Search in sources :

Example 51 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class MapBackedEntityCache method add.

/* (non-Javadoc)
     * @see org.apereo.portal.concurrency.IEntityCache#add(org.apereo.portal.IBasicEntity)
     */
@Override
public void add(IBasicEntity entity) throws CachingException {
    final EntityIdentifier entityIdentifier = entity.getEntityIdentifier();
    final Class<? extends IBasicEntity> addType = entityIdentifier.getType();
    if (!this.entityType.isAssignableFrom(addType)) {
        throw new CachingException("Problem adding " + entity + ": entity type '" + addType + "' is incompatible with cache type '" + this.entityType + "'.");
    }
    this.cache.put(entityIdentifier.getKey(), entity);
}
Also used : CachingException(org.apereo.portal.concurrency.CachingException) EntityIdentifier(org.apereo.portal.EntityIdentifier)

Example 52 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortletRendererImpl method enforceConfigPermission.

/**
 * Enforces config mode access control. If requesting user does not have CONFIG permission, and
 * the PortletWindow specifies config mode, throws AuthorizationException. Otherwise does
 * nothing.
 *
 * @param httpServletRequest the non-null current HttpServletRequest (for determining requesting
 *     user)
 * @param portletWindow a non-null portlet window that might be in config mode
 * @throws AuthorizationException if the user is not permitted to access config mode yet portlet
 *     window specifies config mode
 * @throws java.lang.IllegalArgumentException if the request or window are null
 * @since 4.0.13.1, 4.0.14, 4.1.
 */
protected void enforceConfigPermission(final HttpServletRequest httpServletRequest, final IPortletWindow portletWindow) {
    Validate.notNull(httpServletRequest, "Servlet request must not be null to determine remote user.");
    Validate.notNull(portletWindow, "Portlet window must not be null to determine its mode.");
    final PortletMode portletMode = portletWindow.getPortletMode();
    if (portletMode != null) {
        if (IPortletRenderer.CONFIG.equals(portletMode)) {
            final IPerson person = this.personManager.getPerson(httpServletRequest);
            final EntityIdentifier ei = person.getEntityIdentifier();
            final AuthorizationServiceFacade authorizationServiceFacade = AuthorizationServiceFacade.instance();
            final IAuthorizationPrincipal ap = authorizationServiceFacade.newPrincipal(ei.getKey(), ei.getType());
            final IPortletEntity portletEntity = portletWindow.getPortletEntity();
            final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
            if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {
                logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode.  " + "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW.  " + "You should probably figure out who this user is and why they are trying to access " + "unauthorized portlet modes.", person.getUserName(), portletDefinition.getFName(), portletMode);
                throw new AuthorizationException(person.getUserName() + " does not have permission to render '" + portletDefinition.getFName() + "' in " + portletMode + " PortletMode.");
            }
        }
    }
}
Also used : IPerson(org.apereo.portal.security.IPerson) AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade) IPortletEntity(org.apereo.portal.portlet.om.IPortletEntity) AuthorizationException(org.apereo.portal.AuthorizationException) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) EntityIdentifier(org.apereo.portal.EntityIdentifier) PortletMode(javax.portlet.PortletMode) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition)

Example 53 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class PortletErrorController method hasAdminPrivileges.

/**
 * @return true if the userInstance argument has administrative privileges regarding viewing
 *     error details
 */
protected boolean hasAdminPrivileges(IUserInstance userInstance) {
    EntityIdentifier ei = userInstance.getPerson().getEntityIdentifier();
    IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
    return ap.hasPermission(IPermission.ERROR_PORTLET, IPermission.VIEW_ACTIVITY, IPermission.DETAILS_TARGET);
}
Also used : IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) EntityIdentifier(org.apereo.portal.EntityIdentifier)

Example 54 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class ReferenceCompositeGroupService method searchForEntities.

/**
     * Find EntityIdentifiers for entities whose name matches the query string according to the
     * specified method, is of the specified type and descends from the specified group
     */
public EntityIdentifier[] searchForEntities(String query, int method, Class type, IEntityGroup ancestor) throws GroupsException {
    Set allIds = new HashSet();
    for (Iterator services = getComponentServices().values().iterator(); services.hasNext(); ) {
        IIndividualGroupService service = (IIndividualGroupService) services.next();
        EntityIdentifier[] ids = service.searchForEntities(query, method, type, ancestor);
        for (int i = 0; i < ids.length; i++) {
            allIds.add(ids[i]);
        }
    }
    return (EntityIdentifier[]) allIds.toArray(new EntityIdentifier[allIds.size()]);
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) Iterator(java.util.Iterator) EntityIdentifier(org.apereo.portal.EntityIdentifier) HashSet(java.util.HashSet)

Example 55 with EntityIdentifier

use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.

the class ReferenceCompositeGroupService method searchForGroups.

/**
     * Find EntityIdentifiers for groups whose name matches the query string according to the
     * specified method and matches the provided leaf type
     */
public EntityIdentifier[] searchForGroups(String query, int method, Class leaftype) throws GroupsException {
    Set allIds = new HashSet();
    for (Iterator services = getComponentServices().values().iterator(); services.hasNext(); ) {
        IIndividualGroupService service = (IIndividualGroupService) services.next();
        EntityIdentifier[] ids = service.searchForGroups(query, method, leaftype);
        for (int i = 0; i < ids.length; i++) {
            try {
                CompositeEntityIdentifier cei = new CompositeEntityIdentifier(ids[i].getKey(), ids[i].getType());
                cei.setServiceName(service.getServiceName());
                allIds.add(cei);
            } catch (javax.naming.InvalidNameException ine) {
            }
        }
    }
    return (EntityIdentifier[]) allIds.toArray(new EntityIdentifier[allIds.size()]);
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) InvalidNameException(javax.naming.InvalidNameException) Iterator(java.util.Iterator) EntityIdentifier(org.apereo.portal.EntityIdentifier) HashSet(java.util.HashSet)

Aggregations

EntityIdentifier (org.apereo.portal.EntityIdentifier)93 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)31 HashSet (java.util.HashSet)25 ArrayList (java.util.ArrayList)24 IPerson (org.apereo.portal.security.IPerson)17 GroupsException (org.apereo.portal.groups.GroupsException)16 IEntityGroup (org.apereo.portal.groups.IEntityGroup)16 Set (java.util.Set)14 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)13 Iterator (java.util.Iterator)12 IGroupMember (org.apereo.portal.groups.IGroupMember)12 List (java.util.List)6 Element (net.sf.ehcache.Element)6 PortletCategory (org.apereo.portal.portlet.om.PortletCategory)6 HashMap (java.util.HashMap)5 InvalidNameException (javax.naming.InvalidNameException)4 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4 LinkedList (java.util.LinkedList)3 Map (java.util.Map)3 GcFindGroups (edu.internet2.middleware.grouperClient.api.GcFindGroups)2