Example 11 with EnvironmentRoleEntity
use of fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity in project muikku by otavanopisto.
the class PermissionsPluginController method processPermissions.
public void processPermissions() {
logger.log(Level.INFO, "Starting permission gathering");
for (SystemRoleType systemRoleType : SystemRoleType.values()) {
if (systemRoleEntityDAO.findByRoleType(systemRoleType) == null)
systemRoleEntityDAO.create(systemRoleType.name(), systemRoleType);
}
for (MuikkuPermissionCollection collection : permissionCollections) {
logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
List<String> permissions = collection.listPermissions();
for (String permissionName : permissions) {
Permission permission = permissionDAO.findByName(permissionName);
if (permission == null) {
logger.log(Level.INFO, "Recording new permission " + permissionName);
try {
final String permissionScope = collection.getPermissionScope(permissionName);
if (permissionScope != null) {
permission = permissionDAO.create(permissionName, permissionScope);
if (!PermissionScope.PERSONAL.equals(permissionScope)) {
String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
List<RoleEntity> roles = new ArrayList<RoleEntity>();
if (pseudoRoles != null) {
for (String pseudoRole : pseudoRoles) {
RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
if (roleEntity != null)
roles.add(roleEntity);
}
}
if (environmentRoles != null) {
for (EnvironmentRoleArchetype envRole : environmentRoles) {
List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(envRole);
roles.addAll(envRoles);
}
}
if (workspaceRoles != null) {
for (WorkspaceRoleArchetype arc : workspaceRoles) {
List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(arc);
roles.addAll(wsRoles);
}
}
switch(permissionScope) {
case PermissionScope.ENVIRONMENT:
case PermissionScope.WORKSPACE:
for (RoleEntity role : roles) {
rolePermissionDAO.create(role, permission);
}
break;
case PermissionScope.USERGROUP:
List<UserGroupEntity> userGroups = userGroupDAO.listAll();
for (RoleEntity role : roles) {
// TODO Workspace creation & templates - is this necessary and bulletproof?
for (UserGroupEntity userGroup : userGroups) {
userGroupRolePermissionDAO.create(userGroup, role, permission);
}
}
break;
default:
permissionDiscoveredEvent.select(new PermissionScopeBinding() {
private static final long serialVersionUID = 9009824962970938515L;
@Override
public String value() {
return permissionScope;
}
}).fire(new PermissionDiscoveredEvent(permission));
break;
}
}
} else
logger.log(Level.WARNING, "PermissionScope null for " + permissionName);
} catch (Exception e) {
logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
}
}
}
}
logger.log(Level.INFO, "Finished permission gathering");
}
Also used :
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)
SystemRoleType(fi.otavanopisto.muikku.model.users.SystemRoleType)
MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection)
ArrayList(java.util.ArrayList)
UserGroupEntity(fi.otavanopisto.muikku.model.users.UserGroupEntity)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)
RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)
Permission(fi.otavanopisto.muikku.model.security.Permission)
WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)
Example 12 with EnvironmentRoleEntity
use of fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity in project muikku by otavanopisto.
the class EnvironmentRoleEntityDAO method listByArchetype.
public List<EnvironmentRoleEntity> listByArchetype(EnvironmentRoleArchetype archetype) {
EntityManager entityManager = getEntityManager();
CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
CriteriaQuery<EnvironmentRoleEntity> criteria = criteriaBuilder.createQuery(EnvironmentRoleEntity.class);
Root<EnvironmentRoleEntity> root = criteria.from(EnvironmentRoleEntity.class);
criteria.select(root);
criteria.where(criteriaBuilder.equal(root.get(EnvironmentRoleEntity_.archetype), archetype));
return entityManager.createQuery(criteria).getResultList();
}
Also used :
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
EntityManager(javax.persistence.EntityManager)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
Example 13 with EnvironmentRoleEntity
use of fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity in project muikku by otavanopisto.
the class EnvironmentPermissionsManagementBackingBean method init.
@RequestAction
public String init() {
if (!sessionController.hasEnvironmentPermission(MuikkuPermissions.MANAGE_PERMISSIONS)) {
return NavigationRules.ACCESS_DENIED;
}
permissions = permissionController.listPermissionsByScope(PermissionScope.ENVIRONMENT);
Collections.sort(permissions, new Comparator<Permission>() {
@Override
public int compare(Permission o1, Permission o2) {
return o1.getName().compareTo(o2.getName());
}
});
roleEntities = new ArrayList<RoleEntity>();
List<SystemRoleEntity> systemRoleEntities = roleController.listSystemRoleEntities();
List<EnvironmentRoleEntity> environmentRoleEntities = roleController.listEnvironmentRoleEntities();
Collections.sort(environmentRoleEntities, new Comparator<EnvironmentRoleEntity>() {
@Override
public int compare(EnvironmentRoleEntity o1, EnvironmentRoleEntity o2) {
return o1.getArchetype().compareTo(o2.getArchetype());
}
});
for (SystemRoleEntity systemRoleEntity : systemRoleEntities) {
roleEntities.add(systemRoleEntity);
}
for (EnvironmentRoleEntity environmentRoleEntity : environmentRoleEntities) {
roleEntities.add(environmentRoleEntity);
}
return null;
}
Also used :
RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity)
SystemRoleEntity(fi.otavanopisto.muikku.model.users.SystemRoleEntity)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)
Permission(fi.otavanopisto.muikku.model.security.Permission)
SystemRoleEntity(fi.otavanopisto.muikku.model.users.SystemRoleEntity)
RequestAction(org.ocpsoft.rewrite.annotation.RequestAction)
Aggregations
EnvironmentRoleEntity (fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)13
RoleEntity (fi.otavanopisto.muikku.model.users.RoleEntity)5
Permission (fi.otavanopisto.muikku.model.security.Permission)4
EnvironmentUser (fi.otavanopisto.muikku.model.users.EnvironmentUser)4
UserEntity (fi.otavanopisto.muikku.model.users.UserEntity)4
EnvironmentRoleArchetype (fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)3
WorkspaceRoleEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)3
SchoolDataIdentifier (fi.otavanopisto.muikku.schooldata.SchoolDataIdentifier)3
User (fi.otavanopisto.muikku.schooldata.entity.User)3
SchoolDataSource (fi.otavanopisto.muikku.model.base.SchoolDataSource)2
RolePermission (fi.otavanopisto.muikku.model.security.RolePermission)2
SystemRoleEntity (fi.otavanopisto.muikku.model.users.SystemRoleEntity)2
UserSchoolDataIdentifier (fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier)2
WorkspaceRoleArchetype (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)2
MuikkuPermissionCollection (fi.otavanopisto.muikku.security.MuikkuPermissionCollection)2
RESTPermit (fi.otavanopisto.security.rest.RESTPermit)2
ArrayList (java.util.ArrayList)2
Path (javax.ws.rs.Path)2
RequestAction (org.ocpsoft.rewrite.annotation.RequestAction)2
FlagStudent (fi.otavanopisto.muikku.model.users.FlagStudent)1
