Examples of org.jasig.portal.security.IAuthorizationPrincipal.canConfigure()

                final IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
                
                final IPortletDefinition portletDefinition = this.portletEntityRegistry.getParentPortletDefinition(portletWindow.getPortletEntityId());
                final IChannelDefinition channelDefinition = portletDefinition.getChannelDefinition();
                
                if (!ap.canConfigure(channelDefinition.getId())) {
                    throw new AuthorizationException(person.getUserName() + " does not have permission to render '" + channelDefinition.getFName() + "' in " + portletMode + " PortletMode");
                }
            }
            
            portletWindow.setPortletMode(portletMode);

                final IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
                
                final IPortletEntity portletEntity = portletWindow.getPortletEntity();
                final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
                
                if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {


                    logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode.  " +
                            "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW.  " +
                            "You should probably figure out who this user is and why they are trying to access " +
                            "unauthorized portlet modes.",

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.