LPD-2612 prevent to check permission for a resource more than once wh…

…en multiples portlets from the same type are instanciated
marcosapmf · Jun 6, 2024 · 3de30be · 3de30be
1 parent 0820942
commit 3de30be
Showing 1 changed file with 33 additions and 14 deletions.
diff --git a/...al/product/navigation/control/menu/AnalyticsReportsProductNavigationControlMenuEntry.java b/...al/product/navigation/control/menu/AnalyticsReportsProductNavigationControlMenuEntry.java
@@ -55,10 +55,12 @@
 import java.io.Writer;
 
 import java.util.Arrays;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.ResourceBundle;
+import java.util.Set;
 
 import javax.portlet.PortletRequest;
 
@@ -325,35 +327,52 @@ private InfoItemReference _getInfoItemReference(
 		return infoItemReference;
 	}
 
+	private String _getResourceName(
+		String portletId, Map<String, List<String>> resourceNames) {
+
+		for (Map.Entry<String, List<String>> entry : resourceNames.entrySet()) {
+			if (portletId.contains(entry.getKey())) {
+				return entry.getKey();
+			}
+		}
+
+		return null;
+	}
+
 	private boolean _hasResourcePermission(
-		String actionId, long groupId, String plid,
-		Map<String, List<String>> resourceNames) {
+		String actionId, String plid, Map<String, List<String>> resourceNames,
+		ThemeDisplay themeDisplay) {
+
+		if (!themeDisplay.isSignedIn()) {
+			return false;
+		}
 
 		if (Validator.isNotNull(plid)) {
 			PermissionChecker permissionChecker =
 				PermissionThreadLocal.getPermissionChecker();
 
+			Set<String> resourceNamesSet = new HashSet<>();
+
 			List<PortletPreferences> portletPreferencesList =
 				_portletPreferencesLocalService.getPortletPreferencesByPlid(
 					GetterUtil.getLong(plid));
 
 			for (PortletPreferences portletPreferences :
 					portletPreferencesList) {
 
-				String portletId = portletPreferences.getPortletId();
-
-				for (Map.Entry<String, List<String>> entry :
-						resourceNames.entrySet()) {
+				String resourceName = _getResourceName(
+					portletPreferences.getPortletId(), resourceNames);
 
-					if (portletId.contains(entry.getKey())) {
-						for (String resourceName : entry.getValue()) {
-							if (permissionChecker.hasPermission(
-									groupId, resourceName, "0", actionId)) {
+				if (resourceName != null) {
+					resourceNamesSet.add(resourceName);
+				}
+			}
 
-								return true;
-							}
-						}
-					}
+			for (String resourceName : resourceNamesSet) {
+				if (permissionChecker.hasPermission(
+						themeDisplay.getScopeGroupId(), resourceName, "0",
+						actionId)) {
+					return true;
 				}
 			}
 		}