Esempio n. 1
0
    @Override
    public boolean eval(Map<String, Object> context) {
      // if no user is logged in, treat as if the user does not have permission
      GenericValue userLogin = (GenericValue) context.get("userLogin");
      if (userLogin != null) {
        String permission = permissionExdr.expandString(context);
        String action = actionExdr.expandString(context);

        Authorization authz = (Authorization) context.get("authz");
        Security security = (Security) context.get("security");
        if (UtilValidate.isNotEmpty(action)) {
          // Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field
          // should no longer be used", module);
          // run hasEntityPermission
          if (security.hasEntityPermission(permission, action, userLogin)) {
            return true;
          }
        } else {
          // run hasPermission
          if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) {
            return true;
          }
        }
      }
      return false;
    }
Esempio n. 2
0
 private boolean evalEntityPermission(Security security, GenericValue userLogin) {
   if (nameOrRole == null) {
     Debug.logWarning("Null permission name passed for evaluation", module);
     return false;
   }
   if (action == null) {
     Debug.logWarning("Null action passed for evaluation", module);
   }
   return security.hasEntityPermission(nameOrRole, action, userLogin);
 }