Example 1 with IEntityGroup
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class ApiPermissionsService method getAssignmentsForPerson.
@Override
public Set<Assignment> getAssignmentsForPerson(String username, boolean includeInherited) {
Set<Assignment> rslt = new HashSet<Assignment>();
if (StringUtils.isBlank(username)) {
return null;
}
IAuthorizationPrincipal authP = this.authorizationService.newPrincipal(username, EntityEnum.PERSON.getClazz());
// first get the permissions explicitly set for this principal
IPermission[] directPermissions = permissionStore.select(null, authP.getPrincipalString(), null, null, null);
for (IPermission permission : directPermissions) {
if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
Assignment a = createAssignment(permission, authP, false);
if (a != null) {
rslt.add(a);
}
}
}
if (includeInherited) {
IGroupMember member = GroupService.getGroupMember(authP.getKey(), authP.getType());
for (IEntityGroup parent : member.getAncestorGroups()) {
IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
IPermission[] parentPermissions = permissionStore.select(null, parentPrincipal.getPrincipalString(), null, null, null);
for (IPermission permission : parentPermissions) {
if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
Assignment a = createAssignment(permission, authP, true);
if (a != null) {
rslt.add(a);
}
}
}
}
}
return rslt;
}
Also used :
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
IPermission(org.apereo.portal.security.IPermission)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
HashSet(java.util.HashSet)
Example 2 with IEntityGroup
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class PermissionsRESTController method getAssignmentsOnTarget.
@PreAuthorize("hasPermission('ALL', 'java.lang.String', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/target/{target}.json")
public ModelAndView getAssignmentsOnTarget(@PathVariable("target") String target, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
Set<UniquePermission> directAssignments = new HashSet<UniquePermission>();
// first get the permissions explicitly set for this principal
IPermission[] directPermissions = permissionStore.select(null, null, null, target, null);
for (IPermission permission : directPermissions) {
directAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), false));
}
JsonEntityBean entity = groupListHelper.getEntityForPrincipal(target);
Set<UniquePermission> inheritedAssignments = new HashSet<UniquePermission>();
List<JsonPermission> permissions = new ArrayList<JsonPermission>();
if (entity != null) {
IAuthorizationPrincipal p = this.authorizationService.newPrincipal(entity.getId(), entity.getEntityType().getClazz());
if (includeInherited) {
IGroupMember member = GroupService.getGroupMember(p.getKey(), p.getType());
for (IEntityGroup parent : member.getAncestorGroups()) {
IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
IPermission[] parentPermissions = permissionStore.select(null, null, null, parentPrincipal.getKey(), null);
for (IPermission permission : parentPermissions) {
inheritedAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), true));
}
}
}
for (UniquePermission permission : directAssignments) {
JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
Class<?> clazz;
EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
if (entityType.isGroup()) {
clazz = IEntityGroup.class;
} else {
clazz = entityType.getClazz();
}
IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
permissions.add(getPermissionOnTarget(permission, entity));
}
}
for (UniquePermission permission : inheritedAssignments) {
JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
Class<?> clazz;
EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
if (entityType.isGroup()) {
clazz = IEntityGroup.class;
} else {
clazz = entityType.getClazz();
}
IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
permissions.add(getPermissionOnTarget(permission, entity));
}
}
Collections.sort(permissions);
}
ModelAndView mv = new ModelAndView();
mv.addObject("assignments", permissions);
mv.setViewName("json");
return mv;
}
Also used :
EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum)
ArrayList(java.util.ArrayList)
ModelAndView(org.springframework.web.servlet.ModelAndView)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
IPermission(org.apereo.portal.security.IPermission)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
HashSet(java.util.HashSet)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with IEntityGroup
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class RDBMUserIdentityStore method addNewUser.
protected int addNewUser(final int newUID, final IPerson person, final TemplateUser templateUser) throws Exception {
// Copy template user's groups memberships
IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
IGroupMember template = GroupService.getEntity(templateUser.getUserName(), Class.forName("org.apereo.portal.security.IPerson"));
for (IEntityGroup eg : template.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
addPersonToGroup(person, me, leg);
}
}
return this.transactionOperations.execute(new TransactionCallback<Integer>() {
@Override
public Integer doInTransaction(TransactionStatus status) {
return jdbcOperations.execute(new ConnectionCallback<Integer>() {
@Override
public Integer doInConnection(Connection con) throws SQLException, DataAccessException {
int uPortalUID = -1;
PreparedStatement queryStmt = null;
PreparedStatement insertStmt = null;
try {
// Add to UP_USER
String insert = "INSERT INTO UP_USER (USER_ID, USER_NAME, USER_DFLT_USR_ID, USER_DFLT_LAY_ID, NEXT_STRUCT_ID, LST_CHAN_UPDT_DT)" + "VALUES (?, ?, ?, ?, null, null)";
String userName = person.getUserName();
insertStmt = con.prepareStatement(insert);
insertStmt.setInt(1, newUID);
insertStmt.setString(2, userName);
insertStmt.setInt(3, templateUser.getUserId());
insertStmt.setInt(4, templateUser.getDefaultLayoutId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", USER_NAME=" + userName + ", USER_DFLT_USR_ID=" + templateUser.getUserId() + ", USER_DFLT_LAY_ID=" + templateUser.getDefaultLayoutId() + "): " + insert);
insertStmt.executeUpdate();
insertStmt.close();
insertStmt = null;
// Start copying...
ResultSet rs = null;
String query = null;
try {
// Add to UP_USER_PROFILE
query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
queryStmt = con.prepareStatement(query);
queryStmt.setInt(1, templateUser.getUserId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + templateUser.getUserId() + "): " + query);
rs = queryStmt.executeQuery();
insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
insertStmt = con.prepareStatement(insert);
while (rs.next()) {
int id = getNextKey();
String profileFname = rs.getString("PROFILE_FNAME");
String profileName = rs.getString("PROFILE_NAME");
String description = rs.getString("DESCRIPTION");
int structure = rs.getInt("STRUCTURE_SS_ID");
int theme = rs.getInt("THEME_SS_ID");
insertStmt.setInt(1, newUID);
insertStmt.setInt(2, id);
insertStmt.setString(3, profileFname);
insertStmt.setString(4, profileName);
insertStmt.setString(5, description);
insertStmt.setInt(6, structure);
insertStmt.setInt(7, theme);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
insertStmt.executeUpdate();
}
rs.close();
queryStmt.close();
if (insertStmt != null) {
insertStmt.close();
insertStmt = null;
}
// transaction
if (RDBMServices.getDbMetaData().supportsTransactions())
con.commit();
uPortalUID = newUID;
} finally {
try {
if (rs != null)
rs.close();
} catch (Exception e) {
}
}
} finally {
try {
if (queryStmt != null)
queryStmt.close();
} catch (Exception e) {
}
try {
if (insertStmt != null)
insertStmt.close();
} catch (Exception e) {
}
}
return uPortalUID;
}
});
}
});
}
Also used :
Connection(java.sql.Connection)
ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup)
TransactionStatus(org.springframework.transaction.TransactionStatus)
PreparedStatement(java.sql.PreparedStatement)
DataAccessException(org.springframework.dao.DataAccessException)
SQLException(java.sql.SQLException)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
ResultSet(java.sql.ResultSet)
ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)
Example 4 with IEntityGroup
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class RDBMUserIdentityStore method updateUser.
protected void updateUser(final int userId, final IPerson person, final TemplateUser templateUser) throws Exception {
// Remove my existing group memberships
IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
for (IEntityGroup eg : me.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
removePersonFromGroup(person, me, leg);
}
}
// Copy template user's groups memberships
IGroupMember template = GroupService.getEntity(templateUser.getUserName(), IPerson.class);
for (IEntityGroup eg : template.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
addPersonToGroup(person, me, leg);
}
}
this.transactionOperations.execute(new TransactionCallback<Object>() {
@Override
public Object doInTransaction(TransactionStatus status) {
return jdbcOperations.execute(new ConnectionCallback<Object>() {
@Override
public Object doInConnection(Connection con) throws SQLException, DataAccessException {
PreparedStatement deleteStmt = null;
PreparedStatement queryStmt = null;
PreparedStatement insertStmt = null;
try {
// Update UP_USER
String update = "UPDATE UP_USER " + "SET USER_DFLT_USR_ID=?, " + "USER_DFLT_LAY_ID=?, " + "NEXT_STRUCT_ID=null " + "WHERE USER_ID=?";
insertStmt = con.prepareStatement(update);
insertStmt.setInt(1, templateUser.getUserId());
insertStmt.setInt(2, templateUser.getDefaultLayoutId());
insertStmt.setInt(3, userId);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(): " + update);
insertStmt.executeUpdate();
insertStmt.close();
// Start copying...
ResultSet rs = null;
String delete = null;
String query = null;
String insert = null;
try {
// Update UP_USER_PROFILE
delete = "DELETE FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
deleteStmt = con.prepareStatement(delete);
deleteStmt.setInt(1, userId);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + "): " + delete);
deleteStmt.executeUpdate();
deleteStmt.close();
query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
queryStmt = con.prepareStatement(query);
queryStmt.setInt(1, templateUser.getUserId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + templateUser.getUserId() + "): " + query);
rs = queryStmt.executeQuery();
insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
insertStmt = con.prepareStatement(insert);
while (rs.next()) {
int id = getNextKey();
String profileFname = rs.getString("PROFILE_FNAME");
String profileName = rs.getString("PROFILE_NAME");
String description = rs.getString("DESCRIPTION");
int structure = rs.getInt("STRUCTURE_SS_ID");
int theme = rs.getInt("THEME_SS_ID");
insertStmt.setInt(1, userId);
insertStmt.setInt(2, id);
insertStmt.setString(3, profileFname);
insertStmt.setString(4, profileName);
insertStmt.setString(5, description);
insertStmt.setInt(6, structure);
insertStmt.setInt(7, theme);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
insertStmt.executeUpdate();
}
rs.close();
queryStmt.close();
insertStmt.close();
// transaction
if (RDBMServices.getDbMetaData().supportsTransactions())
con.commit();
} finally {
try {
rs.close();
} catch (Exception e) {
}
}
} finally {
try {
deleteStmt.close();
} catch (Exception e) {
}
try {
queryStmt.close();
} catch (Exception e) {
}
try {
insertStmt.close();
} catch (Exception e) {
}
}
return null;
}
});
}
});
}
Also used :
Connection(java.sql.Connection)
ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup)
TransactionStatus(org.springframework.transaction.TransactionStatus)
PreparedStatement(java.sql.PreparedStatement)
DataAccessException(org.springframework.dao.DataAccessException)
SQLException(java.sql.SQLException)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
ResultSet(java.sql.ResultSet)
SerializableObject(org.apereo.portal.utils.SerializableObject)
ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)
Example 5 with IEntityGroup
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class EntityPersonAttributesGroupStore method searchForGroups.
@Override
public EntityIdentifier[] searchForGroups(String query, int method, Class leaftype) throws GroupsException {
if (leaftype != IPERSON_CLASS) {
return EMPTY_SEARCH_RESULTS;
}
Set<IPersonAttributesGroupDefinition> pagsGroups = personAttributesGroupDefinitionDao.getPersonAttributesGroupDefinitions();
List<EntityIdentifier> results = new ArrayList<EntityIdentifier>();
switch(method) {
case IS:
for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
if (g.getName().equalsIgnoreCase(query)) {
results.add(g.getEntityIdentifier());
}
}
break;
case STARTS_WITH:
for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
if (g.getName().toUpperCase().startsWith(query.toUpperCase())) {
results.add(g.getEntityIdentifier());
}
}
break;
case ENDS_WITH:
for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
if (g.getName().toUpperCase().endsWith(query.toUpperCase())) {
results.add(g.getEntityIdentifier());
}
}
break;
case CONTAINS:
for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
if (g.getName().toUpperCase().indexOf(query.toUpperCase()) != -1) {
results.add(g.getEntityIdentifier());
}
}
break;
}
return results.toArray(new EntityIdentifier[] {});
}
Also used :
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
ArrayList(java.util.ArrayList)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Aggregations
IEntityGroup (org.apereo.portal.groups.IEntityGroup)85
IGroupMember (org.apereo.portal.groups.IGroupMember)33
ArrayList (java.util.ArrayList)24
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)19
HashSet (java.util.HashSet)14
EntityIdentifier (org.apereo.portal.EntityIdentifier)14
EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)12
JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)10
IPermission (org.apereo.portal.security.IPermission)10
HashMap (java.util.HashMap)9
GroupsException (org.apereo.portal.groups.GroupsException)9
AggregatedGroupMapping (org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)8
IPerson (org.apereo.portal.security.IPerson)8
List (java.util.List)7
CompositeName (javax.naming.CompositeName)7
CallableWithoutResult (org.apereo.portal.concurrency.CallableWithoutResult)7
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)7
BaseAggrEventsJpaDaoTest (org.apereo.portal.test.BaseAggrEventsJpaDaoTest)7
DateTime (org.joda.time.DateTime)7
Test (org.junit.Test)7
