use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class EntityService method getEntity.
public Entity getEntity(String entityType, String entityId, boolean populateChildren) {
// get the EntityEnum for the specified entity type
if (StringUtils.isBlank(entityType) && StringUtils.isBlank(entityId)) {
return null;
}
EntityEnum entityEnum = EntityEnum.getEntityEnum(entityType);
// to locate it
if (entityEnum.isGroup()) {
// attempt to find the entity
IEntityGroup entityGroup = GroupService.findGroup(entityId);
if (entityGroup == null) {
return null;
} else {
Entity entity = EntityFactory.createEntity(entityGroup, entityEnum);
if (populateChildren) {
Iterator<IGroupMember> members = entityGroup.getChildren().iterator();
entity = populateChildren(entity, members);
}
IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
entity.setPrincipal(principal);
return entity;
}
} else // otherwise use the getGroupMember method
{
IGroupMember groupMember = GroupService.getGroupMember(entityId, entityEnum.getClazz());
if (groupMember == null || groupMember instanceof IEntityGroup) {
return null;
}
Entity entity = EntityFactory.createEntity(groupMember, entityEnum);
// the group member interface doesn't include the entity name, so
// we'll need to look that up manually
entity.setName(lookupEntityName(entity));
if (EntityEnum.GROUP.toString().equals(entity.getEntityType()) || EntityEnum.PERSON.toString().equals(entity.getEntityType())) {
IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
entity.setPrincipal(principal);
}
return entity;
}
}
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class EntityService method getEntity.
public Entity getEntity(IGroupMember member) {
if (member == null) {
return null;
}
// get the type of this member entity
EntityEnum entityEnum = getEntityType(member);
// construct a new entity bean for this entity
Entity entity;
if (entityEnum.isGroup()) {
entity = EntityFactory.createEntity((IEntityGroup) member, entityEnum);
} else {
entity = EntityFactory.createEntity(member, entityEnum);
}
// if the name hasn't been set yet, look up the entity name
if (entity.getName() == null) {
entity.setName(lookupEntityName(entity));
}
if (EntityEnum.GROUP.toString().equals(entity.getEntityType()) || EntityEnum.PERSON.toString().equals(entity.getEntityType())) {
IAuthorizationPrincipal authP = getPrincipalForEntity(entity);
Principal principal = new PrincipalImpl(authP.getKey(), authP.getPrincipalString());
entity.setPrincipal(principal);
}
return entity;
}
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class PagsRESTController method createPagsGroup.
// Parent group name is expected to be case sensitive.
@RequestMapping(value = "/v4-3/pags/{parentGroupName}.json", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.POST)
@ResponseBody
public String createPagsGroup(HttpServletRequest request, HttpServletResponse res, @PathVariable("parentGroupName") String parentGroupName, @RequestBody String json) {
res.setContentType(MediaType.APPLICATION_JSON_VALUE);
/*
* This step is necessary; the incoming URLs will sometimes have '+'
* characters for spaces, and the @PathVariable magic doesn't convert them.
*/
String name;
try {
name = URLDecoder.decode(parentGroupName, "UTF-8");
} catch (UnsupportedEncodingException e) {
res.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return "{ 'error': '" + e.getMessage() + "' }";
}
IPersonAttributesGroupDefinition inpt;
try {
inpt = objectMapper.readValue(json, PersonAttributesGroupDefinitionImpl.class);
} catch (Exception e) {
res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
// should be escaped
return "{ 'error': '" + e.getMessage() + "' }";
}
// Obtain a real reference to the parent group
EntityIdentifier[] eids = GroupService.searchForGroups(name, IGroupConstants.SearchMethod.DISCRETE, IPerson.class);
if (eids.length == 0) {
res.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return "{ 'error': 'Parent group does not exist: " + name + "' }";
}
IEntityGroup parentGroup = // Names must be unique
(IEntityGroup) GroupService.getGroupMember(eids[0]);
IPerson person = personManager.getPerson(request);
IPersonAttributesGroupDefinition rslt;
try {
// A little weird that we need to do both;
// need some PAGS DAO/Service refactoring
rslt = pagsService.createPagsDefinition(person, parentGroup, inpt.getName(), inpt.getDescription());
// little purpose and could be removed.
for (IPersonAttributesGroupTestGroupDefinition testGroupDef : inpt.getTestGroups()) {
// NOTE: The deserializer handles testDef --> testGroupDef
testGroupDef.setGroup(rslt);
}
rslt.setTestGroups(inpt.getTestGroups());
rslt.setMembers(inpt.getMembers());
pagsService.updatePagsDefinition(person, rslt);
} catch (RuntimeAuthorizationException rae) {
res.setStatus(HttpServletResponse.SC_FORBIDDEN);
return "{ 'error': 'not authorized' }";
} catch (IllegalArgumentException iae) {
res.setStatus(HttpServletResponse.SC_CONFLICT);
return "{ 'error': '" + iae.getMessage() + "' }";
} catch (Exception e) {
e.printStackTrace();
res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return "{ 'error': '" + e.getMessage() + "' }";
}
return respondPagsGroupJson(res, rslt, person, HttpServletResponse.SC_CREATED);
}
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class PermissionAssignmentMapController method placeInHierarchy.
private void placeInHierarchy(Assignment a, List<Assignment> hierarchy, String owner, String activity, String target) {
// Assertions.
if (a == null) {
String msg = "Argument 'a' [Assignment] cannot be null";
throw new IllegalArgumentException(msg);
}
if (hierarchy == null) {
String msg = "Argument 'hierarchy' cannot be null";
throw new IllegalArgumentException(msg);
}
// is already in the hierarchy somewhere...
for (Assignment root : hierarchy) {
Assignment duplicate = root.findDecendentOrSelfIfExists(a.getPrincipal());
if (duplicate != null) {
return;
}
}
// To proceed, we need to know about the containing
// groups (if any) for this principal...
IGroupMember member = null;
EntityEnum entityEnum = a.getPrincipal().getEntityType();
if (entityEnum.isGroup()) {
member = GroupService.findGroup(a.getPrincipal().getId());
} else {
member = GroupService.getGroupMember(a.getPrincipal().getId(), entityEnum.getClazz());
}
AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
Iterator<?> it = GroupService.getCompositeGroupService().findParentGroups(member);
if (it.hasNext()) {
// This member must be nested within its parent(s)...
while (it.hasNext()) {
IEntityGroup group = (IEntityGroup) it.next();
EntityEnum beanType = EntityEnum.getEntityEnum(group.getLeafType(), true);
JsonEntityBean bean = new JsonEntityBean(group, beanType);
Assignment parent = null;
for (Assignment root : hierarchy) {
parent = root.findDecendentOrSelfIfExists(bean);
if (parent != null) {
// We found one...
parent.addChild(a);
break;
}
}
if (parent == null) {
// We weren't able to integrate this node into the existing
// hierarchy; we have to dig deeper, until we either (1)
// find a match, or (2) reach a root; type is INHERIT,
// unless (by chance) there's something specified in an
// entry on grantOrDenyMap.
IAuthorizationPrincipal principal = authService.newPrincipal(group);
Assignment.Type assignmentType = getAssignmentType(principal, owner, activity, target);
parent = new Assignment(principal.getPrincipalString(), bean, assignmentType);
parent.addChild(a);
placeInHierarchy(parent, hierarchy, owner, activity, target);
}
}
} else {
// This member is a root...
hierarchy.add(a);
}
}
use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.
the class EntityPersonAttributesGroupStore method contains.
@Override
public boolean contains(IEntityGroup group, IGroupMember member) {
if (!IPERSON_CLASS.equals(member.getLeafType())) {
// group.getLeafType() is (presumably) IPerson.class.
return false;
}
if (member.isGroup()) {
// PAGS groups may only contain other PAGS groups (and people, of course)
final IEntityGroup ieg = (IEntityGroup) member;
if (!PagsService.SERVICE_NAME_PAGS.equals(ieg.getServiceName().toString())) {
return false;
}
}
final MembershipCacheKey cacheKey = new MembershipCacheKey(group.getEntityIdentifier(), member.getUnderlyingEntityIdentifier());
Element element = membershipCache.get(cacheKey);
if (element == null) {
logger.debug("Checking if group {} contains member {}/{}", group.getName(), member.getKey(), member.getLeafType().getSimpleName());
// default
boolean answer = false;
final PagsGroup groupDef = convertEntityToGroupDef(group);
if (member.isGroup()) {
final String key = ((IEntityGroup) member).getLocalKey();
answer = groupDef.hasMember(key);
} else {
try {
final IPersonAttributeDao pa = PersonAttributeDaoLocator.getPersonAttributeDao();
final IPersonAttributes personAttributes = pa.getPerson(member.getKey());
if (personAttributes != null) {
final RestrictedPerson rp = PersonFactory.createRestrictedPerson();
rp.setAttributes(personAttributes.getAttributes());
answer = groupDef.contains(rp);
}
} catch (Exception ex) {
logger.error("Exception acquiring attributes for member " + member + " while checking if group " + group + " contains this member.", ex);
return false;
}
}
element = new Element(cacheKey, answer);
membershipCache.put(element);
}
return (Boolean) element.getObjectValue();
}
Aggregations