Foros de discusión
Using PermissionServiceUtil's hasUserPermission method
Lior Hadaya, modificado hace 11 años.
Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 138 Fecha de incorporación: 24/01/12 Mensajes recientes
Hello,
I am using Liferay EE 6.1.20 and I've been unsuccessfully trying to understand how to use PermissionServiceUtil's hasUserPermissions method:
I understand what userId means, actionId I assume is one of the ActionKeys enum value (like ActionKeys.UPDATE) but what is resourceId?
I know that in Liferay everything from portlet to blog to message board is a resource. Specifically I want to check Update permissions on a layout. I looked in the Resource_ table in the database and found that it is empty. There are rows in the ResourceAction and ResourcePermission tables but I don't see a resourceId column in them.
My question is how can I use hasUserPermission in order to find out if a user has update permission on a layout? The reason I'm interested in this method is because I hope that if I understand how to use it I could also use this method which receives a list or resources in order to check user permissions for several layouts, not just one:
Please advise,
Thanks
I am using Liferay EE 6.1.20 and I've been unsuccessfully trying to understand how to use PermissionServiceUtil's hasUserPermissions method:
static boolean hasUserPermission(long userId, String actionId, long resourceId)
I understand what userId means, actionId I assume is one of the ActionKeys enum value (like ActionKeys.UPDATE) but what is resourceId?
I know that in Liferay everything from portlet to blog to message board is a resource. Specifically I want to check Update permissions on a layout. I looked in the Resource_ table in the database and found that it is empty. There are rows in the ResourceAction and ResourcePermission tables but I don't see a resourceId column in them.
My question is how can I use hasUserPermission in order to find out if a user has update permission on a layout? The reason I'm interested in this method is because I hope that if I understand how to use it I could also use this method which receives a list or resources in order to check user permissions for several layouts, not just one:
static boolean hasUserPermissions(long userId, long groupId, List<resource> resources, String actionId, PermissionCheckerBag permissionCheckerBag) </resource>
Please advise,
Thanks
Luca Lupo, modificado hace 11 años.
RE: Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 106 Fecha de incorporación: 1/10/12 Mensajes recientes
the resource id is the ID of the resource you want to check the permission for.
For example, a journal article ID if you want to check the permission for that...or in your case the template ID.
So, go on the db (table journalTemplate) and get the ID you need . I created myself this method if you wanna use it, but it is for journal article. It takes the user and a list of journal articles and check for every role of the user if there is one that can access the journal article.
The dynamicQuery is necessary to check the role owner, that is a special role .
Hope this help,
Luca
For example, a journal article ID if you want to check the permission for that...or in your case the template ID.
So, go on the db (table journalTemplate) and get the ID you need . I created myself this method if you wanna use it, but it is for journal article. It takes the user and a list of journal articles and check for every role of the user if there is one that can access the journal article.
public static boolean hasContentPermission(User utente, JournalArticle webContent) throws SystemException {
//ricavo il companyId del portale
long companyId = CompanyLocalServiceUtil.getCompanies().get(0).getCompanyId();
long[] listaIdRuoliUtente = null;
listaIdRuoliUtente = utente.getRoleIds();
boolean ruoloTrovato = false;
boolean permessoTrovato = false;
List<resourcepermission> rp = new ArrayList<resourcepermission>();
rp = ResourcePermissionLocalServiceUtil.getResourcePermissions(companyId, JournalArticle.class.getName(), ResourceConstants.SCOPE_INDIVIDUAL, String.valueOf(webContent.getResourcePrimKey()));
for (int p=0; p<rp.size(); p++) { ruolotrovato="true;" ciclo per tutti i ruoli di un determinato utente for (int x="0;" x<listaidruoliutente.length; x++) if (rp.get(p).getroleid()="=" listaidruoliutente[x]) if(ruolotrovato) ((rp.get(p).getactionids()> 0) && ((rp.get(p).getActionIds()%(2))!=0)) {
permessoTrovato = true;
}
}
}
}
DynamicQuery dynamicQuery = DynamicQueryFactoryUtil
.forClass(ResourcePermission.class)
.add(PropertyFactoryUtil.forName("ownerId")
.eq(utente.getUserId()))
.add(PropertyFactoryUtil.forName("primKey").eq(
String.valueOf(webContent.getResourcePrimKey())));
List<resourcepermission> perm = ResourcePermissionLocalServiceUtil.dynamicQuery(dynamicQuery);
if (perm != null || perm.size() > 0) return true;
return permessoTrovato;
}
</resourcepermission></rp.size();></resourcepermission></resourcepermission>
The dynamicQuery is necessary to check the role owner, that is a special role .
Hope this help,
Luca
Luca Lupo, modificado hace 11 años.
RE: Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 106 Fecha de incorporación: 1/10/12 Mensajes recientes
My mistake, the method take a single journalArticle and not a list as I said before
Lior Hadaya, modificado hace 11 años.
RE: Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 138 Fecha de incorporación: 24/01/12 Mensajes recientes
Hi Luca, thanks for replying.
I don't understand why the journalTemplate table is relevant in my case - since I want to check permissions on a layout.
Is resourceId simply the plid of the layout - the primary key of the layout table?
I also don't understand why you had to implement a method that checks all the user's roles for the requested permission, I thought that's what hasUserPermissions does.
Thanks
I don't understand why the journalTemplate table is relevant in my case - since I want to check permissions on a layout.
Is resourceId simply the plid of the layout - the primary key of the layout table?
I also don't understand why you had to implement a method that checks all the user's roles for the requested permission, I thought that's what hasUserPermissions does.
Thanks
Luca Lupo, modificado hace 11 años.
RE: Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 106 Fecha de incorporación: 1/10/12 Mensajes recientes
Yes, I meant the layout table. primary key should be fine, otherwise check also the other keys in the table.
I was using another function to check the permissions. I don't remember the name, but was a strange function. Basically, it returned a void and you had to check the Exception in order to find out if a user had or not the permission. At the end I implemented my but free version of the function
I was using another function to check the permissions. I don't remember the name, but was a strange function. Basically, it returned a void and you had to check the Exception in order to find out if a user had or not the permission. At the end I implemented my but free version of the function
Lior Hadaya, modificado hace 11 años.
RE: Using PermissionServiceUtil's hasUserPermission method
Regular Member Mensajes: 138 Fecha de incorporación: 24/01/12 Mensajes recientes
I'm sorry but I still don't understand.
If I pass plid as resource id to this method:
hasUserPermission(long userId, String actionId, long resourceId)
How does Liferay know it should check permissions for a layout? How does it know that the long I passed in is a Layout and not a journal or a blog or something else?
I tried passing the plid but the method returned false even though the user does have permission.
If I pass plid as resource id to this method:
hasUserPermission(long userId, String actionId, long resourceId)
How does Liferay know it should check permissions for a layout? How does it know that the long I passed in is a Layout and not a journal or a blog or something else?
I tried passing the plid but the method returned false even though the user does have permission.