Examples with IAuthorizationPrincipal org.apereo.portal.security.IAuthorizationPrincipal used on opensource projects

Example 21 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class ChannelListController method getRegistryOriginal.

/*
     * Private methods that support the original (pre-4.3) version of the API
     */
/**
     * Gathers and organizes the response based on the specified rootCategory and the permissions of
     * the specified user.
     */
private Map<String, SortedSet<?>> getRegistryOriginal(WebRequest request, IPerson user) {
    /*
         * This collection of all the portlets in the portal is for the sake of
         * tracking which ones are uncategorized.
         */
    Set<IPortletDefinition> portletsNotYetCategorized = new HashSet<IPortletDefinition>(portletDefinitionRegistry.getAllPortletDefinitions());
    // construct a new channel registry
    Map<String, SortedSet<?>> rslt = new TreeMap<String, SortedSet<?>>();
    SortedSet<ChannelCategoryBean> categories = new TreeSet<ChannelCategoryBean>();
    // add the root category and all its children to the registry
    final PortletCategory rootCategory = portletCategoryRegistry.getTopLevelPortletCategory();
    final Locale locale = getUserLocale(user);
    categories.add(prepareCategoryBean(request, rootCategory, portletsNotYetCategorized, user, locale));
    /*
         * uPortal historically has provided for a convention that portlets not in any category
         * may potentially be viewed by users but may not be subscribed to.
         *
         * As of uPortal 4.2, the logic below now takes any portlets the user has BROWSE access to
         * that have not already been identified as belonging to a category and adds them to a category
         * called Uncategorized.
         */
    EntityIdentifier ei = user.getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    // construct a new channel category bean for this category
    String uncategorizedString = messageSource.getMessage(UNCATEGORIZED, new Object[] {}, locale);
    ChannelCategoryBean uncategorizedPortletsBean = new ChannelCategoryBean(new PortletCategory(uncategorizedString));
    uncategorizedPortletsBean.setName(UNCATEGORIZED);
    uncategorizedPortletsBean.setDescription(messageSource.getMessage(UNCATEGORIZED_DESC, new Object[] {}, locale));
    for (IPortletDefinition portlet : portletsNotYetCategorized) {
        if (authorizationService.canPrincipalBrowse(ap, portlet)) {
            // construct a new channel bean from this channel
            ChannelBean channel = getChannel(portlet, request, locale);
            uncategorizedPortletsBean.addChannel(channel);
        }
    }
    // Add even if no portlets in category
    categories.add(uncategorizedPortletsBean);
    rslt.put("categories", categories);
    return rslt;
}

Example 22 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class ChannelListController method prepareCategoryBean.

private ChannelCategoryBean prepareCategoryBean(WebRequest request, PortletCategory category, Set<IPortletDefinition> portletsNotYetCategorized, IPerson user, Locale locale) {
    // construct a new channel category bean for this category
    ChannelCategoryBean categoryBean = new ChannelCategoryBean(category);
    categoryBean.setName(messageSource.getMessage(category.getName(), new Object[] {}, locale));
    // add the direct child channels for this category
    Set<IPortletDefinition> portlets = portletCategoryRegistry.getChildPortlets(category);
    EntityIdentifier ei = user.getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    for (IPortletDefinition portlet : portlets) {
        if (authorizationService.canPrincipalBrowse(ap, portlet)) {
            // construct a new channel bean from this channel
            ChannelBean channel = getChannel(portlet, request, locale);
            categoryBean.addChannel(channel);
        }
        /*
             * Remove the portlet from the uncategorized collection;
             * note -- this approach will not prevent portlets from
             * appearing in multiple categories (as appropriate).
             */
        portletsNotYetCategorized.remove(portlet);
    }
    /* Now add child categories. */
    for (PortletCategory childCategory : this.portletCategoryRegistry.getChildCategories(category)) {
        ChannelCategoryBean childCategoryBean = prepareCategoryBean(request, childCategory, portletsNotYetCategorized, user, locale);
        categoryBean.addCategory(childCategoryBean);
    }
    return categoryBean;
}

Example 23 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class ChannelListController method getRegistry43.

/*
     * Private methods that support the 4.3 version of the API
     */
/**
     * Gathers and organizes the response based on the specified rootCategory and the permissions of
     * the specified user.
     */
private Map<String, SortedSet<?>> getRegistry43(WebRequest request, IPerson user, PortletCategory rootCategory, boolean includeUncategorized) {
    /*
         * This collection of all the portlets in the portal is for the sake of
         * tracking which ones are uncategorized.  They will be added to the
         * output if includeUncategorized=true.
         */
    Set<IPortletDefinition> portletsNotYetCategorized = includeUncategorized ? new HashSet<IPortletDefinition>(portletDefinitionRegistry.getAllPortletDefinitions()) : new HashSet<// Not necessary to fetch them if we're not tracking them
    IPortletDefinition>();
    // construct a new channel registry
    Map<String, SortedSet<?>> rslt = new TreeMap<String, SortedSet<?>>();
    SortedSet<PortletCategoryBean> categories = new TreeSet<PortletCategoryBean>();
    // add the root category and all its children to the registry
    final Locale locale = getUserLocale(user);
    categories.add(preparePortletCategoryBean(request, rootCategory, portletsNotYetCategorized, user, locale));
    if (includeUncategorized) {
        /*
             * uPortal historically has provided for a convention that portlets not in any category
             * may potentially be viewed by users but may not be subscribed to.
             *
             * As of uPortal 4.2, the logic below now takes any portlets the user has BROWSE access to
             * that have not already been identified as belonging to a category and adds them to a category
             * called Uncategorized.
             */
        EntityIdentifier ei = user.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        Set<PortletDefinitionBean> marketplacePortlets = new HashSet<>();
        for (IPortletDefinition portlet : portletsNotYetCategorized) {
            if (authorizationService.canPrincipalBrowse(ap, portlet)) {
                PortletDefinitionBean pdb = preparePortletDefinitionBean(request, portlet, locale);
                marketplacePortlets.add(pdb);
            }
        }
        // construct a new channel category bean for this category
        final String uncName = messageSource.getMessage(UNCATEGORIZED, new Object[] {}, locale);
        final String uncDescription = messageSource.getMessage(UNCATEGORIZED_DESC, new Object[] {}, locale);
        PortletCategory pc = new PortletCategory(// Use of this String for Id matches earlier version of API
        uncName);
        pc.setName(uncName);
        pc.setDescription(uncDescription);
        PortletCategoryBean unc = PortletCategoryBean.fromPortletCategory(pc, null, marketplacePortlets);
        // Add even if no portlets in category
        categories.add(unc);
    }
    rslt.put("categories", categories);
    return rslt;
}

Example 24 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class GroupAdministrationHelper method canViewGroup.

public boolean canViewGroup(IPerson currentUser, String target) {
    EntityIdentifier ei = currentUser.getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    return (ap.hasPermission(IPermission.PORTAL_GROUPS, IPermission.VIEW_GROUP_ACTIVITY, target));
}

Example 25 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class UserAccountHelper method canDeleteUser.

public boolean canDeleteUser(IPerson currentUser, String target) {
    // first check to see if this is a local user
    if (!isLocalAccount(target)) {
        return false;
    }
    EntityIdentifier ei = currentUser.getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
    // TODO create new user editing permission
    return (ap.hasPermission("UP_USERS", "DELETE_USER", target));
}