Example 61 with EntityIdentifier
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class PortletAdministrationHelper method hasLifecyclePermission.
public boolean hasLifecyclePermission(IPerson person, PortletLifecycleState state, SortedSet<JsonEntityBean> categories) {
EntityIdentifier ei = person.getEntityIdentifier();
IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
final String activity;
switch(state) {
case APPROVED:
{
activity = IPermission.PORTLET_MANAGER_APPROVED_ACTIVITY;
break;
}
case CREATED:
{
activity = IPermission.PORTLET_MANAGER_CREATED_ACTIVITY;
break;
}
case PUBLISHED:
{
activity = IPermission.PORTLET_MANAGER_ACTIVITY;
break;
}
case EXPIRED:
{
activity = IPermission.PORTLET_MANAGER_EXPIRED_ACTIVITY;
break;
}
case MAINTENANCE:
{
activity = IPermission.PORTLET_MANAGER_MAINTENANCE_ACTIVITY;
break;
}
default:
{
throw new IllegalArgumentException("");
}
}
if (ap.hasPermission(IPermission.PORTAL_PUBLISH, activity, IPermission.ALL_PORTLETS_TARGET)) {
logger.debug("Found permission for category ALL_PORTLETS and lifecycle state " + state.toString());
return true;
}
for (JsonEntityBean category : categories) {
if (ap.canManage(state, category.getId())) {
logger.debug("Found permission for category " + category.getName() + " and lifecycle state " + state.toString());
return true;
}
}
logger.debug("No permission for lifecycle state " + state.toString());
return false;
}
Also used :
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Example 62 with EntityIdentifier
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class UserAccountHelper method canEditUser.
public boolean canEditUser(IPerson currentUser, String target) {
// first check to see if this is a local user
if (!isLocalAccount(target)) {
return false;
}
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
// edit their own account
if (currentUser.getName().equals(target) && ap.hasPermission("UP_USERS", "EDIT_USER", "SELF")) {
return true;
} else // otherwise determine if the user has permission to edit the account
if (ap.hasPermission("UP_USERS", "EDIT_USER", target)) {
return true;
} else {
return false;
}
}
Also used :
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Example 63 with EntityIdentifier
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class UserAccountHelper method getEditableUserAttributes.
/**
* Returns the collection of attributes that the specified currentUser can edit.
*
* @param currentUser
* @return
*/
public List<Preference> getEditableUserAttributes(IPerson currentUser) {
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
List<Preference> allowedAttributes = new ArrayList<Preference>();
for (Preference attr : accountEditAttributes) {
if (ap.hasPermission("UP_USERS", "EDIT_USER_ATTRIBUTE", attr.getName())) {
allowedAttributes.add(attr);
}
}
return allowedAttributes;
}
Also used :
Preference(org.apereo.portal.portletpublishing.xml.Preference)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
ArrayList(java.util.ArrayList)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Example 64 with EntityIdentifier
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class GroupAdministrationHelper method canDeleteGroup.
public boolean canDeleteGroup(IPerson currentUser, String target) {
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
return (ap.hasPermission(IPermission.PORTAL_GROUPS, IPermission.DELETE_GROUP_ACTIVITY, target));
}
Also used :
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Example 65 with EntityIdentifier
use of org.apereo.portal.EntityIdentifier in project uPortal by Jasig.
the class GroupAdministrationHelper method canCreateMemberGroup.
public boolean canCreateMemberGroup(IPerson currentUser, String target) {
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
return (ap.hasPermission(IPermission.PORTAL_GROUPS, IPermission.CREATE_GROUP_ACTIVITY, target));
}
Also used :
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Aggregations
EntityIdentifier (org.apereo.portal.EntityIdentifier)93
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)31
HashSet (java.util.HashSet)25
ArrayList (java.util.ArrayList)24
IPerson (org.apereo.portal.security.IPerson)17
GroupsException (org.apereo.portal.groups.GroupsException)16
IEntityGroup (org.apereo.portal.groups.IEntityGroup)16
Set (java.util.Set)14
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)13
Iterator (java.util.Iterator)12
IGroupMember (org.apereo.portal.groups.IGroupMember)12
List (java.util.List)6
Element (net.sf.ehcache.Element)6
PortletCategory (org.apereo.portal.portlet.om.PortletCategory)6
HashMap (java.util.HashMap)5
InvalidNameException (javax.naming.InvalidNameException)4
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4
LinkedList (java.util.LinkedList)3
Map (java.util.Map)3
GcFindGroups (edu.internet2.middleware.grouperClient.api.GcFindGroups)2
