Examples of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.security.IAuthorizationPrincipal
An IAuthorizationPrincipal represents a portal entity to which IPermissions have been granted. Such an entity could be an IGroupMember, an IChannel or an IPerson. @author Dan Ellentuck @version $Revision: 19776 $

          @SuppressWarnings("unchecked")
          Iterator<IGroupMember> members = (Iterator<IGroupMember>) entity.getMembers();
          jsonBean = populateChildren(jsonBean, members);
        }
                if (jsonBean.getEntityType().isGroup() || EntityEnum.PERSON.equals(jsonBean.getEntityType())) {
                    IAuthorizationPrincipal principal = getPrincipalForEntity(jsonBean);
                    jsonBean.setPrincipalString(principal.getPrincipalString());
                }
        return jsonBean;
      }
    } 
    
    // otherwise use the getGroupMember method
    else {
      IGroupMember entity = GroupService.getGroupMember(entityId, entityEnum.getClazz());
      if(entity == null || entity instanceof IEntityGroup) {
        return null;
      }
      JsonEntityBean jsonBean = new JsonEntityBean(entity, entityEnum);
      
      // the group member interface doesn't include the entity name, so
      // we'll need to look that up manually
      jsonBean.setName(lookupEntityName(jsonBean));
            if (EntityEnum.GROUP.equals(jsonBean.getEntityType()) || EntityEnum.PERSON.equals(jsonBean.getEntityType())) {
                IAuthorizationPrincipal principal = getPrincipalForEntity(jsonBean);
                jsonBean.setPrincipalString(principal.getPrincipalString());
            }
      return jsonBean;
    }
    
  }

View Full Code Here

    if (entity.getName() == null) {
      entity.setName(lookupEntityName(entity));
    }
        
        if (EntityEnum.GROUP.equals(entity.getEntityType()) || EntityEnum.PERSON.equals(entity.getEntityType())) {
            IAuthorizationPrincipal principal = getPrincipalForEntity(entity);
            entity.setPrincipalString(principal.getPrincipalString());
        }
    return entity;
  }

View Full Code Here

            entityType = jsonType.getClazz();
        }
        
        // construct an authorization principal for this JsonEntityBean
        AuthorizationService authService = AuthorizationService.instance();
        IAuthorizationPrincipal p = authService.newPrincipal(entity.getId(), entityType);
        return p;
    }

View Full Code Here

                catch (Exception ex) {}
            }
        }


        private boolean runTest() throws AuthorizationException {
            IAuthorizationPrincipal principal = getService().newPrincipal(key,type);
            //print("Testing  principal for " + testPermission);
            return principal.hasPermission(OWNER, TEST_ACTIVITY, testPermission.getTarget());
        }

View Full Code Here

            final Document userLayoutDocument = userLayout.getLayout();


            // DistributedLayoutManager shall gracefully remove channels 
            // that the user isn't authorized to render from folders of type 
            // 'header' and 'footer'.
            IAuthorizationPrincipal principal = authorizationService.newPrincipal(owner.getUserName(), IPerson.class);
            NodeList nodes = userLayoutDocument.getElementsByTagName("folder");
            for (int i=0; i < nodes.getLength(); i++) {
              Element fd = (Element) nodes.item(i);
              String type = fd.getAttribute("type");
              if (type != null && (type.equals("header") || type.equals("footer") || type.equals("sidebar"))) {
                // Here's where we do the work...
                if (LOG.isDebugEnabled()) {
                  LOG.debug("RDBMUserLayoutStore examining the '" 
                      + type 
                      + "' folder of user '" 
                      + owner.getUserName() 
                      + "' for non-authorized channels.");
                }
                NodeList channels = fd.getElementsByTagName("channel");
                for (int j=0; j < channels.getLength(); j++) {
                  Element ch = (Element) channels.item(j);
                  try {
                    String chanId = ch.getAttribute("chanID");
                    if (!principal.canRender(chanId)) {
                      fd.removeChild(ch);
                      if (LOG.isDebugEnabled()) {
                        LOG.debug("RDBMUserLayoutStore removing channel '" 
                              + ch.getAttribute("fname") 
                              + "' from the header or footer of user '"

View Full Code Here

       * as belonging to a category and adds them to the top-level of the 
       * registry, assuming the current user has manage permissions.
       */
      
    EntityIdentifier ei = user.getEntityIdentifier();
      IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());


      if (type.equals(TYPE_MANAGE)) {
          for (IPortletDefinition channel : allChannels) {
              if (ap.canManage(channel.getPortletDefinitionId().getStringId())) {
                  channels.add(getChannel(channel, request, locale));
              }
          }
      }

View Full Code Here

        categoryBean.setName(messageSource.getMessage(category.getName(), new Object[] {}, locale));
    
    // add the direct child channels for this category
    Set<IPortletDefinition> portlets = portletCategoryRegistry.getChildPortlets(category);    
    EntityIdentifier ei = user.getEntityIdentifier();
      IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    boolean isManage = type.equals(TYPE_MANAGE);
    
    for(IPortletDefinition channelDef : portlets) {
      
      if ((isManage && ap.canManage(channelDef.getPortletDefinitionId()
          .getStringId()))
          || (!isManage && ap.canSubscribe(channelDef
              .getPortletDefinitionId().getStringId()))) {
        // construct a new channel bean from this channel
        ChannelBean channel = getChannel(channelDef, request, locale);
        categoryBean.addChannel(channel);
      }

View Full Code Here


        // build the auth principal for determining if pushed channels can be 
        // used by this user
        EntityIdentifier ei = person.getEntityIdentifier();
        AuthorizationService authS = AuthorizationService.instance();
        IAuthorizationPrincipal ap = authS.newPrincipal(ei.getKey(), 
                ei.getType());


        // now merge fragments one at a time into ILF document
        
        for (final Document document : sequence) {

View Full Code Here

        IPerson per = getPerson(ui, response);
        UserPreferencesManager upm = (UserPreferencesManager) ui.getPreferencesManager();
        IUserLayoutManager ulm = upm.getUserLayoutManager();


        // Verify that the user has permission to add this tab
        final IAuthorizationPrincipal authPrincipal = this.getUserPrincipal(per.getUserName());
        if (!authPrincipal.hasPermission(ADDTAB_PERMISSION_OWNER, ADDTAB_PERMISSION_ACTIVITY, ADDTAB_PERMISSION_TARGET)) {
            log.warn("Attempt to add a tab through the REST API by unauthorized user '" + per.getUserName() + "'");
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return null;
        }

View Full Code Here

    @Override
  public Set<Assignment> getAssignmentsForPerson(String username, boolean includeInherited) {


      Set<Assignment> rslt = new HashSet<Assignment>();


        IAuthorizationPrincipal authP = this.authorizationService.newPrincipal(
            username, 
            EntityEnum.PERSON.getClazz());
        
        // first get the permissions explicitly set for this principal
        IPermission[] directPermissions = permissionStore.select(null, authP.getPrincipalString(), null, null, null);
        for (IPermission permission : directPermissions) {
            if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
              Assignment a = createAssignment(permission, authP, false);
              if (a != null) {
                    rslt.add(a);
              }
            }
        }
        
        if (includeInherited) {
            IGroupMember member = GroupService.getGroupMember(authP.getKey(), authP.getType());
            for (@SuppressWarnings("unchecked") Iterator<IEntityGroup> iter = member.getAllContainingGroups(); iter.hasNext();) {
                IEntityGroup parent = iter.next();


                IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
                IPermission[] parentPermissions = permissionStore.select(null, parentPrincipal.getPrincipalString(), null, null, null);
                for (IPermission permission : parentPermissions) {
                    if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
                      Assignment a = createAssignment(permission, authP, true);
                      if (a != null) {
                            rslt.add(a);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.AbstractChannelRegistryStore

org.jasig.portal.api.groups.EntityFactory

org.jasig.portal.api.groups.EntityService

org.jasig.portal.api.permissions.ApiPermissionsService

org.jasig.portal.channel.ChannelPublishingServiceImpl

org.jasig.portal.channel.JpaChannelRegistryStore

org.jasig.portal.ChannelRegistryManager

org.jasig.portal.channels.adminnav.provider.ListModel

org.jasig.portal.channels.error.CError

org.jasig.portal.channels.groupsmanager.commands.GroupsManagerCommand

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.