Index: Customize.java
===================================================================
RCS file: /cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/controls/Customize.java,v
retrieving revision 1.1
diff -u -r1.1 Customize.java
--- Customize.java	14 Nov 2003 07:38:28 -0000	1.1
+++ Customize.java	11 Dec 2003 13:55:28 -0000
@@ -55,28 +55,25 @@
 package org.apache.jetspeed.modules.actions.controls;
 
 // Turbine stuff
-import org.apache.turbine.modules.Action;
-import org.apache.turbine.util.RunData;
+import java.util.Enumeration;
+import java.util.Stack;
 
-// Jetspeed stuff
-import org.apache.jetspeed.portal.Portlet;
-import org.apache.jetspeed.portal.PortletSet;
-import org.apache.jetspeed.portal.PortletControl;
-import org.apache.jetspeed.services.rundata.JetspeedRunData;
 import org.apache.jetspeed.om.profile.Profile;
 import org.apache.jetspeed.om.profile.ProfileLocator;
+import org.apache.jetspeed.portal.Portlet;
+import org.apache.jetspeed.portal.PortletControl;
+import org.apache.jetspeed.portal.PortletSet;
+import org.apache.jetspeed.services.JetspeedSecurity;
+import org.apache.jetspeed.services.Profiler;
 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
 import org.apache.jetspeed.services.logging.JetspeedLogger;
-import org.apache.jetspeed.services.Profiler;
+import org.apache.jetspeed.services.rundata.JetspeedRunData;
+import org.apache.jetspeed.services.security.PortalResource;
 import org.apache.jetspeed.services.statemanager.SessionState;
 import org.apache.jetspeed.util.template.JetspeedLink;
 import org.apache.jetspeed.util.template.JetspeedLinkFactory;
-import org.apache.jetspeed.services.security.PortalResource;
-import org.apache.jetspeed.services.JetspeedSecurity;
-import org.apache.jetspeed.om.security.JetspeedUser;
-
-import java.util.Enumeration;
-import java.util.Stack;
+import org.apache.turbine.modules.Action;
+import org.apache.turbine.util.RunData;
 
 /**
  * Handle Customization requests for the current portal page
@@ -221,9 +218,9 @@
                 portalResource.setOwner(null);
             }
 
-            if(!JetspeedSecurity.checkPermission((JetspeedUser) jdata.getUser(), 
-                                                 portalResource, 
-                                                 JetspeedSecurity.PERMISSION_CUSTOMIZE))
+            if(!JetspeedSecurity.checkPermission(jdata, 
+                                                 JetspeedSecurity.PERMISSION_CUSTOMIZE,
+												 portalResource))
             {
                 logger.warn("User " + jdata.getUser().getUserName() + " has no customize permission for portlet with id " + peid);
                 jdata.setMessage("Sorry, you have no customize permission for this portlet");
Index: JetspeedSecurity.java
===================================================================
RCS file: /cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java,v
retrieving revision 1.1
diff -u -r1.1 JetspeedSecurity.java
--- JetspeedSecurity.java	14 Nov 2003 07:38:31 -0000	1.1
+++ JetspeedSecurity.java	11 Dec 2003 13:47:11 -0000
@@ -600,18 +600,62 @@
      */
     public static boolean checkPermission(JetspeedRunData runData, String action, Portlet portlet)
     {
+		// disable actions option
+		 if (!checkRundataPermission(runData))
+		 {
+			 return false;
+		 }
         return checkPermission(runData.getJetspeedUser(), portlet, action);
     }
 
-    /**
-     * @see JetspeedSecurityService#checkPermission
-     */
-    public static boolean checkPermission(JetspeedRunData runData, String action, RegistryEntry entry)
-    {
-      return checkPermission(runData.getJetspeedUser(), new PortalResource(entry), action);
+	/**
+	 * @see JetspeedSecurityService#checkPermission
+	 */
+	public static boolean checkPermission(JetspeedRunData runData, String action, RegistryEntry entry)
+	{
+		// disable actions option
+		 if (!checkRundataPermission(runData))
+		 {
+			 return false;
+		 }
+	  return checkPermission(runData.getJetspeedUser(), new PortalResource(entry), action);
+	}
+	
+	/**
+	 * @see JetspeedSecurityService#checkPermission
+	 */
+	public static boolean checkPermission(JetspeedRunData runData, String action, PortalResource resource)
+	{
+		// disable actions option
+		 if (!checkRundataPermission(runData))
+		 {
+			 return false;
+		 }
+	  return checkPermission(runData.getJetspeedUser(), resource, action);
+	}
+
+	/**
+	 * Check customized permissions from RunData
+	 * (helper method)
+	 * 
+	 * @param runData
+	 * @return <b>false</b> if ActionsDisabledForAllUsers, ActionsDisabledForAnonor or user not LoggedIn
+	 * otherwise return true
+	 */
+    private static boolean checkRundataPermission(JetspeedRunData runData)
+    {
+		// disable actions option
+		 if (JetspeedSecurity.areActionsDisabledForAllUsers())
+		 {
+			 return false;
+		 }
+		 JetspeedUser user = runData.getJetspeedUser();
+		 if (JetspeedSecurity.areActionsDisabledForAnon() && false == user.hasLoggedIn())
+		 {
+			 return false;
+		 }
+		 return true;
     }
-
-                   
     //////////////////////////////////////////////////////////////////////////
     // Permission Management
     /////////////////////////////////////////////////////////////////////////