Search in sources :

Example 41 with JsonEntityBean

use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.

the class PermissionsListController method marshall.

/*
     * Private Stuff.
     */
private List<Map<String, String>> marshall(IPermission[] data) {
    // Assertions.
    if (data == null) {
        String msg = "Argument 'data' cannot be null";
        throw new IllegalArgumentException(msg);
    }
    List<Map<String, String>> rslt = new ArrayList<Map<String, String>>(data.length);
    for (IPermission p : data) {
        JsonEntityBean bean = getEntityBean(p.getPrincipal());
        Map<String, String> entry = new HashMap<String, String>();
        entry.put("owner", p.getOwner());
        entry.put("principalType", bean.getEntityTypeAsString());
        entry.put("principalName", bean.getName());
        entry.put("principalKey", p.getPrincipal());
        entry.put("activity", p.getActivity());
        entry.put("target", p.getTarget());
        entry.put("permissionType", p.getType());
        /*
             *  Attempt to find a name for this target through the permission
             *  target provider registry.  If none can be found, just use
             *  the target key.
             */
        String targetName = null;
        try {
            // attempt to get the target provider for this activity
            IPermissionActivity activity = permissionOwnerDao.getPermissionActivity(p.getOwner(), p.getActivity());
            entry.put("activityName", activity.getName());
            IPermissionOwner owner = permissionOwnerDao.getPermissionOwner(p.getOwner());
            entry.put("ownerName", owner.getName());
            String providerKey = activity.getTargetProviderKey();
            IPermissionTargetProvider provider = targetProviderRegistry.getTargetProvider(providerKey);
            // get the target from the provider
            IPermissionTarget target = provider.getTarget(p.getTarget());
            targetName = target.getName();
        } catch (RuntimeException e) {
            // likely a result of a null activity or provider
            log.trace("Failed to resolve target name", e);
        }
        if (targetName == null) {
            targetName = p.getTarget();
        }
        entry.put("targetName", targetName);
        rslt.add(entry);
    }
    return rslt;
}
Also used : IPermissionActivity(org.apereo.portal.permission.IPermissionActivity) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) IPermission(org.apereo.portal.security.IPermission) IPermissionTarget(org.apereo.portal.permission.target.IPermissionTarget) IPermissionTargetProvider(org.apereo.portal.permission.target.IPermissionTargetProvider) HashMap(java.util.HashMap) Map(java.util.Map) IPermissionOwner(org.apereo.portal.permission.IPermissionOwner)

Example 42 with JsonEntityBean

use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.

the class PermissionAdministrationHelper method getEntitiesForPrincipals.

public Set<JsonEntityBean> getEntitiesForPrincipals(Collection<String> principals) {
    Set<JsonEntityBean> entities = new HashSet<JsonEntityBean>();
    // add a permission for each member of the principals collection
    for (String principal : principals) {
        JsonEntityBean entity = groupListHelper.getEntityForPrincipal(principal);
        entities.add(entity);
    }
    return entities;
}
Also used : JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) HashSet(java.util.HashSet)

Example 43 with JsonEntityBean

use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.

the class PermissionAssignmentMapController method updatePermission.

@RequestMapping(value = "/updatePermission", method = RequestMethod.GET)
public ModelAndView updatePermission(@RequestParam("principal") String principal, @RequestParam("assignment") String assignment, @RequestParam("principals[]") String[] principals, @RequestParam("owner") String owner, @RequestParam("activity") String activity, @RequestParam("target") String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
    // ensure the current user is authorized to update and view permissions
    final IPerson currentUser = personManager.getPerson((HttpServletRequest) request);
    if (!permissionAdministrationHelper.canEditPermission(currentUser, target) || !permissionAdministrationHelper.canViewPermission(currentUser, target)) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return null;
    }
    JsonEntityBean bean = groupListHelper.getEntityForPrincipal(principal);
    if (bean != null) {
        IAuthorizationPrincipal p = groupListHelper.getPrincipalForEntity(bean);
        IPermission[] directPermissions = permissionStore.select(owner, p.getPrincipalString(), activity, target, null);
        this.authorizationService.removePermissions(directPermissions);
        assignment = assignment.toUpperCase();
        if (assignment.equals(Assignment.Type.GRANT.toString()) || assignment.equals(Assignment.Type.DENY.toString())) {
            IPermission permission = new PermissionImpl(owner);
            permission.setActivity(activity);
            permission.setPrincipal(bean.getPrincipalString());
            permission.setTarget(target);
            permission.setType(assignment);
            this.authorizationService.addPermissions(new IPermission[] { permission });
        }
    } else {
        log.warn("Unable to resolve the following principal (will " + "be omitted from the list of assignments):  " + principal);
    }
    return getOwners(principals, owner, activity, target, request, response);
}
Also used : IPerson(org.apereo.portal.security.IPerson) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) IPermission(org.apereo.portal.security.IPermission) PermissionImpl(org.apereo.portal.security.provider.PermissionImpl) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 44 with JsonEntityBean

use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.

the class PermissionAssignmentMapController method getOwners.

@RequestMapping(value = "/permissionAssignmentMap", method = RequestMethod.GET)
public ModelAndView getOwners(@RequestParam("principals[]") String[] principals, @RequestParam("owner") String owner, @RequestParam("activity") String activity, @RequestParam("target") String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
    // ensure the current user is authorized to view permissions
    final IPerson currentUser = personManager.getPerson((HttpServletRequest) request);
    if (!permissionAdministrationHelper.canViewPermission(currentUser, target)) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return null;
    }
    // Build the set of existing assignments
    List<Assignment> flatAssignmentsList = new ArrayList<Assignment>();
    for (String principal : principals) {
        JsonEntityBean bean = groupListHelper.getEntityForPrincipal(principal);
        if (bean != null) {
            IAuthorizationPrincipal p = groupListHelper.getPrincipalForEntity(bean);
            // first get the permissions explicitly set for this principal
            Assignment.Type type = getAssignmentType(p, owner, activity, target);
            flatAssignmentsList.add(new Assignment(principal, bean, type));
        } else {
            log.warn("Unable to resolve the following principal (will " + "be omitted from the list of assignments):  " + principal);
        }
    }
    List<Assignment> assignments = new ArrayList<Assignment>();
    for (Assignment a : flatAssignmentsList) {
        placeInHierarchy(a, assignments, owner, activity, target);
    }
    Map<String, Object> model = Collections.<String, Object>singletonMap("assignments", assignments);
    return new ModelAndView("jsonView", model);
}
Also used : Assignment(org.apereo.portal.portlets.permissionsadmin.Assignment) IPerson(org.apereo.portal.security.IPerson) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) ArrayList(java.util.ArrayList) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) ModelAndView(org.springframework.web.servlet.ModelAndView) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 45 with JsonEntityBean

use of org.apereo.portal.layout.dlm.remoting.JsonEntityBean in project uPortal by Jasig.

the class PortletAdministrationHelper method hasLifecyclePermission.

public boolean hasLifecyclePermission(IPerson person, PortletLifecycleState state, SortedSet<JsonEntityBean> categories) {
    EntityIdentifier ei = person.getEntityIdentifier();
    IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
    final String activity;
    switch(state) {
        case APPROVED:
            {
                activity = IPermission.PORTLET_MANAGER_APPROVED_ACTIVITY;
                break;
            }
        case CREATED:
            {
                activity = IPermission.PORTLET_MANAGER_CREATED_ACTIVITY;
                break;
            }
        case PUBLISHED:
            {
                activity = IPermission.PORTLET_MANAGER_ACTIVITY;
                break;
            }
        case EXPIRED:
            {
                activity = IPermission.PORTLET_MANAGER_EXPIRED_ACTIVITY;
                break;
            }
        case MAINTENANCE:
            {
                activity = IPermission.PORTLET_MANAGER_MAINTENANCE_ACTIVITY;
                break;
            }
        default:
            {
                throw new IllegalArgumentException("");
            }
    }
    if (ap.hasPermission(IPermission.PORTAL_PUBLISH, activity, IPermission.ALL_PORTLETS_TARGET)) {
        logger.debug("Found permission for category ALL_PORTLETS and lifecycle state " + state.toString());
        return true;
    }
    for (JsonEntityBean category : categories) {
        if (ap.canManage(state, category.getId())) {
            logger.debug("Found permission for category " + category.getName() + " and lifecycle state " + state.toString());
            return true;
        }
    }
    logger.debug("No permission for lifecycle state " + state.toString());
    return false;
}
Also used : JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) EntityIdentifier(org.apereo.portal.EntityIdentifier)

Aggregations

JsonEntityBean (org.apereo.portal.layout.dlm.remoting.JsonEntityBean)86 Test (org.junit.Test)53 EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)13 ModelAndView (org.springframework.web.servlet.ModelAndView)10 IEntityGroup (org.apereo.portal.groups.IEntityGroup)9 IGroupMember (org.apereo.portal.groups.IGroupMember)9 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)9 ArrayList (java.util.ArrayList)7 HashSet (java.util.HashSet)7 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)7 IPermission (org.apereo.portal.security.IPermission)4 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)4 List (java.util.List)3 IPermissionTarget (org.apereo.portal.permission.target.IPermissionTarget)3 PortletCategory (org.apereo.portal.portlet.om.PortletCategory)3 IPerson (org.apereo.portal.security.IPerson)3 Collection (java.util.Collection)2 HashMap (java.util.HashMap)2 GroupListHelperImpl (org.apereo.portal.layout.dlm.remoting.GroupListHelperImpl)2 IPermissionActivity (org.apereo.portal.permission.IPermissionActivity)2