Example 11 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class PortletDefinitionImporterExporter method toGroupMembers.
/**
* Convert a list of group names to a list of groups.
*
* @param groupNames the list of group names - case sensitive.
* @return the list of groups.
*/
private Set<IGroupMember> toGroupMembers(List<String> groupNames, String fname) {
final Set<IGroupMember> groups = new HashSet<>();
for (String groupName : groupNames) {
// Assumes the groupName case matches the DB values.
EntityIdentifier[] gs = GroupService.searchForGroups(groupName, IGroupConstants.SearchMethod.DISCRETE, IPerson.class);
IGroupMember group;
if (gs != null && gs.length > 0) {
group = GroupService.findGroup(gs[0].getKey());
} else {
// An actual group key might be specified, so try looking up group directly
group = GroupService.findGroup(groupName);
}
if (group == null) {
throw new IllegalArgumentException("No group '" + groupName + "' found when importing portlet: " + fname);
}
groups.add(group);
}
return groups;
}
Also used :
IGroupMember(org.apereo.portal.groups.IGroupMember)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
HashSet(java.util.HashSet)
Example 12 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class RDBMUserIdentityStore method addNewUser.
protected int addNewUser(final int newUID, final IPerson person, final TemplateUser templateUser) throws Exception {
// Copy template user's groups memberships
IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
IGroupMember template = GroupService.getEntity(templateUser.getUserName(), Class.forName("org.apereo.portal.security.IPerson"));
for (IEntityGroup eg : template.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
addPersonToGroup(person, me, leg);
}
}
return this.transactionOperations.execute(new TransactionCallback<Integer>() {
@Override
public Integer doInTransaction(TransactionStatus status) {
return jdbcOperations.execute(new ConnectionCallback<Integer>() {
@Override
public Integer doInConnection(Connection con) throws SQLException, DataAccessException {
int uPortalUID = -1;
PreparedStatement queryStmt = null;
PreparedStatement insertStmt = null;
try {
// Add to UP_USER
String insert = "INSERT INTO UP_USER (USER_ID, USER_NAME, USER_DFLT_USR_ID, USER_DFLT_LAY_ID, NEXT_STRUCT_ID, LST_CHAN_UPDT_DT)" + "VALUES (?, ?, ?, ?, null, null)";
String userName = person.getUserName();
insertStmt = con.prepareStatement(insert);
insertStmt.setInt(1, newUID);
insertStmt.setString(2, userName);
insertStmt.setInt(3, templateUser.getUserId());
insertStmt.setInt(4, templateUser.getDefaultLayoutId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", USER_NAME=" + userName + ", USER_DFLT_USR_ID=" + templateUser.getUserId() + ", USER_DFLT_LAY_ID=" + templateUser.getDefaultLayoutId() + "): " + insert);
insertStmt.executeUpdate();
insertStmt.close();
insertStmt = null;
// Start copying...
ResultSet rs = null;
String query = null;
try {
// Add to UP_USER_PROFILE
query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
queryStmt = con.prepareStatement(query);
queryStmt.setInt(1, templateUser.getUserId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + templateUser.getUserId() + "): " + query);
rs = queryStmt.executeQuery();
insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
insertStmt = con.prepareStatement(insert);
while (rs.next()) {
int id = getNextKey();
String profileFname = rs.getString("PROFILE_FNAME");
String profileName = rs.getString("PROFILE_NAME");
String description = rs.getString("DESCRIPTION");
int structure = rs.getInt("STRUCTURE_SS_ID");
int theme = rs.getInt("THEME_SS_ID");
insertStmt.setInt(1, newUID);
insertStmt.setInt(2, id);
insertStmt.setString(3, profileFname);
insertStmt.setString(4, profileName);
insertStmt.setString(5, description);
insertStmt.setInt(6, structure);
insertStmt.setInt(7, theme);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(USER_ID=" + newUID + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
insertStmt.executeUpdate();
}
rs.close();
queryStmt.close();
if (insertStmt != null) {
insertStmt.close();
insertStmt = null;
}
// transaction
if (RDBMServices.getDbMetaData().supportsTransactions())
con.commit();
uPortalUID = newUID;
} finally {
try {
if (rs != null)
rs.close();
} catch (Exception e) {
}
}
} finally {
try {
if (queryStmt != null)
queryStmt.close();
} catch (Exception e) {
}
try {
if (insertStmt != null)
insertStmt.close();
} catch (Exception e) {
}
}
return uPortalUID;
}
});
}
});
}
Also used :
Connection(java.sql.Connection)
ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup)
TransactionStatus(org.springframework.transaction.TransactionStatus)
PreparedStatement(java.sql.PreparedStatement)
DataAccessException(org.springframework.dao.DataAccessException)
SQLException(java.sql.SQLException)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
ResultSet(java.sql.ResultSet)
ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)
Example 13 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class RDBMUserIdentityStore method updateUser.
protected void updateUser(final int userId, final IPerson person, final TemplateUser templateUser) throws Exception {
// Remove my existing group memberships
IGroupMember me = GroupService.getGroupMember(person.getEntityIdentifier());
for (IEntityGroup eg : me.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
removePersonFromGroup(person, me, leg);
}
}
// Copy template user's groups memberships
IGroupMember template = GroupService.getEntity(templateUser.getUserName(), IPerson.class);
for (IEntityGroup eg : template.getParentGroups()) {
ILockableEntityGroup leg = getSafeLockableGroup(eg, me);
if (leg != null) {
addPersonToGroup(person, me, leg);
}
}
this.transactionOperations.execute(new TransactionCallback<Object>() {
@Override
public Object doInTransaction(TransactionStatus status) {
return jdbcOperations.execute(new ConnectionCallback<Object>() {
@Override
public Object doInConnection(Connection con) throws SQLException, DataAccessException {
PreparedStatement deleteStmt = null;
PreparedStatement queryStmt = null;
PreparedStatement insertStmt = null;
try {
// Update UP_USER
String update = "UPDATE UP_USER " + "SET USER_DFLT_USR_ID=?, " + "USER_DFLT_LAY_ID=?, " + "NEXT_STRUCT_ID=null " + "WHERE USER_ID=?";
insertStmt = con.prepareStatement(update);
insertStmt.setInt(1, templateUser.getUserId());
insertStmt.setInt(2, templateUser.getDefaultLayoutId());
insertStmt.setInt(3, userId);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::addNewUser(): " + update);
insertStmt.executeUpdate();
insertStmt.close();
// Start copying...
ResultSet rs = null;
String delete = null;
String query = null;
String insert = null;
try {
// Update UP_USER_PROFILE
delete = "DELETE FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
deleteStmt = con.prepareStatement(delete);
deleteStmt.setInt(1, userId);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + "): " + delete);
deleteStmt.executeUpdate();
deleteStmt.close();
query = "SELECT USER_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, " + "STRUCTURE_SS_ID, THEME_SS_ID " + "FROM UP_USER_PROFILE " + "WHERE USER_ID=?";
queryStmt = con.prepareStatement(query);
queryStmt.setInt(1, templateUser.getUserId());
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + templateUser.getUserId() + "): " + query);
rs = queryStmt.executeQuery();
insert = "INSERT INTO UP_USER_PROFILE (USER_ID, PROFILE_ID, PROFILE_FNAME, PROFILE_NAME, DESCRIPTION, LAYOUT_ID, STRUCTURE_SS_ID, THEME_SS_ID) " + "VALUES(?, ?, ?, ?, ?, NULL, ?, ?)";
insertStmt = con.prepareStatement(insert);
while (rs.next()) {
int id = getNextKey();
String profileFname = rs.getString("PROFILE_FNAME");
String profileName = rs.getString("PROFILE_NAME");
String description = rs.getString("DESCRIPTION");
int structure = rs.getInt("STRUCTURE_SS_ID");
int theme = rs.getInt("THEME_SS_ID");
insertStmt.setInt(1, userId);
insertStmt.setInt(2, id);
insertStmt.setString(3, profileFname);
insertStmt.setString(4, profileName);
insertStmt.setString(5, description);
insertStmt.setInt(6, structure);
insertStmt.setInt(7, theme);
if (log.isDebugEnabled())
log.debug("RDBMUserIdentityStore::updateUser(USER_ID=" + userId + ", PROFILE_FNAME=" + profileFname + ", PROFILE_NAME=" + profileName + ", DESCRIPTION=" + description + "): " + insert);
insertStmt.executeUpdate();
}
rs.close();
queryStmt.close();
insertStmt.close();
// transaction
if (RDBMServices.getDbMetaData().supportsTransactions())
con.commit();
} finally {
try {
rs.close();
} catch (Exception e) {
}
}
} finally {
try {
deleteStmt.close();
} catch (Exception e) {
}
try {
queryStmt.close();
} catch (Exception e) {
}
try {
insertStmt.close();
} catch (Exception e) {
}
}
return null;
}
});
}
});
}
Also used :
Connection(java.sql.Connection)
ILockableEntityGroup(org.apereo.portal.groups.ILockableEntityGroup)
TransactionStatus(org.springframework.transaction.TransactionStatus)
PreparedStatement(java.sql.PreparedStatement)
DataAccessException(org.springframework.dao.DataAccessException)
SQLException(java.sql.SQLException)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
ResultSet(java.sql.ResultSet)
SerializableObject(org.apereo.portal.utils.SerializableObject)
ConnectionCallback(org.springframework.jdbc.core.ConnectionCallback)
Example 14 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class PortletAdministrationHelper method savePortletRegistration.
/**
* Persist a new or edited PortletDefinition from a form, replacing existing values.
*
* @param publisher {@code IPerson} that requires permission to save this definition
* @param form form data to persist
* @return new {@code PortletDefinitionForm} for this portlet ID
*/
public PortletDefinitionForm savePortletRegistration(IPerson publisher, PortletDefinitionForm form) throws Exception {
logger.trace("In savePortletRegistration() - for: {}", form.getPortletName());
// is made when the user enters the lifecycle-selection step in the wizard.)
if (!hasLifecyclePermission(publisher, form.getLifecycleState(), form.getCategories())) {
logger.warn("User '" + publisher.getUserName() + "' attempted to save the following portlet without the selected MANAGE permission: " + form);
throw new SecurityException("Not Authorized");
}
if (!form.isNew()) {
// User must have the previous lifecycle permission
// in AT LEAST ONE previous category as well
IPortletDefinition def = this.portletDefinitionRegistry.getPortletDefinition(form.getId());
Set<PortletCategory> categories = portletCategoryRegistry.getParentCategories(def);
SortedSet<JsonEntityBean> categoryBeans = new TreeSet<>();
for (PortletCategory cat : categories) {
categoryBeans.add(new JsonEntityBean(cat));
}
if (!hasLifecyclePermission(publisher, def.getLifecycleState(), categoryBeans)) {
logger.warn("User '" + publisher.getUserName() + "' attempted to save the following portlet without the previous MANAGE permission: " + form);
throw new SecurityException("Not Authorized");
}
}
if (form.isNew() || portletDefinitionRegistry.getPortletDefinition(form.getId()).getType().getId() != form.getTypeId()) {
// User must have access to the selected CPD if s/he selected it in this interaction
final int selectedTypeId = form.getTypeId();
final PortletPublishingDefinition cpd = portletPublishingDefinitionDao.getChannelPublishingDefinition(selectedTypeId);
final Map<IPortletType, PortletPublishingDefinition> allowableCpds = this.getAllowableChannelPublishingDefinitions(publisher);
if (!allowableCpds.containsValue(cpd)) {
logger.warn("User '" + publisher.getUserName() + "' attempted to administer the following portlet without the selected " + IPermission.PORTLET_MANAGER_SELECT_PORTLET_TYPE + " permission: " + form);
throw new SecurityException("Not Authorized");
}
}
// create the principal array from the form's principal list -- only principals with
// permissions
final Set<IGroupMember> subscribePrincipalSet = new HashSet<>(form.getPrincipals().size());
final Set<IGroupMember> browsePrincipalSet = new HashSet<>(form.getPrincipals().size());
final Set<IGroupMember> configurePrincipalSet = new HashSet<>(form.getPrincipals().size());
for (JsonEntityBean bean : form.getPrincipals()) {
final String subscribePerm = bean.getTypeAndIdHash() + "_" + IPermission.PORTLET_SUBSCRIBER_ACTIVITY;
final String browsePerm = bean.getTypeAndIdHash() + "_" + IPermission.PORTLET_BROWSE_ACTIVITY;
final String configurePerm = bean.getTypeAndIdHash() + "_" + IPermission.PORTLET_MODE_CONFIG;
final EntityEnum entityEnum = bean.getEntityType();
final IGroupMember principal = entityEnum.isGroup() ? (GroupService.findGroup(bean.getId())) : (GroupService.getGroupMember(bean.getId(), entityEnum.getClazz()));
if (form.getPermissions().contains(subscribePerm)) {
logger.info("In savePortletRegistration() - Found a subscribePerm for principal: {}", principal);
subscribePrincipalSet.add(principal);
}
if (form.getPermissions().contains(browsePerm)) {
logger.info("In savePortletRegistration() - Found a browsePerm for principal: {}", principal);
browsePrincipalSet.add(principal);
}
if (form.getPermissions().contains(configurePerm)) {
logger.info("In savePortletRegistration() - Found a configurePerm for principal: {}", principal);
configurePrincipalSet.add(principal);
}
}
// create the category list from the form's category bean list
List<PortletCategory> categories = new ArrayList<>();
for (JsonEntityBean category : form.getCategories()) {
String id = category.getId();
String iCatID = id.startsWith("cat") ? id.substring(3) : id;
categories.add(portletCategoryRegistry.getPortletCategory(iCatID));
}
final IPortletType portletType = portletTypeRegistry.getPortletType(form.getTypeId());
if (portletType == null) {
throw new IllegalArgumentException("No IPortletType exists for ID " + form.getTypeId());
}
IPortletDefinition portletDef;
if (form.getId() == null) {
portletDef = new PortletDefinitionImpl(portletType, form.getFname(), form.getName(), form.getTitle(), form.getApplicationId(), form.getPortletName(), form.isFramework());
} else {
portletDef = portletDefinitionRegistry.getPortletDefinition(form.getId());
portletDef.setType(portletType);
portletDef.setFName(form.getFname());
portletDef.setName(form.getName());
portletDef.setTitle(form.getTitle());
portletDef.getPortletDescriptorKey().setWebAppName(form.getApplicationId());
portletDef.getPortletDescriptorKey().setPortletName(form.getPortletName());
portletDef.getPortletDescriptorKey().setFrameworkPortlet(form.isFramework());
}
portletDef.setDescription(form.getDescription());
portletDef.setTimeout(form.getTimeout());
// portletDef reflect the state of the form, in case any have changed.
for (String key : form.getParameters().keySet()) {
String value = form.getParameters().get(key).getValue();
if (!StringUtils.isBlank(value)) {
portletDef.addParameter(key, value);
}
}
portletDef.addParameter(IPortletDefinition.EDITABLE_PARAM, Boolean.toString(form.isEditable()));
portletDef.addParameter(IPortletDefinition.CONFIGURABLE_PARAM, Boolean.toString(form.isConfigurable()));
portletDef.addParameter(IPortletDefinition.HAS_HELP_PARAM, Boolean.toString(form.isHasHelp()));
portletDef.addParameter(IPortletDefinition.HAS_ABOUT_PARAM, Boolean.toString(form.isHasAbout()));
// Now add portlet preferences
List<IPortletPreference> preferenceList = new ArrayList<>();
for (String key : form.getPortletPreferences().keySet()) {
List<String> prefValues = form.getPortletPreferences().get(key).getValue();
if (prefValues != null && prefValues.size() > 0) {
String[] values = prefValues.toArray(new String[prefValues.size()]);
BooleanAttribute readOnly = form.getPortletPreferenceReadOnly().get(key);
preferenceList.add(new PortletPreferenceImpl(key, readOnly.getValue(), values));
}
}
portletDef.setPortletPreferences(preferenceList);
// Lastly update the PortletDefinition's lifecycle state & lifecycle-related metadata
updateLifecycleState(form, portletDef, publisher);
// The final parameter of IGroupMembers is used to set the initial SUBSCRIBE permission set
portletPublishingService.savePortletDefinition(portletDef, publisher, categories, new ArrayList<>(subscribePrincipalSet));
// updatePermissions(portletDef, subscribePrincipalSet,
// IPermission.PORTLET_SUBSCRIBER_ACTIVITY);
updatePermissions(portletDef, browsePrincipalSet, IPermission.PORTAL_SUBSCRIBE, IPermission.PORTLET_BROWSE_ACTIVITY);
updatePermissions(portletDef, configurePrincipalSet, IPermission.PORTAL_PUBLISH, IPermission.PORTLET_MODE_CONFIG);
return this.createPortletDefinitionForm(publisher, portletDef.getPortletDefinitionId().getStringId());
}
Also used :
BooleanAttribute(org.apereo.portal.portlets.BooleanAttribute)
EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum)
IPortletPreference(org.apereo.portal.portlet.om.IPortletPreference)
ArrayList(java.util.ArrayList)
PortletPublishingDefinition(org.apereo.portal.portletpublishing.xml.PortletPublishingDefinition)
TreeSet(java.util.TreeSet)
PortletPreferenceImpl(org.apereo.portal.portlet.dao.jpa.PortletPreferenceImpl)
IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition)
PortletCategory(org.apereo.portal.portlet.om.PortletCategory)
HashSet(java.util.HashSet)
IGroupMember(org.apereo.portal.groups.IGroupMember)
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
IPortletType(org.apereo.portal.portlet.om.IPortletType)
PortletDefinitionImpl(org.apereo.portal.portlet.dao.jpa.PortletDefinitionImpl)
Example 15 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class PortletAdministrationHelper method addPrincipalPermissionsToForm.
/*
* Add to the form SUBSCRIBE, BROWSE, and CONFIGURE activity permissions, along with their principals,
* assigned to the portlet.
*/
private void addPrincipalPermissionsToForm(IPortletDefinition def, PortletDefinitionForm form) {
final String portletTargetId = PermissionHelper.permissionTargetIdForPortletDefinition(def);
final Set<JsonEntityBean> principalBeans = new HashSet<>();
Map<String, IPermissionManager> permManagers = new HashMap<>();
for (PortletPermissionsOnForm perm : PortletPermissionsOnForm.values()) {
if (!permManagers.containsKey(perm.getOwner())) {
permManagers.put(perm.getOwner(), authorizationService.newPermissionManager(perm.getOwner()));
}
final IPermissionManager pm = permManagers.get(perm.getOwner());
/* Obtain the principals that have permission for the activity on this portlet */
final IAuthorizationPrincipal[] principals = pm.getAuthorizedPrincipals(perm.getActivity(), portletTargetId);
for (IAuthorizationPrincipal principal : principals) {
JsonEntityBean principalBean;
// first assume this is a group
final IEntityGroup group = GroupService.findGroup(principal.getKey());
if (group != null) {
// principal is a group
principalBean = new JsonEntityBean(group, EntityEnum.GROUP);
} else {
// not a group, so it must be a person
final IGroupMember member = authorizationService.getGroupMember(principal);
principalBean = new JsonEntityBean(member, EntityEnum.PERSON);
// set the name
final String name = groupListHelper.lookupEntityName(principalBean);
principalBean.setName(name);
}
principalBeans.add(principalBean);
form.addPermission(principalBean.getTypeAndIdHash() + "_" + perm.getActivity());
}
}
form.setPrincipals(principalBeans, false);
}
Also used :
IPermissionManager(org.apereo.portal.security.IPermissionManager)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
HashMap(java.util.HashMap)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
HashSet(java.util.HashSet)
Aggregations
IGroupMember (org.apereo.portal.groups.IGroupMember)52
IEntityGroup (org.apereo.portal.groups.IEntityGroup)29
HashSet (java.util.HashSet)17
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)14
ArrayList (java.util.ArrayList)12
EntityIdentifier (org.apereo.portal.EntityIdentifier)12
EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)10
JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)9
IPermission (org.apereo.portal.security.IPermission)8
PortletCategory (org.apereo.portal.portlet.om.PortletCategory)7
GroupsException (org.apereo.portal.groups.GroupsException)6
HashMap (java.util.HashMap)4
IEntity (org.apereo.portal.groups.IEntity)4
ExternalPermissionDefinition (org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition)4
IPerson (org.apereo.portal.security.IPerson)4
Element (net.sf.ehcache.Element)3
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)3
AuthorizationServiceFacade (org.apereo.portal.services.AuthorizationServiceFacade)3
GcGetMembers (edu.internet2.middleware.grouperClient.api.GcGetMembers)2
WsGetMembersResults (edu.internet2.middleware.grouperClient.ws.beans.WsGetMembersResults)2
