访问Liferay 6.1自定义/继承组织角色

时间:2012-10-30 18:14:28

标签: liferay organization role

我正在使用Liferay 6.1 CE,Tomcat,Vaadin 6.8.4
对我而言可能是一种非常不正确的方法,或者我可能错过了一些明显的东西。

我需要为我的用户控制crud函数 - 允许访问他们所属的组织以及下面的任何子组织。 (我正在使用Liferay的organization_表)

在尝试简化权限管理时,我曾希望将用户分配给层次结构中的组织。然后,可以从分配给该组织和任何父组织的角色确定默认权限。对于常规角色来说,这似乎工作得相当好 - 但后来我尝试了一个自定义组织角色,我无法按预期掌握细节。

  • 我可以在控制面板定义中看到用户的正确数据  (Liferay知道如何检索和显示自定义组织角色: - )

  • 我可以看到后端表usergrouprole中填充的实际数据值。

  • 我能够检测到默认的superadmin / owner(test @ liferay)的这个角色。  。 。 。但我无法检测到其他用户的角色:(

  • 我一直在使用RoleLocalServiceUtilGroupLocalServiceUtil而没有运气。

    我的直觉是放弃我的“纯粹主义”观念,而是回到熟悉的自定义查询,但我想首先看看是否有其他人有更好的建议。

    我目前不知道如何进入Liferay代码以找到相关的片段,所以如果您有一些阅读材料,也许这可能是一个选项:)

    线索?

  • 2 个答案:

    答案 0 :(得分:1)

    这看起来很丑陋(因为它),但我认为你需要打电话:

    UserGroupRoleLocalServiceUtil.hasUserGroupRole(long userId, long groupId, long roleId);
    

    一般来说,对于XYZ表,有(如果不是总是)XYZLocalServiceUtil和XYZServiceUtil。

    答案 1 :(得分:0)

    本着共享的精神,这里有一些显示权限的示例代码。

    ThemeDisplay themeDisplay = (ThemeDisplay) request.getAttribute(WebKeys.THEME_DISPLAY);
    User i_user =  themeDisplay.getUser();
    PortletDisplay portDisplay = themeDisplay.getPortletDisplay();
    String myRootname = portDisplay.getRootPortletId();
    String strOrgGroupRoles = "";
    
    //== 1. Display permission provided to user by Organisation(Group) Roles
    //== 2. User is assigned to the org.
    //== 3. Org is a member of the OrgRole.
    //== 4. OrgRole has permission defined from current selected portlet permissions (action-key)
    List<UserGroupRole> ugRoles = new ArrayList<UserGroupRole>();
    ugRoles.addAll(UserGroupRoleLocalServiceUtil.getUserGroupRoles(i_user.getUserId() ) );
    for (UserGroupRole ugRole : ugRoles){
    
        //== For each role this user has allocated, display the Rolename and the Organisation
        strOrgGroupRoles += "'" +ugRole.getRole().getName() + "'  (roleId="+ugRole.getRoleId()+")";
        strOrgGroupRoles += " for organization '"+OrganizationLocalServiceUtil.getOrganization(ugRole.getGroup().getClassPK()).getName();
        strOrgGroupRoles += "' (groupId=" +ugRole.getGroupId()+ ")\n";
    
        //== Permissions for the role is harder to find - linked to a resource
        //== Data shows the `actionId` equates to relative action number column 'bitwiseValue' in `resourceaction`.
        //== Snag is ResourcePermission needs a tie-breaker of the portlet name, not just the roleId
        //== Get this from ThemeDisplay getRootPortletId()
        //==
        //== I think Liferay 6.1.0 API may be broken here:  ResourceActionLocalServiceUtil.getResourceAction expects String, String . . .
        //==  . . . yet the `bitwiseValue` column is BIGINT(20) so nothing is returned.
        //== This causes us to attack it from a different angle
        List<ResourcePermission> resourcePerms = new ArrayList<ResourcePermission>();
        resourcePerms.addAll( ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(ugRole.getRoleId()) );
        for (ResourcePermission resourcePerm : resourcePerms){
    
            //== For each of the ResourcePermissions of this role, get the actionId (equals Role Permissions aka action-key)
            //== The link is a relative number, not unique in this table so ensure it is for this portlet only
            if ( resourcePerm.getName().equals(myRootname)){ 
                List<ResourceAction> resourceActions = new ArrayList<ResourceAction>();
                resourceActions.addAll( ResourceActionLocalServiceUtil.getResourceActions(myRootname)  );
                for (ResourceAction resourceAction : resourceActions) {
    
                    //== For each listed action, ensure it is the relative action number we want (actionId) 
                    if (resourceAction.getBitwiseValue() == resourcePerm.getActionIds() ) {
                        strOrgGroupRoles += " +-- action= " + resourceAction.getActionId() + "\n";
                    }   
    
                }   //== End of actionIds for this portlet
    
            }   //== End if this portlet only
    
        }   //== End ResourcePermissions for this role
    
    }   //== End roles for this user                
    

    HTH

    罗宾