.stream().anyMatch(p -> layoutAclService.isMemberOf(username, p))); + || (StringUtils.isNotBlank(username) && permissions.stream().anyMatch(p -> layoutAclService.hasPermission(username, p))); } } diff --git a/layout-service/src/main/java/io/meeds/layout/storage/PortletInstanceLayoutStorage.java b/layout-service/src/main/java/io/meeds/layout/storage/PortletInstanceLayoutStorage.java index 25d9aa74a..c11bd6001 100644 --- a/layout-service/src/main/java/io/meeds/layout/storage/PortletInstanceLayoutStorage.java +++ b/layout-service/src/main/java/io/meeds/layout/storage/PortletInstanceLayoutStorage.java @@ -207,9 +207,7 @@ private Page getPortletInstanceSystemPage() { false, null, Arrays.asList(UserACL.EVERYONE), - page.getEditPermission(), - Arrays.asList(UserACL.EVERYONE), - Arrays.asList(UserACL.EVERYONE)); + page.getEditPermission()); layoutService.save(new PageContext(PORTLET_EDITOR_SYSTEM_PAGE_KEY, pageState), page); page = layoutService.getPage(PORTLET_EDITOR_SYSTEM_PAGE_KEY); } diff --git a/layout-service/src/test/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPluginTest.java b/layout-service/src/test/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPluginTest.java index e0bbbb417..b28dfe25d 100644 --- a/layout-service/src/test/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPluginTest.java +++ b/layout-service/src/test/java/io/meeds/layout/plugin/attachment/PortletInstanceAttachmentPluginTest.java @@ -98,7 +98,7 @@ public void hasAccessPermission() { when(portletInstance.getPermissions()).thenReturn(Collections.singletonList(permissionExpression)); assertFalse(attachmentPlugin.hasAccessPermission(userIdentity, "1")); - when(layoutAclService.isMemberOf(username, permissionExpression)).thenReturn(true); + when(layoutAclService.hasPermission(username, permissionExpression)).thenReturn(true); assertTrue(attachmentPlugin.hasAccessPermission(userIdentity, "1")); } diff --git a/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPluginTest.java b/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPluginTest.java index 9eab3a18a..cdc4e532c 100644 --- a/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPluginTest.java +++ b/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceCategoryTranslationPluginTest.java @@ -91,7 +91,7 @@ public void hasAccessPermission() { when(portletInstanceCategory.getPermissions()).thenReturn(Collections.singletonList(permissionExpression)); assertFalse(translationPlugin.hasAccessPermission(1, username)); - when(layoutAclService.isMemberOf(username, permissionExpression)).thenReturn(true); + when(layoutAclService.hasPermission(username, permissionExpression)).thenReturn(true); assertTrue(translationPlugin.hasAccessPermission(1, username)); } diff --git a/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPluginTest.java b/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPluginTest.java index b387a83f7..441798ff7 100644 --- a/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPluginTest.java +++ b/layout-service/src/test/java/io/meeds/layout/plugin/translation/PortletInstanceTranslationPluginTest.java @@ -91,7 +91,7 @@ public void hasAccessPermission() { when(portletInstance.getPermissions()).thenReturn(Collections.singletonList(permissionExpression)); assertFalse(translationPlugin.hasAccessPermission(1, username)); - when(layoutAclService.isMemberOf(username, permissionExpression)).thenReturn(true); + when(layoutAclService.hasPermission(username, permissionExpression)).thenReturn(true); assertTrue(translationPlugin.hasAccessPermission(1, username)); } diff --git a/layout-service/src/test/java/io/meeds/layout/service/LayoutAclServiceTest.java b/layout-service/src/test/java/io/meeds/layout/service/LayoutAclServiceTest.java index d4f4c88da..6e05c71f5 100644 --- a/layout-service/src/test/java/io/meeds/layout/service/LayoutAclServiceTest.java +++ b/layout-service/src/test/java/io/meeds/layout/service/LayoutAclServiceTest.java @@ -37,8 +37,7 @@ import org.exoplatform.portal.mop.SiteKey; import org.exoplatform.portal.mop.page.PageKey; import org.exoplatform.portal.mop.service.LayoutService; -import org.exoplatform.services.security.Authenticator; -import org.exoplatform.services.security.IdentityRegistry; +import org.exoplatform.services.security.Identity; import org.exoplatform.social.core.manager.IdentityManager; @SpringBootTest(classes = { LayoutAclService.class }) @@ -51,20 +50,14 @@ public class LayoutAclServiceTest { private static final PageKey PAGE_KEY = PageKey.parse("portal::test::test"); - @MockBean - private UserACL userAcl; - @MockBean private LayoutService layoutService; - @MockBean - private Authenticator authenticator; - @MockBean private IdentityManager identityManager; - @Mock - private IdentityRegistry identityRegistry; + @MockBean + private UserACL userAcl; @Autowired private LayoutAclService layoutAclService; @@ -75,15 +68,18 @@ public class LayoutAclServiceTest { @Mock private Page page; + @Mock + private Identity aclIdentity; + @BeforeEach public void setup() { - layoutAclService.setIdentityRegistry(identityRegistry); + when(userAcl.getUserIdentity(TEST_USER)).thenReturn(aclIdentity); } @Test public void canAddSite() { assertFalse(layoutAclService.canAddSite(TEST_USER)); - when(userAcl.hasCreatePortalPermission()).thenReturn(true); + when(userAcl.hasCreatePortalPermission(aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canAddSite(TEST_USER)); } @@ -92,7 +88,7 @@ public void canEditSite() { assertFalse(layoutAclService.canEditSite(SITE_KEY, TEST_USER)); when(layoutService.getPortalConfig(SITE_KEY)).thenReturn(portalConfig); assertFalse(layoutAclService.canEditSite(SITE_KEY, TEST_USER)); - when(userAcl.hasEditPermission(portalConfig)).thenReturn(true); + when(userAcl.hasEditPermission(portalConfig, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canEditSite(SITE_KEY, TEST_USER)); } @@ -101,7 +97,7 @@ public void canViewSite() { assertFalse(layoutAclService.canViewSite(SITE_KEY, TEST_USER)); when(layoutService.getPortalConfig(SITE_KEY)).thenReturn(portalConfig); assertFalse(layoutAclService.canViewSite(SITE_KEY, TEST_USER)); - when(userAcl.hasPermission(portalConfig)).thenReturn(true); + when(userAcl.hasAccessPermission(portalConfig, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canViewSite(SITE_KEY, TEST_USER)); } @@ -110,7 +106,7 @@ public void canEditNavigation() { assertFalse(layoutAclService.canEditNavigation(SITE_KEY, TEST_USER)); when(layoutService.getPortalConfig(SITE_KEY)).thenReturn(portalConfig); assertFalse(layoutAclService.canEditNavigation(SITE_KEY, TEST_USER)); - when(userAcl.hasEditPermission(portalConfig)).thenReturn(true); + when(userAcl.hasEditPermission(portalConfig, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canEditNavigation(SITE_KEY, TEST_USER)); } @@ -119,7 +115,7 @@ public void canViewNavigation() { assertFalse(layoutAclService.canViewNavigation(SITE_KEY, null, TEST_USER)); when(layoutService.getPortalConfig(SITE_KEY)).thenReturn(portalConfig); assertFalse(layoutAclService.canViewNavigation(SITE_KEY, null, TEST_USER)); - when(userAcl.hasAccessPermission(portalConfig)).thenReturn(true); + when(userAcl.hasAccessPermission(portalConfig, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canViewNavigation(SITE_KEY, null, TEST_USER)); } @@ -128,9 +124,9 @@ public void canViewNavigationWithPage() { when(layoutService.getPortalConfig(SITE_KEY)).thenReturn(portalConfig); when(layoutService.getPage(PAGE_KEY)).thenReturn(page); assertFalse(layoutAclService.canViewNavigation(SITE_KEY, PAGE_KEY, TEST_USER)); - when(userAcl.hasPermission(page)).thenReturn(true); + when(userAcl.hasAccessPermission(page, aclIdentity)).thenReturn(true); assertFalse(layoutAclService.canViewNavigation(SITE_KEY, PAGE_KEY, TEST_USER)); - when(userAcl.hasAccessPermission(portalConfig)).thenReturn(true); + when(userAcl.hasAccessPermission(portalConfig, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canViewNavigation(SITE_KEY, PAGE_KEY, TEST_USER)); } @@ -139,7 +135,7 @@ public void canViewPage() { assertFalse(layoutAclService.canViewPage(PAGE_KEY, TEST_USER)); when(layoutService.getPage(PAGE_KEY)).thenReturn(page); assertFalse(layoutAclService.canViewPage(PAGE_KEY, TEST_USER)); - when(userAcl.hasPermission(page)).thenReturn(true); + when(userAcl.hasAccessPermission(page, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canViewPage(PAGE_KEY, TEST_USER)); } @@ -148,22 +144,14 @@ public void canEditPage() { assertFalse(layoutAclService.canEditPage(PAGE_KEY, TEST_USER)); when(layoutService.getPage(PAGE_KEY)).thenReturn(page); assertFalse(layoutAclService.canEditPage(PAGE_KEY, TEST_USER)); - when(userAcl.hasEditPermission(page)).thenReturn(true); + when(userAcl.hasEditPermission(page, aclIdentity)).thenReturn(true); assertTrue(layoutAclService.canEditPage(PAGE_KEY, TEST_USER)); } - @Test - public void isSuperUser() { - assertFalse(layoutAclService.isAdministrator(TEST_USER)); - when(userAcl.isSuperUser()).thenReturn(true); - assertTrue(layoutAclService.isAdministrator(TEST_USER)); - } - @Test public void isAdministrator() { assertFalse(layoutAclService.isAdministrator(TEST_USER)); - when(userAcl.getAdminGroups()).thenReturn("superGroup"); - when(userAcl.isUserInGroup(userAcl.getAdminGroups())).thenReturn(true); + when(userAcl.isAdministrator(aclIdentity)).thenReturn(true); assertTrue(layoutAclService.isAdministrator(TEST_USER)); } diff --git a/layout-webapp/src/main/webapp/WEB-INF/jsp/siteNavigation.jsp b/layout-webapp/src/main/webapp/WEB-INF/jsp/siteNavigation.jsp index 1f20a5894..5e6c2e3fb 100644 --- a/layout-webapp/src/main/webapp/WEB-INF/jsp/siteNavigation.jsp +++ b/layout-webapp/src/main/webapp/WEB-INF/jsp/siteNavigation.jsp @@ -1,13 +1,9 @@ <%@page import="io.meeds.layout.service.LayoutAclService"%> <%@page import="org.exoplatform.container.ExoContainerContext"%> -<%@page import="org.exoplatform.portal.webui.util.NavigationUtils"%> <%@page import="org.exoplatform.portal.webui.util.Util"%> <%@page import="org.exoplatform.portal.mop.SiteKey"%> -<%@page import="org.exoplatform.portal.mop.user.UserNavigation"%> <% SiteKey siteKey = Util.getUIPortal().getSiteKey(); - UserNavigation userNavigation = NavigationUtils.getUserNavigation(Util.getPortalRequestContext().getUserPortalConfig().getUserPortal(), - siteKey); LayoutAclService aclService = ExoContainerContext.getService(LayoutAclService.class); boolean isAdministrator = aclService.isAdministrator(request.getRemoteUser()); boolean canManageSiteNavigation = aclService.canEditNavigation(siteKey, request.getRemoteUser()); diff --git a/layout-webapp/src/main/webapp/vue-app/layout-editor/js/LayoutUtils.js b/layout-webapp/src/main/webapp/vue-app/layout-editor/js/LayoutUtils.js index b3240b798..f3cc22f78 100644 --- a/layout-webapp/src/main/webapp/vue-app/layout-editor/js/LayoutUtils.js +++ b/layout-webapp/src/main/webapp/vue-app/layout-editor/js/LayoutUtils.js @@ -105,10 +105,6 @@ export const containerModel = { // Generally kept to be accessible to everyone to make // the parent page access permissions applied globally accessPermissions: ['Everyone'], - // Deprecated, not used for containers - moveAppsPermissions: ['Everyone'], - // Deprecated, not used for containers - moveContainersPermissions: ['Everyone'], // List of children which can be of type: // 1. Container // or