Search in sources :

Example 1 with EveryonePrincipal

use of org.apache.jackrabbit.core.security.principal.EveryonePrincipal in project pentaho-platform by pentaho.

the class TestPrincipalProvider method init.

// ~ Methods
// =========================================================================================================
/**
 * {@inheritDoc}
 */
@Override
public void init(Properties options) {
    adminId = options.getProperty(KEY_ADMIN_ID, SecurityConstants.ADMIN_ID);
    adminPrincipal = new AdminPrincipal(adminId);
    adminRole = options.getProperty(KEY_ADMIN_ROLE, SecurityConstants.ADMINISTRATORS_NAME);
    adminRolePrincipal = new SpringSecurityRolePrincipal(adminRole);
    anonymousId = options.getProperty(KEY_ANONYMOUS_ID, SecurityConstants.ANONYMOUS_ID);
    principals.put(adminId, adminPrincipal);
    principals.put(adminRole, adminRolePrincipal);
    ArrayList<SpringSecurityRolePrincipal> assignedAdminRoles = new ArrayList<SpringSecurityRolePrincipal>();
    assignedAdminRoles.add(adminRolePrincipal);
    roleAssignments.put(adminId, assignedAdminRoles);
    principals.put(anonymousId, anonymousPrincipal);
    EveryonePrincipal everyone = EveryonePrincipal.getInstance();
    principals.put(everyone.getName(), everyone);
}
Also used : AdminPrincipal(org.apache.jackrabbit.core.security.principal.AdminPrincipal) ArrayList(java.util.ArrayList) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal)

Example 2 with EveryonePrincipal

use of org.apache.jackrabbit.core.security.principal.EveryonePrincipal in project pentaho-platform by pentaho.

the class SpringSecurityPrincipalProvider method getGroupMembership.

/**
 * {@inheritDoc}
 * <p/>
 * <p> Called from {@code AbstractLoginModule.getPrincipals()} </p>
 */
public PrincipalIterator getGroupMembership(final Principal principal) {
    checkInitialized();
    Assert.notNull(principal);
    // first handle anonymous and everyone specially
    Set<Principal> groups = new HashSet<Principal>();
    if (principal instanceof AnonymousPrincipal) {
        return PrincipalIteratorAdapter.EMPTY;
    } else if (principal instanceof EveryonePrincipal) {
        return PrincipalIteratorAdapter.EMPTY;
    }
    // metadata principals never have group membership
    if (!(principal instanceof Group) && !(principal instanceof AdminPrincipal) && !(principal instanceof AclMetadataPrincipal)) {
        UserDetails user = internalGetUserDetails(principal.getName());
        if (user == null) {
            return new PrincipalIteratorAdapter(groups);
        }
        for (final GrantedAuthority role : user.getAuthorities()) {
            final String roleAuthority = role.getAuthority();
            Principal fromCache;
            if (cacheManager == null) {
                fromCache = null;
            } else {
                fromCache = (Principal) cacheManager.getFromRegionCache(ROLE_CACHE_REGION, roleAuthority);
            }
            if (fromCache != null) {
                groups.add(fromCache);
            } else {
                groups.add(createSpringSecurityRolePrincipal(roleAuthority));
            }
        }
    }
    groups.add(EveryonePrincipal.getInstance());
    if (logger.isTraceEnabled()) {
        // $NON-NLS-1$ //$NON-NLS-2$
        logger.trace("group membership for principal=" + principal + " is " + groups);
    }
    return new PrincipalIteratorAdapter(groups);
}
Also used : Group(java.security.acl.Group) AdminPrincipal(org.apache.jackrabbit.core.security.principal.AdminPrincipal) AclMetadataPrincipal(org.pentaho.platform.repository2.unified.jcr.JcrAclMetadataStrategy.AclMetadataPrincipal) UserDetails(org.springframework.security.core.userdetails.UserDetails) AnonymousPrincipal(org.apache.jackrabbit.core.security.AnonymousPrincipal) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) PrincipalIteratorAdapter(org.apache.jackrabbit.core.security.principal.PrincipalIteratorAdapter) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) AnonymousPrincipal(org.apache.jackrabbit.core.security.AnonymousPrincipal) UserPrincipal(org.apache.jackrabbit.core.security.UserPrincipal) AclMetadataPrincipal(org.pentaho.platform.repository2.unified.jcr.JcrAclMetadataStrategy.AclMetadataPrincipal) AdminPrincipal(org.apache.jackrabbit.core.security.principal.AdminPrincipal) Principal(java.security.Principal) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) HashSet(java.util.HashSet)

Example 3 with EveryonePrincipal

use of org.apache.jackrabbit.core.security.principal.EveryonePrincipal in project pentaho-platform by pentaho.

the class TestPrincipalProvider method getGroupMembership.

/**
 * {@inheritDoc}
 *
 * <p>
 * Called from {@code AbstractLoginModule.getPrincipals()}
 * </p>
 */
@Override
public PrincipalIterator getGroupMembership(Principal principal) {
    if (principal instanceof EveryonePrincipal) {
        return PrincipalIteratorAdapter.EMPTY;
    }
    if (principal instanceof AclMetadataPrincipal) {
        return PrincipalIteratorAdapter.EMPTY;
    }
    Set<Principal> principals = new HashSet<Principal>(roleAssignments.containsKey(principal.getName()) ? roleAssignments.get(principal.getName()) : new HashSet<Principal>());
    principals.add(EveryonePrincipal.getInstance());
    if (principal instanceof AdminPrincipal) {
        principals.add(adminRolePrincipal);
    } else if (principal instanceof UserPrincipal) {
        if (userRoleDao != null) {
            List<IPentahoRole> roles;
            try {
                roles = userRoleDao.getUserRoles(null, principal.getName());
                for (IPentahoRole role : roles) {
                    principals.add(new SpringSecurityRolePrincipal(tenantedRoleNameUtils.getPrincipleId(role.getTenant(), role.getName())));
                }
            } catch (Exception e) {
                roles = userRoleDao.getUserRoles(null, principal.getName());
                for (IPentahoRole role : roles) {
                    principals.add(new SpringSecurityRolePrincipal(tenantedRoleNameUtils.getPrincipleId(role.getTenant(), role.getName())));
                }
            }
        } else {
            if (principal.getName() != null && (principal.getName().startsWith("admin") || principal.getName().startsWith("suzy") || principal.getName().startsWith("tiffany"))) {
                ITenant tenant = tenantedUserNameUtils.getTenant(principal.getName());
                principals.add(new SpringSecurityRolePrincipal(tenantedRoleNameUtils.getPrincipleId(tenant, "Authenticated")));
            }
            if (principal.getName() != null && principal.getName().startsWith("admin")) {
                ITenant tenant = tenantedUserNameUtils.getTenant(principal.getName());
                principals.add(new SpringSecurityRolePrincipal(tenantedRoleNameUtils.getPrincipleId(tenant, "TenantAdmin")));
            }
            if (principal.getName() != null && principal.getName().startsWith("super")) {
                ITenant tenant = tenantedUserNameUtils.getTenant(principal.getName());
                principals.add(new SpringSecurityRolePrincipal(tenantedRoleNameUtils.getPrincipleId(tenant, "SysAdmin")));
            }
        }
    }
    return new PrincipalIteratorAdapter(principals);
}
Also used : PrincipalIteratorAdapter(org.apache.jackrabbit.core.security.principal.PrincipalIteratorAdapter) UserPrincipal(org.apache.jackrabbit.core.security.UserPrincipal) NoSuchWorkspaceException(javax.jcr.NoSuchWorkspaceException) RepositoryException(javax.jcr.RepositoryException) LoginException(javax.jcr.LoginException) AclMetadataPrincipal(org.pentaho.platform.repository2.unified.jcr.JcrAclMetadataStrategy.AclMetadataPrincipal) AdminPrincipal(org.apache.jackrabbit.core.security.principal.AdminPrincipal) ITenant(org.pentaho.platform.api.mt.ITenant) ArrayList(java.util.ArrayList) List(java.util.List) IPentahoRole(org.pentaho.platform.api.engine.security.userroledao.IPentahoRole) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) AnonymousPrincipal(org.apache.jackrabbit.core.security.AnonymousPrincipal) UserPrincipal(org.apache.jackrabbit.core.security.UserPrincipal) AclMetadataPrincipal(org.pentaho.platform.repository2.unified.jcr.JcrAclMetadataStrategy.AclMetadataPrincipal) AdminPrincipal(org.apache.jackrabbit.core.security.principal.AdminPrincipal) Principal(java.security.Principal) HashSet(java.util.HashSet)

Aggregations

AdminPrincipal (org.apache.jackrabbit.core.security.principal.AdminPrincipal)3 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)3 Principal (java.security.Principal)2 ArrayList (java.util.ArrayList)2 HashSet (java.util.HashSet)2 AnonymousPrincipal (org.apache.jackrabbit.core.security.AnonymousPrincipal)2 UserPrincipal (org.apache.jackrabbit.core.security.UserPrincipal)2 PrincipalIteratorAdapter (org.apache.jackrabbit.core.security.principal.PrincipalIteratorAdapter)2 AclMetadataPrincipal (org.pentaho.platform.repository2.unified.jcr.JcrAclMetadataStrategy.AclMetadataPrincipal)2 Group (java.security.acl.Group)1 List (java.util.List)1 LoginException (javax.jcr.LoginException)1 NoSuchWorkspaceException (javax.jcr.NoSuchWorkspaceException)1 RepositoryException (javax.jcr.RepositoryException)1 IPentahoRole (org.pentaho.platform.api.engine.security.userroledao.IPentahoRole)1 ITenant (org.pentaho.platform.api.mt.ITenant)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1 UserDetails (org.springframework.security.core.userdetails.UserDetails)1