From 7c1dec8b71ac23f5587b549e5b7491497b0382e9 Mon Sep 17 00:00:00 2001
From: Kevin Roast <kevin.roast@alfresco.com>
Date: Mon, 13 Feb 2006 15:35:12 +0000
Subject: [PATCH] . Fix for AWC-508  - Stops users without permissions trying
 to overwrite existing Saved Searches

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2359 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../alfresco/web/bean/AdvancedSearchBean.java | 20 ++++++++++++++++++-
 source/web/WEB-INF/faces-config-beans.xml     |  4 ++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/source/java/org/alfresco/web/bean/AdvancedSearchBean.java b/source/java/org/alfresco/web/bean/AdvancedSearchBean.java
index cc9e00b91b..72d2697681 100644
--- a/source/java/org/alfresco/web/bean/AdvancedSearchBean.java
+++ b/source/java/org/alfresco/web/bean/AdvancedSearchBean.java
@@ -51,6 +51,7 @@ import org.alfresco.service.cmr.repository.MimetypeService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.search.SearchService;
+import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
@@ -130,6 +131,14 @@ public class AdvancedSearchBean
       this.searchService = searchService;
    }
    
+   /**
+    * @param permissionService      The PermissionService to set.
+    */
+   public void setPermissionService(PermissionService permissionService)
+   {
+      this.permissionService = permissionService;
+   }
+   
    /**
     * @return Returns the progressive panels expanded state map.
     */
@@ -295,7 +304,13 @@ public class AdvancedSearchBean
     */
    public boolean isAllowEdit()
    {
-      return (this.savedSearch != null && NO_SELECTION.equals(this.savedSearch) == false);
+      boolean allow = (this.savedSearch != null && NO_SELECTION.equals(this.savedSearch) == false);
+      if (allow)  
+      {
+         NodeRef savedSearchRef = new NodeRef(Repository.getStoreRef(), this.savedSearch);
+         allow = (permissionService.hasPermission(savedSearchRef, PermissionService.WRITE) == AccessStatus.ALLOWED);
+      }
+      return allow;
    }
 
    /**
@@ -1495,6 +1510,9 @@ public class AdvancedSearchBean
    /** SearchService bean reference */
    private SearchService searchService;
    
+   /** PermissionService */
+   private PermissionService permissionService;
+   
    /** Client Config reference */
    private AdvancedSearchConfigElement searchConfigElement = null;
    
diff --git a/source/web/WEB-INF/faces-config-beans.xml b/source/web/WEB-INF/faces-config-beans.xml
index 6c97700f3e..95469e2d7b 100644
--- a/source/web/WEB-INF/faces-config-beans.xml
+++ b/source/web/WEB-INF/faces-config-beans.xml
@@ -169,6 +169,10 @@
          <property-name>searchService</property-name>
          <value>#{SearchService}</value>
       </managed-property>
+      <managed-property>
+         <property-name>permissionService</property-name>
+         <value>#{PermissionService}</value>
+      </managed-property>
    </managed-bean>
    
    <managed-bean>