Details
-
Task
-
Status: Closed
-
Top
-
Resolution: Fixed
-
None
-
None
-
None
-
Platform 193 - HST Almost, Platform 194 - Features Done!
Description
The security model has a method like this:
org.hippoecm.hst.channelmanager.security.SecurityModelImpl#isUserInRole(final Session session, final String functionalRole)
It checks whether session has the right role. It does this against a path defined in the channel mgr yaml config by :
manage.changes.privileges.path
This manage.changes.privileges.path in the channel mgr bootstrap yaml is
manage.changes.privileges.path = /hst:hst
Obviously, this is not the way it should work. Rather, the isUserInRole method should become something like:
org.hippoecm.hst.channelmanager.security.SecurityModelImpl#isUserInRole(final Channel channel, final Session session, final String functionalRole)
the above makes much more sense. Then also the page composer code becomes cleaner since :
@GET
@Path("/composermode/{renderingHost}/{mountId}")
@Produces(MediaType.APPLICATION_JSON)
public Response composerModeGet(@HeaderParam("hostGroup") final String hostGroup,
@Context HttpServletRequest servletRequest,
@PathParam("renderingHost") String renderingHost,
@PathParam("mountId") String mountId) {
HttpSession session = servletRequest.getSession(true);
final CmsSessionContext cmsSessionContext = CmsSessionContext.getContext(session);
final Map<String, Serializable> contextPayload = cmsSessionContext.getContextPayload();
contextPayload.put(ContainerConstants.RENDERING_HOST, renderingHost);
contextPayload.put(ContainerConstants.COMPOSER_MODE_ATTR_NAME, Boolean.TRUE);
contextPayload.put(ContainerConstants.CMS_REQUEST_RENDERING_MOUNT_ID, mountId);
final HstRequestContext requestContext = getPageComposerContextService().getRequestContext();
final boolean isChannelDeletionSupported = isChannelDeletionSupported(mountId, hostGroup);
final boolean isConfigurationLocked = isConfigurationLocked(mountId, hostGroup);
try {
final boolean hasAdminRole = securityModel.isUserInRole(requestContext.getSession(), CHANNEL_MANAGER_ADMIN_ROLE);
final boolean isWebmaster = securityModel.isUserInRole(requestContext.getSession(), CHANNEL_WEBMASTER_ROLE);
final boolean canDeleteChannel = isChannelDeletionSupported && hasAdminRole && !isConfigurationLocked;
final boolean canManageChanges = hasAdminRole && !isConfigurationLocked;
HandshakeResponse response = new HandshakeResponse();
response.setCanWrite(isWebmaster);
response.setCanManageChanges(canManageChanges);
response.setCanDeleteChannel(canDeleteChannel);
response.setCrossChannelPageCopySupported(isCrossChannelPageCopySupported);
response.setSessionId(session.getId());
log.info("Composer-Mode successful");
return ok("Composer-Mode successful", response);
} catch (IllegalStateException | RepositoryException e) {
return error("Could not determine authorization or role", e);
}
}
can be replaced to first find the Channel for 'mountId' and check the privilege on the channel! You can then thus be for example author on channel A and webmaster on channel B !
Note that after this, the property 'manage.changes.privileges.path' can also be removed from the channel mgr addon