modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/configuration/ConfigurationManagerBean.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
New commits: commit 24ba99780531d2f187528d7b555d79fab807467b Author: Filip Drabek fdrabek@dhcp-lab-136.englab.brq.redhat.com Date: Mon Sep 20 13:47:47 2010 +0200
BZ - 617603,617649,617653 - permission checks.
diff --git a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/configuration/ConfigurationManagerBean.java b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/configuration/ConfigurationManagerBean.java index cb17046..d4451bc 100644 --- a/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/configuration/ConfigurationManagerBean.java +++ b/modules/enterprise/server/jar/src/main/java/org/rhq/enterprise/server/configuration/ConfigurationManagerBean.java @@ -985,7 +985,7 @@ public class ConfigurationManagerBean implements ConfigurationManagerLocal, Conf
// make sure the user has the proper permissions to do this Resource resource = doomedRequest.getResource(); - if (!authorizationManager.hasResourcePermission(subject, Permission.CONFIGURE_WRITE, resource.getId())) { + if (!authorizationManager.hasResourcePermission(subject, Permission.MODIFY_RESOURCE, resource.getId())) { throw new PermissionException("User [" + subject.getName() + "] does not have permission to purge a configuration update audit trail for resource [" + resource + "]"); @@ -1909,10 +1909,10 @@ public class ConfigurationManagerBean implements ConfigurationManagerLocal, Conf public int deleteGroupResourceConfigurationUpdates(Subject subject, Integer resourceGroupId, Integer[] groupResourceConfigurationUpdateIds) {
- if (authorizationManager.hasGroupPermission(subject, Permission.CONFIGURE_WRITE, resourceGroupId) == false) { + if (authorizationManager.hasGroupPermission(subject, Permission.MODIFY_RESOURCE, resourceGroupId) == false) { log.error(subject + " attempted to delete " + groupResourceConfigurationUpdateIds.length + " group resource configuration updates for ResourceGroup[id" + resourceGroupId - + "], but did not have the " + Permission.CONFIGURE_WRITE.name() + " permission for this group"); + + "], but did not have the " + Permission.MODIFY_RESOURCE.name() + " permission for this group"); return 0; }
@@ -1983,7 +1983,7 @@ public class ConfigurationManagerBean implements ConfigurationManagerLocal, Conf GroupPluginConfigurationUpdate update = getGroupPluginConfigurationById(configurationUpdateId);
int groupId = update.getGroup().getId(); - if (authorizationManager.hasGroupPermission(subject, Permission.CONFIGURE_READ, groupId) == false) { + if (authorizationManager.hasGroupPermission(subject, Permission.MODIFY_RESOURCE, groupId) == false) { throw new PermissionException("User[" + subject.getName() + "] does not have permission to view group resourceConfiguration[id=" + configurationUpdateId + "]"); }
rhq-commits@lists.fedorahosted.org