Examples with EntityIdentifier org.apereo.portal.EntityIdentifier used on opensource projects

Example 6 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class AbstractEntityCachingService method add.

/* (non-Javadoc)
     * @see org.apereo.portal.concurrency.IEntityCachingService#add(org.apereo.portal.IBasicEntity)
     */
public void add(IBasicEntity entity) throws CachingException {
    final EntityIdentifier entityIdentifier = entity.getEntityIdentifier();
    final Class<? extends IBasicEntity> entityType = entityIdentifier.getType();
    final IEntityCache entityCache = this.getCache(entityType);
    entityCache.add(entity);
}

Example 7 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortletEntityRegistryImpl method checkPortletDefinitionRenderPermissions.

private IPortletDefinition checkPortletDefinitionRenderPermissions(IUserInstance userInstance, final IPortletDefinition portletDefinition) {
    if (portletDefinition == null) {
        return null;
    }
    final IPerson person = userInstance.getPerson();
    final EntityIdentifier ei = person.getEntityIdentifier();
    final IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    if (ap.canRender(portletDefinition.getPortletDefinitionId().getStringId())) {
        return portletDefinition;
    }
    return null;
}

Example 8 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortalWebFlowUtilsImpl method getCurrentPrincipal.

/* (non-Javadoc)
     * @see org.apereo.portal.spring.web.flow.IPortalWebFlowUtils#getCurrentPrincipal(org.springframework.webflow.context.ExternalContext)
     */
public IAuthorizationPrincipal getCurrentPrincipal(final ExternalContext externalContext) {
    final IPerson person = getCurrentPerson(externalContext);
    final EntityIdentifier ei = person.getEntityIdentifier();
    return AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
}

Example 9 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortletRendererImpl method enforceConfigPermission.

/**
     * Enforces config mode access control. If requesting user does not have CONFIG permission, and
     * the PortletWindow specifies config mode, throws AuthorizationException. Otherwise does
     * nothing.
     *
     * @param httpServletRequest the non-null current HttpServletRequest (for determining requesting
     *     user)
     * @param portletWindow a non-null portlet window that might be in config mode
     * @throws AuthorizationException if the user is not permitted to access config mode yet portlet
     *     window specifies config mode
     * @throws java.lang.IllegalArgumentException if the request or window are null
     * @since 4.0.13.1, 4.0.14, 4.1.
     */
protected void enforceConfigPermission(final HttpServletRequest httpServletRequest, final IPortletWindow portletWindow) {
    Validate.notNull(httpServletRequest, "Servlet request must not be null to determine remote user.");
    Validate.notNull(portletWindow, "Portlet window must not be null to determine its mode.");
    final PortletMode portletMode = portletWindow.getPortletMode();
    if (portletMode != null) {
        if (IPortletRenderer.CONFIG.equals(portletMode)) {
            final IPerson person = this.personManager.getPerson(httpServletRequest);
            final EntityIdentifier ei = person.getEntityIdentifier();
            final AuthorizationService authorizationService = AuthorizationService.instance();
            final IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
            final IPortletEntity portletEntity = portletWindow.getPortletEntity();
            final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
            if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {
                logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode.  " + "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW.  " + "You should probably figure out who this user is and why they are trying to access " + "unauthorized portlet modes.", person.getUserName(), portletDefinition.getFName(), portletMode);
                throw new AuthorizationException(person.getUserName() + " does not have permission to render '" + portletDefinition.getFName() + "' in " + portletMode + " PortletMode.");
            }
        }
    }
}

Example 10 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortletErrorController method hasAdminPrivileges.

/**
     * @return true if the userInstance argument has administrative privileges regarding viewing
     *     error details
     */
protected boolean hasAdminPrivileges(IUserInstance userInstance) {
    EntityIdentifier ei = userInstance.getPerson().getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    return ap.hasPermission(IPermission.ERROR_PORTLET, IPermission.VIEW_ACTIVITY, IPermission.DETAILS_TARGET);
}