Forums de discussion
how to authenticate against site roles
mark anderson, modifié il y a 11 années.
how to authenticate against site roles
New Member Publications: 3 Date d'inscription: 19/06/12 Publications récentes
Hi,
I'm having some issues, first a bit of background:
I have a jsf 2 icefaces 3 portlet deployed on Liferay community 6.1 (tomcat bundle), Everything works but i've come to an issue i can't get round.
I've created several private sites within the portal, the portlet is then deployed onto the one of the site pages, i want the 'site administrator' to be able to assign the roles used in the portlet to site members. The issue was that the roles used were Regular roles, and couldn't be changed by the site administrator. So i moved the roles to site roles. However, the app then fails saying
java.lang.IllegalArgumentException: TableWhseEditor is not a regular role
to identify the roles in my portlet, i'm using the icefaces tag element RenderedOnUserRole and also
facesContext.getExternalContext().isUserInRole(role);
How do i make my portlet pick up the site roles instead of the regular roles?
I've looked at the scopeable element but it doesn't seem to make any difference.
Am i tackling this issue the correct way?
I'm having some issues, first a bit of background:
I have a jsf 2 icefaces 3 portlet deployed on Liferay community 6.1 (tomcat bundle), Everything works but i've come to an issue i can't get round.
I've created several private sites within the portal, the portlet is then deployed onto the one of the site pages, i want the 'site administrator' to be able to assign the roles used in the portlet to site members. The issue was that the roles used were Regular roles, and couldn't be changed by the site administrator. So i moved the roles to site roles. However, the app then fails saying
java.lang.IllegalArgumentException: TableWhseEditor is not a regular role
to identify the roles in my portlet, i'm using the icefaces tag element RenderedOnUserRole and also
facesContext.getExternalContext().isUserInRole(role);
How do i make my portlet pick up the site roles instead of the regular roles?
I've looked at the scopeable element but it doesn't seem to make any difference.
Am i tackling this issue the correct way?
Neil Griffin, modifié il y a 11 années.
RE: how to authenticate against site roles
Liferay Legend Publications: 2655 Date d'inscription: 27/07/05 Publications récentes
This is a limitation Liferay's implementation of the Portlet API. Specifically, the com.liferay.portlet.PortletRequestImpl.isUserInRole(String role) method delegates to the RoleLocalServiceImpl.hasUserRole(long userId, long companyId, String name, boolean inherited) method, which only checks for regular (portal scoped) roles. In other words, it does not have the ability to check for site role membership.
My recommendation would be that you use the rendered attribute instead, and use an EL-expression to test for role membership yourself.
For example in your Facelet view:
And in BackingBean.java:
Alternatively, if you are checking Liferay portlet permissions (not model permissions), you can use the Liferay Faces Portal dependency to do things like this:
My recommendation would be that you use the rendered attribute instead, and use an EL-expression to test for role membership yourself.
For example in your Facelet view:
<h:outputtext value="some text" rendered="#{backingBean.userPermitted}" />And in BackingBean.java:
@RequestScoped
public class BackingBean {
private Boolean userPermitted;
public boolean isUserPermitted() {
if (userPermitted == null) {
userPermitted = ...; // determine if user has site role
}
return userPermitted;
}
}
Alternatively, if you are checking Liferay portlet permissions (not model permissions), you can use the Liferay Faces Portal dependency to do things like this:
<h:outputtext value="some text" rendered="#{liferay.userHasPortletPermission['some_portlet_permission_name']}" />
mark anderson, modifié il y a 11 années.
RE: how to authenticate against site roles
New Member Publications: 3 Date d'inscription: 19/06/12 Publications récentes
Thanks for that Neil,
But how do i determine if user is in the particular site role?
looking at the forums there are several options but which is the most appropriate for this situation? this particular portlet could be used in several different sites.
From the forums it looks like the 'site' roles are stored as 'group' roles so should i use:
looking at the below post it would seem i'd need to find the groupid of the site (or community), how do i do that? can i use something like this?:
sorry , this is depricated. Looks like i should use .getScopeGroupId()
http://www.liferay.com/community/forums/-/message_boards/message/13776870
Thanks,
Mark
But how do i determine if user is in the particular site role?
looking at the forums there are several options but which is the most appropriate for this situation? this particular portlet could be used in several different sites.
From the forums it looks like the 'site' roles are stored as 'group' roles so should i use:
UserGroupRoleLocalServiceUtil.hasUserGroupRole(long userId, long groupId, String roleName) looking at the below post it would seem i'd need to find the groupid of the site (or community), how do i do that? can i use something like this?:
ThemeDisplay themeDisplay = (ThemeDisplay)context.getExternalContext().getRequestMap().get(WebKeys.THEME_DISPLAY);
long portletGroupId= themeDisplay.getPortletGroupId();sorry , this is depricated. Looks like i should use .getScopeGroupId()
http://www.liferay.com/community/forums/-/message_boards/message/13776870
Thanks,
Mark
mark anderson, modifié il y a 11 années.
RE: how to authenticate against site roles
New Member Publications: 3 Date d'inscription: 19/06/12 Publications récentes
It's ok, i got it working.
For completeness here's the method:
Thanks,
Mark
For completeness here's the method:
public static boolean isUserInRole(String role) {
ThemeDisplay themeDisplay = (ThemeDisplay)getFacesContextProvider().getFacesContext().getExternalContext().getRequestMap().get(WebKeys.THEME_DISPLAY);
long portletGroupId= themeDisplay.getScopeGroupId();
long userId = themeDisplay.getUserId();
try {
return UserGroupRoleLocalServiceUtil.hasUserGroupRole(userId, portletGroupId, role, true);
} catch (PortalException e) {
logger.error(e);
return false;
} catch (SystemException e) {
logger.error(e);
return false;
}
}Thanks,
Mark