Examples of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.security.IAuthorizationPrincipal
An IAuthorizationPrincipal represents a portal entity to which IPermissions have been granted. Such an entity could be an IGroupMember, an IChannel or an IPerson. @author Dan Ellentuck @version $Revision: 19776 $

        if (layouts == null || layouts.isEmpty()) {
            return false;
        }


        // check that the user has subscribe priv.
        IAuthorizationPrincipal authPrincipal = authorizationService.newPrincipal(person.getUserName(), EntityEnum.PERSON.getClazz());
        if (!authPrincipal.canSubscribe(portletId)) {
            return false;
        }


        return true;
    }

View Full Code Here

    return states;
  }
  
  public boolean hasLifecyclePermission(IPerson person, PortletLifecycleState state, List<JsonEntityBean> categories) {
    EntityIdentifier ei = person.getEntityIdentifier();
      IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
      
        final String activity;
        switch (state) {
            case APPROVED: {
                activity = IPermission.PORTLET_MANAGER_APPROVED_ACTIVITY;
                break;
            }
            case CREATED: {
                activity = IPermission.PORTLET_MANAGER_CREATED_ACTIVITY;
                break;
            }
            case PUBLISHED: {
                activity = IPermission.PORTLET_MANAGER_ACTIVITY;
                break;
            }
            case EXPIRED: {
                activity = IPermission.PORTLET_MANAGER_EXPIRED_ACTIVITY;
                break;
            }
            case MAINTENANCE: {
                activity = IPermission.PORTLET_MANAGER_MAINTENANCE_ACTIVITY;
                break;
            }
            default: {
                throw new IllegalArgumentException("");
            }
        }
        if (ap.hasPermission("UP_FRAMEWORK", activity, IPermission.ALL_PORTLETS_TARGET)) {
            logger.debug("Found permission for category ALL_PORTLETS and lifecycle state " + state.toString());
            return true;
        }
      
    for (JsonEntityBean category : categories) {
      if (ap.canManage(state, category.getId())) {
        logger.debug("Found permission for category " + category.getName() + " and lifecycle state " + state.toString());
        return true;
      }
    }
    logger.debug("No permission for lifecycle state " + state.toString());

View Full Code Here

    public Map<IPortletType, PortletPublishingDefinition> getAllowableChannelPublishingDefinitions(IPerson user) {


        Map<IPortletType, PortletPublishingDefinition> rslt;


        final Map<IPortletType, PortletPublishingDefinition> rawMap = portletPublishingDefinitionDao.getChannelPublishingDefinitions();
        final IAuthorizationPrincipal principal = AuthorizationPrincipalHelper.principalFromUser(user);
        if (principal.hasPermission(IPermission.PORTAL_PUBLISH, IPermission.PORTLET_MANAGER_SELECT_PORTLET_TYPE, IPermission.ALL_PORTLET_TYPES)) {
            // Send the whole collection back...
            rslt = rawMap;
        } else {
            // Filter the collection by permissions...
            rslt = new HashMap<IPortletType, PortletPublishingDefinition>();
            for (Map.Entry<IPortletType, PortletPublishingDefinition> y : rawMap.entrySet()) {
                if (principal.hasPermission(IPermission.PORTAL_PUBLISH, IPermission.PORTLET_MANAGER_SELECT_PORTLET_TYPE, y.getKey().getName())) {
                    rslt.put(y.getKey(), y.getValue());
                }
            }
        }

View Full Code Here

    IGroupMember everyone = GroupService.getGroupMember(EVERYONE_GROUP_KEY, GROUP_CLASS);
    assertNotNull(msg, everyone);


    msg = "Getting principal for " + everyone;
    print(msg);
    IAuthorizationPrincipal prin = getService().newPrincipal(everyone);
    assertNotNull(msg, prin);


    msg = "Testing DEFAULT permission policy for an existing channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, existingTarget);
    assertTrue(msg, testResult);


    msg = "Testing POSITIVE permission policy for an existing channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, existingTarget, getPositivePermissionPolicy());
    assertTrue(msg, testResult);


    msg = "Testing NEGATIVE permission policy for an existing channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, existingTarget, getNegativePermissionPolicy());
    assertTrue(msg, ! testResult);


    msg = "Testing DEFAULT permission policy for a nonexistent channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, nonExistingTarget);
    assertTrue(msg, ! testResult);


    msg = "Testing POSITIVE permission policy for nonexistent channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, nonExistingTarget, getPositivePermissionPolicy());
    assertTrue(msg, testResult);


    msg = "Testing NEGATIVE permission policy for a nonexistent channel";
    print(msg);
    testResult = prin.hasPermission(OWNER, activity, nonExistingTarget, getNegativePermissionPolicy());
    assertTrue(msg, ! testResult);


    print("***** LEAVING AuthorizationTester.testAlternativePermissionPolicies() *****" + CR);


}

View Full Code Here

    int idx = 0;




    msg = "Creating authorizationPrincipal for student.";
    print(msg);
    IAuthorizationPrincipal prin = getService().newPrincipal("student",IPERSON_CLASS);
    assertNotNull(msg, prin);


    testPermission = (IPermission)testPermissions.get(0);
    msg = "Testing  " + testPermission + " (should be TRUE -- inherited from Everyone)";
    print(msg);
    testResult = prin.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
    assertTrue(msg, testResult);


    testPermission = (IPermission)testPermissions.get(1);
    msg = "Testing  " + testPermission + " (should be FALSE -- directly denied)";
    print(msg);
    testResult = prin.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
    assertTrue(msg, ! testResult);


    msg = "Testing  the rest of the test permissions (should be TRUE).";
    print(msg);
    for (idx=2; idx<NUMBER_TEST_PERMISSIONS; idx++)
    {
        testPermission = (IPermission)testPermissions.get(idx);
        testResult = prin.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
        assertTrue(msg, testResult);
    }


    print("***** LEAVING AuthorizationTester.testDoesPrincipalHavePermission() *****" + CR);

View Full Code Here

    print(msg);
    for (idx=1; idx<numPrincipals; idx++){
        assertTrue(msg, principals[idx] == principals[0]);
    }
    
    IAuthorizationPrincipal p1 = principals[0];
    
    IPermission testPermission = (IPermission)testPermissions.get(0);
    msg = "Testing  first principal for " + testPermission + " (should be TRUE -- inherited from Everyone)";
    print(msg);
    boolean testResult = p1.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
    assertTrue(msg, testResult);
    
    print("Starting testing Threads.");
    Thread[] testers = new Thread[numTestingThreads];
    for (idx=0; idx<numTestingThreads; idx++)
    {
        String id = "" + idx;
        PrincipalTester pt = new PrincipalTester(key, type, 10, id, testPermission); 
        testers[idx] = new Thread(pt); 
        testers[idx].start();
    }


    print("Will now sleep for " + pauseBeforeUpdateMillis + " ms to let testing threads run.");
    try { Thread.sleep(pauseBeforeUpdateMillis); }
    catch (Exception ex) {}
    
    /* 
     * Remove a permission and test a principal.  After a pause, the testing threads
     * will wake up and perform the 2nd part of their tests to confirm this update.
     */
    
    msg = "Deleting " + testPermission;
    print(msg);
    IPermission[] perms = new IPermission[1];
    perms[0] = testPermission;
    getService().removePermissions(perms);
    
    msg = "Testing  first principal for " + testPermission + " (should be FALSE -- has been removed.)";
    print(msg);
    testResult = p1.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
    assertTrue(msg, ! testResult);
    
    print("Will now sleep for " + pauseAfterUpdateMillis + " ms to let testing threads complete.");
    try { Thread.sleep(pauseAfterUpdateMillis); }
    catch (Exception ex) {}

View Full Code Here

    try
    {
        Iterator i = service.getGroupMember(principal).getAllContainingGroups();
        while ( i.hasNext() && ! hasPermission )
        {
            IAuthorizationPrincipal prn = service.newPrincipal( (IGroupMember) i.next() );
            hasPermission = primDoesPrincipalHavePermission(prn, owner, activity, target, service);
         }
    }
    catch ( GroupsException ge )
        { throw new AuthorizationException(ge); }

View Full Code Here


      // get the authorization principal representing the current user
        final HttpServletRequest httpServletRequest = this.portalRequestUtils.getPortletHttpRequest(request);
    final IPerson person = personManager.getPerson(httpServletRequest);
    final EntityIdentifier ei = person.getEntityIdentifier();
      final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());


      // filter the list of configured import/export types by user permission
      final List<IPortalDataType> results = new ArrayList<IPortalDataType>();
      for (IPortalDataType type : dataTypes) {
        final String typeId = type.getTypeId();
          if (ap.hasPermission(OWNER, activityName, typeId)) {
            results.add(type);
          }        
      }


      return results;

View Full Code Here

        return null;
      }
        
        final IPerson person = userInstance.getPerson();
    final EntityIdentifier ei = person.getEntityIdentifier();
      final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
      if (ap.canRender(portletDefinition.getPortletDefinitionId().getStringId())) {
        return portletDefinition;
      }
      
      return null;
  }

View Full Code Here

                    "', groupType='" + groupType + "', permissionOwner='" + 
                    permissionOwner + "', permissionActivities='" + 
                    Arrays.toString(permissionActivities) + "'");
        }


        final IAuthorizationPrincipal principal = AuthorizationPrincipalHelper.principalFromUser(person);
        final JsonEntityBean canonicalRootGroup = getRootEntity(groupType);


        if (log.isDebugEnabled()) {
            log.debug("Found for groupType='" + groupType + 
                    "' the following canonicalRootGroup:  " + 
                    canonicalRootGroup);
        }


        // First check the appropriate canonical super-target for the specified type
        String canonicalSuperTarget = null;
        switch (groupType) {
            case JsonEntityBean.ENTITY_GROUP:
                canonicalSuperTarget = IPermission.ALL_GROUPS_TARGET;
                break;
            case JsonEntityBean.ENTITY_CATEGORY:
                canonicalSuperTarget = IPermission.ALL_CATEGORIES_TARGET;
                break;
            default:
                throw new RuntimeException("Unrecognized groupType:  " + groupType);
        }
        if (log.isDebugEnabled()) {
            log.debug("Identified for groupType='" + groupType + 
                    "' the following canonicalSuperTarget:  " + 
                    canonicalSuperTarget);
        }
        for (String activity : permissionActivities) {
            if (principal.hasPermission(permissionOwner, activity, canonicalSuperTarget)) {
                return canonicalRootGroup;
            }
        }


        // Next check the canonical root group itself
        for (String activity : permissionActivities) {
            if (principal.hasPermission(permissionOwner, activity, canonicalRootGroup.getId())) {
                return canonicalRootGroup;
            }
        }


        // So much for the easy paths -- see if the user has any records at all for this specific owner/activity
        JsonEntityBean rslt = null;  // Default
        final List<IPermission> permissionsOfRelevantActivity = new ArrayList<IPermission>();
        for (String activity : permissionActivities) {
            permissionsOfRelevantActivity.addAll(
                    Arrays.asList(principal.getAllPermissions(permissionOwner, activity, null))
            );
        }
        if (log.isDebugEnabled()) {
            log.debug("For user='" + person.getUserName() + 
                    "', groupType='" + groupType + "', permissionOwner='" +

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.AbstractChannelRegistryStore

org.jasig.portal.api.groups.EntityFactory

org.jasig.portal.api.groups.EntityService

org.jasig.portal.api.permissions.ApiPermissionsService

org.jasig.portal.channel.ChannelPublishingServiceImpl

org.jasig.portal.channel.JpaChannelRegistryStore

org.jasig.portal.ChannelRegistryManager

org.jasig.portal.channels.adminnav.provider.ListModel

org.jasig.portal.channels.error.CError

org.jasig.portal.channels.groupsmanager.commands.GroupsManagerCommand

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.