Examples with IAuthorizationPrincipal org.apereo.portal.security.IAuthorizationPrincipal used on opensource projects

Example 71 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class PortletsRESTController method getAuthorizationPrincipal.

/*
     * Implementation
     */
private IAuthorizationPrincipal getAuthorizationPrincipal(HttpServletRequest req) {
    IPerson user = personManager.getPerson(req);
    EntityIdentifier ei = user.getEntityIdentifier();
    IAuthorizationPrincipal rslt = AuthorizationServiceFacade.instance().newPrincipal(ei.getKey(), ei.getType());
    return rslt;
}

Example 72 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class PortletsRESTController method getPortlet.

/**
 * Provides information about a single portlet in the registry. NOTE: Access to this API enpoint
 * requires only <code>IPermission.PORTAL_SUBSCRIBE</code> permission.
 */
@RequestMapping(value = "/portlet/{fname}.json", method = RequestMethod.GET)
public ModelAndView getPortlet(HttpServletRequest request, HttpServletResponse response, @PathVariable String fname) throws Exception {
    IAuthorizationPrincipal ap = getAuthorizationPrincipal(request);
    IPortletDefinition portletDef = portletDefinitionRegistry.getPortletDefinitionByFname(fname);
    if (portletDef != null && ap.canRender(portletDef.getPortletDefinitionId().getStringId())) {
        LayoutPortlet portlet = new LayoutPortlet(portletDef);
        return new ModelAndView("json", "portlet", portlet);
    } else {
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return new ModelAndView("json");
    }
}

Example 73 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class PortletsRESTController method getManageablePortlets.

/**
 * Provides information about all portlets in the portlet registry. NOTE: The response is
 * governed by the <code>IPermission.PORTLET_MANAGER_xyz</code> series of permissions. The
 * actual level of permission required is based on the current lifecycle state of the portlet.
 */
@RequestMapping(value = "/portlets.json", method = RequestMethod.GET)
public ModelAndView getManageablePortlets(HttpServletRequest request, HttpServletResponse response) throws Exception {
    // get a list of all channels
    List<IPortletDefinition> allPortlets = portletDefinitionRegistry.getAllPortletDefinitions();
    IAuthorizationPrincipal ap = getAuthorizationPrincipal(request);
    List<PortletTuple> rslt = new ArrayList<PortletTuple>();
    for (IPortletDefinition pdef : allPortlets) {
        if (ap.canManage(pdef.getPortletDefinitionId().getStringId())) {
            rslt.add(new PortletTuple(pdef));
        }
    }
    return new ModelAndView("json", "portlets", rslt);
}

Example 74 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class PermissionAssignmentMapController method placeInHierarchy.

private void placeInHierarchy(Assignment a, List<Assignment> hierarchy, String owner, String activity, String target) {
    // Assertions.
    if (a == null) {
        String msg = "Argument 'a' [Assignment] cannot be null";
        throw new IllegalArgumentException(msg);
    }
    if (hierarchy == null) {
        String msg = "Argument 'hierarchy' cannot be null";
        throw new IllegalArgumentException(msg);
    }
    // is already in the hierarchy somewhere...
    for (Assignment root : hierarchy) {
        Assignment duplicate = root.findDecendentOrSelfIfExists(a.getPrincipal());
        if (duplicate != null) {
            return;
        }
    }
    // To proceed, we need to know about the containing
    // groups (if any) for this principal...
    IGroupMember member = null;
    EntityEnum entityEnum = a.getPrincipal().getEntityType();
    if (entityEnum.isGroup()) {
        member = GroupService.findGroup(a.getPrincipal().getId());
    } else {
        member = GroupService.getGroupMember(a.getPrincipal().getId(), entityEnum.getClazz());
    }
    AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
    Iterator<?> it = GroupService.getCompositeGroupService().findParentGroups(member);
    if (it.hasNext()) {
        // This member must be nested within its parent(s)...
        while (it.hasNext()) {
            IEntityGroup group = (IEntityGroup) it.next();
            EntityEnum beanType = EntityEnum.getEntityEnum(group.getLeafType(), true);
            JsonEntityBean bean = new JsonEntityBean(group, beanType);
            Assignment parent = null;
            for (Assignment root : hierarchy) {
                parent = root.findDecendentOrSelfIfExists(bean);
                if (parent != null) {
                    // We found one...
                    parent.addChild(a);
                    break;
                }
            }
            if (parent == null) {
                // We weren't able to integrate this node into the existing
                // hierarchy;  we have to dig deeper, until we either (1)
                // find a match, or (2) reach a root;  type is INHERIT,
                // unless (by chance) there's something specified in an
                // entry on grantOrDenyMap.
                IAuthorizationPrincipal principal = authService.newPrincipal(group);
                Assignment.Type assignmentType = getAssignmentType(principal, owner, activity, target);
                parent = new Assignment(principal.getPrincipalString(), bean, assignmentType);
                parent.addChild(a);
                placeInHierarchy(parent, hierarchy, owner, activity, target);
            }
        }
    } else {
        // This member is a root...
        hierarchy.add(a);
    }
}

Example 75 with IAuthorizationPrincipal

use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method exportPermission.

private boolean exportPermission(IPortletDefinition def, ExternalPermissionDefinition permDef, List<String> groupList, List<String> userList) {
    final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
    final IPermissionManager pm = authService.newPermissionManager(permDef.getSystem());
    final String portletTargetId = PermissionHelper.permissionTargetIdForPortletDefinition(def);
    final IAuthorizationPrincipal[] principals = pm.getAuthorizedPrincipals(permDef.getActivity(), portletTargetId);
    boolean permAdded = false;
    for (IAuthorizationPrincipal principal : principals) {
        IGroupMember member = authService.getGroupMember(principal);
        if (member.isGroup()) {
            final EntityNameFinderService entityNameFinderService = EntityNameFinderService.instance();
            final IEntityNameFinder nameFinder = entityNameFinderService.getNameFinder(member.getType());
            try {
                groupList.add(nameFinder.getName(member.getKey()));
                permAdded = true;
            } catch (Exception e) {
                throw new RuntimeException("Could not find group name for entity: " + member.getKey(), e);
            }
        } else {
            if (userList != null) {
                userList.add(member.getKey());
                permAdded = true;
            }
        }
    }
    Collections.sort(groupList);
    if (userList != null) {
        Collections.sort(userList);
    }
    return permAdded;
}