Search in sources :

Example 1 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class ApiPermissionsService method getAssignmentsForPerson.

@Override
public Set<Assignment> getAssignmentsForPerson(String username, boolean includeInherited) {
    Set<Assignment> rslt = new HashSet<Assignment>();
    if (StringUtils.isBlank(username)) {
        return null;
    }
    IAuthorizationPrincipal authP = this.authorizationService.newPrincipal(username, EntityEnum.PERSON.getClazz());
    // first get the permissions explicitly set for this principal
    IPermission[] directPermissions = permissionStore.select(null, authP.getPrincipalString(), null, null, null);
    for (IPermission permission : directPermissions) {
        if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
            Assignment a = createAssignment(permission, authP, false);
            if (a != null) {
                rslt.add(a);
            }
        }
    }
    if (includeInherited) {
        IGroupMember member = GroupService.getGroupMember(authP.getKey(), authP.getType());
        for (IEntityGroup parent : member.getAncestorGroups()) {
            IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
            IPermission[] parentPermissions = permissionStore.select(null, parentPrincipal.getPrincipalString(), null, null, null);
            for (IPermission permission : parentPermissions) {
                if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
                    Assignment a = createAssignment(permission, authP, true);
                    if (a != null) {
                        rslt.add(a);
                    }
                }
            }
        }
    }
    return rslt;
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) IPermission(org.apereo.portal.security.IPermission) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) HashSet(java.util.HashSet)

Example 2 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class PermissionsRESTController method getAssignmentsOnTarget.

@PreAuthorize("hasPermission('ALL', 'java.lang.String', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/target/{target}.json")
public ModelAndView getAssignmentsOnTarget(@PathVariable("target") String target, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
    Set<UniquePermission> directAssignments = new HashSet<UniquePermission>();
    // first get the permissions explicitly set for this principal
    IPermission[] directPermissions = permissionStore.select(null, null, null, target, null);
    for (IPermission permission : directPermissions) {
        directAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), false));
    }
    JsonEntityBean entity = groupListHelper.getEntityForPrincipal(target);
    Set<UniquePermission> inheritedAssignments = new HashSet<UniquePermission>();
    List<JsonPermission> permissions = new ArrayList<JsonPermission>();
    if (entity != null) {
        IAuthorizationPrincipal p = this.authorizationService.newPrincipal(entity.getId(), entity.getEntityType().getClazz());
        if (includeInherited) {
            IGroupMember member = GroupService.getGroupMember(p.getKey(), p.getType());
            for (IEntityGroup parent : member.getAncestorGroups()) {
                IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
                IPermission[] parentPermissions = permissionStore.select(null, null, null, parentPrincipal.getKey(), null);
                for (IPermission permission : parentPermissions) {
                    inheritedAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), true));
                }
            }
        }
        for (UniquePermission permission : directAssignments) {
            JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
            Class<?> clazz;
            EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
            if (entityType.isGroup()) {
                clazz = IEntityGroup.class;
            } else {
                clazz = entityType.getClazz();
            }
            IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
            if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
                permissions.add(getPermissionOnTarget(permission, entity));
            }
        }
        for (UniquePermission permission : inheritedAssignments) {
            JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
            Class<?> clazz;
            EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
            if (entityType.isGroup()) {
                clazz = IEntityGroup.class;
            } else {
                clazz = entityType.getClazz();
            }
            IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
            if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
                permissions.add(getPermissionOnTarget(permission, entity));
            }
        }
        Collections.sort(permissions);
    }
    ModelAndView mv = new ModelAndView();
    mv.addObject("assignments", permissions);
    mv.setViewName("json");
    return mv;
}
Also used : EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum) ArrayList(java.util.ArrayList) ModelAndView(org.springframework.web.servlet.ModelAndView) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) IPermission(org.apereo.portal.security.IPermission) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) HashSet(java.util.HashSet) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class RDBMUserIdentityStore method addNewUser.

protected int addNewUser(final int newUID, final IPerson person, final TemplateUser templateUser) throws Exception {
    // Copy template user's groups memberships
    IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
    IGroupMember template = GroupService.getEntity(templateUser.getUserName(), Class.forName("org.apereo.portal.security.IPerson"));
    for (IEntityGroup eg : template.getParentGroups()) {
        ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
        if (leg != null) {
            addPersonToGroup(person, me, leg);
        }
    }
    return this.transactionOperations.execute(new TransactionCallback<Integer>() {

        @Override
        public Integer doInTransaction(TransactionStatus status) {
            return jdbcOperations.execute(new ConnectionCallback<Integer>() {

                @Override
                public Integer doInConnection(Connection con) throws SQLException, DataAccessException {
                    int uPortalUID = -1;
                    PreparedStatement queryStmt = null;
                    PreparedStatement insertStmt = null;
                    try {
                        // Add to UP_USER
                        String insert = "INSERT INTO UP_USER (USER_ID, USER_NAME, USER_DFLT_USR_ID, USER_DFLT_LAY_ID, NEXT_STRUCT_ID, LST_CHAN_UPDT_DT)" + "VALUES (?, ?, ?, ?, null, null)";
                        String userName = person.getUserName();
                        insertStmt = con.prepareStatement(insert);
                        insertStmt.setInt(1, newUID);
                        insertStmt.setString(2, userName);
                        insertStmt.setInt(3, templateUser.getUserId());
                        insertStmt.setInt(4, templateUser.getDefaultLayoutId());
                        if (log.isDebugEnabled())
                            log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", USER_NAME=" + userName + ", USER_DFLT_USR_ID=" + templateUser.getUserId() + ", USER_DFLT_LAY_ID=" + templateUser.getDefaultLayoutId() + "): " + insert);
                        insertStmt.executeUpdate();
                        insertStmt.close();
                        insertStmt = null;
                        // Start copying...
                        ResultSet rs = null;
                        String query = null;
                        try {
                            // Add to UP_USER_PROFILE
                            query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
                            queryStmt = con.prepareStatement(query);
                            queryStmt.setInt(1, templateUser.getUserId());
                            if (log.isDebugEnabled())
                                log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + templateUser.getUserId() + "): " + query);
                            rs = queryStmt.executeQuery();
                            insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
                            insertStmt = con.prepareStatement(insert);
                            while (rs.next()) {
                                int id = getNextKey();
                                String profileFname = rs.getString("PROFILE_FNAME");
                                String profileName = rs.getString("PROFILE_NAME");
                                String description = rs.getString("DESCRIPTION");
                                int structure = rs.getInt("STRUCTURE_SS_ID");
                                int theme = rs.getInt("THEME_SS_ID");
                                insertStmt.setInt(1, newUID);
                                insertStmt.setInt(2, id);
                                insertStmt.setString(3, profileFname);
                                insertStmt.setString(4, profileName);
                                insertStmt.setString(5, description);
                                insertStmt.setInt(6, structure);
                                insertStmt.setInt(7, theme);
                                if (log.isDebugEnabled())
                                    log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
                                insertStmt.executeUpdate();
                            }
                            rs.close();
                            queryStmt.close();
                            if (insertStmt != null) {
                                insertStmt.close();
                                insertStmt = null;
                            }
                            // transaction
                            if (RDBMServices.getDbMetaData().supportsTransactions())
                                con.commit();
                            uPortalUID = newUID;
                        } finally {
                            try {
                                if (rs != null)
                                    rs.close();
                            } catch (Exception e) {
                            }
                        }
                    } finally {
                        try {
                            if (queryStmt != null)
                                queryStmt.close();
                        } catch (Exception e) {
                        }
                        try {
                            if (insertStmt != null)
                                insertStmt.close();
                        } catch (Exception e) {
                        }
                    }
                    return uPortalUID;
                }
            });
        }
    });
}
Also used : Connection(java.sql.Connection) ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup) TransactionStatus(org.springframework.transaction.TransactionStatus) PreparedStatement(java.sql.PreparedStatement) DataAccessException(org.springframework.dao.DataAccessException) SQLException(java.sql.SQLException) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) ResultSet(java.sql.ResultSet) ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)

Example 4 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class RDBMUserIdentityStore method updateUser.

protected void updateUser(final int userId, final IPerson person, final TemplateUser templateUser) throws Exception {
    // Remove my existing group memberships
    IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
    for (IEntityGroup eg : me.getParentGroups()) {
        ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
        if (leg != null) {
            removePersonFromGroup(person, me, leg);
        }
    }
    // Copy template user's groups memberships
    IGroupMember template = GroupService.getEntity(templateUser.getUserName(), IPerson.class);
    for (IEntityGroup eg : template.getParentGroups()) {
        ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
        if (leg != null) {
            addPersonToGroup(person, me, leg);
        }
    }
    this.transactionOperations.execute(new TransactionCallback<Object>() {

        @Override
        public Object doInTransaction(TransactionStatus status) {
            return jdbcOperations.execute(new ConnectionCallback<Object>() {

                @Override
                public Object doInConnection(Connection con) throws SQLException, DataAccessException {
                    PreparedStatement deleteStmt = null;
                    PreparedStatement queryStmt = null;
                    PreparedStatement insertStmt = null;
                    try {
                        // Update UP_USER
                        String update = "UPDATE UP_USER " + "SET USER_DFLT_USR_ID=?, " + "USER_DFLT_LAY_ID=?, " + "NEXT_STRUCT_ID=null " + "WHERE USER_ID=?";
                        insertStmt = con.prepareStatement(update);
                        insertStmt.setInt(1, templateUser.getUserId());
                        insertStmt.setInt(2, templateUser.getDefaultLayoutId());
                        insertStmt.setInt(3, userId);
                        if (log.isDebugEnabled())
                            log.debug("RDBMUserIdentityStore::addNewUser(): " + update);
                        insertStmt.executeUpdate();
                        insertStmt.close();
                        // Start copying...
                        ResultSet rs = null;
                        String delete = null;
                        String query = null;
                        String insert = null;
                        try {
                            // Update UP_USER_PROFILE
                            delete = "DELETE FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
                            deleteStmt = con.prepareStatement(delete);
                            deleteStmt.setInt(1, userId);
                            if (log.isDebugEnabled())
                                log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + "): " + delete);
                            deleteStmt.executeUpdate();
                            deleteStmt.close();
                            query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
                            queryStmt = con.prepareStatement(query);
                            queryStmt.setInt(1, templateUser.getUserId());
                            if (log.isDebugEnabled())
                                log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + templateUser.getUserId() + "): " + query);
                            rs = queryStmt.executeQuery();
                            insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
                            insertStmt = con.prepareStatement(insert);
                            while (rs.next()) {
                                int id = getNextKey();
                                String profileFname = rs.getString("PROFILE_FNAME");
                                String profileName = rs.getString("PROFILE_NAME");
                                String description = rs.getString("DESCRIPTION");
                                int structure = rs.getInt("STRUCTURE_SS_ID");
                                int theme = rs.getInt("THEME_SS_ID");
                                insertStmt.setInt(1, userId);
                                insertStmt.setInt(2, id);
                                insertStmt.setString(3, profileFname);
                                insertStmt.setString(4, profileName);
                                insertStmt.setString(5, description);
                                insertStmt.setInt(6, structure);
                                insertStmt.setInt(7, theme);
                                if (log.isDebugEnabled())
                                    log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
                                insertStmt.executeUpdate();
                            }
                            rs.close();
                            queryStmt.close();
                            insertStmt.close();
                            // transaction
                            if (RDBMServices.getDbMetaData().supportsTransactions())
                                con.commit();
                        } finally {
                            try {
                                rs.close();
                            } catch (Exception e) {
                            }
                        }
                    } finally {
                        try {
                            deleteStmt.close();
                        } catch (Exception e) {
                        }
                        try {
                            queryStmt.close();
                        } catch (Exception e) {
                        }
                        try {
                            insertStmt.close();
                        } catch (Exception e) {
                        }
                    }
                    return null;
                }
            });
        }
    });
}
Also used : Connection(java.sql.Connection) ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup) TransactionStatus(org.springframework.transaction.TransactionStatus) PreparedStatement(java.sql.PreparedStatement) DataAccessException(org.springframework.dao.DataAccessException) SQLException(java.sql.SQLException) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) ResultSet(java.sql.ResultSet) SerializableObject(org.apereo.portal.utils.SerializableObject) ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)

Example 5 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class EntityPersonAttributesGroupStore method searchForGroups.

@Override
public EntityIdentifier[] searchForGroups(String query, int method, Class leaftype) throws GroupsException {
    if (leaftype != IPERSON_CLASS) {
        return EMPTY_SEARCH_RESULTS;
    }
    Set<IPersonAttributesGroupDefinition> pagsGroups = personAttributesGroupDefinitionDao.getPersonAttributesGroupDefinitions();
    List<EntityIdentifier> results = new ArrayList<EntityIdentifier>();
    switch(method) {
        case IS:
            for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
                IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
                if (g.getName().equalsIgnoreCase(query)) {
                    results.add(g.getEntityIdentifier());
                }
            }
            break;
        case STARTS_WITH:
            for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
                IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
                if (g.getName().toUpperCase().startsWith(query.toUpperCase())) {
                    results.add(g.getEntityIdentifier());
                }
            }
            break;
        case ENDS_WITH:
            for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
                IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
                if (g.getName().toUpperCase().endsWith(query.toUpperCase())) {
                    results.add(g.getEntityIdentifier());
                }
            }
            break;
        case CONTAINS:
            for (IPersonAttributesGroupDefinition pagsGroup : pagsGroups) {
                IEntityGroup g = convertPagsGroupToEntity(pagsGroup);
                if (g.getName().toUpperCase().indexOf(query.toUpperCase()) != -1) {
                    results.add(g.getEntityIdentifier());
                }
            }
            break;
    }
    return results.toArray(new EntityIdentifier[] {});
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) ArrayList(java.util.ArrayList) EntityIdentifier(org.apereo.portal.EntityIdentifier)

Aggregations

IEntityGroup (org.apereo.portal.groups.IEntityGroup)85 IGroupMember (org.apereo.portal.groups.IGroupMember)33 ArrayList (java.util.ArrayList)24 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)19 HashSet (java.util.HashSet)14 EntityIdentifier (org.apereo.portal.EntityIdentifier)14 EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)12 JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)10 IPermission (org.apereo.portal.security.IPermission)10 HashMap (java.util.HashMap)9 GroupsException (org.apereo.portal.groups.GroupsException)9 AggregatedGroupMapping (org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)8 IPerson (org.apereo.portal.security.IPerson)8 List (java.util.List)7 CompositeName (javax.naming.CompositeName)7 CallableWithoutResult (org.apereo.portal.concurrency.CallableWithoutResult)7 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)7 BaseAggrEventsJpaDaoTest (org.apereo.portal.test.BaseAggrEventsJpaDaoTest)7 DateTime (org.joda.time.DateTime)7 Test (org.junit.Test)7