Examples with IPermissionOwner org.apereo.portal.permission.IPermissionOwner used on opensource projects

Example 11 with IPermissionOwner

use of org.apereo.portal.permission.IPermissionOwner in project uPortal by Jasig.

the class AuthorizationImpl method doesPrincipalHavePermission.

/**
     * Answers if the owner has given the principal permission to perform the activity on the
     * target, as evaluated by the policy. Params <code>policy</code>, <code>owner</code> and <code>
     * activity</code> must be non-null.
     *
     * @return boolean
     * @param principal IAuthorizationPrincipal
     * @param owner java.lang.String
     * @param activity java.lang.String
     * @param target java.lang.String
     * @exception AuthorizationException indicates authorization information could not be retrieved.
     */
@Override
@RequestCache
public boolean doesPrincipalHavePermission(IAuthorizationPrincipal principal, String owner, String activity, String target, IPermissionPolicy policy) throws AuthorizationException {
    final CacheKeyBuilder<Serializable, Serializable> cacheKeyBuilder = CacheKey.builder(AuthorizationImpl.class.getName());
    final String username = principal.getKey();
    if (IPerson.class.equals(principal.getType())) {
        cacheKeyBuilder.addTag(UsernameTaggedCacheEntryPurger.createCacheEntryTag(username));
    }
    cacheKeyBuilder.addAll(policy.getClass(), username, principal.getType(), owner, activity, target);
    final CacheKey key = cacheKeyBuilder.build();
    final Element element = this.doesPrincipalHavePermissionCache.get(key);
    if (element != null) {
        return (Boolean) element.getValue();
    }
    /*
         * Convert to (strongly-typed) Java objects based on interfaces in
         * o.j.p.permission before we make the actual check with IPermissionPolicy;
         * parameters that communicate something of the nature of the things they
         * represent helps us make the check(s) more intelligently.  This objects
         * were retro-fitted to IPermissionPolicy in uP 4.3;  perhaps we should do
         * the same to IAuthorizationService itself?
         */
    final IPermissionOwner ipOwner = permissionOwnerDao.getPermissionOwner(owner);
    final IPermissionActivity ipActivity = permissionOwnerDao.getPermissionActivity(owner, activity);
    if (ipActivity == null) {
        // Means needed data is missing;  much clearer than NPE
        String msg = "The following activity is not defined for owner '" + owner + "':  " + activity;
        throw new RuntimeException(msg);
    }
    final IPermissionTargetProvider targetProvider = targetProviderRegistry.getTargetProvider(ipActivity.getTargetProviderKey());
    final IPermissionTarget ipTarget = targetProvider.getTarget(target);
    final boolean doesPrincipalHavePermission = policy.doesPrincipalHavePermission(this, principal, ipOwner, ipActivity, ipTarget);
    this.doesPrincipalHavePermissionCache.put(new Element(key, doesPrincipalHavePermission));
    return doesPrincipalHavePermission;
}

Example 12 with IPermissionOwner

use of org.apereo.portal.permission.IPermissionOwner in project uPortal by Jasig.

the class PortletPermissionsCachePrimer method primeCache.

public void primeCache() {
    if (executor.getActiveCount() != 0) {
        log.warn("Skipping this run becasue there are active threads in the executor, signifying the previous run is not complete");
        return;
    }
    log.info("STARTING PortletPermissionsCachePrimer.primeCache()...");
    final long timestamp = System.currentTimeMillis();
    /*
         * This task is pretty effort-intensive and may take in excess of a
         * minute to run in a single thread.  Going to use a divide-and-conquer
         * approach.
         */
    final Map<NodeWalker, Future<NodeWalkerReport>> futures = new HashMap<>();
    final IEntityGroup rootGroup = GroupService.getRootGroup(IPerson.class);
    for (Map.Entry<String, Set<String>> y : permissionsMap.entrySet()) {
        final IPermissionOwner owner = permissionOwnerDao.getPermissionOwner(y.getKey());
        for (String s : y.getValue()) {
            final IPermissionActivity activity = permissionOwnerDao.getPermissionActivity(y.getKey(), s);
            final IPermissionTargetProvider targetProvider = targetProviderRegistry.getTargetProvider(activity.getTargetProviderKey());
            final NodeWalker walker = new NodeWalker(rootGroup, owner, activity, targetProvider);
            final Future<NodeWalkerReport> future = this.executor.submit(walker);
            futures.put(walker, future);
        }
    }
    int totalCombinations = 0;
    for (Map.Entry<NodeWalker, Future<NodeWalkerReport>> y : futures.entrySet()) {
        try {
            final NodeWalkerReport report = y.getValue().get();
            totalCombinations += report.getCombinationCount();
            log.debug("NodeWalker '{}' processed {} combinations in {}ms", y.getKey(), report.getCombinationCount(), report.getDuration());
        } catch (InterruptedException | ExecutionException e) {
            log.error("NodeWalker '{}' failed", y.getKey());
        }
    }
    log.info("COMPLETED PortletPermissionsCachePrimer.primeCache();  processed {} total combinations in {}ms", totalCombinations, Long.toString(System.currentTimeMillis() - timestamp));
}