Examples with Role com.agiletec.aps.system.services.role.Role used on opensource projects

Example 6 with Role

use of com.agiletec.aps.system.services.role.Role in project entando-core by entando.

the class TestAuthenticationProviderManager method testUpdateRoleWithPrivacyModuleEnabled.

public void testUpdateRoleWithPrivacyModuleEnabled() throws Throwable {
    String username = "MEMisToUpdateRole";
    String password = "123456";
    this.addUserForTest(username, password);
    try {
        boolean privacyModuleStatus = this.getPrivacyModuleStatus();
        assertTrue(!privacyModuleStatus);
        this.togglePrivacyModuleStatus(true);
        privacyModuleStatus = this.getPrivacyModuleStatus();
        assertTrue(privacyModuleStatus);
        UserDetails user = this._authenticationProvider.getUser(username, password);
        assertNotNull(user);
        assertEquals(1, user.getAuthorizations().size());
        // update role
        Role adminRole = this._roleManager.getRole("admin");
        Group freeGroup = this._groupManager.getGroup(Group.FREE_GROUP_NAME);
        this._authorizationManager.addUserAuthorization(username, Group.FREE_GROUP_NAME, "admin");
        // verify role
        user = this._authenticationProvider.getUser(username, password);
        assertNotNull(user);
        assertEquals(2, user.getAuthorizations().size());
    } catch (Throwable t) {
        throw t;
    } finally {
        this.togglePrivacyModuleStatus(false);
        this._userManager.removeUser(username);
        UserDetails verify = this._userManager.getUser(username);
        assertNull(verify);
    }
}

Example 7 with Role

use of com.agiletec.aps.system.services.role.Role in project entando-core by entando.

the class UserAuthorizationAction method addAuthorization.

public String addAuthorization() {
    try {
        if (!this.checkAuthorizationSessionBean()) {
            return "userList";
        }
        String groupName = this.getGroupName();
        String roleName = this.getRoleName();
        Group group = this.getGroupManager().getGroup(groupName);
        Role role = this.getRoleManager().getRole(roleName);
        if (!StringUtils.isEmpty(groupName) && null == group) {
            this.addFieldError("groupName", this.getText("error.userAuthorization.invalidGroup", new String[] { groupName }));
        }
        if (!StringUtils.isEmpty(roleName) && null == role) {
            this.addFieldError("roleName", this.getText("error.userAuthorization.invalidRole", new String[] { groupName }));
        }
        if (null == group && null == role) {
            this.addFieldError("groupName", this.getText("error.userAuthorization.invalidGroupAndRole"));
            this.addFieldError("roleName", this.getText("error.userAuthorization.invalidGroupAndRole"));
        }
        if (this.hasFieldErrors()) {
            return INPUT;
        }
        Authorization authorization = new Authorization(group, role);
        boolean result = this.getUserAuthsFormBean().addAuthorization(authorization);
        if (!result) {
            this.addActionError(this.getText("error.userAuthorization.alreadyExists", new String[] { groupName, roleName }));
            return INPUT;
        }
    } catch (Throwable t) {
        _logger.error("error adding user authorization", t);
        return FAILURE;
    }
    return SUCCESS;
}

Example 8 with Role

use of com.agiletec.aps.system.services.role.Role in project entando-core by entando.

the class AuthorizationDAO method getUserAuthorizations.

@Override
public List<Authorization> getUserAuthorizations(String username, Map<String, Group> groups, Map<String, Role> roles) {
    Connection conn = null;
    List<Authorization> authorizations = new ArrayList<Authorization>();
    PreparedStatement stat = null;
    ResultSet res = null;
    try {
        conn = this.getConnection();
        stat = conn.prepareStatement(GET_USER_AUTHORIZATIONS);
        stat.setString(1, username);
        res = stat.executeQuery();
        while (res.next()) {
            String groupname = res.getString(1);
            Group group = (null != groupname) ? groups.get(groupname) : null;
            String rolename = res.getString(2);
            Role role = (null != rolename) ? roles.get(rolename) : null;
            Authorization authorization = new Authorization(group, role);
            if (!authorizations.contains(authorization)) {
                authorizations.add(authorization);
            }
        }
    } catch (Throwable t) {
        _logger.error("Error loading user authorization", t);
        throw new RuntimeException("Error loading user authorization", t);
    } finally {
        closeDaoResources(res, stat, conn);
    }
    return authorizations;
}

Example 9 with Role

use of com.agiletec.aps.system.services.role.Role in project entando-core by entando.

the class AuthorizationManager method isAuthOnGroupAndRole.

@Override
public boolean isAuthOnGroupAndRole(UserDetails user, String groupName, String roleName, boolean chechAdmin) {
    if (null == user || (null == groupName && null == roleName)) {
        return false;
    }
    List<Authorization> userAuths = user.getAuthorizations();
    for (int i = 0; i < userAuths.size(); i++) {
        Authorization userAuth = userAuths.get(i);
        if (null == userAuth) {
            continue;
        }
        Group group = userAuth.getGroup();
        if ((null == group && null != groupName) || (null != group && null == groupName)) {
            continue;
        } else if (null != group && null != groupName) {
            if (!chechAdmin && !groupName.equals(group.getName())) {
                continue;
            } else if (chechAdmin && !Group.ADMINS_GROUP_NAME.equals(group.getName())) {
                continue;
            }
        }
        Role role = userAuth.getRole();
        if (null == roleName) {
            return true;
        } else {
            boolean isSuper = role.hasPermission(Permission.SUPERUSER);
            if (role.getName().equals(roleName) || (chechAdmin && isSuper)) {
                return true;
            }
        }
    }
    return false;
}

Example 10 with Role

use of com.agiletec.aps.system.services.role.Role in project entando-core by entando.

the class AuthorizationManager method getRelatedAuthorities.

private List getRelatedAuthorities(UserDetails user, String requiredAuthName, boolean isRole) {
    if (null == user || null == requiredAuthName || (isRole && null == this.getRoleManager().getRole(requiredAuthName)) || (!isRole && null == this.getGroupManager().getGroup(requiredAuthName))) {
        return null;
    }
    List<String> adminRoleNames = new ArrayList<String>();
    if (isRole) {
        List<Role> adminRoles = this.getRolesWithPermission(user, Permission.SUPERUSER);
        if (null != adminRoles && !adminRoles.isEmpty()) {
            for (int i = 0; i < adminRoles.size(); i++) {
                Role role = adminRoles.get(i);
                if (null != role) {
                    adminRoleNames.add(role.getName());
                }
            }
        }
    }
    List authorities = new ArrayList<IApsAuthority>();
    List<Authorization> userAuths = user.getAuthorizations();
    for (int i = 0; i < userAuths.size(); i++) {
        Authorization userAuth = userAuths.get(i);
        if (null == userAuth) {
            continue;
        }
        if (!isRole && null != userAuth.getGroup() && (userAuth.getGroup().getName().equals(Group.ADMINS_GROUP_NAME) || requiredAuthName.equals(userAuth.getGroup().getAuthority()))) {
            authorities.add(userAuth.getRole());
        }
        if (isRole && null != userAuth.getRole() && (adminRoleNames.contains(userAuth.getRole().getName()) || requiredAuthName.equals(userAuth.getRole().getAuthority()))) {
            if (userAuth.getGroup().getName().equals(Group.ADMINS_GROUP_NAME)) {
                return this.getGroupManager().getGroups();
            } else {
                authorities.add(userAuth.getGroup());
            }
        }
    }
    return authorities;
}