Package org.jasig.portal.security

Examples of org.jasig.portal.security.IAuthorizationPrincipal

771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
            if (IPortletRenderer.CONFIG.equals(portletMode)) {
                final IPerson person = this.personManager.getPerson(httpServletRequest);
               
                final EntityIdentifier ei = person.getEntityIdentifier();
                final AuthorizationService authorizationService = AuthorizationService.instance();
                final IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
               
                final IPortletEntity portletEntity = portletWindow.getPortletEntity();
                final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
               
                if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {

                    logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode.  " +
                            "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW.  " +
                            "You should probably figure out who this user is and why they are trying to access " +
                            "unauthorized portlet modes.",
View Full Code Here
65
66
67
68
69
70
71
72
        this.permissionStore = permissionStore;
    }

    public boolean canEditOwner(IPerson currentUser, String owner) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
71
72
73
74
75
76
77
78
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

    public boolean canViewOwner(IPerson currentUser, String owner) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
77
78
79
80
81
82
83
84
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

    public boolean canEditActivity(IPerson currentUser, String activity) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
83
84
85
86
87
88
89
90
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

    public boolean canViewActivity(IPerson currentUser, String activity) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
93
94
95
96
97
98
99
100
     * @see org.jasig.portal.portlets.permissionsadmin.IPermissionAdministrationHelper#canEditPermission(org.jasig.portal.security.IPerson, java.lang.String)
     */
    public boolean canEditPermission(IPerson currentUser, String target) {
       
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
103
104
105
106
107
108
109
110
     * @see org.jasig.portal.portlets.permissionsadmin.IPermissionAdministrationHelper#canViewPermission(org.jasig.portal.security.IPerson, java.lang.String)
     */
    public boolean canViewPermission(IPerson currentUser, String target) {
       
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
    public boolean canRender(final String userName, final String fname) {
        if (userName == null || fname == null) {
            return false;
        }
       
        final IAuthorizationPrincipal userPrincipal = this.getUserPrincipal(userName);
        if (userPrincipal == null) {
            return false;
        }
       
        final String portletId;
        try {
            final IPortletDefinition portletDefinition = this.portletDefinitionRegistry.getPortletDefinitionByFname(fname);
            if (portletDefinition == null) {
                if (this.logger.isInfoEnabled()) {
                    this.logger.info("No PortletDefinition for fname='" + fname + "', returning false.");
                }

                return false;
            }
           
            portletId = portletDefinition.getPortletDefinitionId().getStringId();
        }
        catch (Exception e) {
            this.logger.warn("Could not find PortletDefinition for fname='" + fname + "' while checking if user '" + userName + "' can render it. Returning FALSE.", e);
            return false;
        }
       
        return userPrincipal.canRender(portletId);
    }
View Full Code Here
111
112
113
114
115
116
117
118
119
120
121
122
123
            return false;
        }

        final HttpServletRequest currentRequest = portalRequestUtils.getCurrentPortalRequest();
        final IPerson currentUser = personManager.getPerson((HttpServletRequest) currentRequest);
        final IAuthorizationPrincipal authPrincipal = this.getUserPrincipal(currentUser.getUserName());
       
        final boolean rslt = authPrincipal != null
                ? authPrincipal.hasPermission(owner, activity, target)
                : false;
        return rslt;

    }
View Full Code Here
156
157
158
159
160
161
162
163
164
165
166
     * @see org.jasig.portal.portlets.lookup.IPersonLookupHelper#searchForPeople(org.jasig.portal.security.IPerson, java.util.Map)
     */
    public List<IPersonAttributes> searchForPeople(final IPerson searcher, final Map<String, Object> query) {

        // get the IAuthorizationPrincipal for the searching user
        final IAuthorizationPrincipal principal = getPrincipalForUser(searcher);

        // build a set of all possible user attributes the current user has
        // permission to view
        final Set<String> permittedAttributes = getAvailableAttributes(principal);
       
View Full Code Here
TOP

Related Classes of org.jasig.portal.security.IAuthorizationPrincipal

  • org.jasig.portal.AbstractChannelRegistryStore
  • org.jasig.portal.api.groups.EntityFactory
  • org.jasig.portal.api.groups.EntityService
  • org.jasig.portal.api.permissions.ApiPermissionsService
  • org.jasig.portal.channel.ChannelPublishingServiceImpl
  • org.jasig.portal.channel.JpaChannelRegistryStore
  • org.jasig.portal.ChannelRegistryManager
  • org.jasig.portal.channels.adminnav.provider.ListModel
  • org.jasig.portal.channels.error.CError
  • org.jasig.portal.channels.groupsmanager.commands.GroupsManagerCommand
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.