svn commit: r770401 - in /ofbiz/trunk: applications/securityext/src/o
Locked
svn commit: r770401 - in /ofbiz/trunk: applications/securityext/src/o
 
|
Author: jaz
Date: Thu Apr 30 19:14:48 2009 New Revision: 770401 URL: http://svn.apache.org/viewvc?rev=770401&view=rev Log: No longer requiring the boolean field 'expanded' as part of the API; after dicussing w/ Adrian; the FSE can handle pre-expanded strings Added new API method findMatchingPermission() which takes a regular expression for the base permission returning the value of all matching permissions (see unit tests) Fixed missing base permission in SecurityData.xml JIRA OFBIZ-2381 Modified: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/test/AuthorizationTests.java ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/conditional/HasPermissionCondition.java ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/CheckPermission.java ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/IfHasPermission.java ofbiz/trunk/framework/security/data/SecurityData.xml ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/AbtractAuthorization.java ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/Authorization.java ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/EntityAuthorization.java ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java Modified: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/test/AuthorizationTests.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/test/AuthorizationTests.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/test/AuthorizationTests.java (original) +++ ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/test/AuthorizationTests.java Thu Apr 30 19:14:48 2009 @@ -1,5 +1,7 @@ package org.ofbiz.securityext.test; +import java.util.Map; + import org.ofbiz.base.util.Debug; import org.ofbiz.entity.GenericDelegator; import org.ofbiz.security.SecurityConfigurationException; @@ -21,49 +23,68 @@ public void testBasicAdminPermission() throws Exception { Debug.logInfo("Running testBasicAdminPermission()", module); - assertTrue("User was not granted permission as expected", security.hasPermission("system", "access:foo:bar", null, true)); + assertTrue("User was not granted permission as expected", security.hasPermission("system", "access:foo:bar", null)); } public void testBasePermissionFailure() throws Exception { Debug.logInfo("Running testBasePermissionFailure()", module); - assertFalse("Permission did not fail as expected", security.hasPermission("system", "no:permission", null, true)); + assertFalse("Permission did not fail as expected", security.hasPermission("system", "no:permission", null)); } public void testDynamicAccessFromClasspath() throws Exception { Debug.logInfo("Running testDynamicAccessFromClasspath()", module); - assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:groovy2:2000", null, true)); + assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:groovy2:2000", null)); } public void testDynamicAccessService() throws Exception { Debug.logInfo("Running testDynamicAccessService()", module); - assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:service:2000", null, true)); + assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:service:2000", null)); } public void testDynamicAccessFailure() throws Exception { Debug.logInfo("Running testDynamicAccessFailure()", module); - assertFalse("Dynamic access did not fail as expected", security.hasPermission("system", "test:groovy1:2000", null, true)); + assertFalse("Dynamic access did not fail as expected", security.hasPermission("system", "test:groovy1:2000", null)); } public void testAutoGrantPermissions() throws Exception { Debug.logInfo("Running testDynamicAccessFailure()", module); // first verify the user does not have the initial permission - assertFalse("User already has the auto-granted permission", security.hasPermission("system", "test:autogranted", null, true)); + assertFalse("User already has the auto-granted permission", security.hasPermission("system", "test:autogranted", null)); // next run security check to setup the auto-grant - assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:groovy1:1000", null, true)); + assertTrue("User was not granted dynamic access as expected", security.hasPermission("system", "test:groovy1:1000", null)); // as long as this runs in the same thread (and it should) access should now be granted - assertTrue("User was not auto-granted expected permission", security.hasPermission("system", "test:autogranted", null, true)); + assertTrue("User was not auto-granted expected permission", security.hasPermission("system", "test:autogranted", null)); } public void testAutoGrantCleanup() throws Exception { Debug.logInfo("Running testAutoGrantCleanup()", module); - assertFalse("User was auto-granted an unexpected permission", security.hasPermission("user", "test:autogranted", null, true)); + assertFalse("User was auto-granted an unexpected permission", security.hasPermission("user", "test:autogranted", null)); } public void testDynamicAccessRecursion() throws Exception { Debug.logInfo("Running testDynamicAccessRecursion()", module); - assertFalse("User was granted an unexpected permission", security.hasPermission("user", "test:recursion", null, true)); + assertFalse("User was granted an unexpected permission", security.hasPermission("user", "test:recursion", null)); + } + + public void testFindAllPermissionRegexp() throws Exception { + Debug.logInfo("Running testFindAllPermissionRegexp()", module); + Map<String,Boolean> permResultMap = security.findMatchingPermission("system", ".*:example", null); + assertEquals("Invalid result map size; should be 5", 5, permResultMap.size()); + assertTrue("User was not granted expected permission {access:example}", permResultMap.get("access:example")); + assertTrue("User was not granted expected permission {create:example}", permResultMap.get("create:example")); + assertTrue("User was not granted expected permission {read:example}", permResultMap.get("read:example")); + assertTrue("User was not granted expected permission {update:example}", permResultMap.get("update:example")); + assertTrue("User was not granted expected permission {delete:example}", permResultMap.get("delete:example")); + } + + public void testFindLimitedPermissionRegexp() throws Exception { + Debug.logInfo("Running testFindLimitedPermissionRegexp()", module); + Map<String,Boolean> permResultMap = security.findMatchingPermission("user", "(access|read):example", null); + assertEquals("Invalid result map size; should be 2", 2, permResultMap.size()); + assertFalse("User was granted an unexpected permission {access:example}", permResultMap.get("access:example")); + assertFalse("User was granted an unexpected permission {read:example}", permResultMap.get("read:example")); } } Modified: ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/conditional/HasPermissionCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/conditional/HasPermissionCondition.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/conditional/HasPermissionCondition.java (original) +++ ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/conditional/HasPermissionCondition.java Thu Apr 30 19:14:48 2009 @@ -72,7 +72,7 @@ } } else { // run hasPermission - if (authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap(), true)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap())) { runSubOps = true; } } Modified: ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/CheckPermission.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/CheckPermission.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/CheckPermission.java (original) +++ ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/CheckPermission.java Thu Apr 30 19:14:48 2009 @@ -182,7 +182,7 @@ return security.hasEntityPermission(permission, action, userLogin); } else { // run hasPermission - return authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap(), true); + return authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap()); } } } Modified: ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/IfHasPermission.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/IfHasPermission.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/IfHasPermission.java (original) +++ ofbiz/trunk/framework/minilang/src/org/ofbiz/minilang/method/ifops/IfHasPermission.java Thu Apr 30 19:14:48 2009 @@ -90,7 +90,7 @@ } } else { // run hasPermission - if (authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap(), true)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap())) { runSubOps = true; } } Modified: ofbiz/trunk/framework/security/data/SecurityData.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/data/SecurityData.xml?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/security/data/SecurityData.xml (original) +++ ofbiz/trunk/framework/security/data/SecurityData.xml Thu Apr 30 19:14:48 2009 @@ -38,7 +38,7 @@ <SecurityGroupPermission groupId="FULLADMIN" permissionId="create"/> <SecurityGroupPermission groupId="FULLADMIN" permissionId="read"/> <SecurityGroupPermission groupId="FULLADMIN" permissionId="update"/> - <SecurityGroupPermission groupId="FULLADMIN" permissionId="access"/> + <SecurityGroupPermission groupId="FULLADMIN" permissionId="delete"/> <SecurityGroupPermission groupId="VIEWADMIN" permissionId="access"/> <SecurityGroupPermission groupId="VIEWADMIN" permissionId="read"/> Modified: ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/AbtractAuthorization.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/AbtractAuthorization.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/AbtractAuthorization.java (original) +++ ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/AbtractAuthorization.java Thu Apr 30 19:14:48 2009 @@ -20,8 +20,11 @@ import java.util.List; import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import javolution.util.FastList; +import javolution.util.FastMap; import org.ofbiz.base.util.Debug; import org.ofbiz.base.util.UtilValidate; @@ -38,6 +41,8 @@ private static ThreadLocal<String> origPermission = new ThreadLocal<String>(); private static ThreadLocal<String> uid = new ThreadLocal<String>(); + private static final String[] basePermissions = { "access", "create", "read", "update", "delete" }; + /** * Checks to see if the user has a static permission * @@ -69,22 +74,46 @@ public abstract List<String> getAutoGrantPermissions(String userId, String permission, Map<String, ? extends Object> context); /** + * Takes a regular expression (permissionRegexp) and evaluates it against base permissions and returns permission + * values for each match. + * Example 1: ".*:example" will return values for access:example, create:example, read:example, update:example and delete:example + * Example 2: "(access|read):example:${exampleId} will return values for access:example:${exampleId} and read:example:${exampleId} + * + * NOTE: the regular expression can only be part of the base permission (before the first colon) + * + * @param userId the user's userId + * @param permissionRegexp permission string containing regexp in the base position + * @param expanded true if the permission string is already expanded, false if it will contain ${} context values + * @return + */ + public Map<String, Boolean> findMatchingPermission(String userId, String permissionRegexp, Map<String, ? extends Object> context) { + Map<String, Boolean> resultMap = FastMap.newInstance(); + + String regexp = permissionRegexp.substring(0, permissionRegexp.indexOf(":")); + String permStr = permissionRegexp.substring(permissionRegexp.indexOf(":")); + + Pattern p = Pattern.compile("^" + regexp + ":.*$"); + for (String base : basePermissions) { + Matcher m = p.matcher(base + permStr); + if (m.find()) { + String permission = m.group(); + resultMap.put(permission, hasPermission(userId, permission, context)); + } + } + return resultMap; + } + + /** * Test to see if the specified user has permission * * @param userId the user's userId * @param permission the raw permission string - * @param context name/value pairs used for permission lookup - * @param expanded true if the permission string is already expanded, false if it will contain ${} context values + * @param context name/value pairs used for permission lookup * @return true if the user has permission */ - public boolean hasPermission(String userId, String permission, Map<String, ? extends Object> context, boolean expanded) { + public boolean hasPermission(String userId, String permission, Map<String, ? extends Object> context) { // expand the permission string - String expandedPermission; - if (!expanded) { - expandedPermission = FlexibleStringExpander.expandString(permission, context); - } else { - expandedPermission = permission; - } + String expandedPermission = FlexibleStringExpander.expandString(permission, context); // verify the ThreadLocal data; make sure it isn't stale (from a thread pool) String threadUid = uid.get(); Modified: ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/Authorization.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/Authorization.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/Authorization.java (original) +++ ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/Authorization.java Thu Apr 30 19:14:48 2009 @@ -31,24 +31,37 @@ * * @param userId the user's userId * @param permission the raw permission string - * @param context name/value pairs used for permission lookup - * @param expanded true if the permission string is already expanded, false if it will contain ${} context values + * @param context name/value pairs used for permission lookup * @return true if the user has permission */ - public boolean hasPermission(String userId, String permission, Map<String, ? extends Object> context, boolean expanded); - + public boolean hasPermission(String userId, String permission, Map<String, ? extends Object> context); + /** * Test to see if the specified user has permission * * @param session HttpSession used to obtain the userId * @param permission the raw permission string - * @param context name/value pairs used for permission lookup - * @param expanded true if the permission string is already expanded, false if it will contain ${} context values + * @param context name/value pairs used for permission lookup * @return true if the user has permission */ - public boolean hasPermission(HttpSession session, String permission, Map<String, ? extends Object> context, boolean expanded); + public boolean hasPermission(HttpSession session, String permission, Map<String, ? extends Object> context); /** + * Takes a regular expression (permissionRegexp) and evaluates it against base permissions and returns permission + * values for each match. + * Example 1: ".*:example" will return values for access:example, create:example, read:example, update:example and delete:example + * Example 2: "(access|read):example:${exampleId} will return values for access:example:${exampleId} and read:example:${exampleId} + * + * NOTE: the regular expression can only be part of the base permission (before the first colon) + * + * @param userId the user's userId + * @param permissionRegexp permission string containing regexp in the base position + * @param context name/value pairs used for permission lookup + * @return Map containing each permission as the key and a boolean if the permission is granted + */ + public Map<String, Boolean> findMatchingPermission(String userId, String permissionRegexp, Map<String, ? extends Object> context); + + /** * Method for injecting the delegator object * * @param delegator the GenericDelegator object to use for the Authorization implementation Modified: ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/EntityAuthorization.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/EntityAuthorization.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/EntityAuthorization.java (original) +++ ofbiz/trunk/framework/security/src/org/ofbiz/security/authz/EntityAuthorization.java Thu Apr 30 19:14:48 2009 @@ -137,10 +137,18 @@ return false; } - public boolean hasPermission(HttpSession session, String permission, Map<String, ? extends Object> context, boolean expanded) { + /** + * Test to see if the specified user has permission + * + * @param session HttpSession used to obtain the userId + * @param permission the raw permission string + * @param context name/value pairs used for permission lookup + * @return true if the user has permission + */ + public boolean hasPermission(HttpSession session, String permission, Map<String, ? extends Object> context) { GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); if (userLogin != null) { - return hasPermission(userLogin.getString("userLoginId"), permission, context, expanded); + return hasPermission(userLogin.getString("userLoginId"), permission, context); } return false; } Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java (original) +++ ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelPermission.java Thu Apr 30 19:14:48 2009 @@ -74,7 +74,7 @@ Debug.logWarning("Null permission name passed for evaluation", module); return false; } - return authz.hasPermission(userLogin.getString("userLoginId"), nameOrRole, context, false); + return authz.hasPermission(userLogin.getString("userLoginId"), nameOrRole, context); } private boolean evalEntityPermission(Security security, GenericValue userLogin) { Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original) +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Thu Apr 30 19:14:48 2009 @@ -862,7 +862,7 @@ if (info != null) { for (String permission: info.getBasePermission()) { if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) && - !authz.hasPermission(userLogin.getString("userLoginId"), permission, null, true)) { + !authz.hasPermission(userLogin.getString("userLoginId"), permission, null)) { return false; } } Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java (original) +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java Thu Apr 30 19:14:48 2009 @@ -106,7 +106,7 @@ Authorization authz = (Authorization) request.getAttribute("authz"); Locale locale = UtilHttp.getLocale(request); - if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null, true)) { + if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null)) { String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_use_fct", locale); request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg); return "error"; @@ -160,7 +160,7 @@ Authorization authz = (Authorization) request.getAttribute("authz"); Locale locale = UtilHttp.getLocale(request); - if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null, true)) { + if (!authz.hasPermission(request.getSession(), "ENTITY_MAINT", null)) { String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_use_fct", locale); request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg); return "error"; @@ -305,7 +305,7 @@ serviceContext.put("locale", locale); } - if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null, true)) { + if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null)) { String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_to_call", locale); request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg); return "error"; @@ -545,7 +545,7 @@ return "error"; } - if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null, true)) { + if (!modelService.export && !authz.hasPermission(request.getSession(), "SERVICE_INVOKE_ANY", null)) { String errMsg = UtilProperties.getMessage(CoreEvents.err_resource, "coreEvents.not_authorized_to_call", locale); request.setAttribute("_ERROR_MESSAGE_", "<li>" + errMsg + "."); return "error"; Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ModelMenuCondition.java Thu Apr 30 19:14:48 2009 @@ -319,7 +319,7 @@ } } else { // run hasPermission - if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) { return true; } } Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ModelScreenCondition.java Thu Apr 30 19:14:48 2009 @@ -315,7 +315,7 @@ } } else { // run hasPermission - if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) { return true; } } Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java?rev=770401&r1=770400&r2=770401&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ModelTreeCondition.java Thu Apr 30 19:14:48 2009 @@ -220,7 +220,7 @@ } } else { // run hasPermission - if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context, true)) { + if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) { return true; } } |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |