Examples with IEntityGroup org.apereo.portal.groups.IEntityGroup used on opensource projects

Example 11 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class ApiPermissionsService method getAssignmentsForPerson.

@Override
public Set<Assignment> getAssignmentsForPerson(String username, boolean includeInherited) {
    Set<Assignment> rslt = new HashSet<Assignment>();
    IAuthorizationPrincipal authP = this.authorizationService.newPrincipal(username, EntityEnum.PERSON.getClazz());
    // first get the permissions explicitly set for this principal
    IPermission[] directPermissions = permissionStore.select(null, authP.getPrincipalString(), null, null, null);
    for (IPermission permission : directPermissions) {
        if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
            Assignment a = createAssignment(permission, authP, false);
            if (a != null) {
                rslt.add(a);
            }
        }
    }
    if (includeInherited) {
        IGroupMember member = GroupService.getGroupMember(authP.getKey(), authP.getType());
        for (IEntityGroup parent : member.getAncestorGroups()) {
            IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
            IPermission[] parentPermissions = permissionStore.select(null, parentPrincipal.getPrincipalString(), null, null, null);
            for (IPermission permission : parentPermissions) {
                if (authP.hasPermission(permission.getOwner(), permission.getActivity(), permission.getTarget())) {
                    Assignment a = createAssignment(permission, authP, true);
                    if (a != null) {
                        rslt.add(a);
                    }
                }
            }
        }
    }
    return rslt;
}

Example 12 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class GroupAdministrationHelper method updateGroupMembers.

/**
     * Update the members of an existing group in the group store.
     *
     * @param groupForm Form representing the new group configuration
     * @param updater Updating user
     */
public void updateGroupMembers(GroupForm groupForm, IPerson updater) {
    if (!canEditGroup(updater, groupForm.getKey())) {
        throw new RuntimeAuthorizationException(updater, IPermission.EDIT_GROUP_ACTIVITY, groupForm.getKey());
    }
    if (log.isDebugEnabled()) {
        log.debug("Updating group members for group form [" + groupForm.toString() + "]");
    }
    // find the current version of this group entity
    IEntityGroup group = GroupService.findGroup(groupForm.getKey());
    // clear the current group membership list
    for (IGroupMember child : group.getChildren()) {
        group.removeChild(child);
    }
    // to the group
    for (JsonEntityBean child : groupForm.getMembers()) {
        EntityEnum type = EntityEnum.getEntityEnum(child.getEntityTypeAsString());
        if (type.isGroup()) {
            IEntityGroup member = GroupService.findGroup(child.getId());
            group.addChild(member);
        } else {
            IGroupMember member = GroupService.getGroupMember(child.getId(), type.getClazz());
            group.addChild(member);
        }
    }
    // save the group, updating both its basic information and group
    // membership
    group.updateMembers();
}

Example 13 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class PermissionsRESTController method getAssignmentsOnTarget.

@PreAuthorize("hasPermission('string', 'ALL', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/target/{target}.json")
public ModelAndView getAssignmentsOnTarget(@PathVariable("target") String target, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
    Set<UniquePermission> directAssignments = new HashSet<UniquePermission>();
    // first get the permissions explicitly set for this principal
    IPermission[] directPermissions = permissionStore.select(null, null, null, target, null);
    for (IPermission permission : directPermissions) {
        directAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), false));
    }
    JsonEntityBean entity = groupListHelper.getEntityForPrincipal(target);
    IAuthorizationPrincipal p = this.authorizationService.newPrincipal(entity.getId(), entity.getEntityType().getClazz());
    Set<UniquePermission> inheritedAssignments = new HashSet<UniquePermission>();
    if (includeInherited) {
        IGroupMember member = GroupService.getGroupMember(p.getKey(), p.getType());
        for (IEntityGroup parent : member.getAncestorGroups()) {
            IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
            IPermission[] parentPermissions = permissionStore.select(null, null, null, parentPrincipal.getKey(), null);
            for (IPermission permission : parentPermissions) {
                inheritedAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), true));
            }
        }
    }
    List<JsonPermission> permissions = new ArrayList<JsonPermission>();
    for (UniquePermission permission : directAssignments) {
        JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
        Class<?> clazz;
        EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
        if (entityType.isGroup()) {
            clazz = IEntityGroup.class;
        } else {
            clazz = entityType.getClazz();
        }
        IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
        if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
            permissions.add(getPermissionOnTarget(permission, entity));
        }
    }
    for (UniquePermission permission : inheritedAssignments) {
        JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
        Class<?> clazz;
        EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
        if (entityType.isGroup()) {
            clazz = IEntityGroup.class;
        } else {
            clazz = entityType.getClazz();
        }
        IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
        if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
            permissions.add(getPermissionOnTarget(permission, entity));
        }
    }
    Collections.sort(permissions);
    ModelAndView mv = new ModelAndView();
    mv.addObject("assignments", permissions);
    mv.setViewName("json");
    return mv;
}

Example 14 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class JpaEventSessionDao method getGroupsForEvent.

/** Get groups for the event */
protected Set<AggregatedGroupMapping> getGroupsForEvent(PortalEvent event) {
    final Set<AggregatedGroupMapping> groupMappings = new LinkedHashSet<AggregatedGroupMapping>();
    if (event instanceof LoginEvent) {
        for (final String groupKey : ((LoginEvent) event).getGroups()) {
            final AggregatedGroupMapping groupMapping = this.aggregatedGroupLookupDao.getGroupMapping(groupKey);
            if (groupMapping != null) {
                groupMappings.add(groupMapping);
            }
        }
    } else {
        final String userName = event.getUserName();
        final IGroupMember groupMember = this.compositeGroupService.getGroupMember(userName, IPerson.class);
        for (@SuppressWarnings("unchecked") final Iterator<IEntityGroup> containingGroups = this.compositeGroupService.findParentGroups(groupMember); containingGroups.hasNext(); ) {
            final IEntityGroup group = containingGroups.next();
            final AggregatedGroupMapping groupMapping = this.aggregatedGroupLookupDao.getGroupMapping(group.getServiceName().toString(), group.getName());
            groupMappings.add(groupMapping);
        }
    }
    return groupMappings;
}

Example 15 with IEntityGroup

use of org.apereo.portal.groups.IEntityGroup in project uPortal by Jasig.

the class JpaAggregatedGroupLookupDao method getGroupMapping.

@OpenEntityManager(unitName = BaseAggrEventsJpaDao.PERSISTENCE_UNIT_NAME)
@Override
public AggregatedGroupMapping getGroupMapping(final String portalGroupKey) {
    final IEntityGroup group = compositeGroupService.findGroup(portalGroupKey);
    if (group == null) {
        if (warnedGroupKeys.add(portalGroupKey)) {
            logger.warn("No group found for key {}, no aggregate group mapping will be done and the group key will be ignored.", portalGroupKey);
        }
        final CompositeEntityIdentifier compositeEntityIdentifier = new CompositeEntityIdentifier(portalGroupKey, IEntityGroup.class);
        final String serviceName = compositeEntityIdentifier.getServiceName().toString();
        final String groupKey = compositeEntityIdentifier.getLocalKey();
        return this.getGroupMapping(serviceName, groupKey);
    }
    final String groupService = group.getServiceName().toString();
    final String groupName = group.getName();
    return this.getGroupMapping(groupService, groupName);
}