To provide an efficient implementation of ContentHostingService.isPubView(String id) method, the ContentHostingService needs to retrieve a list of realms within a site for which the anonymous role has "content.read" permission. The proposal is for CHS.isPubView(String) to call a new method, SecurityService.listRealmsWithinContainer(String role, String function, String realmStartsWith). The implementation for that method would call a new method, AuthzGroupService.listRealmsWithinContainer(String role, String function, String realmStartsWith). The implementation for that method in BaseAuthzGroupService would call a new method, BaseAuthzGroupService.DbStorage.listRealmsWithinContainer(String role, String function, String realmStartsWith). The implementation for that method in DbAuthzGroupService.Storage would be sort of like this:
/* (non-Javadoc)
- @see org.sakaiproject.authz.impl.BaseAuthzGroupService.Storage#listRealmsWithinContainer(java.lang.String, java.lang.String, java.lang.String)
*/
public Set<String> listRealmsWithinContainer(String function,
String role, String startsWith) {
Set<String> realms = new TreeSet<String>();
String query = "select SAKAI_REALM.REALM_ID from SAKAI_REALM_RL_FN,SAKAI_REALM "
+ "where SAKAI_REALM_RL_FN.REALM_KEY = SAKAI_REALM.REALM_KEY and SAKAI_REALM.REALM_ID LIKE ? "
+ "and FUNCTION_KEY in (select FUNCTION_KEY from SAKAI_REALM_FUNCTION where FUNCTION_NAME = ?) "
+ "and ROLE_KEY in (select ROLE_KEY from SAKAI_REALM_ROLE where ROLE_NAME = ?)";
Object[] fields = new Object[3];
fields[0] = startsWith.trim() + "%";
fields[1] = function;
fields[2] = role;
try {
List results = sqlService().dbRead(query, fields, null);
if(results != null)
} catch (Exception e)
{ M_log.warn(this + ".listRealmsWithinContainer(\"" + function + "\",\"" + role + "\",\"" + startsWith + ")", e ); } return realms;
}