Example 1 with WorkspaceRoleArchetype
use of fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype in project muikku by otavanopisto.
the class UserRolePermissionObserver method onWorkspaceRoleDiscoveredEvent.
public void onWorkspaceRoleDiscoveredEvent(@Observes(during = TransactionPhase.BEFORE_COMPLETION) SchoolDataWorkspaceRoleDiscoveredEvent event) {
for (MuikkuPermissionCollection collection : permissionCollections) {
List<String> permissions = collection.listPermissions();
for (String permissionName : permissions) {
Permission permission = permissionDAO.findByName(permissionName);
if (permission != null) {
try {
String permissionScope = collection.getPermissionScope(permissionName);
RoleEntity role = workspaceRoleEntityDAO.findById(event.getDiscoveredWorkspaceRoleEntityId());
WorkspaceRoleArchetype[] archetypes = collection.getDefaultWorkspaceRoles(permissionName);
if (archetypes != null) {
for (WorkspaceRoleArchetype archetype : archetypes) {
if (archetype.equals(translateArchetype(event.getArchetype()))) {
applyPermission(permissionScope, role, permission);
break;
}
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
}
Also used :
RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity)
Permission(fi.otavanopisto.muikku.model.security.Permission)
RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)
WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)
Example 2 with WorkspaceRoleArchetype
use of fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype in project muikku by otavanopisto.
the class DefaultSchoolDataRoleListener method onSchoolDataWorkspaceRoleDiscoveredEvent.
public void onSchoolDataWorkspaceRoleDiscoveredEvent(@Observes SchoolDataWorkspaceRoleDiscoveredEvent event) {
String discoverId = "WSR-" + event.getDataSource() + "/" + event.getIdentifier();
if (discoveredWorkspaceRoles.containsKey(discoverId)) {
event.setDiscoveredWorkspaceRoleEntityId(discoveredWorkspaceRoles.get(discoverId));
return;
}
WorkspaceRoleEntity workspaceRoleEntity = workspaceRoleEntityController.findWorkspaceRoleEntityByDataSourceAndIdentifier(event.getDataSource(), event.getIdentifier());
if (workspaceRoleEntity == null) {
WorkspaceRoleArchetype roleArchetype = WorkspaceRoleArchetype.valueOf(event.getArchetype().name());
workspaceRoleEntity = workspaceRoleEntityController.createWorkspaceRoleEntity(event.getDataSource(), event.getIdentifier(), roleArchetype, event.getName());
discoveredWorkspaceRoles.put(discoverId, workspaceRoleEntity.getId());
event.setDiscoveredWorkspaceRoleEntityId(workspaceRoleEntity.getId());
} else {
logger.warning("WorkspaceRoleEntity for " + event.getIdentifier() + "/" + event.getDataSource() + " already exists");
}
}
Also used :
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)
Example 3 with WorkspaceRoleArchetype
use of fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype in project muikku by otavanopisto.
the class PermissionsPluginController method resetPermissions.
public void resetPermissions(Set<RoleEntity> resetRoleEntities) {
if (CollectionUtils.isEmpty(resetRoleEntities))
return;
// TODO Only handles environment and workspace scopes
for (MuikkuPermissionCollection collection : permissionCollections) {
logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
List<String> permissions = collection.listPermissions();
for (String permissionName : permissions) {
Permission permission = permissionDAO.findByName(permissionName);
if (permission != null) {
try {
String permissionScope = collection.getPermissionScope(permissionName);
if (permissionScope != null) {
if (!PermissionScope.PERSONAL.equals(permissionScope)) {
// Current roles
String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
List<RoleEntity> currentRoles = new ArrayList<RoleEntity>();
if (pseudoRoles != null) {
for (String pseudoRole : pseudoRoles) {
RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
if (roleEntity != null) {
currentRoles.add(roleEntity);
}
}
}
if (environmentRoles != null) {
for (EnvironmentRoleArchetype environmentRole : environmentRoles) {
List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(environmentRole);
currentRoles.addAll(envRoles);
}
}
if (workspaceRoles != null) {
for (WorkspaceRoleArchetype workspaceRole : workspaceRoles) {
List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(workspaceRole);
currentRoles.addAll(wsRoles);
}
}
logger.info(String.format("Permission %s applies to %d roles", permissionName, currentRoles.size()));
if (PermissionScope.ENVIRONMENT.equals(permissionScope) || PermissionScope.WORKSPACE.equals(permissionScope)) {
List<RolePermission> databasePermissions = rolePermissionDAO.listByPermission(permission);
removeNonHandledRoles(currentRoles, databasePermissions, resetRoleEntities);
for (RolePermission databasePermission : databasePermissions) {
int index = indexOfRoleEntity(currentRoles, databasePermission);
if (index >= 0) {
currentRoles.remove(index);
} else {
logger.info(String.format("Removing %s from %s", databasePermission.getRole().getName(), permission.getName()));
rolePermissionDAO.delete(databasePermission);
}
}
for (RoleEntity currentRole : currentRoles) {
logger.info(String.format("Adding environment role %s for %s", currentRole.getName(), permission.getName()));
rolePermissionDAO.create(currentRole, permission);
}
}
}
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
}
}
}
}
}
Also used :
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)
MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection)
ArrayList(java.util.ArrayList)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)
Permission(fi.otavanopisto.muikku.model.security.Permission)
WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)
RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)
Example 4 with WorkspaceRoleArchetype
use of fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype in project muikku by otavanopisto.
the class PermissionsPluginController method processPermissions.
public void processPermissions() {
logger.log(Level.INFO, "Starting permission gathering");
for (SystemRoleType systemRoleType : SystemRoleType.values()) {
if (systemRoleEntityDAO.findByRoleType(systemRoleType) == null)
systemRoleEntityDAO.create(systemRoleType.name(), systemRoleType);
}
for (MuikkuPermissionCollection collection : permissionCollections) {
logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
List<String> permissions = collection.listPermissions();
for (String permissionName : permissions) {
Permission permission = permissionDAO.findByName(permissionName);
if (permission == null) {
logger.log(Level.INFO, "Recording new permission " + permissionName);
try {
final String permissionScope = collection.getPermissionScope(permissionName);
if (permissionScope != null) {
permission = permissionDAO.create(permissionName, permissionScope);
if (!PermissionScope.PERSONAL.equals(permissionScope)) {
String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
List<RoleEntity> roles = new ArrayList<RoleEntity>();
if (pseudoRoles != null) {
for (String pseudoRole : pseudoRoles) {
RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
if (roleEntity != null)
roles.add(roleEntity);
}
}
if (environmentRoles != null) {
for (EnvironmentRoleArchetype envRole : environmentRoles) {
List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(envRole);
roles.addAll(envRoles);
}
}
if (workspaceRoles != null) {
for (WorkspaceRoleArchetype arc : workspaceRoles) {
List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(arc);
roles.addAll(wsRoles);
}
}
switch(permissionScope) {
case PermissionScope.ENVIRONMENT:
case PermissionScope.WORKSPACE:
for (RoleEntity role : roles) {
rolePermissionDAO.create(role, permission);
}
break;
case PermissionScope.USERGROUP:
List<UserGroupEntity> userGroups = userGroupDAO.listAll();
for (RoleEntity role : roles) {
// TODO Workspace creation & templates - is this necessary and bulletproof?
for (UserGroupEntity userGroup : userGroups) {
userGroupRolePermissionDAO.create(userGroup, role, permission);
}
}
break;
default:
permissionDiscoveredEvent.select(new PermissionScopeBinding() {
private static final long serialVersionUID = 9009824962970938515L;
@Override
public String value() {
return permissionScope;
}
}).fire(new PermissionDiscoveredEvent(permission));
break;
}
}
} else
logger.log(Level.WARNING, "PermissionScope null for " + permissionName);
} catch (Exception e) {
logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
}
}
}
}
logger.log(Level.INFO, "Finished permission gathering");
}
Also used :
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)
SystemRoleType(fi.otavanopisto.muikku.model.users.SystemRoleType)
MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection)
ArrayList(java.util.ArrayList)
UserGroupEntity(fi.otavanopisto.muikku.model.users.UserGroupEntity)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)
Permission(fi.otavanopisto.muikku.model.security.Permission)
WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)
Aggregations
WorkspaceRoleArchetype (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)4
Permission (fi.otavanopisto.muikku.model.security.Permission)3
RolePermission (fi.otavanopisto.muikku.model.security.RolePermission)3
RoleEntity (fi.otavanopisto.muikku.model.users.RoleEntity)3
WorkspaceRoleEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)3
EnvironmentRoleArchetype (fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)2
EnvironmentRoleEntity (fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)2
MuikkuPermissionCollection (fi.otavanopisto.muikku.security.MuikkuPermissionCollection)2
ArrayList (java.util.ArrayList)2
SystemRoleType (fi.otavanopisto.muikku.model.users.SystemRoleType)1
UserGroupEntity (fi.otavanopisto.muikku.model.users.UserGroupEntity)1
