use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class EntityServiceTest method testGetPrincipalForEntity.
@Test
public void testGetPrincipalForEntity() {
IAuthorizationPrincipal returnString = entityService.getPrincipalForEntity(null);
Assert.assertNull(returnString);
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class ChannelListController method preparePortletCategoryBean.
private PortletCategoryBean preparePortletCategoryBean(WebRequest req, PortletCategory category, Set<IPortletDefinition> portletsNotYetCategorized, IPerson user, Locale locale) {
/* Prepare child categories. */
Set<PortletCategoryBean> subcategories = new HashSet<>();
for (PortletCategory childCategory : this.portletCategoryRegistry.getChildCategories(category)) {
PortletCategoryBean childBean = preparePortletCategoryBean(req, childCategory, portletsNotYetCategorized, user, locale);
subcategories.add(childBean);
}
// add the direct child channels for this category
Set<IPortletDefinition> portlets = portletCategoryRegistry.getChildPortlets(category);
EntityIdentifier ei = user.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
Set<PortletDefinitionBean> marketplacePortlets = new HashSet<>();
for (IPortletDefinition portlet : portlets) {
if (authorizationService.canPrincipalBrowse(ap, portlet)) {
PortletDefinitionBean pdb = preparePortletDefinitionBean(req, portlet, locale);
marketplacePortlets.add(pdb);
}
/*
* Remove the portlet from the uncategorized collection;
* note -- this approach will not prevent portlets from
* appearing in multiple categories (as appropriate).
*/
portletsNotYetCategorized.remove(portlet);
}
// construct a new portlet category bean for this category
PortletCategoryBean categoryBean = PortletCategoryBean.fromPortletCategory(category, subcategories, marketplacePortlets);
categoryBean.setName(messageSource.getMessage(category.getName(), new Object[] {}, locale));
return categoryBean;
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class UpdatePreferencesServlet method addFavorite.
@RequestMapping(method = RequestMethod.POST, params = "action=addFavorite")
public ModelAndView addFavorite(@RequestParam String channelId, HttpServletRequest request, HttpServletResponse response) throws IOException {
final IUserInstance ui = userInstanceManager.getUserInstance(request);
final IPerson person = getPerson(ui, response);
final IPortletDefinition pdef = portletDefinitionRegistry.getPortletDefinition(channelId);
final Locale locale = RequestContextUtils.getLocale(request);
final IAuthorizationPrincipal authPrincipal = this.getUserPrincipal(person.getUserName());
final String targetString = PermissionHelper.permissionTargetIdForPortletDefinition(pdef);
if (!authPrincipal.hasPermission(IPermission.PORTAL_SYSTEM, IPermission.PORTLET_FAVORITE_ACTIVITY, targetString)) {
logger.warn("Unauthorized attempt to favorite portlet '{}' through the REST API by user '{}'", pdef.getFName(), person.getUserName());
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return new ModelAndView("jsonView", Collections.singletonMap("response", getMessage("error.favorite.not.permitted", "Favorite not permitted", locale)));
}
final UserPreferencesManager upm = (UserPreferencesManager) ui.getPreferencesManager();
final IUserLayoutManager ulm = upm.getUserLayoutManager();
final IUserLayoutChannelDescription channel = new UserLayoutChannelDescription(pdef);
// get favorite tab
final String favoriteTabNodeId = FavoritesUtils.getFavoriteTabNodeId(ulm.getUserLayout());
if (favoriteTabNodeId != null) {
// add portlet to favorite tab
final IUserLayoutNodeDescription node = addNodeToTab(ulm, channel, favoriteTabNodeId);
if (node == null) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return new ModelAndView("jsonView", Collections.singletonMap("response", getMessage("error.add.portlet.in.tab", "Can''t add a new favorite", locale)));
}
try {
// save the user's layout
ulm.saveUserLayout();
} catch (PortalException e) {
return handlePersistError(request, response, e);
}
// document success for notifications
final Map<String, String> model = new HashMap<>();
final String channelTitle = channel.getTitle();
model.put("response", getMessage("favorites.added.favorite", channelTitle, "Added " + channelTitle + " as a favorite.", locale));
model.put("newNodeId", node.getId());
return new ModelAndView("jsonView", model);
} else {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
return new ModelAndView("jsonView", Collections.singletonMap("response", getMessage("error.finding.favorite.tab", "Can''t find favorite tab", locale)));
}
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class PermissionAdministrationHelper method canEditOwner.
public boolean canEditOwner(IPerson currentUser, String owner) {
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
return (ap.hasPermission(IPermission.PORTAL_PERMISSIONS, IPermission.EDIT_PERMISSIONS_ACTIVITY, IPermission.ALL_TARGET));
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class ImportExportController method importEntity.
@RequestMapping(value = "/import", method = RequestMethod.POST)
public void importEntity(@RequestParam("file") MultipartFile entityFile, HttpServletRequest request, HttpServletResponse response) throws IOException, XMLStreamException {
// Get a StAX reader for the source to determine info about the data to import
final BufferedXMLEventReader bufferedXmlEventReader = createSourceXmlEventReader(entityFile);
final PortalDataKey portalDataKey = getPortalDataKey(bufferedXmlEventReader);
final IPerson person = personManager.getPerson(request);
final EntityIdentifier ei = person.getEntityIdentifier();
final IAuthorizationPrincipal ap = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
if (!ap.hasPermission("UP_SYSTEM", "IMPORT_ENTITY", portalDataKey.getName().getLocalPart())) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
portalDataHandlerService.importData(new StAXSource(bufferedXmlEventReader));
response.setStatus(HttpServletResponse.SC_OK);
}
Aggregations