Package org.fao.geonet.kernel

Examples of org.fao.geonet.kernel.AccessManager

201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
          result = transform(result);
          addInfo(result);
        } else {
                // you're not an Administrator: only return harvest nodes from groups visible to you
                GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
                AccessManager am = gc.getBean(AccessManager.class);
                Set<Integer> groups = am.getVisibleGroups(context.getUserSession().getUserIdAsInt());
                result = transform(result);
                Element nodeGroup =  result.getChild("ownerGroup");
                if ((nodeGroup != null) && (groups.contains(Integer.valueOf(nodeGroup.getValue())))) {
                    addInfo(result);
                } else {
                    return null;
                }
            }
    } else {

            // id is null: return all (visible) nodes
            Element nodes = result.getChild("children");
      result = new Element("nodes");
      if (nodes != null) {
                // you're Administrator: all nodes are visible
                if (profile == Profile.Administrator) {
                    for (Object o : nodes.getChildren()) {
                        Element node = transform((Element) o);
                        addInfo(node);
                        result.addContent(node);
                    }
                } else {
                    // you're not an Adminstrator: only return nodes in groups visible to you
                    GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
                    AccessManager am = gc.getBean(AccessManager.class);
                    Set<Integer> groups = am.getVisibleGroups(context.getUserSession().getUserIdAsInt());
            for (Object o : nodes.getChildren()) {
              Element node = transform((Element) o);
                        Element nodeGroup =  node.getChild("ownerGroup");
                        if ((nodeGroup != null) && (groups.contains(Integer.valueOf(nodeGroup.getValue())))) {
                  addInfo(node);
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
139
140
    public void checkPrivilege(ServiceContext context, String id,
            ReservedOperation operation) throws Exception {
        GeonetContext gc = (GeonetContext) context
                .getHandlerContext(Geonet.CONTEXT_NAME);

        AccessManager accessMan = gc.getBean(AccessManager.class);

        Set<Operation> hsOper = accessMan.getOperations(context, id, context.getIpAddress());
       
        for (Operation op : hsOper) {
            if (op.is(operation)) {
                return;
            }
View Full Code Here
152
153
154
155
156
157
158
159
160
161
  public void checkEditPrivilege(ServiceContext context, String id)
      throws Exception {
    GeonetContext gc = (GeonetContext) context
        .getHandlerContext(Geonet.CONTEXT_NAME);
    AccessManager am = gc.getBean(AccessManager.class);

    if (!am.canEdit(context, id))
      denyAccess(context);
  }
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
    public Element exec(Element params, ServiceContext context) throws Exception {
        int userId = Util.getParamAsInt(params, "id");

        GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
        UserSession us = context.getUserSession();
        AccessManager am = gc.getBean(AccessManager.class);

        Set<Integer> userGroups = am.getVisibleGroups(userId);
        Set<Integer> myGroups = am.getUserGroups(us, null, false);

        //--- remove 'Intranet' and 'All' groups
        myGroups.remove(ReservedGroup.intranet.getId());
        myGroups.remove(ReservedGroup.all.getId());
View Full Code Here
447
448
449
450
451
452
453
454
455
456
457
458
459
    // --- retrieve accessible groups

    GeonetContext gc = (GeonetContext) context
        .getHandlerContext(Geonet.CONTEXT_NAME);
    AccessManager am = gc.getBean(AccessManager.class);

    Set<Integer> userGroups = am.getUserGroups(context.getUserSession(), context.getIpAddress(), false);

    // --- scan query result to collect info

        OperationAllowedRepository operationAllowedRepository = context.getBean(OperationAllowedRepository.class);
        List<OperationAllowed> opsAllowed = operationAllowedRepository.findAllById_MetadataId(iId);
View Full Code Here
67
68
69
70
71
72
73
74
75
76
77
78
79
           (format.equalsIgnoreCase(FORMAT_XML)))) {

            format = FORMAT_XML;
        }

        AccessManager am = context.getBean(AccessManager.class);

        Set<Integer> groups = am.getUserGroups(context.getUserSession(), context.getIpAddress(), false);

        final OperationAllowedRepository operationAllowedRepository = context.getBean(OperationAllowedRepository.class);
        Specifications<OperationAllowed> spec = Specifications.where(OperationAllowedSpecs.hasOperation(ReservedOperation.view));
        for (Integer grpId : groups) {
            spec = spec.and(OperationAllowedSpecs.hasGroupId(grpId));
View Full Code Here
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
  private void processRecord(ServiceContext context, String uuid, String category, String xpath, String getTit, String xpathTit, boolean doChanges, Set<Integer> metadata, Set<Integer> notFound, Set<Integer> notOwner, Set<Integer> subtemplates, Element response) throws Exception {

    GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
    DataManager   dataMan   = gc.getBean(DataManager.class);
    AccessManager accessMan = gc.getBean(AccessManager.class);

    if (context.isDebugEnabled())
      context.debug("Extracting subtemplates from metadata with uuid:"+ uuid);

        final MetadataRepository metadataRepository = context.getBean(MetadataRepository.class);
        Metadata metadataEntity = metadataRepository.findOneByUuid(uuid);

    // Metadata may have been deleted since selection
    if (metadataEntity != null) {
            String id   = "" + metadataEntity.getId();

      if (!accessMan.isOwner(context, id)) {
        notOwner.add(metadataEntity.getId());
      } else {
        extractSubtemplates(context, dataMan, metadataEntity, category, xpath, getTit, xpathTit, doChanges, metadata, subtemplates, response);
      }
    } else {
View Full Code Here
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
    //--------------------------------------------------------------------------

    public Element serviceSpecificExec(Element params, ServiceContext context) throws Exception {
        GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
        DataManager dm = gc.getBean(DataManager.class);
        AccessManager accessMan = gc.getBean(AccessManager.class);
        UserSession session = context.getUserSession();


        String targetUsr = Util.getParam(params, Params.USER);
        String targetGrp = Util.getParam(params, Params.GROUP);

        Set<Integer> metadata = new HashSet<Integer>();
        Set<Integer> notFound = new HashSet<Integer>();
        Set<Integer> notOwner = new HashSet<Integer>();

        context.info("Get selected metadata");
        SelectionManager sm = SelectionManager.getManager(session);

        synchronized (sm.getSelection("metadata")) {
            for (Iterator<String> iter = sm.getSelection("metadata").iterator(); iter.hasNext(); ) {
                String uuid = (String) iter.next();
                String id = dm.getMetadataId(uuid);

                context.info("Attempting to set metadata owner on: " + id);

                //--- check existence and access
                Metadata info = context.getBean(MetadataRepository.class).findOne(id);

                if (info == null) {
                    notFound.add(Integer.valueOf(id));
                } else if (!accessMan.isOwner(context, id)) {
                    notOwner.add(Integer.valueOf(id));
                } else {

                    //-- Get existing owner and privileges for that owner - note that
                    //-- owners don't actually have explicit permissions - only their
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
     * @throws Exception
     */
    public Element serviceSpecificExec(Element params, ServiceContext context) throws Exception {
        GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
        DataManager dataMan = gc.getBean(DataManager.class);
        AccessManager accessMan = gc.getBean(AccessManager.class);

        String id = Utils.getIdentifierFromParameters(params, context);
        String groupOwner = Util.getParam(params, "groupid");

        int iLocalId = Integer.parseInt(id);
        if (!dataMan.existsMetadata(iLocalId)) {
            throw new IllegalArgumentException("Metadata with identifier '" + id + "' not found.");
        }

        if (!accessMan.canEdit(context, id)) {
            throw new OperationNotAllowedEx();
        }

        int iGroupOwner = Integer.parseInt(groupOwner);
        Group group = context.getBean(GroupRepository.class).findOne(iGroupOwner);
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
  //--------------------------------------------------------------------------

  public Element serviceSpecificExec(Element params, ServiceContext context) throws Exception {
    GeonetContext gc = (GeonetContext) context.getHandlerContext(Geonet.CONTEXT_NAME);
    DataManager   dataMan   = gc.getBean(DataManager.class);
    AccessManager accessMan = gc.getBean(AccessManager.class);
    UserSession   session   = context.getUserSession();

    Set<Integer> metadata = new HashSet<Integer>();
    Set<Integer> notFound = new HashSet<Integer>();
    Set<Integer> notOwner = new HashSet<Integer>();
        boolean backupFile = Util.getParam(params, Params.BACKUP_FILE, true);

        if(context.isDebugEnabled())
            context.debug("Get selected metadata");
    SelectionManager sm = SelectionManager.getManager(session);

    synchronized(sm.getSelection("metadata")) {
    for (Iterator<String> iter = sm.getSelection("metadata").iterator(); iter.hasNext();) {
      String uuid = (String) iter.next();
            if(context.isDebugEnabled())
                context.debug("Deleting metadata with uuid:"+ uuid);

      String id   = dataMan.getMetadataId(uuid);
      //--- Metadata may have been deleted since selection
      if (id != null) {
        //-----------------------------------------------------------------------
        //--- check access
 
        Metadata info = context.getBean(MetadataRepository.class).findOne(id);
 
        if (info == null) {
          notFound.add(Integer.valueOf(id));
        } else if (!accessMan.isOwner(context, id)) {
          notOwner.add(Integer.valueOf(id));
        } else {
 
          //--- backup metadata in 'removed' folder
          if (backupFile && info.getDataInfo().getType() != MetadataType.SUB_TEMPLATE) {
View Full Code Here
TOP

Related Classes of org.fao.geonet.kernel.AccessManager

  • jeeves.server.UserSession
  • org.fao.geonet.domain.Group
  • org.fao.geonet.domain.HarvesterSetting
  • org.fao.geonet.domain.Metadata
  • org.fao.geonet.domain.MetadataSourceInfo
  • org.fao.geonet.domain.Profile
  • org.fao.geonet.domain.User
  • org.fao.geonet.guiservices.metadata.Sitemap
  • org.fao.geonet.kernel.csw.services.getrecords.CatalogSearcher
  • org.fao.geonet.kernel.harvest.HarvestManagerImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.