Example 96 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class ReviewMgrImpl method rolePermissionAttributeSets.
/**
* {@inheritDoc}
*/
@Override
public List<PermissionAttributeSet> rolePermissionAttributeSets(Role role, boolean noInhertiance) throws SecurityException {
Map<String, PermissionAttributeSet> permAttributeSets = new HashMap<String, PermissionAttributeSet>();
// look through all permissions in the role
List<Permission> permissions = this.rolePermissions(role, noInhertiance);
for (Permission perm : permissions) {
if (CollectionUtils.isNotEmpty(perm.getPaSets())) {
for (String paSetName : perm.getPaSets()) {
if (!permAttributeSets.containsKey(paSetName)) {
PermissionAttributeSet paSet = new PermissionAttributeSet(paSetName);
paSet.setContextId(this.contextId);
PermissionAttributeSet permAttributeSet = permP.read(paSet);
permAttributeSets.put(paSetName, permAttributeSet);
}
}
}
}
return new ArrayList<>(permAttributeSets.values());
}
Also used :
PermissionAttributeSet(org.apache.directory.fortress.core.model.PermissionAttributeSet)
HashMap(java.util.HashMap)
Permission(org.apache.directory.fortress.core.model.Permission)
ArrayList(java.util.ArrayList)
Example 97 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class ReviewMgrImpl method authorizedPermissionRoles.
/**
* {@inheritDoc}
*/
@Override
@AdminPermissionOperation
public Set<String> authorizedPermissionRoles(Permission perm) throws SecurityException {
Set<String> authorizedRoles;
String methodName = "authorizedPermissionRoles";
assertContext(CLS_NM, methodName, perm, GlobalErrIds.PERM_OPERATION_NULL);
checkAccess(CLS_NM, methodName);
// Pull the permission from ldap:
Permission pe = permP.read(perm);
// Get all roles that this permission is authorized for:
authorizedRoles = authorizeRoles(pe.getRoles());
return authorizedRoles;
}
Also used :
Permission(org.apache.directory.fortress.core.model.Permission)
AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)
Example 98 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class Manageable method checkAccess.
/**
* Every Fortress Manager API (e.g. addUser, updateUser, addRole, ...) will perform authorization on behalf of the
* caller IFF the {@link AuditMgrImpl#adminSess} has been set before invocation.
*
* @param className contains the class name.
* @param opName contains operation name.
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation or system error.
*/
protected final void checkAccess(String className, String opName) throws SecurityException {
if (this.adminSess != null) {
Permission perm = new Permission(className, opName);
perm.setContextId(this.contextId);
AdminUtil.checkAccess(this.adminSess, perm, this.contextId);
}
}
Also used :
Permission(org.apache.directory.fortress.core.model.Permission)
Example 99 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class Manageable method setEntitySession.
/**
* Set A/RBAC session on entity and perform authorization on behalf of the caller if the {@link #adminSess} is set.
*
* @param className contains the class name.
* @param opName contains operation name.
* @param entity contains {@link org.apache.directory.fortress.core.model.FortEntity} instance.
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation or system error.
*/
protected final void setEntitySession(String className, String opName, FortEntity entity) throws SecurityException {
entity.setContextId(this.contextId);
if (this.adminSess != null) {
Permission perm = new Permission(className, opName);
perm.setContextId(this.contextId);
AdminUtil.setEntitySession(this.adminSess, perm, entity, this.contextId);
}
}
Also used :
Permission(org.apache.directory.fortress.core.model.Permission)
Aggregations
Permission (org.apache.directory.fortress.core.model.Permission)99
SecurityException (org.apache.directory.fortress.core.SecurityException)58
Role (org.apache.directory.fortress.core.model.Role)24
User (org.apache.directory.fortress.core.model.User)24
AdminMgr (org.apache.directory.fortress.core.AdminMgr)18
UserRole (org.apache.directory.fortress.core.model.UserRole)17
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)16
Session (org.apache.directory.fortress.core.model.Session)12
FortRequest (org.apache.directory.fortress.core.model.FortRequest)11
FortResponse (org.apache.directory.fortress.core.model.FortResponse)11
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)11
ArrayList (java.util.ArrayList)10
FinderException (org.apache.directory.fortress.core.FinderException)10
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)9
AdminRole (org.apache.directory.fortress.core.model.AdminRole)9
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)9
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)9
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)7
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)7
AccessMgr (org.apache.directory.fortress.core.AccessMgr)7
