Search in sources :

Example 6 with RequestCache

use of org.apereo.portal.concurrency.caching.RequestCache in project uPortal by Jasig.

the class MobileUrlNodeSyntaxHelper method getFolderNameForPortlet.

/* (non-Javadoc)
     * @see org.apereo.portal.url.IUrlNodeSyntaxHelper#getFolderNameForPortlet(javax.servlet.http.HttpServletRequest, org.apereo.portal.portlet.om.IPortletWindowId)
     */
@RequestCache(keyMask = { false, true })
@Override
public String getFolderNameForPortlet(HttpServletRequest request, IPortletWindowId portletWindowId) {
    final IPortletWindow portletWindow = this.portletWindowRegistry.getPortletWindow(request, portletWindowId);
    final IPortletEntity portletEntity = portletWindow.getPortletEntity();
    final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
    final String fname = portletDefinition.getFName();
    final String channelSubscribeId = portletEntity.getLayoutNodeId();
    //Build the targeted portlet string (fname + subscribeId)
    return fname + PORTLET_PATH_ELEMENT_SEPERATOR + channelSubscribeId;
}
Also used : IPortletEntity(org.apereo.portal.portlet.om.IPortletEntity) IPortletWindow(org.apereo.portal.portlet.om.IPortletWindow) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition) RequestCache(org.apereo.portal.concurrency.caching.RequestCache)

Example 7 with RequestCache

use of org.apereo.portal.concurrency.caching.RequestCache in project uPortal by Jasig.

the class AuthorizationImpl method canPrincipalManage.

/**
     * Answers if the principal has permission to MANAGE this Channel.
     *
     * @return boolean
     * @param principal IAuthorizationPrincipal
     * @param portletDefinitionId
     * @exception AuthorizationException indicates authorization information could not be retrieved.
     */
@RequestCache
public boolean canPrincipalManage(IAuthorizationPrincipal principal, String portletDefinitionId) throws AuthorizationException {
    String owner = IPermission.PORTAL_PUBLISH;
    String target = IPermission.PORTLET_PREFIX + portletDefinitionId;
    // retrieve the indicated channel from the channel registry store and
    // determine its current lifecycle state
    IPortletDefinition portlet = this.portletDefinitionRegistry.getPortletDefinition(portletDefinitionId);
    if (portlet == null) {
        return doesPrincipalHavePermission(principal, owner, IPermission.PORTLET_MANAGER_APPROVED_ACTIVITY, target);
    //    	throw new AuthorizationException("Unable to locate channel " + channelPublishId);
    }
    PortletLifecycleState state = portlet.getLifecycleState();
    int order = state.getOrder();
    /*
         * The following code assumes that later lifecycle states imply permission
         * for earlier lifecycle states.  For example, if a user has permission to
         * manage an expired channel, we assume s/he also has permission to
         * create, approve, and publish channels.  The following code counts
         * channels with auto-publish or auto-expiration dates set as requiring
         * publish or expiration permissions for management, even though the channel
         * may not yet be published or expired.
         */
    String activity = IPermission.PORTLET_MANAGER_MAINTENANCE_ACTIVITY;
    if (order <= PortletLifecycleState.MAINTENANCE.getOrder() && doesPrincipalHavePermission(principal, owner, activity, target)) {
        return true;
    }
    activity = IPermission.PORTLET_MANAGER_EXPIRED_ACTIVITY;
    if ((order <= PortletLifecycleState.EXPIRED.getOrder() || portlet.getExpirationDate() != null) && doesPrincipalHavePermission(principal, owner, activity, target)) {
        return true;
    }
    activity = IPermission.PORTLET_MANAGER_ACTIVITY;
    if ((order <= PortletLifecycleState.PUBLISHED.getOrder() || portlet.getPublishDate() != null) && doesPrincipalHavePermission(principal, owner, activity, target)) {
        return true;
    }
    activity = IPermission.PORTLET_MANAGER_APPROVED_ACTIVITY;
    log.debug("order: " + order + ", approved order: " + PortletLifecycleState.APPROVED.getOrder());
    if (order <= PortletLifecycleState.APPROVED.getOrder() && doesPrincipalHavePermission(principal, owner, activity, target)) {
        return true;
    }
    activity = IPermission.PORTLET_MANAGER_CREATED_ACTIVITY;
    if (order <= PortletLifecycleState.CREATED.getOrder() && doesPrincipalHavePermission(principal, owner, activity, target)) {
        return true;
    }
    // if no permissions were found, return false
    return false;
}
Also used : PortletLifecycleState(org.apereo.portal.portlet.om.PortletLifecycleState) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition) RequestCache(org.apereo.portal.concurrency.caching.RequestCache)

Example 8 with RequestCache

use of org.apereo.portal.concurrency.caching.RequestCache in project uPortal by Jasig.

the class AuthorizationImpl method doesPrincipalHavePermission.

/**
     * Answers if the owner has given the principal permission to perform the activity on the
     * target, as evaluated by the policy. Params <code>policy</code>, <code>owner</code> and <code>
     * activity</code> must be non-null.
     *
     * @return boolean
     * @param principal IAuthorizationPrincipal
     * @param owner java.lang.String
     * @param activity java.lang.String
     * @param target java.lang.String
     * @exception AuthorizationException indicates authorization information could not be retrieved.
     */
@Override
@RequestCache
public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, String owner, String activity, String target, IPermissionPolicy policy) throws AuthorizationException {
    final CacheKeyBuilder<Serializable, Serializable> cacheKeyBuilder = CacheKey.builder(AuthorizationImpl.class.getName());
    final String username = principal.getKey();
    if (IPerson.class.equals(principal.getType())) {
        cacheKeyBuilder.addTag(UsernameTaggedCacheEntryPurger.createCacheEntryTag(username));
    }
    cacheKeyBuilder.addAll(policy.getClass(), username, principal.getType(), owner, activity, target);
    final CacheKey key = cacheKeyBuilder.build();
    final Element element = this.doesPrincipalHavePermissionCache.get(key);
    if (element != null) {
        return (Boolean) element.getValue();
    }
    /*
         * Convert to (strongly-typed) Java objects based on interfaces in
         * o.j.p.permission before we make the actual check with IPermissionPolicy;
         * parameters that communicate something of the nature of the things they
         * represent helps us make the check(s) more intelligently.  This objects
         * were retro-fitted to IPermissionPolicy in uP 4.3;  perhaps we should do
         * the same to IAuthorizationService itself?
         */
    final IPermissionOwner ipOwner = permissionOwnerDao.getPermissionOwner(owner);
    final IPermissionActivity ipActivity = permissionOwnerDao.getPermissionActivity(owner, activity);
    if (ipActivity == null) {
        // Means needed data is missing;  much clearer than NPE
        String msg = "The following activity is not defined for owner '" + owner + "':  " + activity;
        throw new RuntimeException(msg);
    }
    final IPermissionTargetProvider targetProvider = targetProviderRegistry.getTargetProvider(ipActivity.getTargetProviderKey());
    final IPermissionTarget ipTarget = targetProvider.getTarget(target);
    final boolean doesPrincipalHavePermission = policy.doesPrincipalHavePermission(this, principal, ipOwner, ipActivity, ipTarget);
    this.doesPrincipalHavePermissionCache.put(new Element(key, doesPrincipalHavePermission));
    return doesPrincipalHavePermission;
}
Also used : IPermissionActivity(org.apereo.portal.permission.IPermissionActivity) Serializable(java.io.Serializable) Element(net.sf.ehcache.Element) IPermissionTarget(org.apereo.portal.permission.target.IPermissionTarget) IPermissionTargetProvider(org.apereo.portal.permission.target.IPermissionTargetProvider) CacheKey(org.apereo.portal.utils.cache.CacheKey) IPermissionOwner(org.apereo.portal.permission.IPermissionOwner) RequestCache(org.apereo.portal.concurrency.caching.RequestCache)

Example 9 with RequestCache

use of org.apereo.portal.concurrency.caching.RequestCache in project uPortal by Jasig.

the class AuthorizationImpl method canPrincipalSubscribe.

/**
     * Answers if the principal has permission to SUBSCRIBE to this Channel.
     *
     * @return boolean
     * @param principal IAuthorizationPrincipal
     * @param portletDefinitionId
     * @exception AuthorizationException indicates authorization information could not be retrieved.
     */
@RequestCache
public boolean canPrincipalSubscribe(IAuthorizationPrincipal principal, String portletDefinitionId) {
    String owner = IPermission.PORTAL_SUBSCRIBE;
    // retrieve the indicated channel from the channel registry store and
    // determine its current lifecycle state
    IPortletDefinition portlet = this.portletDefinitionRegistry.getPortletDefinition(portletDefinitionId);
    if (portlet == null) {
        return false;
    }
    String target = PermissionHelper.permissionTargetIdForPortletDefinition(portlet);
    PortletLifecycleState state = portlet.getLifecycleState();
    /*
         * Each channel lifecycle state now has its own subscribe permission.  The
         * following logic checks the appropriate permission for the lifecycle.
         */
    String permission;
    if (state.equals(PortletLifecycleState.PUBLISHED) || state.equals(PortletLifecycleState.MAINTENANCE)) {
        // NB:  There is no separate SUBSCRIBE permission for MAINTENANCE
        // mode;  everyone simply sees the 'out of service' message
        permission = IPermission.PORTLET_SUBSCRIBER_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.APPROVED)) {
        permission = IPermission.PORTLET_SUBSCRIBER_APPROVED_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.CREATED)) {
        permission = IPermission.PORTLET_SUBSCRIBER_CREATED_ACTIVITY;
    } else if (state.equals(PortletLifecycleState.EXPIRED)) {
        permission = IPermission.PORTLET_SUBSCRIBER_EXPIRED_ACTIVITY;
    } else {
        throw new AuthorizationException("Unrecognized lifecycle state for channel " + portletDefinitionId);
    }
    // Test the appropriate permission.
    return doesPrincipalHavePermission(principal, owner, permission, target);
}
Also used : PortletLifecycleState(org.apereo.portal.portlet.om.PortletLifecycleState) AuthorizationException(org.apereo.portal.AuthorizationException) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition) RequestCache(org.apereo.portal.concurrency.caching.RequestCache)

Aggregations

RequestCache (org.apereo.portal.concurrency.caching.RequestCache)9 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)5 AuthorizationException (org.apereo.portal.AuthorizationException)3 IPortletEntity (org.apereo.portal.portlet.om.IPortletEntity)3 IPortletWindow (org.apereo.portal.portlet.om.IPortletWindow)3 IUserPreferencesManager (org.apereo.portal.IUserPreferencesManager)2 IUserLayoutManager (org.apereo.portal.layout.IUserLayoutManager)2 PortletLifecycleState (org.apereo.portal.portlet.om.PortletLifecycleState)2 IUserInstance (org.apereo.portal.user.IUserInstance)2 Serializable (java.io.Serializable)1 LinkedHashSet (java.util.LinkedHashSet)1 Element (net.sf.ehcache.Element)1 IUserLayout (org.apereo.portal.layout.IUserLayout)1 PortletTabIdResolver (org.apereo.portal.layout.PortletTabIdResolver)1 IPermissionActivity (org.apereo.portal.permission.IPermissionActivity)1 IPermissionOwner (org.apereo.portal.permission.IPermissionOwner)1 IPermissionTarget (org.apereo.portal.permission.target.IPermissionTarget)1 IPermissionTargetProvider (org.apereo.portal.permission.target.IPermissionTargetProvider)1 IPortletEntityId (org.apereo.portal.portlet.om.IPortletEntityId)1 PortletCategory (org.apereo.portal.portlet.om.PortletCategory)1