PHOTARK-58 - fixing the issue, making all the albums without owners, to be visible by all
git-svn-id: https://svn.apache.org/repos/asf/incubator/photark/trunk@987604 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java b/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
index 8618007..e64828e 100644
--- a/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
+++ b/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
@@ -528,6 +528,19 @@
return Arrays.asList(album.getOwners()).contains(userId);
}
+ private boolean isNoOwnerForAlbum(String albumName) {
+ if (albumName == null || albumName.trim().equals("")) {
+ return false;
+ }
+ Album album = new JCRAlbumImpl(repositoryManager, albumName);
+ String[] owners = album.getOwners();
+ if (owners.length == 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
// get all permissions
public synchronized Permission[] getPermissions() {
@@ -723,6 +736,10 @@
} else {
allowedPermissions = new ArrayList<String>();
}
+ // all albums with no owners are viewable by everyone
+ if (allowedPermissions.contains(ALBUM_VIEW_IMAGES_PERMISSION) && isNoOwnerForAlbum(resourceName)) {
+ return true;
+ }
List<Permission> permissions = new ArrayList<Permission>();
// if the user in Registered User List or in the Supper Admin List
// the user is allowed to create Albums and create User Groups
diff --git a/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java b/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java
index d80de75..5d2e121 100644
--- a/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java
+++ b/photark-jcr/src/main/java/org/apache/photark/jcr/services/JCRGalleryImpl.java
@@ -102,7 +102,7 @@
}
initialized = true;
- Album[] albums = getAlbumsToUser(SUPER_ADMIN);
+ Album[] albums = getAlbumsToUser(accessManager.getSecurityTokenFromUserId(SUPER_ADMIN));
for (Album album : albums) {
String[] pictures = album.getPictures();
diff --git a/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java b/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java
index c4f09f0..399cffd 100644
--- a/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java
+++ b/photark-security/src/main/java/org/apache/photark/security/authorization/services/SecurityServiceImpl.java
@@ -20,6 +20,7 @@
package org.apache.photark.security.authorization.services;
import org.apache.photark.security.authorization.*;
+import org.oasisopen.sca.annotation.Init;
import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
@@ -48,6 +49,7 @@
*/
private static final long serialVersionUID = -6452934544772432330L;
private AccessManager accessManager;
+ private static boolean initialised = false;
// private boolean userInit =false;
//JSONRPCSecurityManager jsonSecurityManager = new JSONRPCSecurityManager();
@@ -56,6 +58,16 @@
this.accessManager = accessManager;
}
+ @Init
+ public synchronized void init() {
+ if (!accessManager.isUserActive(SUPER_ADMIN)) {
+ String token = createAccessToken(SUPER_ADMIN);
+ accessManager.putAccessListAndToken(accessManager.createAccessList(SUPER_ADMIN, ""), token);
+ }
+ initialised=true;
+ }
+
+
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
@@ -157,6 +169,9 @@
token = createAccessToken(accessList.getUserId());
accessManager.putAccessListAndToken(accessList, token);
}
+ if(!initialised){
+ init();
+ }
// JSONRPCSecurityManager.putAccessListAndToken(accessList,token);