SAK-41179 Check create permission in the site wiki before attempting …

…to create subspace default pages (sakaiproject#6458)

rwiki/rwiki-tool/tool/src/java/uk/ac/cam/caret/sakai/rwiki/tool/RWikiServlet.java

@@ -39,6 +39,7 @@
 import org.sakaiproject.tool.api.ToolSession;
 import org.sakaiproject.tool.cover.SessionManager;
 
+import uk.ac.cam.caret.sakai.rwiki.service.exception.PermissionException;
 import uk.ac.cam.caret.sakai.rwiki.tool.api.HttpCommand;
 import uk.ac.cam.caret.sakai.rwiki.tool.bean.PrePopulateBean;
 import uk.ac.cam.caret.sakai.rwiki.tool.bean.ViewBean;
@@ -194,12 +195,14 @@ public void prePopulateRealm(HttpServletRequest request)
 		RequestScopeSuperBean rssb = RequestScopeSuperBean.createAndAttach(
 				request, wac);
 
-
-
 
 		PrePopulateBean ppBean = rssb.getPrePopulateBean();
 
-		ppBean.doPrepopulate();
+		try {
+			ppBean.doPrepopulate();
+		} catch (PermissionException pe) {
+			log.debug("No permission to create subspace default pages");
+		}
 	}
 
 	public void addWikiStylesheet(HttpServletRequest request)

rwiki/rwiki-tool/tool/src/java/uk/ac/cam/caret/sakai/rwiki/tool/service/impl/PopulateServiceImpl.java

@@ -29,6 +29,7 @@
 import java.util.List;
 
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringUtils;
 
 import org.sakaiproject.component.api.ComponentManager;
 import org.sakaiproject.event.cover.EventTrackingService;
@@ -39,6 +40,7 @@
 
 import uk.ac.cam.caret.sakai.rwiki.service.api.PageLinkRenderer;
 import uk.ac.cam.caret.sakai.rwiki.service.api.RenderService;
+import uk.ac.cam.caret.sakai.rwiki.service.api.RWikiSecurityService;
 import uk.ac.cam.caret.sakai.rwiki.service.api.dao.RWikiCurrentObjectDao;
 import uk.ac.cam.caret.sakai.rwiki.service.api.model.RWikiCurrentObject;
 import uk.ac.cam.caret.sakai.rwiki.service.exception.PermissionException;
@@ -56,6 +58,8 @@ public class PopulateServiceImpl implements PopulateService
 
 	private RWikiCurrentObjectDao dao;
 
+	private RWikiSecurityService securityService;
+
 	private RenderService renderService = null;
 
 	private SiteService siteService = null;
@@ -67,6 +71,7 @@ public void init() throws IOException
 
 		renderService = (RenderService) load(cm, RenderService.class.getName());
 		siteService = (SiteService) load(cm, SiteService.class.getName());
+		securityService = (RWikiSecurityService) load(cm, RWikiSecurityService.class.getName());
 
 		for (Iterator i = seedPages.iterator(); i.hasNext();)
 		{
@@ -132,20 +137,22 @@ public void populateRealm(String user, String space, String group)
 		}
 		catch (Exception e)
 		{
-			log
-					.warn("Cant find who created this site, defaulting to current user for prepopulate ownership :"
-							+ owner);
+			log.warn("Can't find who created this site, defaulting to current user for prepopulate ownership: {}", owner);
 		}
 		if (s == null)
 		{
-			log
-					.error("Cant Locate current site, will populate only global pages with no restrictions");
+			log.error("Can't Locate current site, will populate only global pages with no restrictions");
 		}
-		if (log.isDebugEnabled())
-		{
-			log.debug("Populating space: " + space);
+
+		boolean subspace = (StringUtils.countMatches(space, "/") > 2);
+
+		if (subspace && !securityService.checkCreatePermission(group)) {
+			throw new PermissionException("Not authorized to create subspaces in this site");
 		}
 
+		log.debug("Populating space: {} user: {} owner: {} group: {} subspace: {}",
+			space, user, owner, group, subspace);
+
 		for (Iterator i = seedPages.iterator(); i.hasNext();)
 		{