Skip to content

Commit

Permalink
SAK-29970 Allow roles returned by RoleProvider to be enabled/disabled. (
Browse files Browse the repository at this point in the history
sakaiproject#2566)

Allow roles returned by RoleProvider to be enabled/disabled.
  • Loading branch information
Miguel Carro Pellicer authored and ottenhoff committed May 24, 2016
1 parent 058abb0 commit d528d74
Showing 2 changed files with 14 additions and 1 deletion.
Original file line number Diff line number Diff line change
@@ -4250,6 +4250,14 @@
# Should the .anon role be assignable to a realm? Defaults to false.
# sitemanage.grant.anon=true

# SAK-29970
# Should the additional roles be assignable to a realm? Defaults to false.
# sitemanage.grant.origin.provided = true
# sitemanage.grant.origin.internal = true
# sitemanage.grant.role.allstaff = true
# sitemanage.grant.role.allusers = true
# sitemanage.grant.role.allstudents = true

# #####
# SAK-27743 Quartz job to seed sites, users, and resources
# #####
Original file line number Diff line number Diff line change
@@ -3860,7 +3860,12 @@ private Map<String, AdditionalRole> getAdditionalAccess(AuthzGroup realm) {
*/
protected Map<String, AdditionalRole> loadAdditionalRoles() {
Map<String, AdditionalRole> additionalRoles = new HashMap<String, AdditionalRole>();
for (String roleId : authzGroupService.getAdditionalRoles()) {
for (String roleId : authzGroupService.getAdditionalRoles()) {
// Check if the role is allowed to be granted in the realm
boolean allowedRoleId = ServerConfigurationService.getBoolean("sitemanage.grant"+roleId, false);
if(!allowedRoleId){
continue;
}
AdditionalRole role = new AdditionalRole();
role.id = roleId;
role.name = authzGroupService.getRoleName(role.id);

0 comments on commit d528d74

Please sign in to comment.