Examples with AuthorizationException org.apereo.portal.AuthorizationException used on opensource projects

Example 11 with AuthorizationException

use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.

the class FragmentActivator method bindToOwner.

private IPerson bindToOwner(FragmentDefinition fragment) {
    IPerson owner = new PersonImpl();
    owner.setAttribute("username", fragment.getOwnerId());
    int userID = -1;
    try {
        userID = identityStore.getPortalUID(owner, false);
    } catch (AuthorizationException ae) {
    // current implementation of RDMBUserIdentityStore throws an
    // auth exception if the user doesn't exist even if
    // create data is false as we have it here. So this exception
    // can be discarded since we check for the userID being -1
    // meaning that the user wasn't found to trigger creating
    // that user.
    }
    if (userID == -1) {
        userID = createOwner(owner, fragment);
        owner.setAttribute(NEWLY_CREATED_ATTR, "" + (userID != -1));
    }
    owner.setID(userID);
    return owner;
}

Example 12 with AuthorizationException

use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.

the class AuthorizationTester method initializePermissionStore.

/**
 * Create an implementation of IPermissionStore.
 */
private void initializePermissionStore() throws AuthorizationException {
    String eMsg = null;
    String factoryName = PropertiesManager.getProperty("org.apereo.portal.security.IPermissionStore.implementation");
    if (factoryName == null) {
        eMsg = "AuthorizationTester.initializePermissionStore(): No entry for org.apereo.portal.security.IPermissionStore.implementation portal.properties.";
        print(eMsg);
        throw new AuthorizationException(eMsg);
    }
    try {
        permissionStore = (IPermissionStore) Class.forName(factoryName).newInstance();
    } catch (Exception e) {
        eMsg = "AuthorizationTester.initializePermissionStore(): Problem creating permission store... " + e.getMessage();
        print(eMsg);
        throw new AuthorizationException(eMsg);
    }
}

Example 13 with AuthorizationException

use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.

the class FragmentListController method listFragments.

/**
 * Returns a model of fragments --> List<FragmentBean> , sorted by precedence (default) or by
 * fragment name depending on sort parameter, to be rendered by the jsonView.
 *
 * @param req the servlet request, bound via SpringWebMVC to GET method invocations of this
 *     controller.
 * @param sortParam PRECEDENCE, NAME, or null.
 * @return ModelAndView with a List of FragmentBeans to be rendered by the jsonView.
 * @throws ServletException on Exception in underlying attempt to get at the fragments
 * @throws AuthorizationException if request is for any user other than a Portal Administrator.
 * @throws IllegalArgumentException if sort parameter has an unrecognized value
 */
@RequestMapping(method = RequestMethod.GET)
public ModelAndView listFragments(HttpServletRequest req, @RequestParam(value = "sort", required = false) String sortParam) throws ServletException {
    // Verify that the user is allowed to use this service
    IPerson user = personManager.getPerson(req);
    if (!AdminEvaluator.isAdmin(user)) {
        throw new AuthorizationException("User " + user.getUserName() + " not an administrator.");
    }
    Map<String, Document> fragmentLayoutMap = null;
    if (userLayoutStore != null) {
        try {
            fragmentLayoutMap = userLayoutStore.getFragmentLayoutCopies();
        } catch (Exception e) {
            String msg = "Failed to access fragment layouts";
            log.error(msg, e);
            throw new ServletException(msg, e);
        }
    }
    List<FragmentBean> fragments = new ArrayList<FragmentBean>();
    for (FragmentDefinition frag : dlmConfig.getFragments()) {
        Document layout = fragmentLayoutMap != null ? fragmentLayoutMap.get(frag.getOwnerId()) : null;
        List<String> portlets = null;
        if (layout != null) {
            portlets = new ArrayList<String>();
            NodeList channelFNames = this.xpathOperations.evaluate(CHANNEL_FNAME_XPATH, layout, XPathConstants.NODESET);
            for (int i = 0; i < channelFNames.getLength(); i++) {
                String fname = channelFNames.item(i).getTextContent();
                IPortletDefinition pDef = portletRegistry.getPortletDefinitionByFname(fname);
                if (null != pDef) {
                    portlets.add(pDef.getTitle());
                }
            }
        }
        fragments.add(FragmentBean.create(frag, portlets));
    }
    // Determine & follow sorting preference...
    Sort sort = DEFAULT_SORT;
    if (sortParam != null) {
        sort = Sort.valueOf(sortParam);
    }
    Collections.sort(fragments, sort.getComparator());
    return new ModelAndView("jsonView", "fragments", fragments);
}

Example 14 with AuthorizationException

use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.

the class AuthorizationImpl method getInheritedPrincipals.

/**
 * Hook into the Groups system, find all containing groups, and convert the them to <code>
 * IAuthorizationPrincipals</code>.
 *
 * @param principal - org.apereo.portal.security.IAuthorizationPrincipal
 * @return java.util.Iterator over Collection of IEntityGroups
 */
private Iterator getInheritedPrincipals(IAuthorizationPrincipal principal) throws AuthorizationException {
    Iterator i = null;
    ArrayList<IAuthorizationPrincipal> al = new ArrayList<>(5);
    try {
        i = getGroupsForPrincipal(principal);
    } catch (GroupsException ge) {
        throw new AuthorizationException("Could not retrieve Groups for " + principal, ge);
    }
    while (i.hasNext()) {
        IEntityGroup group = (IEntityGroup) i.next();
        IAuthorizationPrincipal p = getPrincipalForGroup(group);
        al.add(p);
    }
    return al.iterator();
}

Example 15 with AuthorizationException

use of org.apereo.portal.AuthorizationException in project uPortal by Jasig.

the class AuthorizationImpl method canPrincipalBrowse.

@Override
@RequestCache
public boolean canPrincipalBrowse(IAuthorizationPrincipal principal, IPortletDefinition portlet) {
    String owner = IPermission.PORTAL_SUBSCRIBE;
    String target = PermissionHelper.permissionTargetIdForPortletDefinition(portlet);
    PortletLifecycleState state = portlet.getLifecycleState();
    /*
         * Each channel lifecycle state now has its own browse permission.  The
         * following logic checks the appropriate permission for the lifecycle.
         */
    String permission;
    if (state.equals(PortletLifecycleState.PUBLISHED) || state.equals(PortletLifecycleState.MAINTENANCE)) {
        // NB:  There is no separate BROWSE permission for MAINTENANCE
        // mode;  everyone simply sees the 'out of service' message
        permission = IPermission.PORTLET_BROWSE_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.APPROVED)) {
        permission = IPermission.PORTLET_BROWSE_APPROVED_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.CREATED)) {
        permission = IPermission.PORTLET_BROWSE_CREATED_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.EXPIRED)) {
        permission = IPermission.PORTLET_BROWSE_EXPIRED_ACTIVITY;
    } else {
        throw new AuthorizationException("Unrecognized lifecycle state for channel " + portlet.getPortletDefinitionId().getStringId());
    }
    // Test the appropriate permission.
    return doesPrincipalHavePermission(principal, owner, permission, target);
}