Example 6 with AuthorizationException
use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.
the class RDBMDistributedLayoutStore method importLayout.
@Override
@SuppressWarnings("unchecked")
@Transactional
public void importLayout(org.dom4j.Element layout) {
if (layout.getNamespaceForPrefix("dlm") == null) {
layout.add(new Namespace("dlm", Constants.NS_URI));
}
// Remove comments from the DOM they break import
final List<org.dom4j.Node> comments = layout.selectNodes("//comment()");
for (final org.dom4j.Node comment : comments) {
comment.detach();
}
// Get a ref to the prefs element and then remove it from the layout
final org.dom4j.Node preferencesElement = layout.selectSingleNode("preferences");
if (preferencesElement != null) {
preferencesElement.getParent().remove(preferencesElement);
}
final String ownerUsername = layout.valueOf("@username");
// Get a ref to the profile element and then remove it from the layout
final org.dom4j.Node profileElement = layout.selectSingleNode("profile");
if (profileElement != null) {
profileElement.getParent().remove(profileElement);
final org.dom4j.Document profileDocument = new org.dom4j.DocumentFactory().createDocument();
profileDocument.setRootElement((org.dom4j.Element) profileElement);
profileDocument.setName(ownerUsername + ".profile");
final DocumentSource profileSource = new DocumentSource(profileElement);
this.portalDataHandlerService.importData(profileSource);
}
final IPerson person = new PersonImpl();
person.setUserName(ownerUsername);
int ownerId;
try {
// Can't just pass true for create here, if the user actually exists the create flag
// also updates the user data
ownerId = this.userIdentityStore.getPortalUID(person);
} catch (final AuthorizationException t) {
if (this.errorOnMissingUser) {
throw new RuntimeException("Unrecognized user " + person.getUserName() + "; you must import users before their layouts or set org.apereo.portal.io.layout.errorOnMissingUser to false.", t);
}
// Create the missing user
ownerId = this.userIdentityStore.getPortalUID(person, true);
}
if (ownerId == -1) {
throw new RuntimeException("Unrecognized user " + person.getUserName() + "; you must import users before their layouts or set org.apereo.portal.io.layout.errorOnMissingUser to false.");
}
person.setID(ownerId);
IUserProfile profile = null;
try {
person.setSecurityContext(new BrokenSecurityContext());
profile = this.getUserProfileByFname(person, "default");
} catch (final Throwable t) {
throw new RuntimeException("Failed to load profile for " + person.getUserName() + "; This user must have a profile for import to continue.", t);
}
// (6) Add database Ids & (5) Add dlm:plfID ...
int nextId = 1;
for (final Iterator<org.dom4j.Element> it = (Iterator<org.dom4j.Element>) layout.selectNodes("folder | dlm:* | channel").iterator(); it.hasNext(); ) {
nextId = this.addIdAttributesIfNecessary(it.next(), nextId);
}
// Now update UP_USER...
this.jdbcOperations.update("UPDATE up_user SET next_struct_id = ? WHERE user_id = ?", nextId, person.getID());
// (4) Convert external DLM pathrefs to internal form (noderefs)...
for (final Iterator<org.dom4j.Attribute> itr = (Iterator<org.dom4j.Attribute>) layout.selectNodes("//@dlm:origin").iterator(); itr.hasNext(); ) {
final org.dom4j.Attribute a = itr.next();
final Noderef dlmNoderef = nodeReferenceFactory.getNoderefFromPathref(ownerUsername, a.getValue(), null, true, layout);
if (dlmNoderef != null) {
// Change the value only if we have a valid pathref...
a.setValue(dlmNoderef.toString());
// For dlm:origin only, also use the noderef as the ID attribute...
a.getParent().addAttribute("ID", dlmNoderef.toString());
} else {
// At least insure the value is between 1 and 35 characters
a.setValue(BAD_PATHREF_MESSAGE);
}
}
for (final Iterator<org.dom4j.Attribute> itr = (Iterator<org.dom4j.Attribute>) layout.selectNodes("//@dlm:target").iterator(); itr.hasNext(); ) {
final org.dom4j.Attribute a = itr.next();
final Noderef dlmNoderef = nodeReferenceFactory.getNoderefFromPathref(ownerUsername, a.getValue(), null, true, layout);
// Put in the correct value, or at least insure the value is between 1 and 35 characters
a.setValue(dlmNoderef != null ? dlmNoderef.toString() : BAD_PATHREF_MESSAGE);
}
for (final Iterator<org.dom4j.Attribute> names = (Iterator<org.dom4j.Attribute>) layout.selectNodes("//dlm:*/@name").iterator(); names.hasNext(); ) {
final org.dom4j.Attribute a = names.next();
final String value = a.getValue().trim();
if (!VALID_PATHREF_PATTERN.matcher(value).matches()) {
/* Don't send it to getDlmNoderef if we know in advance it's not
* going to work; saves annoying/misleading log messages and
* possibly some processing. NOTE this is _only_ a problem with
* the name attribute of some dlm:* elements, which seems to go
* unused intentionally in some circumstances
*/
continue;
}
final org.dom4j.Attribute fname = a.getParent().attribute("fname");
Noderef dlmNoderef = null;
if (fname != null) {
dlmNoderef = nodeReferenceFactory.getNoderefFromPathref(ownerUsername, value, fname.getValue(), false, layout);
// Remove the fname attribute now that we're done w/ it...
fname.getParent().remove(fname);
} else {
dlmNoderef = nodeReferenceFactory.getNoderefFromPathref(ownerUsername, value, null, true, layout);
}
// Put in the correct value, or at least insure the value is between 1 and 35 characters
a.setValue(dlmNoderef != null ? dlmNoderef.toString() : BAD_PATHREF_MESSAGE);
}
// (3) Restore chanID attributes on <channel> elements...
for (final Iterator<org.dom4j.Element> it = (Iterator<org.dom4j.Element>) layout.selectNodes("//channel").iterator(); it.hasNext(); ) {
final org.dom4j.Element c = it.next();
final String fname = c.valueOf("@fname");
final IPortletDefinition cd = this.portletDefinitionRegistry.getPortletDefinitionByFname(fname);
if (cd == null) {
final String msg = "No portlet with fname=" + fname + " exists referenced by node " + c.valueOf("@ID") + " from layout for " + ownerUsername;
if (errorOnMissingPortlet) {
throw new IllegalArgumentException(msg);
} else {
logger.warn(msg);
// Remove the bad channel node
c.getParent().remove(c);
}
} else {
c.addAttribute("chanID", String.valueOf(cd.getPortletDefinitionId().getStringId()));
}
}
// (2) Restore locale info...
// (This step doesn't appear to be needed for imports)
// (1) Process structure & theme attributes...
Document layoutDom = null;
try {
final int structureStylesheetId = profile.getStructureStylesheetId();
this.loadStylesheetUserPreferencesAttributes(person, profile, layout, structureStylesheetId, "structure");
final int themeStylesheetId = profile.getThemeStylesheetId();
this.loadStylesheetUserPreferencesAttributes(person, profile, layout, themeStylesheetId, "theme");
// From this point forward we need the user's PLF set as DLM expects it...
for (final Iterator<org.dom4j.Text> it = (Iterator<org.dom4j.Text>) layout.selectNodes("descendant::text()").iterator(); it.hasNext(); ) {
// How many years have we used Java & XML, and this still isn't easy?
final org.dom4j.Text txt = it.next();
if (txt.getText().trim().length() == 0) {
txt.getParent().remove(txt);
}
}
final org.dom4j.Element copy = layout.createCopy();
final org.dom4j.Document doc = this.fac.createDocument(copy);
doc.normalize();
layoutDom = this.writer.get().write(doc);
person.setAttribute(Constants.PLF, layoutDom);
} catch (final Throwable t) {
throw new RuntimeException("Unable to set UserPreferences for user: " + person.getUserName(), t);
}
// Finally store the layout...
try {
this.setUserLayout(person, profile, layoutDom, true, true);
} catch (final Throwable t) {
final String msg = "Unable to persist layout for user: " + ownerUsername;
throw new RuntimeException(msg, t);
}
if (preferencesElement != null) {
final int ownerUserId = this.userIdentityStore.getPortalUserId(ownerUsername);
// TODO this assumes a single layout, when multi-layout support exists portlet entities
// will need to be re-worked to allow for a layout id to be associated with the entity
// track which entities from the user's pre-existing set are touched (all non-touched
// entities will be removed)
final Set<IPortletEntity> oldPortletEntities = new LinkedHashSet<>(this.portletEntityDao.getPortletEntitiesForUser(ownerUserId));
final List<org.dom4j.Element> entries = preferencesElement.selectNodes("entry");
for (final org.dom4j.Element entry : entries) {
final String dlmPathRef = entry.attributeValue("entity");
final String fname = entry.attributeValue("channel");
final String prefName = entry.attributeValue("name");
final Noderef dlmNoderef = nodeReferenceFactory.getNoderefFromPathref(person.getUserName(), dlmPathRef, fname, false, layout);
if (dlmNoderef != null && fname != null) {
final IPortletEntity portletEntity = this.getPortletEntity(fname, dlmNoderef.toString(), ownerUserId);
oldPortletEntities.remove(portletEntity);
final List<IPortletPreference> portletPreferences = portletEntity.getPortletPreferences();
final List<org.dom4j.Element> valueElements = entry.selectNodes("value");
final List<String> values = new ArrayList<>(valueElements.size());
for (final org.dom4j.Element valueElement : valueElements) {
values.add(valueElement.getText());
}
portletPreferences.add(new PortletPreferenceImpl(prefName, false, values.toArray(new String[values.size()])));
this.portletEntityDao.updatePortletEntity(portletEntity);
}
}
// Delete all portlet preferences for entities that were not imported
for (final IPortletEntity portletEntity : oldPortletEntities) {
portletEntity.setPortletPreferences(null);
if (portletEntityRegistry.shouldBePersisted(portletEntity)) {
this.portletEntityDao.updatePortletEntity(portletEntity);
} else {
this.portletEntityDao.deletePortletEntity(portletEntity);
}
}
}
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
IPortletPreference(org.apereo.portal.portlet.om.IPortletPreference)
AuthorizationException(org.apereo.portal.AuthorizationException)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Document(org.w3c.dom.Document)
IPerson(org.apereo.portal.security.IPerson)
IPortletEntity(org.apereo.portal.portlet.om.IPortletEntity)
Iterator(java.util.Iterator)
PortletPreferenceImpl(org.apereo.portal.portlet.dao.jpa.PortletPreferenceImpl)
IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition)
Namespace(org.dom4j.Namespace)
PersonImpl(org.apereo.portal.security.provider.PersonImpl)
DocumentSource(org.dom4j.io.DocumentSource)
IUserProfile(org.apereo.portal.IUserProfile)
BrokenSecurityContext(org.apereo.portal.security.provider.BrokenSecurityContext)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 7 with AuthorizationException
use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.
the class RDBMPermissionImpl method add.
/**
* Add the IPermission to the store.
*
* @param perm org.apereo.portal.security.IPermission
* @exception AuthorizationException - wraps an Exception specific to the store.
*/
@Override
public void add(IPermission perm) throws AuthorizationException {
Connection conn = null;
int rc = 0;
try {
conn = RDBMServices.getConnection();
String sQuery = getInsertPermissionSql();
PreparedStatement ps = conn.prepareStatement(sQuery);
try {
primAdd(perm, ps);
if (log.isDebugEnabled())
log.debug("RDBMPermissionImpl.add(): " + ps);
rc = ps.executeUpdate();
if (rc != 1) {
throw new AuthorizationException("Problem adding Permission " + perm);
}
} finally {
ps.close();
}
} catch (Exception ex) {
log.error("Exception adding permission [" + perm + "]", ex);
throw new AuthorizationException("Problem adding Permission " + perm);
} finally {
RDBMServices.releaseConnection(conn);
}
}
Also used :
AuthorizationException(org.apereo.portal.AuthorizationException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
AuthorizationException(org.apereo.portal.AuthorizationException)
SQLException(java.sql.SQLException)
Example 8 with AuthorizationException
use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.
the class RDBMPermissionImpl method update.
/**
* Update a single IPermission in the store.
*
* @param perm org.apereo.portal.security.IPermission
* @exception AuthorizationException - wraps an Exception specific to the store.
*/
@Override
public void update(IPermission perm) throws AuthorizationException {
Connection conn = null;
try {
conn = RDBMServices.getConnection();
String sQuery = getUpdatePermissionSql();
if (log.isDebugEnabled())
log.debug("RDBMPermissionImpl.update(): " + sQuery);
PreparedStatement ps = conn.prepareStatement(sQuery);
try {
primUpdate(perm, ps);
} finally {
ps.close();
}
} catch (Exception ex) {
log.error("Exception updating permission [" + perm + "]", ex);
throw new AuthorizationException("Problem updating Permission " + perm);
} finally {
RDBMServices.releaseConnection(conn);
}
}
Also used :
AuthorizationException(org.apereo.portal.AuthorizationException)
Connection(java.sql.Connection)
PreparedStatement(java.sql.PreparedStatement)
AuthorizationException(org.apereo.portal.AuthorizationException)
SQLException(java.sql.SQLException)
Example 9 with AuthorizationException
use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.
the class RDBMPermissionImpl method select.
/**
* Select the Permissions from the store.
*
* @param owner String - the Permission owner
* @param principal String - the Permission principal
* @param activity String - the Permission activity
* @exception AuthorizationException - wraps an Exception specific to the store.
*/
@Override
public IPermission[] select(String owner, String principal, String activity, String target, String type) throws AuthorizationException {
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
List<IPermission> perms = new ArrayList<IPermission>();
String query = getSelectQuery(owner, principal, activity, target, type);
try {
conn = RDBMServices.getConnection();
stmt = conn.prepareStatement(query);
prepareSelectQuery(stmt, owner, principal, activity, target, type);
try {
rs = stmt.executeQuery();
try {
while (rs.next()) {
perms.add(instanceFromResultSet(rs));
}
} finally {
rs.close();
}
} finally {
stmt.close();
}
} catch (SQLException sqle) {
log.error("Problem retrieving permissions", sqle);
throw new AuthorizationException("Problem retrieving Permissions [" + sqle.getMessage() + "] for query=[" + query + "] for owner=[" + owner + "] and principal=[" + principal + "] and activity=[" + activity + "] and target=[" + target + "] and type=[" + type + "]", sqle);
} finally {
RDBMServices.releaseConnection(conn);
}
if (log.isTraceEnabled()) {
log.trace("RDBMPermissionImpl.select(): [" + query + "] for owner=[" + owner + "] and principal=[" + principal + "] and activity=[" + activity + "] and target=[" + target + "] and type=[" + type + "] returned permissions [" + perms + "]");
}
return ((IPermission[]) perms.toArray(new IPermission[perms.size()]));
}
Also used :
SQLException(java.sql.SQLException)
AuthorizationException(org.apereo.portal.AuthorizationException)
IPermission(org.apereo.portal.security.IPermission)
Connection(java.sql.Connection)
ResultSet(java.sql.ResultSet)
ArrayList(java.util.ArrayList)
PreparedStatement(java.sql.PreparedStatement)
Example 10 with AuthorizationException
use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.
the class AuthorizationTester method initializeAuthorizationService.
/** Create an implementation of IAuthorizationService. */
private void initializeAuthorizationService() throws AuthorizationException {
// Get the security properties file
java.io.InputStream secprops = AuthorizationService.class.getResourceAsStream("/properties/security.properties");
// Get the properties from the security properties file
Properties pr = new Properties();
String s_factoryName = null;
try {
pr.load(secprops);
// Look for our authorization factory and instantiate an instance of it or die trying.
if ((s_factoryName = pr.getProperty("authorizationProvider")) == null) {
print("ERROR: AuthorizationProvider not specified or incorrect in security.properties");
} else {
try {
IAuthorizationServiceFactory factory = (IAuthorizationServiceFactory) Class.forName(s_factoryName).newInstance();
authorizationService = factory.getAuthorization();
} catch (Exception e) {
print("ERROR: Failed to instantiate " + s_factoryName);
}
}
} catch (IOException e) {
print("ERROR: " + e.getMessage());
} finally {
try {
if (secprops != null)
secprops.close();
} catch (IOException ioe) {
print(new PortalSecurityException(ioe.getMessage()).toString());
}
}
}
Also used :
IAuthorizationServiceFactory(org.apereo.portal.security.IAuthorizationServiceFactory)
IOException(java.io.IOException)
Properties(java.util.Properties)
PortalSecurityException(org.apereo.portal.security.PortalSecurityException)
IOException(java.io.IOException)
AuthorizationException(org.apereo.portal.AuthorizationException)
PortalSecurityException(org.apereo.portal.security.PortalSecurityException)
Aggregations
AuthorizationException (org.apereo.portal.AuthorizationException)18
Connection (java.sql.Connection)5
PreparedStatement (java.sql.PreparedStatement)5
SQLException (java.sql.SQLException)5
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)5
IPerson (org.apereo.portal.security.IPerson)5
ArrayList (java.util.ArrayList)4
RequestCache (org.apereo.portal.concurrency.caching.RequestCache)4
Iterator (java.util.Iterator)3
GroupsException (org.apereo.portal.groups.GroupsException)2
IPortletEntity (org.apereo.portal.portlet.om.IPortletEntity)2
PortletLifecycleState (org.apereo.portal.portlet.om.PortletLifecycleState)2
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)2
PortalSecurityException (org.apereo.portal.security.PortalSecurityException)2
PersonImpl (org.apereo.portal.security.provider.PersonImpl)2
Document (org.w3c.dom.Document)2
IOException (java.io.IOException)1
ResultSet (java.sql.ResultSet)1
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
