Examples with IUpdatingPermissionManager org.apereo.portal.security.IUpdatingPermissionManager used on opensource projects

Search in sources :

Example 1 with IUpdatingPermissionManager

use of org.apereo.portal.security.IUpdatingPermissionManager in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method removePortletDefinition.

@Transactional
@Override
public void removePortletDefinition(IPortletDefinition portletDefinition, IPerson person) {
    IPortletDefinition portletDef = portletDefinitionDao.getPortletDefinition(portletDefinition.getPortletDefinitionId());
    // Delete existing category memberships for this portlet
    String portletDefinitionId = portletDefinition.getPortletDefinitionId().getStringId();
    IEntity channelDefEntity = GroupService.getEntity(portletDefinitionId, IPortletDefinition.class);
    for (IEntityGroup group : channelDefEntity.getAncestorGroups()) {
        group.removeChild(channelDefEntity);
        group.update();
    }
    // Delete permissions records that refer to this portlet
    AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
    String target = PermissionHelper.permissionTargetIdForPortletDefinition(portletDefinition);
    IUpdatingPermissionManager upm = authService.newUpdatingPermissionManager(IPermission.PORTAL_SUBSCRIBE);
    IPermission[] oldPermissions = upm.getPermissionsForTarget(target);
    upm.removePermissions(oldPermissions);
    // Delete any ratings (incl. reviews) associated with the portlet
    marketplaceRatingDao.clearRatingsForPortlet(portletDef);
    // Delete the portlet itself.
    portletDefinitionDao.deletePortletDefinition(portletDef);
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade) IEntity(org.apereo.portal.groups.IEntity) IPermission(org.apereo.portal.security.IPermission) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition) IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager) Transactional(org.springframework.transaction.annotation.Transactional)

Example 2 with IUpdatingPermissionManager

use of org.apereo.portal.security.IUpdatingPermissionManager in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method savePortletDefinition.

/**
     * Save a portlet definition.
     *
     * @param definition the portlet definition
     * @param publisher the person publishing the portlet
     * @param categories the list of categories for the portlet
     * @param permissionMap a map of permission name -> list of groups who are granted that
     *     permission (Note: for now, only grant is supported and only for the FRAMEWORK_OWNER perm
     *     manager)
     */
private IPortletDefinition savePortletDefinition(IPortletDefinition definition, IPerson publisher, List<PortletCategory> categories, Map<ExternalPermissionDefinition, Set<IGroupMember>> permissionMap) {
    boolean newChannel = (definition.getPortletDefinitionId() == null);
    // save the channel
    definition = portletDefinitionDao.savePortletDefinition(definition);
    definition = portletDefinitionDao.getPortletDefinitionByFname(definition.getFName());
    final String defId = definition.getPortletDefinitionId().getStringId();
    final IEntity portletDefEntity = GroupService.getEntity(defId, IPortletDefinition.class);
    //The groups service needs to deal with concurrent modification better.
    synchronized (this.groupUpdateLock) {
        // Delete existing category memberships for this channel
        if (!newChannel) {
            for (IEntityGroup group : portletDefEntity.getAncestorGroups()) {
                group.removeChild(portletDefEntity);
                group.update();
            }
        }
        // For each category ID, add channel to category
        for (PortletCategory category : categories) {
            final IEntityGroup categoryGroup = GroupService.findGroup(category.getId());
            categoryGroup.addChild(portletDefEntity);
            categoryGroup.updateMembers();
        }
        // Set groups
        final AuthorizationService authService = AuthorizationService.instance();
        final String target = PermissionHelper.permissionTargetIdForPortletDefinition(definition);
        // Loop over the affected permission managers...
        Map<String, Collection<ExternalPermissionDefinition>> permissionsBySystem = getPermissionsBySystem(permissionMap.keySet());
        for (String system : permissionsBySystem.keySet()) {
            Collection<ExternalPermissionDefinition> systemPerms = permissionsBySystem.get(system);
            // get the permission manager for this system...
            final IUpdatingPermissionManager upm = authService.newUpdatingPermissionManager(system);
            final List<IPermission> permissions = new ArrayList<>();
            // add activity grants for each permission..
            for (ExternalPermissionDefinition permissionDef : systemPerms) {
                Set<IGroupMember> members = permissionMap.get(permissionDef);
                for (final IGroupMember member : members) {
                    final IAuthorizationPrincipal authPrincipal = authService.newPrincipal(member);
                    final IPermission permEntity = upm.newPermission(authPrincipal);
                    permEntity.setType(IPermission.PERMISSION_TYPE_GRANT);
                    permEntity.setActivity(permissionDef.getActivity());
                    permEntity.setTarget(target);
                    permissions.add(permEntity);
                }
            }
            // If modifying the channel, remove the existing permissions before adding the new ones
            if (!newChannel) {
                for (ExternalPermissionDefinition permissionName : permissionMap.keySet()) {
                    IPermission[] oldPermissions = upm.getPermissions(permissionName.getActivity(), target);
                    upm.removePermissions(oldPermissions);
                }
            }
            upm.addPermissions(permissions.toArray(new IPermission[permissions.size()]));
        }
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Portlet " + defId + " has been " + (newChannel ? "published" : "modified") + ".");
    }
    return definition;
}
Also used : IEntity(org.apereo.portal.groups.IEntity) ArrayList(java.util.ArrayList) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) AuthorizationService(org.apereo.portal.services.AuthorizationService) IPermission(org.apereo.portal.security.IPermission) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) Collection(java.util.Collection) ExternalPermissionDefinition(org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition) PortletCategory(org.apereo.portal.portlet.om.PortletCategory) IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager)

Example 3 with IUpdatingPermissionManager

use of org.apereo.portal.security.IUpdatingPermissionManager in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method savePortletDefinition.

/**
 * Save a portlet definition.
 *
 * @param definition the portlet definition
 * @param categories the list of categories for the portlet
 * @param permissionMap a map of permission name -> list of groups who are granted that
 *     permission (Note: for now, only grant is supported and only for the FRAMEWORK_OWNER perm
 *     manager)
 */
private IPortletDefinition savePortletDefinition(IPortletDefinition definition, List<PortletCategory> categories, Map<ExternalPermissionDefinition, Set<IGroupMember>> permissionMap) {
    boolean newChannel = (definition.getPortletDefinitionId() == null);
    // save the channel
    definition = portletDefinitionDao.savePortletDefinition(definition);
    definition = portletDefinitionDao.getPortletDefinitionByFname(definition.getFName());
    final String defId = definition.getPortletDefinitionId().getStringId();
    final IEntity portletDefEntity = GroupService.getEntity(defId, IPortletDefinition.class);
    // The groups service needs to deal with concurrent modification better.
    synchronized (this.groupUpdateLock) {
        // Delete existing category memberships for this channel
        if (!newChannel) {
            for (IEntityGroup group : portletDefEntity.getAncestorGroups()) {
                group.removeChild(portletDefEntity);
                group.update();
            }
        }
        // For each category ID, add channel to category
        for (PortletCategory category : categories) {
            final IEntityGroup categoryGroup = GroupService.findGroup(category.getId());
            categoryGroup.addChild(portletDefEntity);
            categoryGroup.updateMembers();
        }
        // Set groups
        final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
        final String target = PermissionHelper.permissionTargetIdForPortletDefinition(definition);
        // Loop over the affected permission managers...
        Map<String, Collection<ExternalPermissionDefinition>> permissionsBySystem = getPermissionsBySystem(permissionMap.keySet());
        for (String system : permissionsBySystem.keySet()) {
            Collection<ExternalPermissionDefinition> systemPerms = permissionsBySystem.get(system);
            // get the permission manager for this system...
            final IUpdatingPermissionManager upm = authService.newUpdatingPermissionManager(system);
            final List<IPermission> permissions = new ArrayList<>();
            // add activity grants for each permission..
            for (ExternalPermissionDefinition permissionDef : systemPerms) {
                Set<IGroupMember> members = permissionMap.get(permissionDef);
                for (final IGroupMember member : members) {
                    final IAuthorizationPrincipal authPrincipal = authService.newPrincipal(member);
                    final IPermission permEntity = upm.newPermission(authPrincipal);
                    permEntity.setType(IPermission.PERMISSION_TYPE_GRANT);
                    permEntity.setActivity(permissionDef.getActivity());
                    permEntity.setTarget(target);
                    permissions.add(permEntity);
                }
            }
            // ones
            if (!newChannel) {
                for (ExternalPermissionDefinition permissionName : permissionMap.keySet()) {
                    IPermission[] oldPermissions = upm.getPermissions(permissionName.getActivity(), target);
                    upm.removePermissions(oldPermissions);
                }
            }
            upm.addPermissions(permissions.toArray(new IPermission[permissions.size()]));
        }
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Portlet " + defId + " has been " + (newChannel ? "published" : "modified") + ".");
    }
    return definition;
}
Also used : IEntity(org.apereo.portal.groups.IEntity) ArrayList(java.util.ArrayList) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade) IPermission(org.apereo.portal.security.IPermission) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) Collection(java.util.Collection) ExternalPermissionDefinition(org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition) PortletCategory(org.apereo.portal.portlet.om.PortletCategory) IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager)

Example 4 with IUpdatingPermissionManager

use of org.apereo.portal.security.IUpdatingPermissionManager in project uPortal by Jasig.

the class PortletAdministrationHelper method updatePermissions.

/*
     * Update permissions for a given owner, activity, and portlet definition combination. Adds new principals' permissions passed in and removes
     * principals' permissions if not in the list for the given activity.
     */
private void updatePermissions(IPortletDefinition def, Set<IGroupMember> newPrincipals, String owner, String activity) {
    final String portletTargetId = PermissionHelper.permissionTargetIdForPortletDefinition(def);
    final IUpdatingPermissionManager pm = authorizationService.newUpdatingPermissionManager(owner);
    /* Create the new permissions array */
    final List<IPermission> newPermissions = new ArrayList<>();
    for (final IGroupMember newPrincipal : newPrincipals) {
        final IAuthorizationPrincipal authorizationPrincipal = authorizationService.newPrincipal(newPrincipal);
        final IPermission permission = pm.newPermission(authorizationPrincipal);
        permission.setType(IPermission.PERMISSION_TYPE_GRANT);
        permission.setActivity(activity);
        permission.setTarget(portletTargetId);
        newPermissions.add(permission);
        logger.trace("In updatePermissions() - adding a new permission of: {}", permission);
    }
    /* Remove former permissions for this portlet / activity */
    final IPermission[] oldPermissions = pm.getPermissions(activity, portletTargetId);
    pm.removePermissions(oldPermissions);
    /* Add the new permissions */
    pm.addPermissions(newPermissions.toArray(new IPermission[newPermissions.size()]));
}
Also used : IGroupMember(org.apereo.portal.groups.IGroupMember) IPermission(org.apereo.portal.security.IPermission) ArrayList(java.util.ArrayList) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager)

Aggregations

IPermission (org.apereo.portal.security.IPermission)4 IUpdatingPermissionManager (org.apereo.portal.security.IUpdatingPermissionManager)4 ArrayList (java.util.ArrayList)3 IEntity (org.apereo.portal.groups.IEntity)3 IEntityGroup (org.apereo.portal.groups.IEntityGroup)3 IGroupMember (org.apereo.portal.groups.IGroupMember)3 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)3 Collection (java.util.Collection)2 ExternalPermissionDefinition (org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition)2 PortletCategory (org.apereo.portal.portlet.om.PortletCategory)2 AuthorizationServiceFacade (org.apereo.portal.services.AuthorizationServiceFacade)2 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)1 AuthorizationService (org.apereo.portal.services.AuthorizationService)1 Transactional (org.springframework.transaction.annotation.Transactional)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial