From 3a431da024d174f67caa34542d89ab8b13d34d0c Mon Sep 17 00:00:00 2001
From: Neil McErlean <neil.mcerlean@alfresco.com>
Date: Fri, 27 Aug 2010 15:29:32 +0000
Subject: [PATCH] Merge from DEV/SITE_CONFIGURABILITY to HEAD   22049: ALF-3786
 Partial implementation of Configurable Site Creation Group.          Site
 configuration groups can be configured via permissions management in the
 usual way.          This check-in adds hasCreateSitePermissions() to various
 SiteService layers to better support          client code when site creation
 restrictions have been imposed.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@22053 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../repository/site/sites.post.json.js        | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/site/sites.post.json.js b/config/alfresco/templates/webscripts/org/alfresco/repository/site/sites.post.json.js
index c582bb82d7..45b42d6566 100644
--- a/config/alfresco/templates/webscripts/org/alfresco/repository/site/sites.post.json.js
+++ b/config/alfresco/templates/webscripts/org/alfresco/repository/site/sites.post.json.js
@@ -1,5 +1,24 @@
 function main()
 {
+   // The commented out code below checks if the current user has the necessary permissions to
+   // create a site and retrns a 401 status if they do not.
+   //
+   // However, the presentation tier currently handles 500 errors, but not 400 errors.
+   // Therefore the UNAUTHORIZED status is not currently returned.
+   // If a user who does not have permission to create a site tries to do so, a dialog
+   // appears in Share telling them AccessDenied. You do not have the appropriate permissions
+   // to perform this operation.
+   // TODO If we can fix up create-site.js in Slingshot to handle 401s, we can comment this back in.
+
+
+   // Irrespective of the checks below, the currently authenticated user needs to have
+   // permission to create a site.
+//   if (siteService.hasCreateSitePermissions() == false)
+//   {
+//      status.setCode(status.STATUS_UNAUTHORIZED, "User does not have permission to create sites.");
+//      return;
+//   }
+   
    // Get the details of the site
    if (json.has("shortName") == false || json.get("shortName").length == 0)
    {