0

Here in webcenter-driven ADF application we have a standard library called generic-site-resources-model.jar which contains file META-INF/service-definition.xml, which i wish to alter at one line, to add view resource' security permission, as in:

@@ -1189,7 +1189,7 @@
         <resource-permission>
           <resource-permission-impl>oracle.webcenter.security.auth.WebCenterResourcePermission</resource-permission-impl>
           <resource-permission-target-id>resource_oracle_webcenter_siteresource_@scope@_navigation_@resource@</resource-permission-target-id>
-          <resource-permission-action-list>manage,update</resource-permission-action-list>
+          <resource-permission-action-list>view,manage,update</resource-permission-action-list>
         </resource-permission>
       </permission-metadata>
     </security-definition>

How this is can be possibly done without alterning weblogic domain containing this library itself, somehow configuring our application? Maybe some way to override the whole generic-site-resources-model.jar with application-shipped clone? Or (ideally) some way to replace the targeted resource permission? Or some custom way of taking control over resource loading in application?

Nathan Hughes
  • 94,330
  • 19
  • 181
  • 276
Alexander Tumin
  • 1,561
  • 4
  • 22
  • 33
  • What exactly are you trying to do that necessitates the need to alter the service-definition of the generic site resources? Accordingly, a possible solution can be suggested. – Harsha R Oct 22 '13 at 10:26
  • We are requiring custom navigation switcher, which was implemented using navigation resources, which are easily created in administration panel of webcenter portal, but are only security-configurable for 'manage' and 'update' actions, which is not covering our needs. We need to be able to choose those users to which we are showing specific navigation resources in our navigation switcher. And I only found this resource definition which when altered can provide desired effect, only the way of altering (manual library file override on filesystem) is not satisfiable. – Alexander Tumin Oct 22 '13 at 21:25

1 Answers1

0

It is possible to implement appending custom actions to specific resource type using initialization phase listener and a little bit code, without any overriding at all.

Here is how:

ViewControllerProject/src/META-INF/adf-settings.xml

<?xml version="1.0" encoding="UTF-8" ?>
<adf-settings xmlns="http://xmlns.oracle.com/adf/settings">
    <adfc-controller-config xmlns="http://xmlns.oracle.com/adf/controller/config">
        <lifecycle>
            <phase-listener>
                <listener-id>PortalInitializer</listener-id>
                <class>com.otr.portal.initializer.PortalInitializer</class>
            </phase-listener>
        </lifecycle>
    </adfc-controller-config>
</adf-settings>

com.otr.portal.initializer.PortalInitializer

package com.otr.portal.initializer;

import oracle.adf.controller.v2.lifecycle.Lifecycle;
import oracle.adf.controller.v2.lifecycle.PagePhaseEvent;
import oracle.adf.controller.v2.lifecycle.PagePhaseListener;
import oracle.webcenter.security.internal.common.SecurityUtil;
import oracle.webcenter.security.model.exception.SecExtensionNotFoundException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class PortalInitializer implements PagePhaseListener {
    private static final Log log = LogFactory.getLog(PortalInitializer.class);
    private boolean firstCall = true;

    @Override
    public void afterPhase(PagePhaseEvent pagePhaseEvent) {
        if (pagePhaseEvent.getPhaseId() == Lifecycle.INIT_CONTEXT_ID) {
            if (firstCall) {
                setupViewNavigationResourcePermssion();
                firstCall = false;
            }
        }
    }

    private void setupViewNavigationResourcePermssion() {
        try {
            SecurityUtil.getSecurityExtension("oracle.webcenter.siteresources.navigation").getExtensionPermMetadata().getResourcePermMetadata().getResourcePermActionsList().add("view");
        } catch (SecExtensionNotFoundException e) {
            log.error("Error adding view resource permission to navigation resource type", e);
        }
    }

    @Override
    public void beforePhase(PagePhaseEvent pagePhaseEvent) {

    }
}
Alexander Tumin
  • 1,561
  • 4
  • 22
  • 33