Ouertani Slim was born in Tunisia in 1981. Now he is a software engineer since 2004 and he is Java 6 and Spring certified with 100% and 94% respectively. He is very interested in Java technology, Scala and open source projects. He believes that programming is one of the hardest jobs and most beautiful in the world. Slim has posted 32 posts at DZone. You can read more from them at their website. View Full User Profile

LifeRay & JSf : How to get current logged User ?

03.16.2008
| 30554 views |
  • submit to reddit

I try here to show how can we detect current signed user, his name, his id and his attributed permissions.

First of all I create the following interface IPermissionChecker

package com.jTunisie.security;

import com.jTunisie.exception.PermissionException;

public interface IPermissionChecker {

String getUserId() throws PermissionException;

String getName() throws PermissionException;

boolean hasPermission(String permission) throws PermissionException;
}
An implementation for this class is PermissionCheckerImpl under com.jTunisie.security.permission.liferay package. This will help me to change implementation from one portal to an other.

 

package com.jTunisie.security.permission.liferay;

import com.jTunisie.security.IPermissionChecker;
import com.liferay.portal.PortalException;
import com.liferay.portal.SystemException;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.model.Role;
import com.liferay.portal.service.RoleServiceUtil;
import com.liferay.portal.theme.ThemeDisplay;
import com.jTunisie.exception.PermissionException;
import java.rmi.RemoteException;
import java.util.List;
import java.util.logging.Logger;
import javax.faces.context.FacesContext;


public class PermissionCheckerImpl implements IPermissionChecker {

private static Logger logger = Logger.getLogger(PermissionCheckerImpl.class.getName());

public String getUserId() throws NullPointerException {
String userId = null;
try {
userId = getUser().getLogin();
} catch (Exception ex) {
logger.severe(ex.getMessage());
throw new NullPointerException(ex.getMessage());
}
return userId;
}

public String getName() throws PermissionException {

String name = null;
try {
name = getUser().getFullName();
} catch (Exception ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
}
return name;
}

public boolean hasPermission(String permission) throws PermissionException {
try {
List<Role> roles = RoleServiceUtil.getUserRoles(getUser().getUserId());

for (Role role : roles) {
if (role.getName().equalsIgnoreCase(permission)) {
return true;
}
}
return false;
} catch (PortalException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
} catch (SystemException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
} catch (RemoteException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
}

}

private User getUser() {
return ((ThemeDisplay) FacesContext.getCurrentInstance().getExternalContext().getRequestMap().get(WebKeys.THEME_DISPLAY)).getUser();
}
}

And I declare this interface on one of my JSF session beans (here SessionBean1 as I use Netbeans 6 by default) :

  private IPermissionChecker permissionChecker;

public IPermissionChecker getPermissionChecker() {
return permissionChecker;
}

public void setPermissionChecker(IPermissionChecker permissionChecker) {
this.permissionChecker = permissionChecker;
}

Finally, I use IoC provided by JSF to inject my implementation. Here a snipped code from faces config.xml :

   <managed-bean>
<managed-bean-name>SessionBean1</managed-bean-name>
<managed-bean-class>com.jTunisie.SessionBean1</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
<managed-property>
<property-name>permissionChecker</property-name>
<value>#{LifeRayPermissionChecker}</value>
</managed-property>
</managed-bean>
<managed-bean>
<managed-bean-name>LifeRayPermissionChecker</managed-bean-name>
<managed-bean-class>com.jTunisie.security.permission.liferay.PermissionCheckerImpl</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
</managed-bean>

I tried to use JSR 168 for this purpose but I can't cast PortletRequest to HttpservletRequest. Any idea will be helpful.

 

3.5
Your rating: None Average: 3.5 (2 votes)
Published at DZone with permission of its author, Slim Ouertani.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)

Tags: