Examples of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.security.IAuthorizationPrincipal
An IAuthorizationPrincipal represents a portal entity to which IPermissions have been granted. Such an entity could be an IGroupMember, an IChannel or an IPerson. @author Dan Ellentuck @version $Revision: 19776 $

     * @see org.jasig.portal.portlets.lookup.IPersonLookupHelper#findPerson(org.jasig.portal.security.IPerson, java.lang.String)
     */
    public IPersonAttributes findPerson(final IPerson searcher, final String username) {


        // get the IAuthorizationPrincipal for the searching user
        final IAuthorizationPrincipal principal = getPrincipalForUser(searcher);


        // build a set of all possible user attributes the current user has 
        // permission to view
        final Set<String> permittedAttributes = getAvailableAttributes(principal);

View Full Code Here

       */
      
        IUserInstance userInstance = userInstanceManager.getUserInstance(request);
        IPerson person = userInstance.getPerson();
        AuthorizationService authService = AuthorizationService.instance();
        IAuthorizationPrincipal principal = authService.newPrincipal(person.getUserName(), IPerson.class);
      
        /**
         * Build a collection of owner IDs for the fragments to which the 
         * authenticated user is subscribed
         */


        // get the list of current subscriptions for this user
        List<IUserFragmentSubscription> subscriptions = userFragmentSubscriptionDao
                .getUserFragmentInfo(person);
        
        // transform it into the set of owners
      Set<String> subscribedOwners = new HashSet<String>();
      for (IUserFragmentSubscription subscription : subscriptions){
          if (subscription.isActive()) {
                subscribedOwners.add(subscription.getFragmentOwner());
          }
      }
      
      /**
       * Iterate through the list of all currently defined DLM fragments and
       * determine if the current user has permissions to subscribe to each.
       * Any subscribable fragments will be transformed into a JSON-friendly
       * bean and added to the model.
       */


        final List<SubscribableFragment> jsonFragments = new ArrayList<SubscribableFragment>();


      // get the list of fragment definitions from DLM
        final List<FragmentDefinition> fragmentDefinitions = configurationLoader.getFragments();
        
        final Locale locale = RequestContextUtils.getLocale(request);


        // iterate through the list
        for (FragmentDefinition fragmentDefinition : fragmentDefinitions) {
            
            if (isSubscribable(fragmentDefinition, principal)) {
                
                String owner = fragmentDefinition.getOwnerId();
                
                // check to see if the current user has permission to subscribe to
                // this fragment
                if (principal.hasPermission("UP_FRAGMENT", "FRAGMENT_SUBSCRIBE", owner)) {
                    
                    // create a JSON fragment bean and add it to our list
                    boolean subscribed = subscribedOwners.contains(owner);
                    final String name = getMessage("fragment." + owner + ".name", fragmentDefinition.getName(), locale);
                    final String description = getMessage("fragment." + owner + ".description", fragmentDefinition.getDescription(), locale);

View Full Code Here

        final BufferedXMLEventReader bufferedXmlEventReader = createSourceXmlEventReader(entityFile);
        final PortalDataKey portalDataKey = getPortalDataKey(bufferedXmlEventReader);


        final IPerson person = personManager.getPerson(request);
    final EntityIdentifier ei = person.getEntityIdentifier();
      final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
      if (!ap.hasPermission("UP_SYSTEM", "IMPORT_ENTITY", portalDataKey.getName().getLocalPart())) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return;
      }


      portalDataHandlerService.importData(new StAXSource(bufferedXmlEventReader));

View Full Code Here

      @PathVariable("entityId") String entityId, HttpServletRequest request,
      HttpServletResponse response) throws IOException {
      
    final IPerson person = personManager.getPerson(request);
    final EntityIdentifier ei = person.getEntityIdentifier();
      final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());


      if (!ap.hasPermission(OWNER, DELETE_PERMISSION, entityType)) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return;
      }
               
      // get the task associated with exporting this entity type

View Full Code Here

            HttpServletRequest request, HttpServletResponse response)
            throws IOException {
      
    final IPerson person = personManager.getPerson(request);
    final EntityIdentifier ei = person.getEntityIdentifier();
      final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());


      // if the current user does not have permission to delete this database
      // object type, return a 401 error code
      if (!ap.hasPermission(OWNER, EXPORT_PERMISSION, entityType)) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return;
      }
      
      //Export the data into a string buffer

View Full Code Here

        final AggregatedGroupMapping group = aggregatedGroupLookupDao.getGroupMapping(everyone.getKey());
        final List<PortletLayoutAggregation> aggregations = portletLayoutDao.getAggregationsForAllPortlets(begin, end, AGGREGATION_INTERVAL, group);
        
        final EntityIdentifier ei = user.getEntityIdentifier();
        final AuthorizationService authService = AuthorizationService.instance();
        final IAuthorizationPrincipal ap = authService.newPrincipal(ei.getKey(), ei.getType());
        
        final Map<String, PortletUsage> resultBuilder = new HashMap<String, PortletUsage>();
        
        for (final PortletLayoutAggregation aggregation : aggregations) {
            final AggregatedPortletMapping portlet = aggregation.getPortletMapping();
            final String fname = portlet.getFname();
            PortletUsage portletUsage = resultBuilder.get(fname);
            if (portletUsage == null) {
                final IPortletDefinition portletDefinition = this.portletDefinitionDao.getPortletDefinitionByFname(fname);
                
                if (portletDefinition == null || !ap.canSubscribe(portletDefinition.getPortletDefinitionId().getStringId())) {
                    //Skip portlets that no longer exist or cannot be subscribed to
                    continue;
                }
                
                portletUsage = new PortletUsage(

View Full Code Here

    public ModelAndView getPortlets(HttpServletRequest request, HttpServletResponse response) throws Exception {
        // get a list of all channels
        List<IPortletDefinition> allPortlets = portletDefinitionRegistry.getAllPortletDefinitions();
        IPerson user = personManager.getPerson(request);
        EntityIdentifier ei = user.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());


        List<PortletTuple> rslt = new ArrayList<PortletTuple>();
        for (IPortletDefinition pdef : allPortlets) {
            if (ap.canManage(pdef.getPortletDefinitionId().getStringId())) {
                rslt.add(new PortletTuple(pdef));
            }
        }


        return new ModelAndView("json", "portlets", rslt);

View Full Code Here

        if (authorizationService == null) {
            authorizationService = AuthorizationService.instance();
        }
        UserDetails userDetails = (UserDetails) authentication.getPrincipal();


        final IAuthorizationPrincipal principal = authorizationService.newPrincipal(
                userDetails.getUsername(), IPerson.class);


        String targetId = null;
        if (targetDomainObject instanceof String) {
            // Assume it already represents a valid uPortal permission target
            targetId = (String) targetDomainObject;
        } else if (targetDomainObject instanceof JsonEntityBean) {
            // JsonEntityBean objects now have a targetString member
            targetId = ((JsonEntityBean) targetDomainObject).getTargetString();
        }


        // if the permission is already an AuthorizableActivity, go ahead and 
        // use it
        AuthorizableActivity activity = null;
        if (permission instanceof AuthorizableActivity) {
            activity = (AuthorizableActivity) permission;
        } 


        // if the permission is a string, allow our local method to try and
        // translate it into a permission relevant to the provided target
        else if (permission instanceof String) {
            String activityName = (String) permission;
            activity = getViewActivity(activityName, (JsonEntityBean) targetDomainObject);
        }


        else {
            throw new RuntimeException("Unable to determine permission target id for type " + targetDomainObject.getClass());
        }


        if (activity != null) {
            final boolean hasPermission = principal.hasPermission(activity.getOwnerFname(), activity.getActivityFname(), targetId);
            return hasPermission;
        } else {
            return false;
        }
    }

View Full Code Here

            authorizationService = AuthorizationService.instance();
        }
        
        UserDetails userDetails = (UserDetails) authentication.getPrincipal();


        final IAuthorizationPrincipal principal = authorizationService.newPrincipal(
                userDetails.getUsername(), IPerson.class);


        // if the permission is already an AuthorizableActivity, go ahead and 
        // use it
        AuthorizableActivity activity = null;
        if (permission instanceof AuthorizableActivity) {
            activity = (AuthorizableActivity) permission;
        } 


        // if the permission is a string, allow our local method to try and
        // translate it into a permission relevant to the provided target
        else if (permission instanceof String && targetId instanceof String) {
            String activityName = (String) permission;
            activity = getViewActivity(activityName, (String) targetId);
        }
        
        if (activity != null) {
            final boolean hasPermission = principal.hasPermission(activity.getOwnerFname(), activity.getActivityFname(), targetId.toString());
            return hasPermission;
        } else {
            return false;
        }
    }

View Full Code Here


        while (immediatelyContainingGroups.hasNext()) {
            IGroupMember parentGroup = immediatelyContainingGroups.next();
            try {
                if (parentGroup != null) {
                    IAuthorizationPrincipal parentPrincipal = service.newPrincipal( parentGroup );
                    IPermission[] parentPermissions = service.getPermissionsForPrincipal(parentPrincipal, owner, activity, target);


                    Set<IPermission> activeParentPermissions = activePermissions(parentPermissions);


                    boolean parentPermissionsContainsDeny = containsType(activeParentPermissions, IPermission.PERMISSION_TYPE_DENY);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.AbstractChannelRegistryStore

org.jasig.portal.api.groups.EntityFactory

org.jasig.portal.api.groups.EntityService

org.jasig.portal.api.permissions.ApiPermissionsService

org.jasig.portal.channel.ChannelPublishingServiceImpl

org.jasig.portal.channel.JpaChannelRegistryStore

org.jasig.portal.ChannelRegistryManager

org.jasig.portal.channels.adminnav.provider.ListModel

org.jasig.portal.channels.error.CError

org.jasig.portal.channels.groupsmanager.commands.GroupsManagerCommand

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.