Example 21 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class AuthorizationHeaderProvider method createHeader.
@Override
public Header createHeader(RenderRequest renderRequest, RenderResponse renderResponse) {
// Username
final String username = getUsername(renderRequest);
// Attributes
final Map<String, List<String>> attributes = new HashMap<>();
final IPersonAttributes person = personAttributeDao.getPerson(username);
if (person != null) {
for (Entry<String, List<Object>> y : person.getAttributes().entrySet()) {
final List<String> values = new ArrayList<>();
for (Object value : y.getValue()) {
if (value instanceof String) {
values.add((String) value);
}
}
attributes.put(y.getKey(), values);
}
}
logger.debug("Found the following user attributes for username='{}': {}", username, attributes);
// Groups
final List<String> groups = new ArrayList<>();
final IGroupMember groupMember = GroupService.getGroupMember(username, IPerson.class);
if (groupMember != null) {
Set<IEntityGroup> ancestors = groupMember.getAncestorGroups();
for (IEntityGroup g : ancestors) {
groups.add(g.getName());
}
}
logger.debug("Found the following group affiliations for username='{}': {}", username, groups);
// Expiration of the Bearer token
final PortletSession portletSession = renderRequest.getPortletSession();
final Date expires = new Date(portletSession.getLastAccessedTime() + ((long) portletSession.getMaxInactiveInterval() * 1000L));
// Authorization header
final Bearer bearer = bearerService.createBearer(username, attributes, groups, expires);
final Header rslt = new BasicHeader(Headers.AUTHORIZATION.getName(), Headers.BEARER_TOKEN_PREFIX + bearer.getEncryptedToken());
logger.debug("Produced the following Authorization header for username='{}': {}", username, rslt);
return rslt;
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Date(java.util.Date)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
IPersonAttributes(org.apereo.services.persondir.IPersonAttributes)
PortletSession(javax.portlet.PortletSession)
Header(org.apache.http.Header)
BasicHeader(org.apache.http.message.BasicHeader)
ArrayList(java.util.ArrayList)
List(java.util.List)
Bearer(org.apereo.portal.soffit.model.v1_0.Bearer)
BasicHeader(org.apache.http.message.BasicHeader)
Example 22 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class PortalHttpServletRequestWrapper method isUserInRole.
/**
* Determines whether or not the user is in the given role. The wrapped request is consulted
* first then the {@link GroupService} is used to determine if a group exists for the specified
* role and if the user is a member of it.
*
* <p>Role is case sensitive.
*
* @see
* org.apereo.portal.utils.web.AbstractHttpServletRequestWrapper#isUserInRole(java.lang.String)
*/
@Override
public boolean isUserInRole(String role) {
if (super.getSession(false) == null) {
return super.isUserInRole(role);
}
// Check the wrapped request first
final boolean isUserInRole = super.isUserInRole(role);
if (isUserInRole) {
return true;
}
// Find the group for the role, if not found return false
IEntityGroup groupForRole = GroupService.findGroup(role);
if (groupForRole == null) {
final EntityIdentifier[] results = GroupService.searchForGroups(role, GroupService.SearchMethod.DISCRETE, IPerson.class);
if (results == null || results.length == 0) {
return false;
}
if (results.length > 1) {
this.logger.warn(results.length + " groups were found for role '" + role + "'. The first result will be used.");
}
IGroupMember member = GroupService.getGroupMember(results[0]);
if (member == null || !member.isGroup()) {
return false;
}
groupForRole = member.asGroup();
}
// Load the group information about the current user
final IUserInstance userInstance = this.userInstanceManager.getUserInstance(this.getWrappedRequest());
final IPerson person = userInstance.getPerson();
final EntityIdentifier personEntityId = person.getEntityIdentifier();
final IGroupMember personGroupMember = GroupService.getGroupMember(personEntityId);
final boolean rslt = personGroupMember.isDeepMemberOf(groupForRole);
logger.trace("Answering {} for isUserInRole where user='{}', role='{}', and groupForRole='{}'", rslt, person.getUserName(), role, groupForRole.getName());
return rslt;
}
Also used :
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IUserInstance(org.apereo.portal.user.IUserInstance)
IGroupMember(org.apereo.portal.groups.IGroupMember)
IPerson(org.apereo.portal.security.IPerson)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
Example 23 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class EntityService method populateChildren.
private Entity populateChildren(Entity entity, Iterator<IGroupMember> children) {
while (children.hasNext()) {
IGroupMember member = children.next();
// add the entity bean to the list of children
Entity entityChild = getEntity(member);
entity.addChild(entityChild);
}
// mark this entity bean as having had it's child list initialized
entity.setChildrenInitialized(true);
return entity;
}
Also used :
IGroupMember(org.apereo.portal.groups.IGroupMember)
Example 24 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class UserAccountHelper method getParentGroups.
public List<JsonEntityBean> getParentGroups(String target) {
IGroupMember member = GroupService.getEntity(target, IPerson.class);
List<JsonEntityBean> parents = new ArrayList<>();
for (IEntityGroup ancestor : member.getAncestorGroups()) {
parents.add(groupListHelper.getEntity(ancestor));
}
Collections.sort(parents);
return parents;
}
Also used :
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
ArrayList(java.util.ArrayList)
Example 25 with IGroupMember
use of org.apereo.portal.groups.IGroupMember in project uPortal by Jasig.
the class GrouperEntityGroupStore method findMemberGroups.
@SuppressWarnings("unchecked")
public Iterator findMemberGroups(IEntityGroup group) throws GroupsException {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Searching for group-type members of group with key: " + group.getKey());
}
try {
if (!validKey(group.getLocalKey())) {
return Collections.<IEntityGroup>emptyList().iterator();
}
GcGetMembers gcGetMembers = new GcGetMembers();
gcGetMembers.addGroupName(group.getLocalKey());
gcGetMembers.assignIncludeSubjectDetail(true);
gcGetMembers.addSourceId("g:gsa");
WsGetMembersResults results = gcGetMembers.execute();
if (results == null || results.getResults() == null || results.getResults().length == 0 || results.getResults()[0].getWsSubjects() == null) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("No group-type members found for group with key " + group.getKey());
}
return Collections.<IEntityGroup>emptyList().iterator();
}
final List<IEntityGroup> members = new ArrayList<IEntityGroup>();
WsSubject[] subjects = results.getResults()[0].getWsSubjects();
for (WsSubject wsSubject : subjects) {
if (validKey(wsSubject.getName())) {
WsGroup wsGroup = findGroupFromKey(wsSubject.getName());
if (wsGroup != null) {
IEntityGroup member = createUportalGroupFromGrouperGroup(wsGroup);
members.add(member);
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("found IEntityGroup member: " + member);
}
}
}
}
return members.iterator();
} catch (Exception e) {
LOGGER.warn("Exception while attempting to retrieve " + "member groups of group with key " + group.getKey() + " from Grouper web services: " + e.getMessage());
return Collections.<IGroupMember>emptyList().iterator();
}
}
Also used :
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
ArrayList(java.util.ArrayList)
WsGroup(edu.internet2.middleware.grouperClient.ws.beans.WsGroup)
WsSubject(edu.internet2.middleware.grouperClient.ws.beans.WsSubject)
GcGetMembers(edu.internet2.middleware.grouperClient.api.GcGetMembers)
WsGetMembersResults(edu.internet2.middleware.grouperClient.ws.beans.WsGetMembersResults)
GroupsException(org.apereo.portal.groups.GroupsException)
Aggregations
IGroupMember (org.apereo.portal.groups.IGroupMember)52
IEntityGroup (org.apereo.portal.groups.IEntityGroup)29
HashSet (java.util.HashSet)17
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)14
ArrayList (java.util.ArrayList)12
EntityIdentifier (org.apereo.portal.EntityIdentifier)12
EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)10
JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)9
IPermission (org.apereo.portal.security.IPermission)8
PortletCategory (org.apereo.portal.portlet.om.PortletCategory)7
GroupsException (org.apereo.portal.groups.GroupsException)6
HashMap (java.util.HashMap)4
IEntity (org.apereo.portal.groups.IEntity)4
ExternalPermissionDefinition (org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition)4
IPerson (org.apereo.portal.security.IPerson)4
Element (net.sf.ehcache.Element)3
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)3
AuthorizationServiceFacade (org.apereo.portal.services.AuthorizationServiceFacade)3
GcGetMembers (edu.internet2.middleware.grouperClient.api.GcGetMembers)2
WsGetMembersResults (edu.internet2.middleware.grouperClient.ws.beans.WsGetMembersResults)2
