Search in sources :

Example 1 with RolePermission

use of fi.otavanopisto.muikku.model.security.RolePermission in project muikku by otavanopisto.

the class RolePermissionDAO method create.

public RolePermission create(RoleEntity role, Permission permission) {
    RolePermission rolePermission = new RolePermission();
    rolePermission.setRole(role);
    rolePermission.setPermission(permission);
    return persist(rolePermission);
}
Also used : RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)

Example 2 with RolePermission

use of fi.otavanopisto.muikku.model.security.RolePermission in project muikku by otavanopisto.

the class RolePermissionDAO method findByUserRoleAndPermission.

public RolePermission findByUserRoleAndPermission(RoleEntity role, Permission permission) {
    EntityManager entityManager = getEntityManager();
    CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
    CriteriaQuery<RolePermission> criteria = criteriaBuilder.createQuery(RolePermission.class);
    Root<RolePermission> root = criteria.from(RolePermission.class);
    criteria.select(root);
    criteria.where(criteriaBuilder.and(criteriaBuilder.equal(root.get(RolePermission_.role), role), criteriaBuilder.equal(root.get(RolePermission_.permission), permission)));
    return getSingleResult(entityManager.createQuery(criteria));
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) EntityManager(javax.persistence.EntityManager) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)

Example 3 with RolePermission

use of fi.otavanopisto.muikku.model.security.RolePermission in project muikku by otavanopisto.

the class PermissionsPluginController method resetPermissions.

public void resetPermissions(Set<RoleEntity> resetRoleEntities) {
    if (CollectionUtils.isEmpty(resetRoleEntities))
        return;
    // TODO Only handles environment and workspace scopes
    for (MuikkuPermissionCollection collection : permissionCollections) {
        logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
        List<String> permissions = collection.listPermissions();
        for (String permissionName : permissions) {
            Permission permission = permissionDAO.findByName(permissionName);
            if (permission != null) {
                try {
                    String permissionScope = collection.getPermissionScope(permissionName);
                    if (permissionScope != null) {
                        if (!PermissionScope.PERSONAL.equals(permissionScope)) {
                            // Current roles
                            String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
                            EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
                            WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
                            List<RoleEntity> currentRoles = new ArrayList<RoleEntity>();
                            if (pseudoRoles != null) {
                                for (String pseudoRole : pseudoRoles) {
                                    RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
                                    if (roleEntity != null) {
                                        currentRoles.add(roleEntity);
                                    }
                                }
                            }
                            if (environmentRoles != null) {
                                for (EnvironmentRoleArchetype environmentRole : environmentRoles) {
                                    List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(environmentRole);
                                    currentRoles.addAll(envRoles);
                                }
                            }
                            if (workspaceRoles != null) {
                                for (WorkspaceRoleArchetype workspaceRole : workspaceRoles) {
                                    List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(workspaceRole);
                                    currentRoles.addAll(wsRoles);
                                }
                            }
                            logger.info(String.format("Permission %s applies to %d roles", permissionName, currentRoles.size()));
                            if (PermissionScope.ENVIRONMENT.equals(permissionScope) || PermissionScope.WORKSPACE.equals(permissionScope)) {
                                List<RolePermission> databasePermissions = rolePermissionDAO.listByPermission(permission);
                                removeNonHandledRoles(currentRoles, databasePermissions, resetRoleEntities);
                                for (RolePermission databasePermission : databasePermissions) {
                                    int index = indexOfRoleEntity(currentRoles, databasePermission);
                                    if (index >= 0) {
                                        currentRoles.remove(index);
                                    } else {
                                        logger.info(String.format("Removing %s from %s", databasePermission.getRole().getName(), permission.getName()));
                                        rolePermissionDAO.delete(databasePermission);
                                    }
                                }
                                for (RoleEntity currentRole : currentRoles) {
                                    logger.info(String.format("Adding environment role %s for %s", currentRole.getName(), permission.getName()));
                                    rolePermissionDAO.create(currentRole, permission);
                                }
                            }
                        }
                    }
                } catch (Exception e) {
                    logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
                }
            }
        }
    }
}
Also used : EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype) MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection) ArrayList(java.util.ArrayList) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission) Permission(fi.otavanopisto.muikku.model.security.Permission) WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)

Example 4 with RolePermission

use of fi.otavanopisto.muikku.model.security.RolePermission in project muikku by otavanopisto.

the class RolePermissionDAO method listByPermission.

public List<RolePermission> listByPermission(Permission permission) {
    EntityManager entityManager = getEntityManager();
    CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
    CriteriaQuery<RolePermission> criteria = criteriaBuilder.createQuery(RolePermission.class);
    Root<RolePermission> root = criteria.from(RolePermission.class);
    criteria.select(root);
    criteria.where(criteriaBuilder.equal(root.get(RolePermission_.permission), permission));
    return entityManager.createQuery(criteria).getResultList();
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) EntityManager(javax.persistence.EntityManager) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)

Aggregations

RolePermission (fi.otavanopisto.muikku.model.security.RolePermission)4 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 Permission (fi.otavanopisto.muikku.model.security.Permission)1 EnvironmentRoleArchetype (fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)1 EnvironmentRoleEntity (fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)1 RoleEntity (fi.otavanopisto.muikku.model.users.RoleEntity)1 WorkspaceRoleArchetype (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)1 WorkspaceRoleEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)1 MuikkuPermissionCollection (fi.otavanopisto.muikku.security.MuikkuPermissionCollection)1 ArrayList (java.util.ArrayList)1