Search in sources :

Example 6 with FessUserBean

use of org.codelibs.fess.mylasta.action.FessUserBean in project fess by codelibs.

the class RoleQueryHelper method build.

public Set<String> build(final SearchRequestType searchRequestType) {
    final Set<String> roleSet = new HashSet<>();
    final HttpServletRequest request = LaRequestUtil.getOptionalRequest().orElse(null);
    final FessConfig fessConfig = ComponentUtil.getFessConfig();
    final boolean isApiRequest = !SearchRequestType.SEARCH.equals(searchRequestType) && !SearchRequestType.ADMIN_SEARCH.equals(searchRequestType);
    if (request != null) {
        @SuppressWarnings("unchecked") final Set<String> list = (Set<String>) request.getAttribute(USER_ROLES);
        if (list != null) {
            return list;
        }
        // request parameter
        if (StringUtil.isNotBlank(parameterKey)) {
            processParameter(request, roleSet);
        }
        // request header
        if (StringUtil.isNotBlank(headerKey)) {
            processHeader(request, roleSet);
        }
        // cookie
        if (StringUtil.isNotBlank(cookieKey)) {
            processCookie(request, roleSet);
        }
        // cookie mapping
        if (cookieNameMap != null) {
            buildByCookieNameMapping(request, roleSet);
        }
        final boolean hasAccessToken = processAccessToken(request, roleSet, isApiRequest);
        final RequestManager requestManager = ComponentUtil.getRequestManager();
        try {
            requestManager.findUserBean(FessUserBean.class).ifPresent(fessUserBean -> stream(fessUserBean.getPermissions()).of(stream -> stream.forEach(roleSet::add))).orElse(() -> {
                if (isApiRequest && ComponentUtil.getFessConfig().getApiAccessTokenRequiredAsBoolean()) {
                    throw new InvalidAccessTokenException("invalid_token", "Access token is requried.");
                }
                if (!hasAccessToken || roleSet.isEmpty()) {
                    roleSet.addAll(fessConfig.getSearchGuestPermissionList());
                }
            });
        } catch (final RuntimeException e) {
            try {
                requestManager.findLoginManager(FessUserBean.class).ifPresent(LoginManager::logout);
            } catch (final Exception e1) {
            // ignore
            }
            throw e;
        }
    }
    if (defaultRoleList != null) {
        roleSet.addAll(defaultRoleList);
    }
    if (logger.isDebugEnabled()) {
        logger.debug("roleSet: {}", roleSet);
    }
    if (request != null) {
        request.setAttribute(USER_ROLES, roleSet);
    }
    return roleSet;
}
Also used : StreamUtil.stream(org.codelibs.core.stream.StreamUtil.stream) AccessTokenService(org.codelibs.fess.app.service.AccessTokenService) StringUtil(org.codelibs.core.lang.StringUtil) Set(java.util.Set) HashMap(java.util.HashMap) InvalidAccessTokenException(org.codelibs.fess.exception.InvalidAccessTokenException) LaRequestUtil(org.lastaflute.web.util.LaRequestUtil) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) FessUserBean(org.codelibs.fess.mylasta.action.FessUserBean) List(java.util.List) HttpServletRequest(javax.servlet.http.HttpServletRequest) SearchRequestType(org.codelibs.fess.entity.SearchRequestParams.SearchRequestType) FessConfig(org.codelibs.fess.mylasta.direction.FessConfig) Logger(org.apache.logging.log4j.Logger) RequestManager(org.lastaflute.web.servlet.request.RequestManager) ComponentUtil(org.codelibs.fess.util.ComponentUtil) CachedCipher(org.codelibs.core.crypto.CachedCipher) LoginManager(org.lastaflute.web.login.LoginManager) Map(java.util.Map) PostConstruct(javax.annotation.PostConstruct) Cookie(javax.servlet.http.Cookie) LogManager(org.apache.logging.log4j.LogManager) Set(java.util.Set) HashSet(java.util.HashSet) FessConfig(org.codelibs.fess.mylasta.direction.FessConfig) InvalidAccessTokenException(org.codelibs.fess.exception.InvalidAccessTokenException) HttpServletRequest(javax.servlet.http.HttpServletRequest) InvalidAccessTokenException(org.codelibs.fess.exception.InvalidAccessTokenException) RequestManager(org.lastaflute.web.servlet.request.RequestManager) HashSet(java.util.HashSet)

Example 7 with FessUserBean

use of org.codelibs.fess.mylasta.action.FessUserBean in project fess by codelibs.

the class LdapUser method getPermissions.

@Override
public String[] getPermissions() {
    if (permissions == null) {
        final FessConfig fessConfig = ComponentUtil.getFessConfig();
        final String baseDn = fessConfig.getLdapBaseDn();
        final String accountFilter = fessConfig.getLdapAccountFilter();
        final String groupFilter = fessConfig.getLdapGroupFilter();
        if (StringUtil.isNotBlank(baseDn) && StringUtil.isNotBlank(accountFilter)) {
            final LdapManager ldapManager = ComponentUtil.getLdapManager();
            permissions = distinct(ArrayUtils.addAll(ldapManager.getRoles(this, baseDn, accountFilter, groupFilter, roles -> {
                permissions = distinct(roles);
                ComponentUtil.getActivityHelper().permissionChanged(OptionalThing.of(new FessUserBean(this)));
            }), fessConfig.getRoleSearchUserPrefix() + ldapManager.normalizePermissionName(getName())));
        } else {
            permissions = StringUtil.EMPTY_STRINGS;
        }
    }
    return permissions;
}
Also used : FessUserBean(org.codelibs.fess.mylasta.action.FessUserBean) Arrays(java.util.Arrays) FessConfig(org.codelibs.fess.mylasta.direction.FessConfig) StreamUtil.stream(org.codelibs.core.stream.StreamUtil.stream) ComponentUtil(org.codelibs.fess.util.ComponentUtil) OptionalThing(org.dbflute.optional.OptionalThing) StringUtil(org.codelibs.core.lang.StringUtil) ArrayUtils(org.apache.commons.lang3.ArrayUtils) FessUser(org.codelibs.fess.entity.FessUser) Hashtable(java.util.Hashtable) FessUserBean(org.codelibs.fess.mylasta.action.FessUserBean) FessConfig(org.codelibs.fess.mylasta.direction.FessConfig)

Aggregations

FessUserBean (org.codelibs.fess.mylasta.action.FessUserBean)7 StringUtil (org.codelibs.core.lang.StringUtil)6 ComponentUtil (org.codelibs.fess.util.ComponentUtil)6 OptionalThing (org.dbflute.optional.OptionalThing)5 ArrayList (java.util.ArrayList)4 HashSet (java.util.HashSet)4 List (java.util.List)4 Map (java.util.Map)4 Set (java.util.Set)4 HttpSession (javax.servlet.http.HttpSession)4 LogManager (org.apache.logging.log4j.LogManager)4 Logger (org.apache.logging.log4j.Logger)4 Locale (java.util.Locale)3 Resource (javax.annotation.Resource)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 Constants (org.codelibs.fess.Constants)3 HtmlResponse (org.lastaflute.web.response.HtmlResponse)3 LaRequestUtil (org.lastaflute.web.util.LaRequestUtil)3 Date (java.util.Date)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2