use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class MapBackedEntityCache method add.
/* (non-Javadoc)
* @see org.apereo.portal.concurrency.IEntityCache#add(org.apereo.portal.IBasicEntity)
*/
@Override
public void add(IBasicEntity entity) throws CachingException {
final EntityIdentifier entityIdentifier = entity.getEntityIdentifier();
final Class<? extends IBasicEntity> addType = entityIdentifier.getType();
if (!this.entityType.isAssignableFrom(addType)) {
throw new CachingException("Problem adding " + entity + ": entity type '" + addType + "' is incompatible with cache type '" + this.entityType + "'.");
}
this.cache.put(entityIdentifier.getKey(), entity);
}
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class PortletRendererImpl method enforceConfigPermission.
/**
* Enforces config mode access control. If requesting user does not have CONFIG permission, and
* the PortletWindow specifies config mode, throws AuthorizationException. Otherwise does
* nothing.
*
* @param httpServletRequest the non-null current HttpServletRequest (for determining requesting
* user)
* @param portletWindow a non-null portlet window that might be in config mode
* @throws AuthorizationException if the user is not permitted to access config mode yet portlet
* window specifies config mode
* @throws java.lang.IllegalArgumentException if the request or window are null
* @since 4.0.13.1, 4.0.14, 4.1.
*/
protected void enforceConfigPermission(final HttpServletRequest httpServletRequest, final IPortletWindow portletWindow) {
Validate.notNull(httpServletRequest, "Servlet request must not be null to determine remote user.");
Validate.notNull(portletWindow, "Portlet window must not be null to determine its mode.");
final PortletMode portletMode = portletWindow.getPortletMode();
if (portletMode != null) {
if (IPortletRenderer.CONFIG.equals(portletMode)) {
final IPerson person = this.personManager.getPerson(httpServletRequest);
final EntityIdentifier ei = person.getEntityIdentifier();
final AuthorizationServiceFacade authorizationServiceFacade = AuthorizationServiceFacade.instance();
final IAuthorizationPrincipal ap = authorizationServiceFacade.newPrincipal(ei.getKey(), ei.getType());
final IPortletEntity portletEntity = portletWindow.getPortletEntity();
final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {
logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode. " + "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW. " + "You should probably figure out who this user is and why they are trying to access " + "unauthorized portlet modes.", person.getUserName(), portletDefinition.getFName(), portletMode);
throw new AuthorizationException(person.getUserName() + " does not have permission to render '" + portletDefinition.getFName() + "' in " + portletMode + " PortletMode.");
}
}
}
}
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class PortletErrorController method hasAdminPrivileges.
/**
* @return true if the userInstance argument has administrative privileges regarding viewing
* error details
*/
protected boolean hasAdminPrivileges(IUserInstance userInstance) {
EntityIdentifier ei = userInstance.getPerson().getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
return ap.hasPermission(IPermission.ERROR_PORTLET, IPermission.VIEW_ACTIVITY, IPermission.DETAILS_TARGET);
}
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class ReferenceCompositeGroupService method searchForEntities.
/**
* Find EntityIdentifiers for entities whose name matches the query string according to the
* specified method, is of the specified type and descends from the specified group
*/
public EntityIdentifier[] searchForEntities(String query, int method, Class type, IEntityGroup ancestor) throws GroupsException {
Set allIds = new HashSet();
for (Iterator services = getComponentServices().values().iterator(); services.hasNext(); ) {
IIndividualGroupService service = (IIndividualGroupService) services.next();
EntityIdentifier[] ids = service.searchForEntities(query, method, type, ancestor);
for (int i = 0; i < ids.length; i++) {
allIds.add(ids[i]);
}
}
return (EntityIdentifier[]) allIds.toArray(new EntityIdentifier[allIds.size()]);
}
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class ReferenceCompositeGroupService method searchForGroups.
/**
* Find EntityIdentifiers for groups whose name matches the query string according to the
* specified method and matches the provided leaf type
*/
public EntityIdentifier[] searchForGroups(String query, int method, Class leaftype) throws GroupsException {
Set allIds = new HashSet();
for (Iterator services = getComponentServices().values().iterator(); services.hasNext(); ) {
IIndividualGroupService service = (IIndividualGroupService) services.next();
EntityIdentifier[] ids = service.searchForGroups(query, method, leaftype);
for (int i = 0; i < ids.length; i++) {
try {
CompositeEntityIdentifier cei = new CompositeEntityIdentifier(ids[i].getKey(), ids[i].getType());
cei.setServiceName(service.getServiceName());
allIds.add(cei);
} catch (javax.naming.InvalidNameException ine) {
}
}
}
return (EntityIdentifier[]) allIds.toArray(new EntityIdentifier[allIds.size()]);
}
Aggregations