Search in sources :

Example 41 with AdminPermissionOperation

use of org.apache.directory.fortress.annotation.AdminPermissionOperation in project directory-fortress-core by apache.

the class ReviewMgrImpl method assignedRoles.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public List<String> assignedRoles(String userId) throws SecurityException {
    String methodName = "assignedRoles";
    VUtil.assertNotNullOrEmpty(userId, GlobalErrIds.USER_NULL, CLS_NM + "." + methodName);
    checkAccess(CLS_NM, methodName);
    User user = new User(userId);
    user.setContextId(this.contextId);
    return userP.getAssignedRoles(user);
}
Also used : User(org.apache.directory.fortress.core.model.User) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Example 42 with AdminPermissionOperation

use of org.apache.directory.fortress.annotation.AdminPermissionOperation in project directory-fortress-core by apache.

the class ReviewMgrImpl method authorizedRoles.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public Set<String> authorizedRoles(User user) throws SecurityException {
    String methodName = "authorizedRoles";
    assertContext(CLS_NM, methodName, user, GlobalErrIds.USER_NULL);
    checkAccess(CLS_NM, methodName);
    User ue = userP.read(user, true);
    List<UserRole> roles = ue.getRoles();
    Set<String> iRoles = null;
    if (CollectionUtils.isNotEmpty(roles)) {
        iRoles = RoleUtil.getInstance().getInheritedRoles(roles, this.contextId);
    }
    return iRoles;
}
Also used : User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Example 43 with AdminPermissionOperation

use of org.apache.directory.fortress.annotation.AdminPermissionOperation in project directory-fortress-core by apache.

the class ReviewMgrImpl method findRoles.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public List<Role> findRoles(String searchVal) throws SecurityException {
    String methodName = "findRoles";
    VUtil.assertNotNull(searchVal, GlobalErrIds.ROLE_NM_NULL, CLS_NM + "." + methodName);
    checkAccess(CLS_NM, methodName);
    Role role = new Role(searchVal);
    role.setContextId(this.contextId);
    return roleP.search(role);
}
Also used : Role(org.apache.directory.fortress.core.model.Role) UserRole(org.apache.directory.fortress.core.model.UserRole) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Example 44 with AdminPermissionOperation

use of org.apache.directory.fortress.annotation.AdminPermissionOperation in project directory-fortress-core by apache.

the class ReviewMgrImpl method authorizedPermissionRoles.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public Set<String> authorizedPermissionRoles(Permission perm) throws SecurityException {
    Set<String> authorizedRoles;
    String methodName = "authorizedPermissionRoles";
    assertContext(CLS_NM, methodName, perm, GlobalErrIds.PERM_OPERATION_NULL);
    checkAccess(CLS_NM, methodName);
    // Pull the permission from ldap:
    Permission pe = permP.read(perm);
    // Get all roles that this permission is authorized for:
    authorizedRoles = authorizeRoles(pe.getRoles());
    return authorizedRoles;
}
Also used : Permission(org.apache.directory.fortress.core.model.Permission) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Example 45 with AdminPermissionOperation

use of org.apache.directory.fortress.annotation.AdminPermissionOperation in project directory-fortress-core by apache.

the class ReviewMgrImpl method ssdRoleSetRoles.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public Set<String> ssdRoleSetRoles(SDSet ssd) throws SecurityException {
    String methodName = "ssdRoleSetRoles";
    assertContext(CLS_NM, methodName, ssd, GlobalErrIds.SSD_NULL);
    checkAccess(CLS_NM, methodName);
    ssd.setType(SDSet.SDType.STATIC);
    SDSet se = ssdP.read(ssd);
    return se.getMembers();
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Aggregations

AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)54 AdminRole (org.apache.directory.fortress.core.model.AdminRole)18 User (org.apache.directory.fortress.core.model.User)18 UserRole (org.apache.directory.fortress.core.model.UserRole)16 Relationship (org.apache.directory.fortress.core.model.Relationship)15 Role (org.apache.directory.fortress.core.model.Role)15 SDSet (org.apache.directory.fortress.core.model.SDSet)8 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)8 Permission (org.apache.directory.fortress.core.model.Permission)5 OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)4 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)3 SecurityException (org.apache.directory.fortress.core.SecurityException)3 PwPolicy (org.apache.directory.fortress.core.model.PwPolicy)2 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)2 Method (java.lang.reflect.Method)1 ArrayList (java.util.ArrayList)1 AdminMgr (org.apache.directory.fortress.core.AdminMgr)1 DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)1 FinderException (org.apache.directory.fortress.core.FinderException)1 Group (org.apache.directory.fortress.core.model.Group)1