Search in sources :

Example 6 with AuthorizationService

use of org.apereo.portal.services.AuthorizationService in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method removePortletDefinition.

@Transactional
@Override
public void removePortletDefinition(IPortletDefinition portletDefinition, IPerson person) {
    IPortletDefinition portletDef = portletDefinitionDao.getPortletDefinition(portletDefinition.getPortletDefinitionId());
    // Delete existing category memberships for this portlet
    String portletDefinitionId = portletDefinition.getPortletDefinitionId().getStringId();
    IEntity channelDefEntity = GroupService.getEntity(portletDefinitionId, IPortletDefinition.class);
    for (IEntityGroup group : channelDefEntity.getAncestorGroups()) {
        group.removeChild(channelDefEntity);
        group.update();
    }
    // Delete permissions records that refer to this portlet
    AuthorizationService authService = AuthorizationService.instance();
    String target = PermissionHelper.permissionTargetIdForPortletDefinition(portletDefinition);
    IUpdatingPermissionManager upm = authService.newUpdatingPermissionManager(IPermission.PORTAL_SUBSCRIBE);
    IPermission[] oldPermissions = upm.getPermissionsForTarget(target);
    upm.removePermissions(oldPermissions);
    // Delete any ratings (incl. reviews) associated with the portlet
    marketplaceRatingDao.clearRatingsForPortlet(portletDef);
    //Delete the portlet itself.
    portletDefinitionDao.deletePortletDefinition(portletDef);
}
Also used : IEntityGroup(org.apereo.portal.groups.IEntityGroup) IEntity(org.apereo.portal.groups.IEntity) AuthorizationService(org.apereo.portal.services.AuthorizationService) IPermission(org.apereo.portal.security.IPermission) IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition) IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager) Transactional(org.springframework.transaction.annotation.Transactional)

Example 7 with AuthorizationService

use of org.apereo.portal.services.AuthorizationService in project uPortal by Jasig.

the class ILFBuilder method constructILF.

public static Document constructILF(Document PLF, List<Document> sequence, IPerson person) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("Constructing ILF for IPerson='" + person + "'");
    }
    // first construct the destination document and root element. The root
    // element should be a complete copy of the PLF's root including its
    // node identifier in the new document. This requires the use of
    // the implementation class to set the identifier for that node
    // in the document.
    Document result = DocumentFactory.getThreadDocument();
    Element plfLayout = PLF.getDocumentElement();
    Element ilfLayout = (Element) result.importNode(plfLayout, false);
    result.appendChild(ilfLayout);
    Element plfRoot = (Element) plfLayout.getFirstChild();
    Element ilfRoot = (Element) result.importNode(plfRoot, false);
    ilfLayout.appendChild(ilfRoot);
    if (ilfRoot.getAttribute(Constants.ATT_ID) != null)
        ilfRoot.setIdAttribute(Constants.ATT_ID, true);
    // build the auth principal for determining if pushed channels can be
    // used by this user
    EntityIdentifier ei = person.getEntityIdentifier();
    AuthorizationService authS = AuthorizationService.instance();
    IAuthorizationPrincipal ap = authS.newPrincipal(ei.getKey(), ei.getType());
    for (final Document document : sequence) {
        mergeFragment(document, result, ap);
    }
    return result;
}
Also used : AuthorizationService(org.apereo.portal.services.AuthorizationService) Element(org.w3c.dom.Element) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) EntityIdentifier(org.apereo.portal.EntityIdentifier) Document(org.w3c.dom.Document)

Example 8 with AuthorizationService

use of org.apereo.portal.services.AuthorizationService in project uPortal by Jasig.

the class UpdatePreferencesServlet method getUserPrincipal.

protected IAuthorizationPrincipal getUserPrincipal(final String userName) {
    final IEntity user = GroupService.getEntity(userName, IPerson.class);
    if (user == null) {
        return null;
    }
    final AuthorizationService authService = AuthorizationService.instance();
    return authService.newPrincipal(user);
}
Also used : IEntity(org.apereo.portal.groups.IEntity) AuthorizationService(org.apereo.portal.services.AuthorizationService)

Example 9 with AuthorizationService

use of org.apereo.portal.services.AuthorizationService in project uPortal by Jasig.

the class PermissionAssignmentMapController method placeInHierarchy.

private void placeInHierarchy(Assignment a, List<Assignment> hierarchy, String owner, String activity, String target) {
    // Assertions.
    if (a == null) {
        String msg = "Argument 'a' [Assignment] cannot be null";
        throw new IllegalArgumentException(msg);
    }
    if (hierarchy == null) {
        String msg = "Argument 'hierarchy' cannot be null";
        throw new IllegalArgumentException(msg);
    }
    // is already in the hierarchy somewhere...
    for (Assignment root : hierarchy) {
        Assignment duplicate = root.findDecendentOrSelfIfExists(a.getPrincipal());
        if (duplicate != null) {
            return;
        }
    }
    // To proceed, we need to know about the containing
    // groups (if any) for this principal...
    IGroupMember member = null;
    EntityEnum entityEnum = a.getPrincipal().getEntityType();
    if (entityEnum.isGroup()) {
        member = GroupService.findGroup(a.getPrincipal().getId());
    } else {
        member = GroupService.getGroupMember(a.getPrincipal().getId(), entityEnum.getClazz());
    }
    AuthorizationService authService = AuthorizationService.instance();
    Iterator<?> it = GroupService.getCompositeGroupService().findParentGroups(member);
    if (it.hasNext()) {
        // This member must be nested within its parent(s)...
        while (it.hasNext()) {
            IEntityGroup group = (IEntityGroup) it.next();
            EntityEnum beanType = EntityEnum.getEntityEnum(group.getLeafType(), true);
            JsonEntityBean bean = new JsonEntityBean(group, beanType);
            Assignment parent = null;
            for (Assignment root : hierarchy) {
                parent = root.findDecendentOrSelfIfExists(bean);
                if (parent != null) {
                    // We found one...
                    parent.addChild(a);
                    break;
                }
            }
            if (parent == null) {
                // We weren't able to integrate this node into the existing
                // hierarchy;  we have to dig deeper, until we either (1)
                // find a match, or (2) reach a root;  type is INHERIT,
                // unless (by chance) there's something specified in an
                // entry on grantOrDenyMap.
                IAuthorizationPrincipal principal = authService.newPrincipal(group);
                Assignment.Type assignmentType = getAssignmentType(principal, owner, activity, target);
                parent = new Assignment(principal.getPrincipalString(), bean, assignmentType);
                parent.addChild(a);
                placeInHierarchy(parent, hierarchy, owner, activity, target);
            }
        }
    } else {
        // This member is a root...
        hierarchy.add(a);
    }
}
Also used : Assignment(org.apereo.portal.portlets.permissionsadmin.Assignment) IEntityGroup(org.apereo.portal.groups.IEntityGroup) IGroupMember(org.apereo.portal.groups.IGroupMember) EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum) JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean) IAuthorizationService(org.apereo.portal.security.IAuthorizationService) AuthorizationService(org.apereo.portal.services.AuthorizationService) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)

Example 10 with AuthorizationService

use of org.apereo.portal.services.AuthorizationService in project uPortal by Jasig.

the class PortletDefinitionImporterExporter method exportPermission.

private boolean exportPermission(IPortletDefinition def, ExternalPermissionDefinition permDef, List<String> groupList, List<String> userList) {
    final AuthorizationService authService = org.apereo.portal.services.AuthorizationService.instance();
    final IPermissionManager pm = authService.newPermissionManager(permDef.getSystem());
    final String portletTargetId = PermissionHelper.permissionTargetIdForPortletDefinition(def);
    final IAuthorizationPrincipal[] principals = pm.getAuthorizedPrincipals(permDef.getActivity(), portletTargetId);
    boolean permAdded = false;
    for (IAuthorizationPrincipal principal : principals) {
        IGroupMember member = authService.getGroupMember(principal);
        if (member.isGroup()) {
            final EntityNameFinderService entityNameFinderService = EntityNameFinderService.instance();
            final IEntityNameFinder nameFinder = entityNameFinderService.getNameFinder(member.getType());
            try {
                groupList.add(nameFinder.getName(member.getKey()));
                permAdded = true;
            } catch (Exception e) {
                throw new RuntimeException("Could not find group name for entity: " + member.getKey(), e);
            }
        } else {
            if (userList != null) {
                userList.add(member.getKey());
                permAdded = true;
            }
        }
    }
    Collections.sort(groupList);
    if (userList != null) {
        Collections.sort(userList);
    }
    return permAdded;
}
Also used : IPermissionManager(org.apereo.portal.security.IPermissionManager) IGroupMember(org.apereo.portal.groups.IGroupMember) IEntityNameFinder(org.apereo.portal.groups.IEntityNameFinder) AuthorizationService(org.apereo.portal.services.AuthorizationService) IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal) EntityNameFinderService(org.apereo.portal.services.EntityNameFinderService)

Aggregations

AuthorizationService (org.apereo.portal.services.AuthorizationService)12 IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)9 IEntity (org.apereo.portal.groups.IEntity)4 IEntityGroup (org.apereo.portal.groups.IEntityGroup)4 ArrayList (java.util.ArrayList)3 EntityIdentifier (org.apereo.portal.EntityIdentifier)3 IGroupMember (org.apereo.portal.groups.IGroupMember)3 IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)3 HashMap (java.util.HashMap)2 EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)2 IPermission (org.apereo.portal.security.IPermission)2 IPerson (org.apereo.portal.security.IPerson)2 IUpdatingPermissionManager (org.apereo.portal.security.IUpdatingPermissionManager)2 Collection (java.util.Collection)1 HashSet (java.util.HashSet)1 Locale (java.util.Locale)1 PortletMode (javax.portlet.PortletMode)1 AuthorizationException (org.apereo.portal.AuthorizationException)1 AggregatedGroupMapping (org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)1 PortletLayoutAggregation (org.apereo.portal.events.aggr.portletlayout.PortletLayoutAggregation)1