inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

ALF-10182: Activity Feed shows activities where user does not have read permission on the item

Browse Source 
Second attempt - this one shouldn't break compilation.



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@32500 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Matt Ward
2011-12-04 14:20:01 +00:00
parent 9a03f4735c
commit 9f9a44dd56
3 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
source/java/org/alfresco/repo/web/scripts/blogs/AbstractBlogWebScript.java
View File

@@ -21,6 +21,7 @@ package org.alfresco.repo.web.scripts.blogs;
import java.io.IOException;
import java.util.Map;
import org.alfresco.repo.activities.post.lookup.PostLookup;
import org.alfresco.repo.blog.BlogServiceImpl;
import org.alfresco.repo.content.MimetypeMap;
import org.alfresco.repo.model.Repository;
@@ -36,6 +37,7 @@ import org.alfresco.service.cmr.site.SiteService;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONStringer;
import org.json.JSONWriter;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
@@ -114,7 +116,7 @@ public abstract class AbstractBlogWebScript extends DeclarativeWebScript
* @param event One of created, updated, deleted
*/
protected void addActivityEntry(String event, BlogPostInfo blog,
SiteInfo site, WebScriptRequest req, JSONObject json)
SiteInfo site, WebScriptRequest req, JSONObject json, NodeRef nodeRef)
{
// We can only add activities against a site
if (site == null)
@@ -147,11 +149,19 @@ public abstract class AbstractBlogWebScript extends DeclarativeWebScript
try
{
String data = new JSONStringer()
JSONWriter jsonWriter = new JSONStringer()
.object()
.key(TITLE).value(title)
.key(PAGE).value(page)
.endObject().toString();
.key(PAGE).value(page);
if (nodeRef != null)
{
// ALF-10182: the nodeRef needs to be included in the activity
// post to ensure read permissions are respected.
jsonWriter.key(PostLookup.JSON_NODEREF).value(nodeRef.toString());
}
String data = jsonWriter.endObject().toString();
activityService.postActivity(
"org.alfresco.blog.post-" + event,

2
source/java/org/alfresco/repo/web/scripts/blogs/post/BlogPostDelete.java
View File

@@ -57,7 +57,7 @@ public class BlogPostDelete extends AbstractBlogWebScript
// If we're in a site, and it isn't a draft, add an activity
if (site != null && !isDraftBlogPost)
{
addActivityEntry("deleted", blog, site, req, json);
addActivityEntry("deleted", blog, site, req, json, nodeRef);
}
// Report it as deleted

2
source/java/org/alfresco/repo/web/scripts/blogs/posts/BlogPostsPost.java
View File

@@ -83,7 +83,7 @@ public class BlogPostsPost extends AbstractBlogWebScript
jsonPostParams.getPage() != null &&
!isDraft)
{
addActivityEntry("created", post, site, req, json);
addActivityEntry("created", post, site, req, json, nodeRef);
}
return model;