Author: hansbak
Date: Fri Jul 4 20:52:24 2008
New Revision: 674149
URL:
http://svn.apache.org/viewvc?rev=674149&view=revLog:
user preference copy permission service did not take into account that the userLogin is an optional input value
Modified:
ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java
ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java
Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java?rev=674149&r1=674148&r2=674149&view=diff==============================================================================
--- ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java (original)
+++ ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceServices.java Fri Jul 4 20:52:24 2008
@@ -115,6 +115,7 @@
GenericDelegator delegator = ctx.getDelegator();
LocalDispatcher dispatcher = ctx.getDispatcher();
Locale locale = (Locale) context.get("locale");
+ GenericValue userLogin = (GenericValue) context.get("userLogin");
String userPrefGroupId = (String) context.get("userPrefGroupId");
if (UtilValidate.isEmpty(userPrefGroupId)) {
@@ -129,7 +130,7 @@
// if preference map not found, copy from the "_NA_" userlogin being the default settings
if (UtilValidate.isEmpty(userPrefMap)) {
- dispatcher.runSync("copyUserPrefGroup", UtilMisc.toMap("userLogin", context.get("userLogin"), "fromUserLoginId", "_NA_", "userPrefGroupId", userPrefGroupId));
+ dispatcher.runSync("copyUserPrefGroup", UtilMisc.toMap("userLogin", userLogin, "fromUserLoginId", "_NA_", "userPrefGroupId", userPrefGroupId));
userPrefMap = PreferenceWorker.createUserPrefMap(delegator.findByAnd("UserPreference", fieldMap));
}
Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java?rev=674149&r1=674148&r2=674149&view=diff==============================================================================
--- ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java (original)
+++ ofbiz/trunk/framework/common/src/org/ofbiz/common/preferences/PreferenceWorker.java Fri Jul 4 20:52:24 2008
@@ -18,7 +18,6 @@
*******************************************************************************/
package org.ofbiz.common.preferences;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
@@ -28,11 +27,13 @@
import org.ofbiz.base.util.ObjectType;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilValidate;
+import org.ofbiz.base.util.Debug;
import org.ofbiz.entity.GenericValue;
import org.ofbiz.security.Security;
import org.ofbiz.service.DispatchContext;
import org.ofbiz.service.ServiceUtil;
+
/**
* User preference worker methods.
*/
@@ -81,11 +82,10 @@
boolean hasPermission = false;
GenericValue userLogin = (GenericValue) context.get("userLogin");
if (userLogin != null) {
- String userLoginId = userLogin.getString("userLoginId");
- String userLoginIdArg = (String) context.get("userLoginId");
- if (userLoginId.equals(userLoginIdArg)) {
- // users can copy to their own preferences
- hasPermission = true;
+ String userLoginId = userLogin.getString("userLoginId");
+ String userLoginIdArg = (String) context.get("userLoginId"); // is an optional parameters which defaults to the logged on user
+ if (userLoginIdArg == null || (userLoginIdArg != null && userLoginId.equals(userLoginIdArg))) {
+ hasPermission = true; // users can copy to their own preferences
} else {
Security security = ctx.getSecurity();
hasPermission = security.hasPermission(ADMIN_PERMISSION, userLogin);
Locked
