import java.util.Set;
import java.util.TreeMap;
-import javax.jcr.Node;
-import javax.jcr.RepositoryException;
-
-import org.argeo.api.cms.CmsView;
+import org.argeo.api.acr.Content;
+import org.argeo.api.cms.CmsLog;
+import org.argeo.api.cms.ux.CmsView;
import org.argeo.app.api.RankedObject;
import org.argeo.app.core.SuiteUtils;
-import org.argeo.api.cms.CmsLog;
import org.argeo.cms.Localized;
import org.argeo.cms.auth.CurrentUser;
import org.argeo.cms.swt.CmsSwtUtils;
private ClassLoader l10nClassLoader;
@Override
- public Control createUi(Composite parent, Node node) throws RepositoryException {
+ public Control createUiPart(Composite parent, Content node) {
CmsView cmsView = CmsSwtUtils.getCmsView(parent);
parent.setLayout(CmsSwtUtils.noSpaceGridLayout());
Composite appLayersC = new Composite(parent, SWT.NONE);
}
// boolean isAdmin = cmsView.doAs(() -> CurrentUser.isInRole(NodeConstants.ROLE_USER_ADMIN));
- Set<String> userRoles = cmsView.doAs(() -> CurrentUser.roles());
+ // Set<String> userRoles = cmsView.doAs(() -> CurrentUser.roles());
Button first = null;
layers: for (String layerDef : defaultLayers) {
layerDef = layerDef.trim();
Set<String> layerRoles = SuiteUtils.extractRoles(semiColArr);
if (layers.containsKey(layerId)) {
if (!layerRoles.isEmpty()) {
- Set<String> intersection = new HashSet<String>(layerRoles);
- intersection.retainAll(userRoles);
- if (intersection.isEmpty())
+ boolean authorized = false;
+ authorized = cmsView.doAs(() -> {
+ for (String layerRole : layerRoles) {
+ if (CurrentUser.implies(layerRole, null)) {
+ return true;
+ }
+ }
+ return false;
+ });
+ if (!authorized)
continue layers;// skip unauthorized layer
+// Set<String> intersection = new HashSet<String>(layerRoles);
+// intersection.retainAll(userRoles);
+// if (intersection.isEmpty())
+// continue layers;// skip unauthorized layer
}
RankedObject<SuiteLayer> layerObj = layers.get(layerId);