Examples of org.ofbiz.security.authz.Authorization

• org.ofbiz.security.authz.Authorization

                "Y".equalsIgnoreCase(userLogin.getString("hasLoggedOut")) : false);
    }

    protected static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) {
        ServletContext context = (ServletContext) request.getAttribute("servletContext");
        Authorization authz = (Authorization) request.getAttribute("authz");
        Security security = (Security) request.getAttribute("security");

        String serverId = (String) context.getAttribute("_serverId");
        String contextPath = request.getContextPath();

        ComponentConfig.WebappInfo info = ComponentConfig.getWebAppInfo(serverId, contextPath);
        if (security != null) {
            if (info != null) {
                for (String permission: info.getBasePermission()) {
                    if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) &&
                            !authz.hasPermission(userLogin.getString("userLoginId"), permission, null)) {
                        return false;
                    }
                }
            } else {
                Debug.logInfo("No webapp configuration found for : " + serverId + " / " + contextPath, module);

        if (dispatcher == null) {
            Debug.logError("[ControlServlet] ERROR: dispatcher not found in ServletContext", module);
        }
        request.setAttribute("dispatcher", dispatcher);

        Authorization authz = (Authorization) session.getAttribute("authz");
        if (authz == null) {
            authz = (Authorization) getServletContext().getAttribute("authz");
        }
        if (authz == null) {
            Debug.logError("[ControlServlet] ERROR: authorization not found in ServletContext", module);

        if (dispatcher == null) {
            Debug.logError("[ControlServlet] ERROR: dispatcher not found in ServletContext", module);
        }
        request.setAttribute("dispatcher", dispatcher);

        Authorization authz = (Authorization) session.getAttribute("authz");
        if (authz == null) {
            authz = (Authorization) getServletContext().getAttribute("authz");
        }
        if (authz == null) {
            Debug.logError("[ControlServlet] ERROR: authorization not found in ServletContext", module);

        }
        return delegator;
    }

    protected Authorization getAuthz() {
        Authorization authz = (Authorization) config.getServletContext().getAttribute("authorization");
        if (authz == null) {
            Delegator delegator = (Delegator) config.getServletContext().getAttribute("delegator");

            if (delegator != null) {
                try {

        } catch (SecurityConfigurationException e) {
            Debug.logError(e, module);
        }

        try {
            Authorization authz = AuthorizationFactory.getInstance(delegator);
            request.setAttribute("authz", authz);
            session.setAttribute("authz", authz);
        } catch (SecurityConfigurationException e) {
            Debug.logError(e, module);
        }

                "Y".equalsIgnoreCase(userLogin.getString("hasLoggedOut")) : false);
    }

    protected static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) {
        ServletContext context = (ServletContext) request.getAttribute("servletContext");
        Authorization authz = (Authorization) request.getAttribute("authz");
        Security security = (Security) request.getAttribute("security");

        String serverId = (String) context.getAttribute("_serverId");
        String contextPath = request.getContextPath();

        ComponentConfig.WebappInfo info = ComponentConfig.getWebAppInfo(serverId, contextPath);
        if (security != null) {
            if (info != null) {
                for (String permission: info.getBasePermission()) {
                    if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) &&
                            !authz.hasPermission(userLogin.getString("userLoginId"), permission, null)) {
                        return false;
                    }
                }
            } else {
                Debug.logInfo("No webapp configuration found for : " + serverId + " / " + contextPath, module);

        GenericValue userLogin = methodContext.getUserLogin();
        if (userLogin != null) {
            String permission = methodContext.expandString(this.permission);
            String action = methodContext.expandString(this.action);

            Authorization authz = methodContext.getAuthz();
            Security security = methodContext.getSecurity();
            if (UtilValidate.isNotEmpty(action)) {
                // run hasEntityPermission
                if (security.hasEntityPermission(permission, action, userLogin)) {
                    runSubOps = true;
                }
            } else {
                // run hasPermission
                if (authz.hasPermission(userLogin.getString("userLoginId"), permission, methodContext.getEnvMap())) {
                    runSubOps = true;
                }
            }
        }

        }

        // if no user is logged in, treat as if the user does not have permission: do not run subops
        GenericValue userLogin = methodContext.getUserLogin();
        if (userLogin != null) {
            Authorization authz = methodContext.getAuthz();
            Security security = methodContext.getSecurity();
            if (this.permissionInfo.hasPermission(methodContext, userLogin, authz, security)) {
                hasPermission = true;
            }

            GenericValue userLogin = (GenericValue) context.get("userLogin");
            if (userLogin != null) {
                String permission = permissionExdr.expandString(context);
                String action = actionExdr.expandString(context);

                Authorization authz = (Authorization) context.get("authorization");
                Security security = (Security) context.get("security");
                if (UtilValidate.isNotEmpty(action)) {
                    //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module);
                    // run hasEntityPermission
                    if (security.hasEntityPermission(permission, action, userLogin)) {
                        return true;
                    }
                } else {
                    // run hasPermission
                    if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) {
                        return true;
                    }
                }
            }
            return false;

            GenericValue userLogin = (GenericValue) context.get("userLogin");
            if (userLogin != null) {
                String permission = permissionExdr.expandString(context);
                String action = actionExdr.expandString(context);

                Authorization authz = (Authorization) context.get("authz");
                Security security = (Security) context.get("security");
                if (UtilValidate.isNotEmpty(action)) {
                    //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module);
                    // run hasEntityPermission
                    if (security.hasEntityPermission(permission, action, userLogin)) {
                        return true;
                    }
                } else {
                    // run hasPermission
                    if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) {
                        return true;
                    }
                }
            }
            return false;