Example 11 with Principal
use of com.autentia.tnt.manager.security.Principal in project TNTConcept by autentia.
the class DefaultAclService method addAclLevel.
private void addAclLevel(Map<AclMatrixKey, AclMatrixValue> matrix, AclImpl acl, Class type, ITransferObject dto, Permission perm) {
Principal principal = SpringUtils.getPrincipal();
Sid sid = new PrincipalSid(principal.getUsername());
AclMatrixKey key = new AclMatrixKey(type, principal.getRoleId());
AclMatrixValue level = matrix.get(key);
if (log.isDebugEnabled()) {
log.debug("addAclLevel -" + " permission=[" + perm.getPattern() + "]" + " type=" + type.getSimpleName() + " id=" + dto.getId() + " ownerId=" + dto.getOwnerId() + " departmentId=" + dto.getDepartmentId() + " userId=" + principal.getId() + " roleId=" + principal.getRoleId() + " level=" + level);
}
if (level == null) {
throw new UnsupportedOperationException("Write permission level for " + key + " not defined");
}
switch(level) {
case ALL:
acl.insertAce(null, perm, sid, true);
break;
case OWN:
if (isIgnoreUnownedObjects() && (dto.getOwnerId() == null)) {
acl.insertAce(null, perm, sid, true);
log.warn("addAclLevel - allowing permission [" + perm.getPattern() + "] on object " + type.getSimpleName() + "[" + dto.getId() + "] " + "because it is not owned by any user and ignoreUnknownedObjects=true in DefaultAclService");
} else {
if (dto.getOwnerId() == principal.getId()) {
acl.insertAce(null, perm, sid, true);
}
}
break;
case AREA:
if (isIgnoreUnownedObjects() && (dto.getDepartmentId() == null)) {
acl.insertAce(null, perm, sid, true);
log.warn("addAclLevel - allowing permission [" + perm.getPattern() + "] on object " + type.getSimpleName() + "[" + dto.getId() + "] " + "because it is not owned by any department and ignoreUnknownedObjects=true in DefaultAclService");
} else {
if (dto.getDepartmentId() == principal.getDepartmentId()) {
acl.insertAce(null, perm, sid, true);
}
}
break;
case DENY:
// Do nothing
break;
case OWNERS:
if (dto.getOwnersId() != null && dto.getOwnersId().contains(principal.getId())) {
acl.insertAce(null, perm, sid, true);
}
break;
default:
throw new UnsupportedOperationException("AclMatrixValue(" + level + ") not supported by write permission in readAclById()");
}
}
Also used :
PrincipalSid(org.acegisecurity.acls.sid.PrincipalSid)
Principal(com.autentia.tnt.manager.security.Principal)
Sid(org.acegisecurity.acls.sid.Sid)
PrincipalSid(org.acegisecurity.acls.sid.PrincipalSid)
Example 12 with Principal
use of com.autentia.tnt.manager.security.Principal in project TNTConcept by autentia.
the class ContractExpirationNotificationBean method authenticateAs.
// TODO Extract to a Security Utils Class or similar
private void authenticateAs(final String userLogin) {
final Principal principal = (Principal) AuthenticationManager.getDefault().loadUserByUsername(userLogin);
Authentication auth = new UsernamePasswordAuthenticationToken(principal, principal.getUser().getPassword(), principal.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
}
Also used :
Authentication(org.acegisecurity.Authentication)
UsernamePasswordAuthenticationToken(org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
Principal(com.autentia.tnt.manager.security.Principal)
Example 13 with Principal
use of com.autentia.tnt.manager.security.Principal in project TNTConcept by autentia.
the class MenuBean method getMenu.
/**
* Get menu tree
* @return menu tree
*/
public TreeNode getMenu() {
// Create menu only the first time
if (menu == null) {
Principal creds = SpringUtils.getPrincipal();
Stack<TreeNode> path = new Stack<TreeNode>();
menu = new TreeNodeBase("menu", "Menu", false);
path.push(menu);
if (openNode(path, creds, null, "admin")) {
addLeaf(path, creds, Permission.Entity_Menu(User.class), "users");
addLeaf(path, creds, Permission.Entity_Menu(UserCategory.class), "userCategorys");
addLeaf(path, creds, null, "changePassword");
addLeaf(path, creds, Permission.Entity_Menu(Department.class), "departments");
// addLeaf( path, creds, Permission.Entity_Menu(Setting.class), "settings" );
closeNode(path);
}
if (openNode(path, creds, null, "masterTables")) {
addLeaf(path, creds, Permission.Entity_Menu(AccountEntryType.class), "accountEntryTypes");
addLeaf(path, creds, Permission.Entity_Menu(OrganizationType.class), "organizationTypes");
addLeaf(path, creds, Permission.Entity_Menu(InteractionType.class), "interactionTypes");
addLeaf(path, creds, Permission.Entity_Menu(OrganizationISOCategory.class), "organizationISOCategorys");
addLeaf(path, creds, Permission.Entity_Menu(ContractType.class), "contractTypes");
addLeaf(path, creds, Permission.Entity_Menu(Magazine.class), "magazines");
addLeaf(path, creds, Permission.Entity_Menu(OfferRejectReason.class), "offerRejectReasons");
closeNode(path);
}
if (openNode(path, creds, null, "billing")) {
addLeaf(path, creds, Permission.Entity_Menu(Bill.class), "bills");
addLeaf(path, creds, Permission.Entity_Menu(Account.class), "accounts");
addLeaf(path, creds, Permission.Entity_Menu(AccountEntry.class), "accountEntrys");
addLeaf(path, creds, Permission.Entity_Menu(PeriodicalAccountEntry.class), "periodicalAccountEntrys");
addLeaf(path, creds, Permission.Action_NOF, "nof");
addLeaf(path, creds, Permission.Entity_Menu(FinancialRatio.class), "financialRatios");
closeNode(path);
}
if (openNode(path, creds, null, "contacts")) {
addLeaf(path, creds, Permission.Entity_Menu(Organization.class), "organizations");
addLeaf(path, creds, Permission.Entity_Menu(Interaction.class), "interactions");
addLeaf(path, creds, Permission.Entity_Menu(Contact.class), "contacts");
addLeaf(path, creds, Permission.Entity_Menu(Offer.class), "offers");
addLeaf(path, creds, Permission.Entity_Menu(Project.class), "projects");
closeNode(path);
}
if (openNode(path, creds, null, "quality")) {
addLeaf(path, creds, Permission.Action_ListQualityDocuments, "qualityDocuments");
closeNode(path);
}
if (openNode(path, creds, null, "bulletin")) {
addLeaf(path, creds, Permission.Entity_Menu(BulletinBoard.class), "bulletinBoards");
addLeaf(path, creds, Permission.Entity_Menu(CompanyState.class), "companyStates");
addLeaf(path, creds, Permission.Entity_Menu(BulletinBoardCategory.class), "bulletinBoardCategorys");
addLeaf(path, creds, Permission.Entity_Menu(Idea.class), "ideas");
closeNode(path);
}
if (openNode(path, creds, null, "activity")) {
addLeaf(path, creds, Permission.Entity_Menu(Activity.class), "activitys");
addLeaf(path, creds, Permission.Entity_Menu(Objective.class), "objectives");
closeNode(path);
}
if (openNode(path, creds, null, "reports")) {
addLeaf(path, creds, Permission.Action_GeneralReports, "generalReports");
addLeaf(path, creds, Permission.Action_BitacoreReports, "bitacoreReports");
addLeaf(path, creds, Permission.Action_BillReports, "billReports");
addLeaf(path, creds, Permission.Action_ProjectReports, "projectReports");
addLeaf(path, creds, Permission.Action_InteractionReports, "interactionReports");
addLeaf(path, creds, Permission.Action_OrganizationReports, "organizationReports");
addLeaf(path, creds, Permission.Action_OfferReports, "offerReports");
addLeaf(path, creds, Permission.Action_OwnReports, "ownReports");
addLeaf(path, creds, Permission.Action_PersonalReports, "personalReports");
closeNode(path);
}
if (openNode(path, creds, null, "publish")) {
addLeaf(path, creds, Permission.Entity_Menu(Tutorial.class), "tutorials");
addLeaf(path, creds, Permission.Entity_Menu(Publication.class), "publications");
closeNode(path);
}
if (openNode(path, creds, null, "holiday")) {
addLeaf(path, creds, Permission.Entity_Menu(Holiday.class), "holidays");
addLeaf(path, creds, Permission.Entity_Menu(RequestHoliday.class), "requestHolidays");
addLeaf(path, creds, Permission.Entity_Menu(AdminHoliday.class), "adminHolidays");
closeNode(path);
}
if (openNode(path, creds, null, "utils")) {
addLeaf(path, creds, Permission.Entity_Menu(Book.class), "books");
addLeaf(path, creds, Permission.Entity_Menu(Inventary.class), "inventarys");
closeNode(path);
}
}
return menu;
}
Also used :
InteractionType(com.autentia.tnt.businessobject.InteractionType)
UserCategory(com.autentia.tnt.businessobject.UserCategory)
Account(com.autentia.tnt.businessobject.Account)
User(com.autentia.tnt.businessobject.User)
Organization(com.autentia.tnt.businessobject.Organization)
BulletinBoardCategory(com.autentia.tnt.businessobject.BulletinBoardCategory)
Activity(com.autentia.tnt.businessobject.Activity)
PeriodicalAccountEntry(com.autentia.tnt.businessobject.PeriodicalAccountEntry)
AccountEntry(com.autentia.tnt.businessobject.AccountEntry)
TreeNodeBase(org.apache.myfaces.custom.tree2.TreeNodeBase)
RequestHoliday(com.autentia.tnt.businessobject.RequestHoliday)
Department(com.autentia.tnt.businessobject.Department)
PeriodicalAccountEntry(com.autentia.tnt.businessobject.PeriodicalAccountEntry)
TreeNode(org.apache.myfaces.custom.tree2.TreeNode)
Book(com.autentia.tnt.businessobject.Book)
OrganizationISOCategory(com.autentia.tnt.businessobject.OrganizationISOCategory)
FinancialRatio(com.autentia.tnt.businessobject.FinancialRatio)
Tutorial(com.autentia.tnt.businessobject.Tutorial)
Interaction(com.autentia.tnt.businessobject.Interaction)
Publication(com.autentia.tnt.businessobject.Publication)
AccountEntryType(com.autentia.tnt.businessobject.AccountEntryType)
CompanyState(com.autentia.tnt.businessobject.CompanyState)
OrganizationType(com.autentia.tnt.businessobject.OrganizationType)
Inventary(com.autentia.tnt.businessobject.Inventary)
Stack(java.util.Stack)
Contact(com.autentia.tnt.businessobject.Contact)
BulletinBoard(com.autentia.tnt.businessobject.BulletinBoard)
Project(com.autentia.tnt.businessobject.Project)
Objective(com.autentia.tnt.businessobject.Objective)
OfferRejectReason(com.autentia.tnt.businessobject.OfferRejectReason)
Offer(com.autentia.tnt.businessobject.Offer)
Idea(com.autentia.tnt.businessobject.Idea)
Holiday(com.autentia.tnt.businessobject.Holiday)
AdminHoliday(com.autentia.tnt.businessobject.AdminHoliday)
RequestHoliday(com.autentia.tnt.businessobject.RequestHoliday)
Bill(com.autentia.tnt.businessobject.Bill)
ContractType(com.autentia.tnt.businessobject.ContractType)
Principal(com.autentia.tnt.manager.security.Principal)
Magazine(com.autentia.tnt.businessobject.Magazine)
AdminHoliday(com.autentia.tnt.businessobject.AdminHoliday)
Aggregations
Principal (com.autentia.tnt.manager.security.Principal)13
UsernamePasswordAuthenticationToken (org.acegisecurity.providers.UsernamePasswordAuthenticationToken)7
Authentication (org.acegisecurity.Authentication)6
AccountEntry (com.autentia.tnt.businessobject.AccountEntry)2
AccountEntryType (com.autentia.tnt.businessobject.AccountEntryType)2
Activity (com.autentia.tnt.businessobject.Activity)2
AdminHoliday (com.autentia.tnt.businessobject.AdminHoliday)2
Bill (com.autentia.tnt.businessobject.Bill)2
Book (com.autentia.tnt.businessobject.Book)2
BulletinBoard (com.autentia.tnt.businessobject.BulletinBoard)2
BulletinBoardCategory (com.autentia.tnt.businessobject.BulletinBoardCategory)2
CompanyState (com.autentia.tnt.businessobject.CompanyState)2
Contact (com.autentia.tnt.businessobject.Contact)2
ContractType (com.autentia.tnt.businessobject.ContractType)2
Department (com.autentia.tnt.businessobject.Department)2
FinancialRatio (com.autentia.tnt.businessobject.FinancialRatio)2
Holiday (com.autentia.tnt.businessobject.Holiday)2
Idea (com.autentia.tnt.businessobject.Idea)2
Interaction (com.autentia.tnt.businessobject.Interaction)2
InteractionType (com.autentia.tnt.businessobject.InteractionType)2
