Search in sources :

Example 56 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class EntityService method getEntity.

public Entity getEntity(String entityType, String entityId, boolean populateChildren) {
    // get the EntityEnum for the specified entity type
    if (StringUtils.isBlank(entityType) && StringUtils.isBlank(entityId)) {
        return null;
    }
    EntityEnum entityEnum = EntityEnum.getEntityEnum(entityType);
    // to locate it
    if (entityEnum.isGroup()) {
        // attempt to find the entity
        IEntityGroup entityGroup = GroupService.findGroup(entityId);
        if (entityGroup == null) {
            return null;
        } else {
            Entity entity = EntityFactory.createEntity(entityGroup, entityEnum);
            if (populateChildren) {
                Iterator<IGroupMember> members = entityGroup.getChildren().iterator();
                entity = populateChildren(entity, members);
            }
            IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
            Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
            entity.setPrincipal(principal);
            return entity;
        }
    } else // otherwise use the getGroupMember method
    {
        IGroupMember groupMember = GroupService.getGroupMember(entityId, entityEnum.getClazz());
        if (groupMember == null || groupMember instanceof IEntityGroup) {
            return null;
        }
        Entity entity = EntityFactory.createEntity(groupMember, entityEnum);
        // the group member interface doesn't include the entity name, so
        // we'll need to look that up manually
        entity.setName(lookupEntityName(entity));
        if (EntityEnum.GROUP.toString().equals(entity.getEntityType()) || EntityEnum.PERSON.toString().equals(entity.getEntityType())) {
            IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
            Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
            entity.setPrincipal(principal);
        }
        return entity;
    }
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) Principal(org.apereo.portal.api.Principal) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) PrincipalImpl(org.apereo.portal.api.PrincipalImpl)

Example 57 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class EntityService method getEntity.

public Entity getEntity(IGroupMember member) {
    if (member == null) {
        return null;
    }
    // get the type of this member entity
    EntityEnum entityEnum = getEntityType(member);
    // construct a new entity bean for this entity
    Entity entity;
    if (entityEnum.isGroup()) {
        entity = EntityFactory.createEntity((IEntityGroup) member, entityEnum);
    } else {
        entity = EntityFactory.createEntity(member, entityEnum);
    }
    // if the name hasn't been set yet, look up the entity name
    if (entity.getName() == null) {
        entity.setName(lookupEntityName(entity));
    }
    if (EntityEnum.GROUP.toString().equals(entity.getEntityType()) || EntityEnum.PERSON.toString().equals(entity.getEntityType())) {
        IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
        Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
        entity.setPrincipal(principal);
    }
    return entity;
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) Principal(org.apereo.portal.api.Principal) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) PrincipalImpl(org.apereo.portal.api.PrincipalImpl)

Example 58 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class PagsRESTController method createPagsGroup.

// Parent group name is expected to be case sensitive.
@RequestMapping(value = "/v4-3/pags/{parentGroupName}.json", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.POST)
@ResponseBody
public String createPagsGroup(HttpServletRequest request, HttpServletResponse res, @PathVariable("parentGroupName") String parentGroupName, @RequestBody String json) {
    res.setContentType(MediaType.APPLICATION_JSON_VALUE);
    /*
         * This step is necessary;  the incoming URLs will sometimes have '+'
         * characters for spaces, and the @PathVariable magic doesn't convert them.
         */
    String name;
    try {
        name = URLDecoder.decode(parentGroupName, "UTF-8");
    } catch (UnsupportedEncodingException e) {
        res.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        return "{ 'error': '" + e.getMessage() + "' }";
    }
    IPersonAttributesGroupDefinition inpt;
    try {
        inpt = objectMapper.readValue(json, PersonAttributesGroupDefinitionImpl.class);
    } catch (Exception e) {
        res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        // should be escaped
        return "{ 'error': '" + e.getMessage() + "' }";
    }
    // Obtain a real reference to the parent group
    EntityIdentifier[] eids = GroupService.searchForGroups(name, IGroupConstants.SearchMethod.DISCRETE, IPerson.class);
    if (eids.length == 0) {
        res.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        return "{ 'error': 'Parent group does not exist: " + name + "' }";
    }
    IEntityGroup parentGroup = // Names must be unique
    (IEntityGroup) GroupService.getGroupMember(eids[0]);
    IPerson person = personManager.getPerson(request);
    IPersonAttributesGroupDefinition rslt;
    try {
        // A little weird that we need to do both;
        // need some PAGS DAO/Service refactoring
        rslt = pagsService.createPagsDefinition(person, parentGroup, inpt.getName(), inpt.getDescription());
        // little purpose and could be removed.
        for (IPersonAttributesGroupTestGroupDefinition testGroupDef : inpt.getTestGroups()) {
            // NOTE:  The deserializer handles testDef --> testGroupDef
            testGroupDef.setGroup(rslt);
        }
        rslt.setTestGroups(inpt.getTestGroups());
        rslt.setMembers(inpt.getMembers());
        pagsService.updatePagsDefinition(person, rslt);
    } catch (RuntimeAuthorizationException rae) {
        res.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return "{ 'error': 'not authorized' }";
    } catch (IllegalArgumentException iae) {
        res.setStatus(HttpServletResponse.SC_CONFLICT);
        return "{ 'error': '" + iae.getMessage() + "' }";
    } catch (Exception e) {
        e.printStackTrace();
        res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        return "{ 'error': '" + e.getMessage() + "' }";
    }
    return respondPagsGroupJson(res, rslt, person, HttpServletResponse.SC_CREATED);
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) IPerson(org.apereo.portal.security.IPerson) RuntimeAuthorizationException(org.apereo.portal.security.RuntimeAuthorizationException) IPersonAttributesGroupDefinition(org.apereo.portal.groups.pags.dao.IPersonAttributesGroupDefinition) IPersonAttributesGroupTestGroupDefinition(org.apereo.portal.groups.pags.dao.IPersonAttributesGroupTestGroupDefinition) UnsupportedEncodingException(java.io.UnsupportedEncodingException) EntityIdentifier(org.apereo.portal.EntityIdentifier) PersonAttributesGroupDefinitionImpl(org.apereo.portal.groups.pags.dao.jpa.PersonAttributesGroupDefinitionImpl) RuntimeAuthorizationException(org.apereo.portal.security.RuntimeAuthorizationException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 59 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class PermissionAssignmentMapController method placeInHierarchy.

private void placeInHierarchy(Assignment a, List<Assignment> hierarchy, String owner, String activity, String target) {
    // Assertions.
    if (a == null) {
        String msg = "Argument 'a' [Assignment] cannot be null";
        throw new IllegalArgumentException(msg);
    }
    if (hierarchy == null) {
        String msg = "Argument 'hierarchy' cannot be null";
        throw new IllegalArgumentException(msg);
    }
    // is already in the hierarchy somewhere...
    for (Assignment root : hierarchy) {
        Assignment duplicate = root.findDecendentOrSelfIfExists(a.getPrincipal());
        if (duplicate != null) {
            return;
        }
    }
    // To proceed, we need to know about the containing
    // groups (if any) for this principal...
    IGroupMember member = null;
    EntityEnum entityEnum = a.getPrincipal().getEntityType();
    if (entityEnum.isGroup()) {
        member = GroupService.findGroup(a.getPrincipal().getId());
    } else {
        member = GroupService.getGroupMember(a.getPrincipal().getId(), entityEnum.getClazz());
    }
    AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
    Iterator<?> it = GroupService.getCompositeGroupService().findParentGroups(member);
    if (it.hasNext()) {
        // This member must be nested within its parent(s)...
        while (it.hasNext()) {
            IEntityGroup group = (IEntityGroup) it.next();
            EntityEnum beanType = EntityEnum.getEntityEnum(group.getLeafType(), true);
            JsonEntityBean bean = new JsonEntityBean(group, beanType);
            Assignment parent = null;
            for (Assignment root : hierarchy) {
                parent = root.findDecendentOrSelfIfExists(bean);
                if (parent != null) {
                    // We found one...
                    parent.addChild(a);
                    break;
                }
            }
            if (parent == null) {
                // We weren't able to integrate this node into the existing
                // hierarchy;  we have to dig deeper, until we either (1)
                // find a match, or (2) reach a root;  type is INHERIT,
                // unless (by chance) there's something specified in an
                // entry on grantOrDenyMap.
                IAuthorizationPrincipal principal = authService.newPrincipal(group);
                Assignment.Type assignmentType = getAssignmentType(principal, owner, activity, target);
                parent = new Assignment(principal.getPrincipalString(), bean, assignmentType);
                parent.addChild(a);
                placeInHierarchy(parent, hierarchy, owner, activity, target);
            }
        }
    } else {
        // This member is a root...
        hierarchy.add(a);
    }
}
Also used : Assignment(org.apereo.portal.portlets.permissionsadmin.Assignment) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)

Example 60 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class EntityPersonAttributesGroupStore method contains.

@Override
public boolean contains(IEntityGroup group, IGroupMember member) {
    if (!IPERSON_CLASS.equals(member.getLeafType())) {
        // group.getLeafType() is (presumably) IPerson.class.
        return false;
    }
    if (member.isGroup()) {
        // PAGS groups may only contain other PAGS groups (and people, of course)
        final IEntityGroup ieg = (IEntityGroup) member;
        if (!PagsService.SERVICE_NAME_PAGS.equals(ieg.getServiceName().toString())) {
            return false;
        }
    }
    final MembershipCacheKey cacheKey = new MembershipCacheKey(group.getEntityIdentifier(), member.getUnderlyingEntityIdentifier());
    Element element = membershipCache.get(cacheKey);
    if (element == null) {
        logger.debug("Checking if group {} contains member {}/{}", group.getName(), member.getKey(), member.getLeafType().getSimpleName());
        // default
        boolean answer = false;
        final PagsGroup groupDef = convertEntityToGroupDef(group);
        if (member.isGroup()) {
            final String key = ((IEntityGroup) member).getLocalKey();
            answer = groupDef.hasMember(key);
        } else {
            try {
                final IPersonAttributeDao pa = PersonAttributeDaoLocator.getPersonAttributeDao();
                final IPersonAttributes personAttributes = pa.getPerson(member.getKey());
                if (personAttributes != null) {
                    final RestrictedPerson rp = PersonFactory.createRestrictedPerson();
                    rp.setAttributes(personAttributes.getAttributes());
                    answer = groupDef.contains(rp);
                }
            } catch (Exception ex) {
                logger.error("Exception acquiring attributes for member " + member + " while checking if group " + group + " contains this member.", ex);
                return false;
            }
        }
        element = new Element(cacheKey, answer);
        membershipCache.put(element);
    }
    return (Boolean) element.getObjectValue();
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) PagsGroup(org.apereo.portal.groups.pags.PagsGroup) IPersonAttributes(org.apereo.services.persondir.IPersonAttributes) IPersonAttributeDao(org.apereo.services.persondir.IPersonAttributeDao) Element(net.sf.ehcache.Element) RestrictedPerson(org.apereo.portal.security.provider.RestrictedPerson) GroupsException(org.apereo.portal.groups.GroupsException)

Aggregations

IEntityGroup (org.apereo.portal.groups.IEntityGroup)77 IGroupMember (org.apereo.portal.groups.IGroupMember)29 ArrayList (java.util.ArrayList)21 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)16 EntityIdentifier (org.apereo.portal.EntityIdentifier)14 HashSet (java.util.HashSet)11 HashMap (java.util.HashMap)10 LinkedList (java.util.LinkedList)9 GroupsException (org.apereo.portal.groups.GroupsException)9 JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)9 EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)9 IPermission (org.apereo.portal.security.IPermission)9 AggregatedGroupMapping (org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)8 List (java.util.List)7 CompositeName (javax.naming.CompositeName)7 CallableWithoutResult (org.apereo.portal.concurrency.CallableWithoutResult)7 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)7 IPerson (org.apereo.portal.security.IPerson)7 BaseAggrEventsJpaDaoTest (org.apereo.portal.test.BaseAggrEventsJpaDaoTest)7 DateTime (org.joda.time.DateTime)7