Example 6 with AuthorizationServiceFacade
use of org.apereo.portal.services.AuthorizationServiceFacade in project uPortal by Jasig.
the class UpdatePreferencesServlet method getUserPrincipal.
private IAuthorizationPrincipal getUserPrincipal(final String userName) {
final IEntity user = GroupService.getEntity(userName, IPerson.class);
if (user == null) {
return null;
}
final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
return authService.newPrincipal(user);
}
Also used :
AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade)
IEntity(org.apereo.portal.groups.IEntity)
Example 7 with AuthorizationServiceFacade
use of org.apereo.portal.services.AuthorizationServiceFacade in project uPortal by Jasig.
the class PermissionAssignmentMapController method placeInHierarchy.
private void placeInHierarchy(Assignment a, List<Assignment> hierarchy, String owner, String activity, String target) {
// Assertions.
if (a == null) {
String msg = "Argument 'a' [Assignment] cannot be null";
throw new IllegalArgumentException(msg);
}
if (hierarchy == null) {
String msg = "Argument 'hierarchy' cannot be null";
throw new IllegalArgumentException(msg);
}
// is already in the hierarchy somewhere...
for (Assignment root : hierarchy) {
Assignment duplicate = root.findDecendentOrSelfIfExists(a.getPrincipal());
if (duplicate != null) {
return;
}
}
// To proceed, we need to know about the containing
// groups (if any) for this principal...
IGroupMember member = null;
EntityEnum entityEnum = a.getPrincipal().getEntityType();
if (entityEnum.isGroup()) {
member = GroupService.findGroup(a.getPrincipal().getId());
} else {
member = GroupService.getGroupMember(a.getPrincipal().getId(), entityEnum.getClazz());
}
AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
Iterator<?> it = GroupService.getCompositeGroupService().findParentGroups(member);
if (it.hasNext()) {
// This member must be nested within its parent(s)...
while (it.hasNext()) {
IEntityGroup group = (IEntityGroup) it.next();
EntityEnum beanType = EntityEnum.getEntityEnum(group.getLeafType(), true);
JsonEntityBean bean = new JsonEntityBean(group, beanType);
Assignment parent = null;
for (Assignment root : hierarchy) {
parent = root.findDecendentOrSelfIfExists(bean);
if (parent != null) {
// We found one...
parent.addChild(a);
break;
}
}
if (parent == null) {
// We weren't able to integrate this node into the existing
// hierarchy; we have to dig deeper, until we either (1)
// find a match, or (2) reach a root; type is INHERIT,
// unless (by chance) there's something specified in an
// entry on grantOrDenyMap.
IAuthorizationPrincipal principal = authService.newPrincipal(group);
Assignment.Type assignmentType = getAssignmentType(principal, owner, activity, target);
parent = new Assignment(principal.getPrincipalString(), bean, assignmentType);
parent.addChild(a);
placeInHierarchy(parent, hierarchy, owner, activity, target);
}
}
} else {
// This member is a root...
hierarchy.add(a);
}
}
Also used :
Assignment(org.apereo.portal.portlets.permissionsadmin.Assignment)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
EntityEnum(org.apereo.portal.portlets.groupselector.EntityEnum)
JsonEntityBean(org.apereo.portal.layout.dlm.remoting.JsonEntityBean)
AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
Example 8 with AuthorizationServiceFacade
use of org.apereo.portal.services.AuthorizationServiceFacade in project uPortal by Jasig.
the class PortletDefinitionImporterExporter method exportPermission.
private boolean exportPermission(IPortletDefinition def, ExternalPermissionDefinition permDef, List<String> groupList, List<String> userList) {
final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
final IPermissionManager pm = authService.newPermissionManager(permDef.getSystem());
final String portletTargetId = PermissionHelper.permissionTargetIdForPortletDefinition(def);
final IAuthorizationPrincipal[] principals = pm.getAuthorizedPrincipals(permDef.getActivity(), portletTargetId);
boolean permAdded = false;
for (IAuthorizationPrincipal principal : principals) {
IGroupMember member = authService.getGroupMember(principal);
if (member.isGroup()) {
final EntityNameFinderService entityNameFinderService = EntityNameFinderService.instance();
final IEntityNameFinder nameFinder = entityNameFinderService.getNameFinder(member.getType());
try {
groupList.add(nameFinder.getName(member.getKey()));
permAdded = true;
} catch (Exception e) {
throw new RuntimeException("Could not find group name for entity: " + member.getKey(), e);
}
} else {
if (userList != null) {
userList.add(member.getKey());
permAdded = true;
}
}
}
Collections.sort(groupList);
if (userList != null) {
Collections.sort(userList);
}
return permAdded;
}
Also used :
IPermissionManager(org.apereo.portal.security.IPermissionManager)
IGroupMember(org.apereo.portal.groups.IGroupMember)
IEntityNameFinder(org.apereo.portal.groups.IEntityNameFinder)
AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
EntityNameFinderService(org.apereo.portal.services.EntityNameFinderService)
Example 9 with AuthorizationServiceFacade
use of org.apereo.portal.services.AuthorizationServiceFacade in project uPortal by Jasig.
the class PortletDefinitionImporterExporter method savePortletDefinition.
/**
* Save a portlet definition.
*
* @param definition the portlet definition
* @param categories the list of categories for the portlet
* @param permissionMap a map of permission name -> list of groups who are granted that
* permission (Note: for now, only grant is supported and only for the FRAMEWORK_OWNER perm
* manager)
*/
private IPortletDefinition savePortletDefinition(IPortletDefinition definition, List<PortletCategory> categories, Map<ExternalPermissionDefinition, Set<IGroupMember>> permissionMap) {
boolean newChannel = (definition.getPortletDefinitionId() == null);
// save the channel
definition = portletDefinitionDao.savePortletDefinition(definition);
definition = portletDefinitionDao.getPortletDefinitionByFname(definition.getFName());
final String defId = definition.getPortletDefinitionId().getStringId();
final IEntity portletDefEntity = GroupService.getEntity(defId, IPortletDefinition.class);
// The groups service needs to deal with concurrent modification better.
synchronized (this.groupUpdateLock) {
// Delete existing category memberships for this channel
if (!newChannel) {
for (IEntityGroup group : portletDefEntity.getAncestorGroups()) {
group.removeChild(portletDefEntity);
group.update();
}
}
// For each category ID, add channel to category
for (PortletCategory category : categories) {
final IEntityGroup categoryGroup = GroupService.findGroup(category.getId());
categoryGroup.addChild(portletDefEntity);
categoryGroup.updateMembers();
}
// Set groups
final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
final String target = PermissionHelper.permissionTargetIdForPortletDefinition(definition);
// Loop over the affected permission managers...
Map<String, Collection<ExternalPermissionDefinition>> permissionsBySystem = getPermissionsBySystem(permissionMap.keySet());
for (String system : permissionsBySystem.keySet()) {
Collection<ExternalPermissionDefinition> systemPerms = permissionsBySystem.get(system);
// get the permission manager for this system...
final IUpdatingPermissionManager upm = authService.newUpdatingPermissionManager(system);
final List<IPermission> permissions = new ArrayList<>();
// add activity grants for each permission..
for (ExternalPermissionDefinition permissionDef : systemPerms) {
Set<IGroupMember> members = permissionMap.get(permissionDef);
for (final IGroupMember member : members) {
final IAuthorizationPrincipal authPrincipal = authService.newPrincipal(member);
final IPermission permEntity = upm.newPermission(authPrincipal);
permEntity.setType(IPermission.PERMISSION_TYPE_GRANT);
permEntity.setActivity(permissionDef.getActivity());
permEntity.setTarget(target);
permissions.add(permEntity);
}
}
// ones
if (!newChannel) {
for (ExternalPermissionDefinition permissionName : permissionMap.keySet()) {
IPermission[] oldPermissions = upm.getPermissions(permissionName.getActivity(), target);
upm.removePermissions(oldPermissions);
}
}
upm.addPermissions(permissions.toArray(new IPermission[permissions.size()]));
}
}
if (logger.isDebugEnabled()) {
logger.debug("Portlet " + defId + " has been " + (newChannel ? "published" : "modified") + ".");
}
return definition;
}
Also used :
IEntity(org.apereo.portal.groups.IEntity)
ArrayList(java.util.ArrayList)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
IGroupMember(org.apereo.portal.groups.IGroupMember)
AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade)
IPermission(org.apereo.portal.security.IPermission)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
Collection(java.util.Collection)
ExternalPermissionDefinition(org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition)
PortletCategory(org.apereo.portal.portlet.om.PortletCategory)
IUpdatingPermissionManager(org.apereo.portal.security.IUpdatingPermissionManager)
Example 10 with AuthorizationServiceFacade
use of org.apereo.portal.services.AuthorizationServiceFacade in project uPortal by Jasig.
the class PopularPortletsController method buildEventCounts.
private List<PortletUsage> buildEventCounts(Integer days, IPerson user, Locale locale) {
final DateTime end = new DateTime();
final DateTime begin = end.minusDays(days);
final IEntityGroup everyone = GroupService.getRootGroup(IPerson.class);
final AggregatedGroupMapping group = aggregatedGroupLookupDao.getGroupMapping(everyone.getKey());
final List<PortletLayoutAggregation> aggregations = portletLayoutDao.getAggregationsForAllPortlets(begin, end, AGGREGATION_INTERVAL, group);
final EntityIdentifier ei = user.getEntityIdentifier();
final AuthorizationServiceFacade authService = AuthorizationServiceFacade.instance();
final IAuthorizationPrincipal ap = authService.newPrincipal(ei.getKey(), ei.getType());
final Map<String, PortletUsage> resultBuilder = new HashMap<String, PortletUsage>();
for (final PortletLayoutAggregation aggregation : aggregations) {
final AggregatedPortletMapping portlet = aggregation.getPortletMapping();
final String fname = portlet.getFname();
PortletUsage portletUsage = resultBuilder.get(fname);
if (portletUsage == null) {
final IPortletDefinition portletDefinition = this.portletDefinitionDao.getPortletDefinitionByFname(fname);
if (portletDefinition == null || !ap.canSubscribe(portletDefinition.getPortletDefinitionId().getStringId())) {
// Skip portlets that no longer exist or cannot be subscribed to
continue;
}
portletUsage = new PortletUsage(portletDefinition.getPortletDefinitionId().getLongId(), fname, portletDefinition.getTitle(locale.toString()), portletDefinition.getDescription(locale.toString()));
resultBuilder.put(fname, portletUsage);
}
portletUsage.incrementCount(aggregation.getAddCount());
}
final ArrayList<PortletUsage> results = new ArrayList<PortletUsage>(resultBuilder.values());
Collections.sort(results);
return results;
}
Also used :
HashMap(java.util.HashMap)
PortletLayoutAggregation(org.apereo.portal.events.aggr.portletlayout.PortletLayoutAggregation)
AggregatedPortletMapping(org.apereo.portal.events.aggr.portlets.AggregatedPortletMapping)
ArrayList(java.util.ArrayList)
EntityIdentifier(org.apereo.portal.EntityIdentifier)
DateTime(org.joda.time.DateTime)
IEntityGroup(org.apereo.portal.groups.IEntityGroup)
AggregatedGroupMapping(org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)
AuthorizationServiceFacade(org.apereo.portal.services.AuthorizationServiceFacade)
IAuthorizationPrincipal(org.apereo.portal.security.IAuthorizationPrincipal)
IPortletDefinition(org.apereo.portal.portlet.om.IPortletDefinition)
Aggregations
AuthorizationServiceFacade (org.apereo.portal.services.AuthorizationServiceFacade)11
IAuthorizationPrincipal (org.apereo.portal.security.IAuthorizationPrincipal)8
IEntity (org.apereo.portal.groups.IEntity)4
IEntityGroup (org.apereo.portal.groups.IEntityGroup)4
EntityIdentifier (org.apereo.portal.EntityIdentifier)3
IGroupMember (org.apereo.portal.groups.IGroupMember)3
IPortletDefinition (org.apereo.portal.portlet.om.IPortletDefinition)3
ArrayList (java.util.ArrayList)2
EntityEnum (org.apereo.portal.portlets.groupselector.EntityEnum)2
IPermission (org.apereo.portal.security.IPermission)2
IUpdatingPermissionManager (org.apereo.portal.security.IUpdatingPermissionManager)2
Collection (java.util.Collection)1
HashMap (java.util.HashMap)1
PortletMode (javax.portlet.PortletMode)1
AuthorizationException (org.apereo.portal.AuthorizationException)1
AggregatedGroupMapping (org.apereo.portal.events.aggr.groups.AggregatedGroupMapping)1
PortletLayoutAggregation (org.apereo.portal.events.aggr.portletlayout.PortletLayoutAggregation)1
AggregatedPortletMapping (org.apereo.portal.events.aggr.portlets.AggregatedPortletMapping)1
IEntityNameFinder (org.apereo.portal.groups.IEntityNameFinder)1
ExternalPermissionDefinition (org.apereo.portal.io.xml.portlettype.ExternalPermissionDefinition)1
