diff --git a/source/java/org/alfresco/web/action/evaluator/RegenerateRenditionsEvaluator.java b/source/java/org/alfresco/web/action/evaluator/RegenerateRenditionsEvaluator.java index ae855e3e55..7b2e6551d0 100644 --- a/source/java/org/alfresco/web/action/evaluator/RegenerateRenditionsEvaluator.java +++ b/source/java/org/alfresco/web/action/evaluator/RegenerateRenditionsEvaluator.java @@ -18,18 +18,28 @@ */ package org.alfresco.web.action.evaluator; +import java.util.ArrayList; import java.util.Iterator; +import java.util.List; import javax.faces.context.FacesContext; +import javax.faces.model.SelectItem; import org.alfresco.model.WCMAppModel; import org.alfresco.service.ServiceRegistry; import org.alfresco.service.cmr.repository.Path; +import org.alfresco.service.cmr.security.AccessStatus; +import org.alfresco.service.cmr.security.PermissionService; +import org.alfresco.wcm.webproject.WebProjectInfo; +import org.alfresco.wcm.webproject.WebProjectService; import org.alfresco.web.app.Application; import org.alfresco.web.app.servlet.FacesHelper; import org.alfresco.web.bean.NavigationBean; import org.alfresco.web.bean.repository.Node; import org.alfresco.web.bean.repository.Repository; +import org.alfresco.web.bean.wcm.WebProject; +import org.alfresco.web.data.IDataContainer; +import org.alfresco.web.data.QuickSort; /** * UI Action Evaluator for Regenerate Renditions in the Web Forms DataDictionary folder @@ -45,12 +55,31 @@ public class RegenerateRenditionsEvaluator extends BaseActionEvaluator */ public boolean evaluate(final Node node) { + // is the authenticated user permitted to execute the regenerate renditions action + // against at least one web project + boolean isUserAllowed = false; + final FacesContext fc = FacesContext.getCurrentInstance(); final ServiceRegistry services = Repository.getServiceRegistry(fc); + final PermissionService permissionService = services.getPermissionService(); + final WebProjectService webProjectService = services.getWebProjectService(); final NavigationBean navigator = (NavigationBean)FacesHelper.getManagedBean(fc, NavigationBean.BEAN_NAME); - + + // check that the authenticated user has CONTENT MANAGER permissions for at least one web project + // this will ensure that the action appears only if the user is able to regenerate renditions + // for at least one web project + List wpInfos = webProjectService.listWebProjects(); + for (WebProjectInfo wpInfo : wpInfos) + { + if(permissionService.hasPermission(wpInfo.getNodeRef(), PermissionService.WCM_CONTENT_MANAGER) == AccessStatus.ALLOWED) + { + isUserAllowed = true; + break; + } + } + // TODO improve how we determine whether the form supports the ability to regenerate renditions or not - + // get the path to the current name - compare each path element with the Web Forms folder name final Path path = navigator.getCurrentNode().getNodePath(); @@ -67,6 +96,6 @@ public class RegenerateRenditionsEvaluator extends BaseActionEvaluator } } - return (node.hasAspect(WCMAppModel.ASPECT_RENDERING_ENGINE_TEMPLATE) || isWebFormsPath); + return (node.hasAspect(WCMAppModel.ASPECT_RENDERING_ENGINE_TEMPLATE) || isWebFormsPath) && isUserAllowed; } } diff --git a/source/java/org/alfresco/web/bean/wcm/RegenerateRenditionsWizard.java b/source/java/org/alfresco/web/bean/wcm/RegenerateRenditionsWizard.java index 8e2965cdf7..a94defbbc8 100644 --- a/source/java/org/alfresco/web/bean/wcm/RegenerateRenditionsWizard.java +++ b/source/java/org/alfresco/web/bean/wcm/RegenerateRenditionsWizard.java @@ -42,6 +42,8 @@ import org.alfresco.service.cmr.search.ResultSet; import org.alfresco.service.cmr.search.ResultSetRow; import org.alfresco.service.cmr.search.SearchParameters; import org.alfresco.service.cmr.search.SearchService; +import org.alfresco.service.cmr.security.AccessStatus; +import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.wcm.webproject.WebProjectInfo; import org.alfresco.wcm.webproject.WebProjectService; import org.alfresco.web.app.Application; @@ -86,6 +88,7 @@ public class RegenerateRenditionsWizard transient private AVMSyncService avmSyncService; transient private SearchService searchService; transient private FormsService formsService; + transient private PermissionService permissionService; private WebProject selectedWebProject; private String[] selectedForms; @@ -248,12 +251,15 @@ public class RegenerateRenditionsWizard for (WebProjectInfo wpInfo : wpInfos) { - String s = wpInfo.getTitle(); - if (this.selectedWebProject == null) - { - this.selectedWebProject = new WebProject(wpInfo.getNodeRef()); + if(getPermissionService().hasPermission(wpInfo.getNodeRef(), PermissionService.WCM_CONTENT_MANAGER) == AccessStatus.ALLOWED) { + // display only web projects to which the authenticated user has CONTENT MANAGER rights + String s = wpInfo.getTitle(); + if (this.selectedWebProject == null) + { + this.selectedWebProject = new WebProject(wpInfo.getNodeRef()); + } + result.add(new SelectItem(wpInfo.getNodeRef().toString(), s != null && s.length() != 0 ? s : wpInfo.getName())); } - result.add(new SelectItem(wpInfo.getNodeRef().toString(), s != null && s.length() != 0 ? s : wpInfo.getName())); } return result; } @@ -472,6 +478,23 @@ public class RegenerateRenditionsWizard } return this.formsService; } + + /** + * @param formsService The FormsService to set. + */ + public void setPermissionService(final PermissionService permissionService) + { + this.permissionService = permissionService; + } + + private PermissionService getPermissionService() + { + if (this.permissionService == null) + { + this.permissionService = (PermissionService)FacesHelper.getManagedBean(FacesContext.getCurrentInstance(), "PermissionService"); + } + return this.permissionService; + } // ------------------------------------------------------------------------------ // Helper Methods