Package org.apache.photark.security.authorization

Examples of org.apache.photark.security.authorization.AccessList

712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
    public synchronized boolean isPermitted(String userId, String resourceName, String[] permissionNames) {
        if (userId == null || userId.trim().equals("")) {
            return false;
        }
        AccessList accessList = getAccessListFromUserId(userId);
        if (!initialised) {
            init();
        }

        if (accessList == null) {
            return false;
        }
        // Super admin have all the rights
        if (accessList.getUserId().equals(SUPER_ADMIN)) {
            return true;
        }
        if (resourceName == null || resourceName.trim().equals("")) {
            return false;
        }
        Map<String, List<Permission>> userPermissionMap = accessList.getPermissions();
        List<String> allowedPermissions;
        if (permissionNames != null) {
            allowedPermissions = Arrays.asList(permissionNames);
        } else {
            allowedPermissions = new ArrayList<String>();
        }
        // all albums with no owners are viewable by everyone
        if (allowedPermissions.contains(ALBUM_VIEW_IMAGES_PERMISSION) && isNoOwnerForAlbum(resourceName)) {
           return true;
        }
        List<Permission> permissions = new ArrayList<Permission>();
        // if the user in Registered User List or in the Supper Admin List
        // the user is allowed to create Albums and create User Groups
        if ((allowedPermissions.contains(ALBUM_CREATE_PERMISSION) || allowedPermissions
            .contains(USER_GROUP_CREATE_PERMISSION)) && (isUserStoredInList(accessList.getUserId(),
                                                                            REGISTERED_USER_LIST) || isUserStoredInList(accessList
                                                                                                                            .getUserId(),
                                                                                                                        SUPER_ADMIN_LIST))) {
            return true;
        }
        // owner have rights for his album
        if (isUserTheOwner(accessList.getUserId(), resourceName)) {
            return true;
        }
        if (userPermissionMap.containsKey(resourceName)) {
            permissions = (userPermissionMap.get(resourceName));
        }
View Full Code Here
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
        try {
            Node group;
            Session session = repositoryManager.getSession();
            Node roles = (Node)session.getItem("/" + USER_STORE + "/" + ALL_GROUPS);
            AccessList accessList = getAccessListFromSecurityToken(securityToken);

            if (!roles.hasNode(groupName)) {
                // super admin not allowed to create groups
                if (!accessList.getUserId().equals(SUPER_ADMIN) && isPermitted(accessList.getUserId(),
                                                                               groupName,
                                                                               new String[] {USER_GROUP_CREATE_PERMISSION})) {
                    group = roles.addNode(groupName);
                    group.setProperty(GROUP_USERS, JCREncoder.toJCRFormat(userIds));
                    group.setProperty(GROUP_OWNER, JCREncoder.toJCRFormat(accessList.getUserId()));

                }
            } else {

                group = roles.getNode(groupName);
                if (group.getProperty(GROUP_OWNER).getString().contains(JCREncoder.toJCRFormat(accessList.getUserId()))) {
                    // deleting the accessList of the users
                    for (String userId : group.getProperty(GROUP_USERS).getString().split(",")) {
                        removeAccessList(JCREncoder.toNormalFormat(userId));
                    }
                    group.setProperty(GROUP_USERS, JCREncoder.toJCRFormat(userIds));
View Full Code Here
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
    }

    // delete the user groups

    public synchronized void deleteGroup(String groupName, String securityToken) {
        AccessList accessList = getAccessListFromSecurityToken(securityToken);
        Map<String, List<String>> groupMap = new HashMap<String, List<String>>();
        try {

            Session session = repositoryManager.getSession();
            Node groups = (Node)session.getItem("/" + USER_STORE + "/" + ALL_GROUPS);

            if (groups.hasNode(groupName)) {
                Node groupNode = groups.getNode(groupName);
                if (accessList.getUserId().equals(SUPER_ADMIN) || groupNode.hasProperty(GROUP_OWNER)
                    && accessList.getUserId().equals(JCREncoder.toNormalFormat(groupNode.getProperty(GROUP_OWNER)
                        .getString()))) {
                    // deleting the accessList of the users
                    for (String userId : groupNode.getProperty(GROUP_USERS).getString().split(",")) {
                        removeAccessList(JCREncoder.toNormalFormat(userId));
                    }
                    groupNode.remove();
                    Node roles = (Node)session.getItem("/" + USER_STORE + "/" + ALL_ROLES);
                    NodeIterator roleNodes = roles.getNodes();
                    while (roleNodes.hasNext()) {
                        Node roleNode = roleNodes.nextNode();
                        NodeIterator albumNodes = roleNode.getNodes();
                        while (albumNodes.hasNext()) {
                            Node albumNode = albumNodes.nextNode();
                            if (isUserTheOwner(accessList.getUserId(), albumNode.getName())) {
                                String userGroups;
                                if (!roleNode.getName().equals(ALL_USERS_VIEW_ROLE)) {
                                    userGroups = albumNode.getProperty(ROLE_USER_GROUPS).getString();
                                    userGroups = (userGroups + ",").replace(groupName + ",", "");
                                    if (userGroups.trim().equals("")) {
View Full Code Here
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
    }

    // get user groups owned by the user. For super admin all groups

    public synchronized List getGroups(String securityToken) {
        AccessList accessList = getAccessListFromSecurityToken(securityToken);
        List<Object[]> groupList = new ArrayList<Object[]>();
        try {
            Session session = repositoryManager.getSession();
            Node roles = (Node)session.getItem("/" + USER_STORE + "/" + ALL_GROUPS);
            NodeIterator groupNodes = roles.getNodes();
            while (groupNodes.hasNext()) {
                Node groupNode = groupNodes.nextNode();
                // if user is super admin, or the owner of the group he will get
                // the group
                if (accessList.getUserId().equals(SUPER_ADMIN) || groupNode.hasProperty(GROUP_OWNER)
                    && accessList.getUserId().equals(JCREncoder.toNormalFormat(groupNode.getProperty(GROUP_OWNER)
                        .getString()))) {
                    groupList.add(new Object[] {
                                                groupNode.getName(),
                                                Arrays.asList(JCREncoder.toNormalFormat(groupNode
                                                    .getProperty(GROUP_USERS).getString()).split(","))});
View Full Code Here
1090
1091
1092
1093
1094
1095
1096
            }
        } catch (RepositoryException e) {
            e.printStackTrace();
        }
        Map<String, List<Permission>> permissions = getPermissions(userId);
        return new AccessList(userId, permissions);
    }
View Full Code Here
1101
1102
1103
1104
1105
1106
1107
        if (!initialised) {
            init();
        }

        Map<String, List<Permission>> permissions = getPermissions(userId);
        return new AccessList(userId, permissions);
    }
View Full Code Here
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
            Object[] accessListAndToken = accessTokenMap.get(userId);
            if (((String)accessListAndToken[1]).equals(token)) {
                if (accessListAndToken[0] != null) {
                    return (AccessList)accessListAndToken[0];
                } else {
                    AccessList accessList = updateAccessList(userId);
                    putAccessListAndToken(accessList, (String)accessListAndToken[1]);
                    return accessList;
                }
            }
        }
View Full Code Here
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
        if (accessTokenMap.containsKey(userId)) {
            Object[] accessListAndToken = accessTokenMap.get(userId);
            if (accessListAndToken[0] != null) {
                return (AccessList)accessListAndToken[0];
            } else {
                AccessList accessList = updateAccessList(userId);
                putAccessListAndToken(accessList, (String)accessListAndToken[1]);
                return accessList;
            }

        } else {
View Full Code Here
71
72
73
74
75
76
77
78
79
80
81
     
      //Invalidating the OpenID authentication
      RelyingParty.getInstance().invalidate(request, response);
     
      //Creating the accessList
      AccessList accessList=accessManager.createAccessList(SUPER_ADMIN,"");
      request.getSession().setAttribute(ACCESS_LIST, accessList);
      System.err.println("Super Admin authenticated");

      response.sendRedirect(request.getContextPath() + "/admin/upload.html");
     
View Full Code Here
TOP

Related Classes of org.apache.photark.security.authorization.AccessList

  • org.apache.photark.jcr.security.authorization.JCRAccessManager
  • org.apache.photark.security.authentication.services.FormAuthenticationServiceImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.