use of fi.otavanopisto.muikku.model.security.Permission in project muikku by otavanopisto.
the class PermissionsPluginController method processPermissions.
public void processPermissions() {
logger.log(Level.INFO, "Starting permission gathering");
for (SystemRoleType systemRoleType : SystemRoleType.values()) {
if (systemRoleEntityDAO.findByRoleType(systemRoleType) == null)
systemRoleEntityDAO.create(systemRoleType.name(), systemRoleType);
}
for (MuikkuPermissionCollection collection : permissionCollections) {
logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
List<String> permissions = collection.listPermissions();
for (String permissionName : permissions) {
Permission permission = permissionDAO.findByName(permissionName);
if (permission == null) {
logger.log(Level.INFO, "Recording new permission " + permissionName);
try {
final String permissionScope = collection.getPermissionScope(permissionName);
if (permissionScope != null) {
permission = permissionDAO.create(permissionName, permissionScope);
if (!PermissionScope.PERSONAL.equals(permissionScope)) {
String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
List<RoleEntity> roles = new ArrayList<RoleEntity>();
if (pseudoRoles != null) {
for (String pseudoRole : pseudoRoles) {
RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
if (roleEntity != null)
roles.add(roleEntity);
}
}
if (environmentRoles != null) {
for (EnvironmentRoleArchetype envRole : environmentRoles) {
List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(envRole);
roles.addAll(envRoles);
}
}
if (workspaceRoles != null) {
for (WorkspaceRoleArchetype arc : workspaceRoles) {
List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(arc);
roles.addAll(wsRoles);
}
}
switch(permissionScope) {
case PermissionScope.ENVIRONMENT:
case PermissionScope.WORKSPACE:
for (RoleEntity role : roles) {
rolePermissionDAO.create(role, permission);
}
break;
case PermissionScope.USERGROUP:
List<UserGroupEntity> userGroups = userGroupDAO.listAll();
for (RoleEntity role : roles) {
// TODO Workspace creation & templates - is this necessary and bulletproof?
for (UserGroupEntity userGroup : userGroups) {
userGroupRolePermissionDAO.create(userGroup, role, permission);
}
}
break;
default:
permissionDiscoveredEvent.select(new PermissionScopeBinding() {
private static final long serialVersionUID = 9009824962970938515L;
@Override
public String value() {
return permissionScope;
}
}).fire(new PermissionDiscoveredEvent(permission));
break;
}
}
} else
logger.log(Level.WARNING, "PermissionScope null for " + permissionName);
} catch (Exception e) {
logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
}
}
}
}
logger.log(Level.INFO, "Finished permission gathering");
}
use of fi.otavanopisto.muikku.model.security.Permission in project muikku by otavanopisto.
the class ForumPermissionResolver method hasEveryonePermission.
@Override
public boolean hasEveryonePermission(String permission, ContextReference contextReference) {
ForumArea forumArea = getForumArea(contextReference);
RoleEntity userRole = getEveryoneRole();
Permission perm = permissionDAO.findByName(permission);
if (forumArea == null)
return false;
return resourceUserRolePermissionDAO.hasResourcePermissionAccess(resourceRightsController.findResourceRightsById(forumArea.getRights()), userRole, perm);
}
use of fi.otavanopisto.muikku.model.security.Permission in project muikku by otavanopisto.
the class PermissionRESTService method setWorkspaceUserGroupPermission.
@PUT
@Path("/workspaceUserGroupPermissions")
@RESTPermit(handling = Handling.INLINE, requireLoggedIn = true)
public Response setWorkspaceUserGroupPermission(WorkspaceUserGroupPermission payload) {
UserGroupEntity userGroupEntity = userGroupEntityController.findUserGroupEntityById(payload.getUserGroupId());
Permission permission = permissionDAO.findById(payload.getPermissionId());
WorkspaceEntity workspaceEntity = workspaceController.findWorkspaceEntityById(payload.getWorkspaceId());
if (!sessionController.hasPermission(MuikkuPermissions.WORKSPACE_MANAGEWORKSPACESETTINGS, workspaceEntity)) {
return Response.status(Status.FORBIDDEN).build();
}
if ((userGroupEntity == null) || (permission == null)) {
return Response.status(Response.Status.NOT_FOUND).build();
}
try {
if (payload.getPermitted())
permissionController.addWorkspaceGroupPermission(workspaceEntity, userGroupEntity, permission);
else {
WorkspaceGroupPermission workspaceGroupPermission = permissionController.findWorkspaceGroupPermission(workspaceEntity, userGroupEntity, permission);
if (workspaceGroupPermission != null)
permissionController.removeWorkspaceGroupPermission(workspaceGroupPermission);
else
return Response.status(Response.Status.NOT_FOUND).build();
}
return Response.noContent().build();
} catch (ConstraintViolationException violationException) {
return getConstraintViolations(violationException);
}
}
use of fi.otavanopisto.muikku.model.security.Permission in project muikku by otavanopisto.
the class PermissionDAO method listByScope.
public List<Permission> listByScope(String scope) {
EntityManager entityManager = getEntityManager();
CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
CriteriaQuery<Permission> criteria = criteriaBuilder.createQuery(Permission.class);
Root<Permission> root = criteria.from(Permission.class);
criteria.select(root);
criteria.where(criteriaBuilder.equal(root.get(Permission_.scope), scope));
return entityManager.createQuery(criteria).getResultList();
}
use of fi.otavanopisto.muikku.model.security.Permission in project muikku by otavanopisto.
the class PermissionDAO method findByName.
public Permission findByName(String name) {
EntityManager entityManager = getEntityManager();
CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
CriteriaQuery<Permission> criteria = criteriaBuilder.createQuery(Permission.class);
Root<Permission> root = criteria.from(Permission.class);
criteria.select(root);
criteria.where(criteriaBuilder.equal(root.get(Permission_.name), name));
return getSingleResult(entityManager.createQuery(criteria));
}
Aggregations