Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

LifeRay & JSf : How to get current logged User ?

DZone's Guide to

LifeRay & JSf : How to get current logged User ?

· Java Zone ·
Free Resource

Verify, standardize, and correct the Big 4 + more– name, email, phone and global addresses – try our Data Quality APIs now at Melissa Developer Portal!

I try here to show how can we detect current signed user, his name, his id and his attributed permissions.

First of all I create the following interface IPermissionChecker

package com.jTunisie.security;

import com.jTunisie.exception.PermissionException;

public interface IPermissionChecker {

String getUserId() throws PermissionException;

String getName() throws PermissionException;

boolean hasPermission(String permission) throws PermissionException;
}
An implementation for this class is PermissionCheckerImpl under com.jTunisie.security.permission.liferay package. This will help me to change implementation from one portal to an other.

 

package com.jTunisie.security.permission.liferay;

import com.jTunisie.security.IPermissionChecker;
import com.liferay.portal.PortalException;
import com.liferay.portal.SystemException;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.model.Role;
import com.liferay.portal.service.RoleServiceUtil;
import com.liferay.portal.theme.ThemeDisplay;
import com.jTunisie.exception.PermissionException;
import java.rmi.RemoteException;
import java.util.List;
import java.util.logging.Logger;
import javax.faces.context.FacesContext;


public class PermissionCheckerImpl implements IPermissionChecker {

private static Logger logger = Logger.getLogger(PermissionCheckerImpl.class.getName());

public String getUserId() throws NullPointerException {
String userId = null;
try {
userId = getUser().getLogin();
} catch (Exception ex) {
logger.severe(ex.getMessage());
throw new NullPointerException(ex.getMessage());
}
return userId;
}

public String getName() throws PermissionException {

String name = null;
try {
name = getUser().getFullName();
} catch (Exception ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
}
return name;
}

public boolean hasPermission(String permission) throws PermissionException {
try {
List<Role> roles = RoleServiceUtil.getUserRoles(getUser().getUserId());

for (Role role : roles) {
if (role.getName().equalsIgnoreCase(permission)) {
return true;
}
}
return false;
} catch (PortalException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
} catch (SystemException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
} catch (RemoteException ex) {
logger.severe(ex.getMessage());
throw new PermissionException(ex.getMessage());
}

}

private User getUser() {
return ((ThemeDisplay) FacesContext.getCurrentInstance().getExternalContext().getRequestMap().get(WebKeys.THEME_DISPLAY)).getUser();
}
}

And I declare this interface on one of my JSF session beans (here SessionBean1 as I use Netbeans 6 by default) :

  private IPermissionChecker permissionChecker;

public IPermissionChecker getPermissionChecker() {
return permissionChecker;
}

public void setPermissionChecker(IPermissionChecker permissionChecker) {
this.permissionChecker = permissionChecker;
}

Finally, I use IoC provided by JSF to inject my implementation. Here a snipped code from faces config.xml :

   <managed-bean>
<managed-bean-name>SessionBean1</managed-bean-name>
<managed-bean-class>com.jTunisie.SessionBean1</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
<managed-property>
<property-name>permissionChecker</property-name>
<value>#{LifeRayPermissionChecker}</value>
</managed-property>
</managed-bean>
<managed-bean>
<managed-bean-name>LifeRayPermissionChecker</managed-bean-name>
<managed-bean-class>com.jTunisie.security.permission.liferay.PermissionCheckerImpl</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
</managed-bean>

I tried to use JSR 168 for this purpose but I can't cast PortletRequest to HttpservletRequest. Any idea will be helpful.

 

Developers! Quickly and easily gain access to the tools and information you need! Explore, test and combine our data quality APIs at Melissa Developer Portal – home to tools that save time and boost revenue. 

Topics:

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}