use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class ChannelListController method getRegistryOriginal.
/*
* Private methods that support the original (pre-4.3) version of the API
*/
/**
* Gathers and organizes the response based on the specified rootCategory and the permissions of
* the specified user.
*/
private Map<String, SortedSet<?>> getRegistryOriginal(WebRequest request, IPerson user) {
/*
* This collection of all the portlets in the portal is for the sake of
* tracking which ones are uncategorized.
*/
Set<IPortletDefinition> portletsNotYetCategorized = new HashSet<IPortletDefinition>(portletDefinitionRegistry.getAllPortletDefinitions());
// construct a new channel registry
Map<String, SortedSet<?>> rslt = new TreeMap<String, SortedSet<?>>();
SortedSet<ChannelCategoryBean> categories = new TreeSet<ChannelCategoryBean>();
// add the root category and all its children to the registry
final PortletCategory rootCategory = portletCategoryRegistry.getTopLevelPortletCategory();
final Locale locale = getUserLocale(user);
categories.add(prepareCategoryBean(request, rootCategory, portletsNotYetCategorized, user, locale));
/*
* uPortal historically has provided for a convention that portlets not in any category
* may potentially be viewed by users but may not be subscribed to.
*
* As of uPortal 4.2, the logic below now takes any portlets the user has BROWSE access to
* that have not already been identified as belonging to a category and adds them to a category
* called Uncategorized.
*/
EntityIdentifier ei = user.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
// construct a new channel category bean for this category
String uncategorizedString = messageSource.getMessage(UNCATEGORIZED, new Object[] {}, locale);
ChannelCategoryBean uncategorizedPortletsBean = new ChannelCategoryBean(new PortletCategory(uncategorizedString));
uncategorizedPortletsBean.setName(UNCATEGORIZED);
uncategorizedPortletsBean.setDescription(messageSource.getMessage(UNCATEGORIZED_DESC, new Object[] {}, locale));
for (IPortletDefinition portlet : portletsNotYetCategorized) {
if (authorizationService.canPrincipalBrowse(ap, portlet)) {
// construct a new channel bean from this channel
ChannelBean channel = getChannel(portlet, request, locale);
uncategorizedPortletsBean.addChannel(channel);
}
}
// Add even if no portlets in category
categories.add(uncategorizedPortletsBean);
rslt.put("categories", categories);
return rslt;
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class ChannelListController method prepareCategoryBean.
private ChannelCategoryBean prepareCategoryBean(WebRequest request, PortletCategory category, Set<IPortletDefinition> portletsNotYetCategorized, IPerson user, Locale locale) {
// construct a new channel category bean for this category
ChannelCategoryBean categoryBean = new ChannelCategoryBean(category);
categoryBean.setName(messageSource.getMessage(category.getName(), new Object[] {}, locale));
// add the direct child channels for this category
Set<IPortletDefinition> portlets = portletCategoryRegistry.getChildPortlets(category);
EntityIdentifier ei = user.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
for (IPortletDefinition portlet : portlets) {
if (authorizationService.canPrincipalBrowse(ap, portlet)) {
// construct a new channel bean from this channel
ChannelBean channel = getChannel(portlet, request, locale);
categoryBean.addChannel(channel);
}
/*
* Remove the portlet from the uncategorized collection;
* note -- this approach will not prevent portlets from
* appearing in multiple categories (as appropriate).
*/
portletsNotYetCategorized.remove(portlet);
}
/* Now add child categories. */
for (PortletCategory childCategory : this.portletCategoryRegistry.getChildCategories(category)) {
ChannelCategoryBean childCategoryBean = prepareCategoryBean(request, childCategory, portletsNotYetCategorized, user, locale);
categoryBean.addCategory(childCategoryBean);
}
return categoryBean;
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class ChannelListController method getRegistry43.
/*
* Private methods that support the 4.3 version of the API
*/
/**
* Gathers and organizes the response based on the specified rootCategory and the permissions of
* the specified user.
*/
private Map<String, SortedSet<?>> getRegistry43(WebRequest request, IPerson user, PortletCategory rootCategory, boolean includeUncategorized) {
/*
* This collection of all the portlets in the portal is for the sake of
* tracking which ones are uncategorized. They will be added to the
* output if includeUncategorized=true.
*/
Set<IPortletDefinition> portletsNotYetCategorized = includeUncategorized ? new HashSet<IPortletDefinition>(portletDefinitionRegistry.getAllPortletDefinitions()) : new HashSet<// Not necessary to fetch them if we're not tracking them
IPortletDefinition>();
// construct a new channel registry
Map<String, SortedSet<?>> rslt = new TreeMap<String, SortedSet<?>>();
SortedSet<PortletCategoryBean> categories = new TreeSet<PortletCategoryBean>();
// add the root category and all its children to the registry
final Locale locale = getUserLocale(user);
categories.add(preparePortletCategoryBean(request, rootCategory, portletsNotYetCategorized, user, locale));
if (includeUncategorized) {
/*
* uPortal historically has provided for a convention that portlets not in any category
* may potentially be viewed by users but may not be subscribed to.
*
* As of uPortal 4.2, the logic below now takes any portlets the user has BROWSE access to
* that have not already been identified as belonging to a category and adds them to a category
* called Uncategorized.
*/
EntityIdentifier ei = user.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
Set<PortletDefinitionBean> marketplacePortlets = new HashSet<>();
for (IPortletDefinition portlet : portletsNotYetCategorized) {
if (authorizationService.canPrincipalBrowse(ap, portlet)) {
PortletDefinitionBean pdb = preparePortletDefinitionBean(request, portlet, locale);
marketplacePortlets.add(pdb);
}
}
// construct a new channel category bean for this category
final String uncName = messageSource.getMessage(UNCATEGORIZED, new Object[] {}, locale);
final String uncDescription = messageSource.getMessage(UNCATEGORIZED_DESC, new Object[] {}, locale);
PortletCategory pc = new PortletCategory(// Use of this String for Id matches earlier version of API
uncName);
pc.setName(uncName);
pc.setDescription(uncDescription);
PortletCategoryBean unc = PortletCategoryBean.fromPortletCategory(pc, null, marketplacePortlets);
// Add even if no portlets in category
categories.add(unc);
}
rslt.put("categories", categories);
return rslt;
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class GroupAdministrationHelper method canViewGroup.
public boolean canViewGroup(IPerson currentUser, String target) {
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
return (ap.hasPermission(IPermission.PORTAL_GROUPS, IPermission.VIEW_GROUP_ACTIVITY, target));
}
use of org.apereo.portal.security.IAuthorizationPrincipal in project uPortal by Jasig.
the class UserAccountHelper method canDeleteUser.
public boolean canDeleteUser(IPerson currentUser, String target) {
// first check to see if this is a local user
if (!isLocalAccount(target)) {
return false;
}
EntityIdentifier ei = currentUser.getEntityIdentifier();
IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
// TODO create new user editing permission
return (ap.hasPermission("UP_USERS", "DELETE_USER", target));
}
Aggregations