use of org.apereo.portal.security.provider.PermissionImpl in project uPortal by Jasig.
the class PermissionAssignmentMapController method updatePermission.
@RequestMapping(value = "/updatePermission", method = RequestMethod.GET)
public ModelAndView updatePermission(@RequestParam("principal") String principal, @RequestParam("assignment") String assignment, @RequestParam("principals[]") String[] principals, @RequestParam("owner") String owner, @RequestParam("activity") String activity, @RequestParam("target") String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
// ensure the current user is authorized to update and view permissions
final IPerson currentUser = personManager.getPerson((HttpServletRequest) request);
if (!permissionAdministrationHelper.canEditPermission(currentUser, target) || !permissionAdministrationHelper.canViewPermission(currentUser, target)) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return null;
}
JsonEntityBean bean = groupListHelper.getEntityForPrincipal(principal);
if (bean != null) {
IAuthorizationPrincipal p = groupListHelper.getPrincipalForEntity(bean);
IPermission[] directPermissions = permissionStore.select(owner, p.getPrincipalString(), activity, target, null);
this.authorizationService.removePermissions(directPermissions);
assignment = assignment.toUpperCase();
if (assignment.equals(Assignment.Type.GRANT.toString()) || assignment.equals(Assignment.Type.DENY.toString())) {
IPermission permission = new PermissionImpl(owner);
permission.setActivity(activity);
permission.setPrincipal(bean.getPrincipalString());
permission.setTarget(target);
permission.setType(assignment);
this.authorizationService.addPermissions(new IPermission[] { permission });
}
} else {
log.warn("Unable to resolve the following principal (will " + "be omitted from the list of assignments): " + principal);
}
return getOwners(principals, owner, activity, target, request, response);
}
Aggregations