Examples with MuikkuPermissionCollection fi.otavanopisto.muikku.security.MuikkuPermissionCollection used on opensource projects

Search in sources :

Example 1 with MuikkuPermissionCollection

use of fi.otavanopisto.muikku.security.MuikkuPermissionCollection in project muikku by otavanopisto.

the class PermissionsPluginController method resetPermissions.

public void resetPermissions(Set<RoleEntity> resetRoleEntities) {
    if (CollectionUtils.isEmpty(resetRoleEntities))
        return;
    // TODO Only handles environment and workspace scopes
    for (MuikkuPermissionCollection collection : permissionCollections) {
        logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
        List<String> permissions = collection.listPermissions();
        for (String permissionName : permissions) {
            Permission permission = permissionDAO.findByName(permissionName);
            if (permission != null) {
                try {
                    String permissionScope = collection.getPermissionScope(permissionName);
                    if (permissionScope != null) {
                        if (!PermissionScope.PERSONAL.equals(permissionScope)) {
                            // Current roles
                            String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
                            EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
                            WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
                            List<RoleEntity> currentRoles = new ArrayList<RoleEntity>();
                            if (pseudoRoles != null) {
                                for (String pseudoRole : pseudoRoles) {
                                    RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
                                    if (roleEntity != null) {
                                        currentRoles.add(roleEntity);
                                    }
                                }
                            }
                            if (environmentRoles != null) {
                                for (EnvironmentRoleArchetype environmentRole : environmentRoles) {
                                    List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(environmentRole);
                                    currentRoles.addAll(envRoles);
                                }
                            }
                            if (workspaceRoles != null) {
                                for (WorkspaceRoleArchetype workspaceRole : workspaceRoles) {
                                    List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(workspaceRole);
                                    currentRoles.addAll(wsRoles);
                                }
                            }
                            logger.info(String.format("Permission %s applies to %d roles", permissionName, currentRoles.size()));
                            if (PermissionScope.ENVIRONMENT.equals(permissionScope) || PermissionScope.WORKSPACE.equals(permissionScope)) {
                                List<RolePermission> databasePermissions = rolePermissionDAO.listByPermission(permission);
                                removeNonHandledRoles(currentRoles, databasePermissions, resetRoleEntities);
                                for (RolePermission databasePermission : databasePermissions) {
                                    int index = indexOfRoleEntity(currentRoles, databasePermission);
                                    if (index >= 0) {
                                        currentRoles.remove(index);
                                    } else {
                                        logger.info(String.format("Removing %s from %s", databasePermission.getRole().getName(), permission.getName()));
                                        rolePermissionDAO.delete(databasePermission);
                                    }
                                }
                                for (RoleEntity currentRole : currentRoles) {
                                    logger.info(String.format("Adding environment role %s for %s", currentRole.getName(), permission.getName()));
                                    rolePermissionDAO.create(currentRole, permission);
                                }
                            }
                        }
                    }
                } catch (Exception e) {
                    logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
                }
            }
        }
    }
}
Also used : EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype) MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection) ArrayList(java.util.ArrayList) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission) Permission(fi.otavanopisto.muikku.model.security.Permission) WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission)

Example 2 with MuikkuPermissionCollection

use of fi.otavanopisto.muikku.security.MuikkuPermissionCollection in project muikku by otavanopisto.

the class PermissionsPluginController method processPermissions.

public void processPermissions() {
    logger.log(Level.INFO, "Starting permission gathering");
    for (SystemRoleType systemRoleType : SystemRoleType.values()) {
        if (systemRoleEntityDAO.findByRoleType(systemRoleType) == null)
            systemRoleEntityDAO.create(systemRoleType.name(), systemRoleType);
    }
    for (MuikkuPermissionCollection collection : permissionCollections) {
        logger.log(Level.INFO, "Processing permission collection " + collection.getClass().getSimpleName());
        List<String> permissions = collection.listPermissions();
        for (String permissionName : permissions) {
            Permission permission = permissionDAO.findByName(permissionName);
            if (permission == null) {
                logger.log(Level.INFO, "Recording new permission " + permissionName);
                try {
                    final String permissionScope = collection.getPermissionScope(permissionName);
                    if (permissionScope != null) {
                        permission = permissionDAO.create(permissionName, permissionScope);
                        if (!PermissionScope.PERSONAL.equals(permissionScope)) {
                            String[] pseudoRoles = collection.getDefaultPseudoRoles(permissionName);
                            EnvironmentRoleArchetype[] environmentRoles = collection.getDefaultEnvironmentRoles(permissionName);
                            WorkspaceRoleArchetype[] workspaceRoles = collection.getDefaultWorkspaceRoles(permissionName);
                            List<RoleEntity> roles = new ArrayList<RoleEntity>();
                            if (pseudoRoles != null) {
                                for (String pseudoRole : pseudoRoles) {
                                    RoleEntity roleEntity = roleEntityDAO.findByName(pseudoRole);
                                    if (roleEntity != null)
                                        roles.add(roleEntity);
                                }
                            }
                            if (environmentRoles != null) {
                                for (EnvironmentRoleArchetype envRole : environmentRoles) {
                                    List<EnvironmentRoleEntity> envRoles = environmentRoleEntityDAO.listByArchetype(envRole);
                                    roles.addAll(envRoles);
                                }
                            }
                            if (workspaceRoles != null) {
                                for (WorkspaceRoleArchetype arc : workspaceRoles) {
                                    List<WorkspaceRoleEntity> wsRoles = workspaceRoleEntityDAO.listByArchetype(arc);
                                    roles.addAll(wsRoles);
                                }
                            }
                            switch(permissionScope) {
                                case PermissionScope.ENVIRONMENT:
                                case PermissionScope.WORKSPACE:
                                    for (RoleEntity role : roles) {
                                        rolePermissionDAO.create(role, permission);
                                    }
                                    break;
                                case PermissionScope.USERGROUP:
                                    List<UserGroupEntity> userGroups = userGroupDAO.listAll();
                                    for (RoleEntity role : roles) {
                                        // TODO Workspace creation & templates - is this necessary and bulletproof?
                                        for (UserGroupEntity userGroup : userGroups) {
                                            userGroupRolePermissionDAO.create(userGroup, role, permission);
                                        }
                                    }
                                    break;
                                default:
                                    permissionDiscoveredEvent.select(new PermissionScopeBinding() {

                                        private static final long serialVersionUID = 9009824962970938515L;

                                        @Override
                                        public String value() {
                                            return permissionScope;
                                        }
                                    }).fire(new PermissionDiscoveredEvent(permission));
                                    break;
                            }
                        }
                    } else
                        logger.log(Level.WARNING, "PermissionScope null for " + permissionName);
                } catch (Exception e) {
                    logger.log(Level.SEVERE, "Permission handling failed for " + permissionName);
                }
            }
        }
    }
    logger.log(Level.INFO, "Finished permission gathering");
}
Also used : EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) EnvironmentRoleArchetype(fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype) SystemRoleType(fi.otavanopisto.muikku.model.users.SystemRoleType) MuikkuPermissionCollection(fi.otavanopisto.muikku.security.MuikkuPermissionCollection) ArrayList(java.util.ArrayList) UserGroupEntity(fi.otavanopisto.muikku.model.users.UserGroupEntity) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RoleEntity(fi.otavanopisto.muikku.model.users.RoleEntity) EnvironmentRoleEntity(fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity) WorkspaceRoleEntity(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity) RolePermission(fi.otavanopisto.muikku.model.security.RolePermission) Permission(fi.otavanopisto.muikku.model.security.Permission) WorkspaceRoleArchetype(fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)

Aggregations

Permission (fi.otavanopisto.muikku.model.security.Permission)2 RolePermission (fi.otavanopisto.muikku.model.security.RolePermission)2 EnvironmentRoleArchetype (fi.otavanopisto.muikku.model.users.EnvironmentRoleArchetype)2 EnvironmentRoleEntity (fi.otavanopisto.muikku.model.users.EnvironmentRoleEntity)2 RoleEntity (fi.otavanopisto.muikku.model.users.RoleEntity)2 WorkspaceRoleArchetype (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleArchetype)2 WorkspaceRoleEntity (fi.otavanopisto.muikku.model.workspace.WorkspaceRoleEntity)2 MuikkuPermissionCollection (fi.otavanopisto.muikku.security.MuikkuPermissionCollection)2 ArrayList (java.util.ArrayList)2 SystemRoleType (fi.otavanopisto.muikku.model.users.SystemRoleType)1 UserGroupEntity (fi.otavanopisto.muikku.model.users.UserGroupEntity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial