Example 6 with AdminPermission
use of org.broadleafcommerce.openadmin.server.security.domain.AdminPermission in project BroadleafCommerce by BroadleafCommerce.
the class AdminPermissionCustomPersistenceHandler method update.
@Override
public Entity update(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper helper) throws ServiceException {
Entity entity = checkPermissionName(persistencePackage);
try {
PersistencePerspective persistencePerspective = persistencePackage.getPersistencePerspective();
Map<String, FieldMetadata> adminProperties = helper.getSimpleMergedProperties(AdminPermission.class.getName(), persistencePerspective);
Object primaryKey = helper.getPrimaryKey(entity, adminProperties);
AdminPermission adminInstance = (AdminPermission) dynamicEntityDao.retrieve(Class.forName(entity.getType()[0]), primaryKey);
adminInstance = (AdminPermission) helper.createPopulatedInstance(adminInstance, entity, adminProperties, false);
adminInstance = dynamicEntityDao.merge(adminInstance);
Entity adminEntity = helper.getRecord(adminProperties, adminInstance, null, null);
return adminEntity;
} catch (Exception e) {
throw new ServiceException("Unable to update entity for " + entity.getType()[0], e);
}
}
Also used :
Entity(org.broadleafcommerce.openadmin.dto.Entity)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
PersistencePerspective(org.broadleafcommerce.openadmin.dto.PersistencePerspective)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
CriteriaTransferObject(org.broadleafcommerce.openadmin.dto.CriteriaTransferObject)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
Example 7 with AdminPermission
use of org.broadleafcommerce.openadmin.server.security.domain.AdminPermission in project BroadleafCommerce by BroadleafCommerce.
the class AdminPermissionCustomPersistenceHandler method add.
@Override
public Entity add(PersistencePackage persistencePackage, DynamicEntityDao dynamicEntityDao, RecordHelper helper) throws ServiceException {
if (persistencePackage.getEntity().findProperty("id") != null && !StringUtils.isEmpty(persistencePackage.getEntity().findProperty("id").getValue())) {
return update(persistencePackage, dynamicEntityDao, helper);
}
Entity entity = checkPermissionName(persistencePackage);
try {
PersistencePerspective persistencePerspective = persistencePackage.getPersistencePerspective();
AdminPermission adminInstance = (AdminPermission) Class.forName(entity.getType()[0]).newInstance();
Map<String, FieldMetadata> adminProperties = helper.getSimpleMergedProperties(AdminPermission.class.getName(), persistencePerspective);
adminInstance = (AdminPermission) helper.createPopulatedInstance(adminInstance, entity, adminProperties, false);
adminInstance = dynamicEntityDao.merge(adminInstance);
Entity adminEntity = helper.getRecord(adminProperties, adminInstance, null, null);
return adminEntity;
} catch (Exception e) {
throw new ServiceException("Unable to add entity for " + entity.getType()[0], e);
}
}
Also used :
Entity(org.broadleafcommerce.openadmin.dto.Entity)
FieldMetadata(org.broadleafcommerce.openadmin.dto.FieldMetadata)
PersistencePerspective(org.broadleafcommerce.openadmin.dto.PersistencePerspective)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
ServiceException(org.broadleafcommerce.common.exception.ServiceException)
Example 8 with AdminPermission
use of org.broadleafcommerce.openadmin.server.security.domain.AdminPermission in project BroadleafCommerce by BroadleafCommerce.
the class AdminNavigationServiceImpl method isUserAuthorizedToViewSection.
@Override
public boolean isUserAuthorizedToViewSection(AdminUser adminUser, AdminSection section) {
List<AdminPermission> authorizedPermissions = section.getPermissions();
Set<String> authorizedPermissionNames = null;
if (authorizedPermissions != null) {
authorizedPermissionNames = new HashSet<>((authorizedPermissions.size() * 2));
for (AdminPermission authorizedPermission : authorizedPermissions) {
authorizedPermissionNames.add(authorizedPermission.getName());
authorizedPermissionNames.add(parseForAllPermission(authorizedPermission.getName()));
}
}
boolean response = false;
if (!CollectionUtils.isEmpty(adminUser.getAllRoles())) {
for (AdminRole role : adminUser.getAllRoles()) {
for (AdminPermission permission : role.getAllPermissions()) {
if (checkPermissions(authorizedPermissionNames, permission.getName())) {
response = true;
}
}
}
}
if (!response && !CollectionUtils.isEmpty(adminUser.getAllPermissions())) {
for (AdminPermission permission : adminUser.getAllPermissions()) {
if (checkPermissions(authorizedPermissionNames, permission.getName())) {
response = true;
}
}
}
if (!response) {
for (String defaultPermission : AdminSecurityService.DEFAULT_PERMISSIONS) {
if (checkPermissions(authorizedPermissionNames, defaultPermission)) {
response = true;
}
}
}
if (response) {
for (SectionAuthorization sectionAuthorization : additionalSectionAuthorizations) {
if (!sectionAuthorization.isUserAuthorizedToViewSection(adminUser, section)) {
response = false;
break;
}
}
}
return response;
}
Also used :
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
AdminRole(org.broadleafcommerce.openadmin.server.security.domain.AdminRole)
Example 9 with AdminPermission
use of org.broadleafcommerce.openadmin.server.security.domain.AdminPermission in project BroadleafCommerce by BroadleafCommerce.
the class AdminPermissionDaoImpl method readAdminPermissionByName.
@Override
public AdminPermission readAdminPermissionByName(String name) {
CriteriaBuilder builder = em.getCriteriaBuilder();
CriteriaQuery<AdminPermission> criteria = builder.createQuery(AdminPermission.class);
Root<AdminPermissionImpl> adminPerm = criteria.from(AdminPermissionImpl.class);
criteria.select(adminPerm);
List<Predicate> restrictions = new ArrayList<Predicate>();
restrictions.add(builder.equal(adminPerm.get("name"), name));
// Execute the query with the restrictions
criteria.where(restrictions.toArray(new Predicate[restrictions.size()]));
TypedQuery<AdminPermission> query = em.createQuery(criteria);
query.setHint(QueryHints.HINT_CACHEABLE, true);
query.setHint(QueryHints.HINT_CACHE_REGION, "blAdminSecurityQuery");
List<AdminPermission> results = query.getResultList();
if (results == null || results.size() == 0) {
return null;
} else {
return results.get(0);
}
}
Also used :
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
AdminPermission(org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)
AdminPermissionImpl(org.broadleafcommerce.openadmin.server.security.domain.AdminPermissionImpl)
ArrayList(java.util.ArrayList)
Predicate(javax.persistence.criteria.Predicate)
Aggregations
AdminPermission (org.broadleafcommerce.openadmin.server.security.domain.AdminPermission)9
AdminPermissionImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminPermissionImpl)3
ArrayList (java.util.ArrayList)2
CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2
Predicate (javax.persistence.criteria.Predicate)2
ServiceException (org.broadleafcommerce.common.exception.ServiceException)2
Entity (org.broadleafcommerce.openadmin.dto.Entity)2
FieldMetadata (org.broadleafcommerce.openadmin.dto.FieldMetadata)2
PersistencePerspective (org.broadleafcommerce.openadmin.dto.PersistencePerspective)2
AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)2
Query (javax.persistence.Query)1
TypedQuery (javax.persistence.TypedQuery)1
CriteriaQuery (javax.persistence.criteria.CriteriaQuery)1
CriteriaTransferObject (org.broadleafcommerce.openadmin.dto.CriteriaTransferObject)1
AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)1
Rollback (org.springframework.test.annotation.Rollback)1
DataProvider (org.testng.annotations.DataProvider)1
Test (org.testng.annotations.Test)1
