use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.
the class JsonEntityBeanTest method testHashCode.
@Test
public void testHashCode() {
Mockito.when(groupMember.getKey()).thenReturn("");
JsonEntityBean jeb1 = buildBeanFromEntityGroup();
jeb1.setChildrenInitialized(true);
JsonEntityBean jeb2 = buildBeanFromEntityGroup();
jeb2.setChildrenInitialized(true);
assertEquals(jeb1.hashCode(), jeb2.hashCode());
}
use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.
the class PrincipalsRESTController method getPrincipals.
/**
* Return a JSON view of the uPortal principals matching the supplied query string.
*
* @param query
* @param request
* @param response
* @return
* @throws Exception
*/
@PreAuthorize("hasPermission('ALL', 'java.lang.String', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping(value = "/permissions/principals.json", method = RequestMethod.GET)
public ModelAndView getPrincipals(@RequestParam(value = "q") String query, HttpServletRequest request, HttpServletResponse response) throws Exception {
/*
* Add groups and people matching the search query to the JSON model
*/
ModelAndView mv = new ModelAndView();
List<JsonEntityBean> groups = new ArrayList<JsonEntityBean>();
groups.addAll(listHelper.search(EntityEnum.GROUP.toString(), query));
Collections.sort(groups);
mv.addObject("groups", groups);
List<JsonEntityBean> people = new ArrayList<JsonEntityBean>();
people.addAll(listHelper.search(EntityEnum.PERSON.toString(), query));
Collections.sort(people);
mv.addObject("people", people);
mv.setViewName("json");
return mv;
}
use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.
the class PermissionsRESTController method getAssignmentsForEntity.
@PreAuthorize("(#entityType == 'person' and #id == authentication.name) or hasPermission('ALL', 'java.lang.String', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/{entityType}/{id}.json")
public ModelAndView getAssignmentsForEntity(@PathVariable("entityType") String entityType, @PathVariable("id") String id, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
JsonEntityBean entity = groupListHelper.getEntity(entityType, id, false);
List<JsonPermission> permissions = getPermissionsForEntity(entity, includeInherited);
ModelAndView mv = new ModelAndView();
mv.addObject("assignments", permissions);
mv.setViewName("json");
return mv;
}
use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.
the class PermissionsRESTController method getAssignmentsOnTarget.
@PreAuthorize("hasPermission('ALL', 'java.lang.String', new org.apereo.portal.spring.security.evaluator.AuthorizableActivity('UP_PERMISSIONS', 'VIEW_PERMISSIONS'))")
@RequestMapping("/assignments/target/{target}.json")
public ModelAndView getAssignmentsOnTarget(@PathVariable("target") String target, @RequestParam(value = "includeInherited", required = false) boolean includeInherited, HttpServletRequest request, HttpServletResponse response) {
Set<UniquePermission> directAssignments = new HashSet<UniquePermission>();
// first get the permissions explicitly set for this principal
IPermission[] directPermissions = permissionStore.select(null, null, null, target, null);
for (IPermission permission : directPermissions) {
directAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), false));
}
JsonEntityBean entity = groupListHelper.getEntityForPrincipal(target);
Set<UniquePermission> inheritedAssignments = new HashSet<UniquePermission>();
List<JsonPermission> permissions = new ArrayList<JsonPermission>();
if (entity != null) {
IAuthorizationPrincipal p = this.authorizationService.newPrincipal(entity.getId(), entity.getEntityType().getClazz());
if (includeInherited) {
IGroupMember member = GroupService.getGroupMember(p.getKey(), p.getType());
for (IEntityGroup parent : member.getAncestorGroups()) {
IAuthorizationPrincipal parentPrincipal = this.authorizationService.newPrincipal(parent);
IPermission[] parentPermissions = permissionStore.select(null, null, null, parentPrincipal.getKey(), null);
for (IPermission permission : parentPermissions) {
inheritedAssignments.add(new UniquePermission(permission.getOwner(), permission.getActivity(), permission.getPrincipal(), true));
}
}
}
for (UniquePermission permission : directAssignments) {
JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
Class<?> clazz;
EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
if (entityType.isGroup()) {
clazz = IEntityGroup.class;
} else {
clazz = entityType.getClazz();
}
IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
permissions.add(getPermissionOnTarget(permission, entity));
}
}
for (UniquePermission permission : inheritedAssignments) {
JsonEntityBean e = groupListHelper.getEntityForPrincipal(permission.getIdentifier());
Class<?> clazz;
EntityEnum entityType = EntityEnum.getEntityEnum(e.getEntityTypeAsString());
if (entityType.isGroup()) {
clazz = IEntityGroup.class;
} else {
clazz = entityType.getClazz();
}
IAuthorizationPrincipal principal = this.authorizationService.newPrincipal(e.getId(), clazz);
if (principal.hasPermission(permission.getOwner(), permission.getActivity(), p.getKey())) {
permissions.add(getPermissionOnTarget(permission, entity));
}
}
Collections.sort(permissions);
}
ModelAndView mv = new ModelAndView();
mv.addObject("assignments", permissions);
mv.setViewName("json");
return mv;
}
use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.
the class PermissionAssignmentMapController method deletePermission.
/**
* Deletes a specific permission
*
* @param principal
* @param assignment
* @param owner
* @param activity
* @param target
* @param request
* @param response
* @throws Exception
*/
@RequestMapping(value = "/deletePermission", method = RequestMethod.POST)
public void deletePermission(@RequestParam("principal") String principal, @RequestParam("owner") String owner, @RequestParam("activity") String activity, @RequestParam("target") String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
// ensure the current user is authorized to update and view permissions
final IPerson currentUser = personManager.getPerson((HttpServletRequest) request);
if (!permissionAdministrationHelper.canEditPermission(currentUser, target) || !permissionAdministrationHelper.canViewPermission(currentUser, target)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
JsonEntityBean bean = groupListHelper.getEntityForPrincipal(principal);
if (bean != null) {
IAuthorizationPrincipal p = groupListHelper.getPrincipalForEntity(bean);
IPermission[] directPermissions = permissionStore.select(owner, p.getPrincipalString(), activity, target, null);
this.authorizationService.removePermissions(directPermissions);
} else {
log.warn("Unable to resolve the following principal (will " + "be omitted from the list of assignments): " + principal);
}
response.setStatus(HttpServletResponse.SC_OK);
return;
}
Aggregations