Liferay has permission checker where user related
permissions are available. Whenever we are giving access to specific resources
then we will use permission checker. From permission checker we will use has permission
to check the user permissions, permission checker object will be ready when the
user login into the Liferay portal.
In JSP level we will use following code to get user
permission checker Object.
PermissionChecker permissionCheckerObj =
themeDisplay.getPermissionChecker();
Or
We have JSP implicit variable for permission checker as follows.
permissionChecker
Finally
we will use has permission method to check whether user have permission or not
as follows.
permissionChecker.hasPermission(-----);
|
Another scenario where we are calling XXXServiceUtil methods of service layer,
these are services which need to passing through permission checker and
permission checker will check whether user has right permission to call these
methods or not, otherwise it throws PrincipalException
says that permission checker is not set.
Generally XXXServiceUtil
methods are for login user or user should have right permission to use these
calls otherwise it throws exception.
Example:
UserServiceUtil.addUser(----);
GroupServiceUtil.addGroup(----);
OR
themeDisplay.getScopeGroup().getExpandoBridge().addAttribute("test");
|
Above methods calls will fails when we are invoking as
guest user, it means executing these methods without login into Liferay portal.
If the user does not have right permission to call these methods then it will
throw following exception stack trace.
com.liferay.portal.security.auth.PrincipalException
at
com.liferay.portal.service.permission.
PortletPermissionImpl.check(PortletPermissionImpl.java:161)
at
com.liferay.portal.service.permission.
PortletPermissionUtil.check(PortletPermissionUtil.java:113)
at
com.liferay.portlet.expando.service.
impl.ExpandoColumnServiceImpl.
addColumn(ExpandoColumnServiceImpl.java:47)
|
But we can call these methods as guest user and we
will call these methods on behalf of Admin user permission checker object such
way we can use these services.
The following is code to call XXXServiceUtil methods on behalf of administrator and this will
work any time it means whether you login into portal or not.
The
following is example
Role
adminRole = RoleLocalServiceUtil.getRole(CompanyThreadLocal.getCompanyId(), "Administrator");
List<User>
adminUsers = UserLocalServiceUtil.getRoleUsers(adminRole.getRoleId());
long
userId = 20159;
if(adminUsers
!= null && !adminUsers.isEmpty()) {
userId =
adminUsers.get(0).getUserId();
}
User
user1 = UserLocalServiceUtil.getUser(userId);
PermissionChecker
checker = PermissionCheckerFactoryUtil.create(user);
PermissionThreadLocal.setPermissionChecker(checker);
UserServiceUtil.addUser(--);
GroupServiceUtil.addGroup(--);
|
We need to get
admin user and we can create permission checker object, finally we will set
permission object to Permission Thread Local so that permission checker is available.
Once you set permission checker next code lines we can call XXXServiceUtil methods then it will be successfully
invoked.
Note:
This is not recommended way but some scenarios when it
needed where we can use it.
Let’s say we are writing some application start up
hooks where we may need use XXXServiceUtil
methods need to be called then it will be useful. Because we are not sure while
deploy the hook portal is login with user or not, otherwise method invocation
will get failed after deployment of hook.
Let’s say in our custom portlet service layer we may
need portal XXXServiceUtil methods
in that scenarios also we can use it.
All of methods are available in XXXLocalServiceUtil but some scenarios if not available then it may
useful.
Author
I was reading some of your content on this website and I conceive this internet site is really informative ! Keep on putting up. health care services
ReplyDeletehttp://zielonyflaming.pl Maintain the spectacular job !! Lovin' it!
ReplyDeletekosmetikana.pl Great internet site! It looks extremely expert! Maintain the excellent job!
ReplyDeletehttp://natury-smak.pl Many thanks, this site is very valuable.
ReplyDeletehttp://nutrisolutions.pl Simply needed to emphasize Now i'm glad I stumbled upon your site!
ReplyDelete