Examples with IPerson org.apereo.portal.security.IPerson used on opensource projects

Example 56 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class AttributeSwapperHelperImpl method resetAttributes.

/* (non-Javadoc)
     * @see org.apereo.portal.portlets.swapper.IAttributeSwapperHelper#resetAttributes(java.lang.String)
     */
@Override
public void resetAttributes(ExternalContext externalContext) {
    final Principal currentUser = externalContext.getCurrentUser();
    final String uid = currentUser.getName();
    this.logger.warn("User '" + uid + "' reseting to default attributes");
    // Remove the person directory override
    this.portalRootPersonAttributeDao.removeUserAttributeOverride(uid);
    // Remove the IPerson attribute override, bit of a hack as we really just remove all
    // overrides
    // then re-add all attributes from person directory
    final PortletRequest portletRequest = (PortletRequest) externalContext.getNativeRequest();
    final HttpServletRequest portalRequest = this.portalRequestUtils.getPortletHttpRequest(portletRequest);
    final IPerson person = this.personManager.getPerson(portalRequest);
    final Set<String> overriddenAttributes = (Set<String>) person.getAttribute(OVERRIDDEN_ATTRIBUTES);
    if (overriddenAttributes != null) {
        person.setAttribute(OVERRIDDEN_ATTRIBUTES, null);
        for (final String attribute : overriddenAttributes) {
            person.setAttribute(attribute, null);
        }
    }
    final IPersonAttributes originalUserAttributes = this.getOriginalUserAttributes(uid);
    final Map<String, List<Object>> attributes = originalUserAttributes.getAttributes();
    person.setAttributes(attributes);
}

Example 57 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class AttributeSwapperHelperImpl method swapAttributes.

/* (non-Javadoc)
     * @see org.apereo.portal.portlets.swapper.IAttributeSwapperHelper#swapAttributes(org.springframework.webflow.context.ExternalContext, org.apereo.portal.portlets.swapper.AttributeSwapRequest)
     */
@Override
public void swapAttributes(ExternalContext externalContext, AttributeSwapRequest attributeSwapRequest) {
    // Collate the swap request into a single overrides map
    final Map<String, Object> attributes = new HashMap<String, Object>();
    final Map<String, Attribute> currentAttributes = attributeSwapRequest.getCurrentAttributes();
    this.copyAttributes(attributes, currentAttributes);
    final Map<String, Attribute> attributesToCopy = attributeSwapRequest.getAttributesToCopy();
    this.copyAttributes(attributes, attributesToCopy);
    final Principal currentUser = externalContext.getCurrentUser();
    final String uid = currentUser.getName();
    final IPersonAttributes originalUserAttributes = this.getOriginalUserAttributes(uid);
    // Filter out unchanged attributes
    for (final Iterator<Map.Entry<String, Object>> overrideAttrEntryItr = attributes.entrySet().iterator(); overrideAttrEntryItr.hasNext(); ) {
        final Entry<String, Object> overrideAttrEntry = overrideAttrEntryItr.next();
        final String attribute = overrideAttrEntry.getKey();
        final Object originalValue = originalUserAttributes.getAttributeValue(attribute);
        final Object overrideValue = overrideAttrEntry.getValue();
        if (originalValue == overrideValue || (originalValue != null && originalValue.equals(overrideValue))) {
            overrideAttrEntryItr.remove();
        }
    }
    final PortletRequest portletRequest = (PortletRequest) externalContext.getNativeRequest();
    final PortletPreferences preferences = portletRequest.getPreferences();
    final String[] configuredAttributes = preferences.getValues(ATTRIBUTE_SWAPPER_ATTRIBUTES_FORM_SWAPPABLE_ATTRIBUTES, null);
    final String[] excludedAttributes = preferences.getValues(ATTRIBUTE_SWAPPER_ATTRIBUTES_FORM_SWAPPABLE_ATTRIBUTES_EXCLUDES, null);
    // Calculate the Set of attributes that are OK to be swapped
    final Set<String> allowedAttributes = new LinkedHashSet<String>();
    if (configuredAttributes != null) {
        allowedAttributes.addAll(Arrays.asList(configuredAttributes));
    } else {
        allowedAttributes.addAll(attributes.keySet());
    }
    if (excludedAttributes != null) {
        allowedAttributes.removeAll(Arrays.asList(excludedAttributes));
    }
    // Filter the attributes map
    for (final Iterator<String> attributeItr = attributes.keySet().iterator(); attributeItr.hasNext(); ) {
        final String attribute = attributeItr.next();
        if (!allowedAttributes.contains(attribute)) {
            attributeItr.remove();
            this.logger.warn("User '" + uid + "' attempted overriding attribute '" + attribute + "' which is not allowed in the current configuration. The attribute will be ignored.");
        }
    }
    this.logger.warn("User '" + uid + "' setting attribute overrides: " + attributes);
    // Override attributes retrieved the person directory
    this.portalRootPersonAttributeDao.setUserAttributeOverride(uid, attributes);
    // Update the IPerson, setting the overridden attributes
    final HttpServletRequest portalRequest = this.portalRequestUtils.getPortletHttpRequest(portletRequest);
    final IPerson person = this.personManager.getPerson(portalRequest);
    final Map<String, List<Object>> multivaluedAttributes = MultivaluedPersonAttributeUtils.toMultivaluedMap(attributes);
    person.setAttributes(multivaluedAttributes);
    person.setAttribute(OVERRIDDEN_ATTRIBUTES, multivaluedAttributes.keySet());
}

Example 58 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class UserLocaleHelper method updateUserLocale.

/**
 * Update the current user's locale to match the selected locale. This implementation will
 * update the session locale, and if the user is not a guest, will also update the locale in the
 * user's persisted preferences.
 *
 * @param request
 * @param localeString
 */
public void updateUserLocale(HttpServletRequest request, String localeString) {
    IUserInstance ui = userInstanceManager.getUserInstance(request);
    IUserPreferencesManager upm = ui.getPreferencesManager();
    final IUserProfile userProfile = upm.getUserProfile();
    LocaleManager localeManager = userProfile.getLocaleManager();
    if (localeString != null) {
        // build a new List<Locale> from the specified locale
        Locale userLocale = localeManagerFactory.parseLocale(localeString);
        List<Locale> locales = Collections.singletonList(userLocale);
        // set this locale in the session
        localeManager.setSessionLocales(locales);
        // if the current user is logged in, also update the persisted
        // user locale
        final IPerson person = ui.getPerson();
        if (!person.isGuest()) {
            try {
                localeManager.setUserLocales(Collections.singletonList(userLocale));
                localeStore.updateUserLocales(person, new Locale[] { userLocale });
                // remove person layout framgent from session since it contains some of the data
                // in previous
                // translation and won't be cleared until next logout-login (applies when using
                // RDBMDistributedLayoutStore as user layout store).
                person.setAttribute(Constants.PLF, null);
                upm.getUserLayoutManager().loadUserLayout(true);
            } catch (Exception e) {
                throw new PortalException(e);
            }
        }
    }
}

Example 59 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PermissionAssignmentMapController method deletePermission.

/**
 * Deletes a specific permission
 *
 * @param principal
 * @param assignment
 * @param owner
 * @param activity
 * @param target
 * @param request
 * @param response
 * @throws Exception
 */
@RequestMapping(value = "/deletePermission", method = RequestMethod.POST)
public void deletePermission(@RequestParam("principal") String principal, @RequestParam("owner") String owner, @RequestParam("activity") String activity, @RequestParam("target") String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
    // ensure the current user is authorized to update and view permissions
    final IPerson currentUser = personManager.getPerson((HttpServletRequest) request);
    if (!permissionAdministrationHelper.canEditPermission(currentUser, target) || !permissionAdministrationHelper.canViewPermission(currentUser, target)) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return;
    }
    JsonEntityBean bean = groupListHelper.getEntityForPrincipal(principal);
    if (bean != null) {
        IAuthorizationPrincipal p = groupListHelper.getPrincipalForEntity(bean);
        IPermission[] directPermissions = permissionStore.select(owner, p.getPrincipalString(), activity, target, null);
        this.authorizationService.removePermissions(directPermissions);
    } else {
        log.warn("Unable to resolve the following principal (will " + "be omitted from the list of assignments):  " + principal);
    }
    response.setStatus(HttpServletResponse.SC_OK);
    return;
}

Example 60 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PersonalizationFilter method doFilter.

@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
    final HttpServletRequest request = (HttpServletRequest) req;
    final HttpServletResponse response = (HttpServletResponse) resp;
    log.debug("In PersonalizationFilter after the filterChain");
    if (!enableFilter) {
        log.debug("PersonalizationFilter is disabled - skipping.");
        filterChain.doFilter(req, resp);
        return;
    }
    if (!request.getMethod().equals(HttpMethod.GET.name())) {
        log.debug("Not a GET request - skipping the filter. Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
        filterChain.doFilter(req, resp);
        return;
    }
    // Capture the response
    SimpleCharacterResponseWrapper wrapper = new SimpleCharacterResponseWrapper(response);
    filterChain.doFilter(req, wrapper);
    PrintWriter responseWriter = response.getWriter();
    if ((wrapper != null) && (wrapper.getContentType() != null) && wrapper.getContentType().contains("application/json")) {
        final IPerson person = this.personManager.getPerson(request);
        if (person == null) {
            log.warn("Person not found in Person Manager.  Not applying the personalization filter. Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
            writeToResponse(response, responseWriter, wrapper.toString());
            return;
        }
        String originalContent = wrapper.toString();
        if (originalContent == null) {
            log.debug("Original content is null. Not applying the personalization filter. Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
            return;
        }
        final String personalizedContent = personalizer.personalize(person, originalContent, request.getSession());
        if (originalContent.equals(personalizedContent)) {
            log.debug("No personalization made to the content. Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
        } else {
            log.debug("Personalized the content! Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
        }
        writeToResponse(response, responseWriter, personalizedContent);
    } else {
        log.info("REST API response is not JSON - not applying the personalization filter. Request URL: [{}] {}", request.getMethod(), request.getRequestURI());
    }
    log.debug("Finished with PersonalizationFilter");
}