Example 11 with Group
use of org.craftercms.studio.api.v2.dal.Group in project studio by craftercms.
the class GroupServiceImpl method updateGroup.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public Group updateGroup(long orgId, Group group) throws ServiceLayerException, GroupNotFoundException, AuthenticationException {
Group toRet = groupServiceInternal.updateGroup(orgId, group);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_UPDATE);
auditLog.setSiteId(siteFeed.getId());
auditLog.setActorId(userService.getCurrentUser().getUsername());
auditLog.setPrimaryTargetId(group.getGroupName());
auditLog.setPrimaryTargetType(TARGET_TYPE_GROUP);
auditLog.setPrimaryTargetValue(group.getGroupName());
auditServiceInternal.insertAuditLog(auditLog);
return toRet;
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 12 with Group
use of org.craftercms.studio.api.v2.dal.Group in project studio by craftercms.
the class GroupServiceImpl method removeGroupMembers.
@Override
@HasPermission(type = DefaultPermission.class, action = "update_groups")
public void removeGroupMembers(long groupId, List<Long> userIds, List<String> usernames) throws ServiceLayerException, UserNotFoundException, GroupNotFoundException, AuthenticationException {
Group group = getGroup(groupId);
generalLockService.lock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
try {
if (group.getGroupName().equals(SYSTEM_ADMIN_GROUP)) {
List<User> members = getGroupMembers(groupId, 0, Integer.MAX_VALUE, StringUtils.EMPTY);
if (CollectionUtils.isNotEmpty(members)) {
List<User> membersAfterRemove = new ArrayList<User>();
membersAfterRemove.addAll(members);
members.forEach(m -> {
if (CollectionUtils.isNotEmpty(userIds)) {
if (userIds.contains(m.getId())) {
membersAfterRemove.remove(m);
}
}
if (CollectionUtils.isNotEmpty(usernames)) {
if (usernames.contains(m.getUsername())) {
membersAfterRemove.remove(m);
}
}
});
if (CollectionUtils.isEmpty(membersAfterRemove)) {
throw new ServiceLayerException("Removing all members of the System Admin group is not allowed." + " We must have at least one system administrator.");
}
}
}
List<User> users = userServiceInternal.getUsersByIdOrUsername(userIds, usernames);
groupServiceInternal.removeGroupMembers(groupId, userIds, usernames);
SiteFeed siteFeed = siteService.getSite(studioConfiguration.getProperty(CONFIGURATION_GLOBAL_SYSTEM_SITE));
AuditLog auditLog = auditServiceInternal.createAuditLogEntry();
auditLog.setOperation(OPERATION_REMOVE_MEMBERS);
auditLog.setActorId(userService.getCurrentUser().getUsername());
auditLog.setSiteId(siteFeed.getId());
auditLog.setPrimaryTargetId(Long.toString(group.getId()));
auditLog.setPrimaryTargetType(TARGET_TYPE_USER);
auditLog.setPrimaryTargetValue(group.getGroupName());
List<AuditLogParameter> paramters = new ArrayList<AuditLogParameter>();
for (User user : users) {
AuditLogParameter paramter = new AuditLogParameter();
paramter.setTargetId(Long.toString(user.getId()));
paramter.setTargetType(TARGET_TYPE_USER);
paramter.setTargetValue(user.getUsername());
paramters.add(paramter);
}
auditLog.setParameters(paramters);
auditServiceInternal.insertAuditLog(auditLog);
} finally {
generalLockService.unlock(REMOVE_SYSTEM_ADMIN_MEMBER_LOCK);
}
}
Also used :
Group(org.craftercms.studio.api.v2.dal.Group)
User(org.craftercms.studio.api.v2.dal.User)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ArrayList(java.util.ArrayList)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
AuditLogParameter(org.craftercms.studio.api.v2.dal.AuditLogParameter)
AuditLog(org.craftercms.studio.api.v2.dal.AuditLog)
HasPermission(org.craftercms.commons.security.permissions.annotations.HasPermission)
Example 13 with Group
use of org.craftercms.studio.api.v2.dal.Group in project studio by craftercms.
the class StudioAbstractAccessDecisionVoter method isAdmin.
protected boolean isAdmin(User user) {
List<Group> userGroups = null;
try {
userGroups = userServiceInternal.getUserGroups(-1, user.getUsername());
} catch (ServiceLayerException | UserNotFoundException e) {
logger.error("Error getting user memberships", e);
return false;
}
boolean toRet = false;
if (CollectionUtils.isNotEmpty(userGroups)) {
for (Group group : userGroups) {
if (StringUtils.equalsIgnoreCase(group.getGroupName(), SYSTEM_ADMIN_GROUP)) {
toRet = true;
break;
}
}
}
return toRet;
}
Also used :
UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException)
Group(org.craftercms.studio.api.v2.dal.Group)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
Example 14 with Group
use of org.craftercms.studio.api.v2.dal.Group in project studio by craftercms.
the class StudioAbstractAccessDecisionVoter method isSiteAdmin.
protected boolean isSiteAdmin(String siteId, User currentUser) {
try {
int total = siteService.getSitesPerUserTotal(currentUser.getUsername());
List<SiteFeed> sitesFeed = siteService.getSitesPerUser(currentUser.getUsername(), 0, total);
Map<String, Long> sites = new HashMap<String, Long>();
for (SiteFeed site : sitesFeed) {
sites.put(site.getSiteId(), site.getId());
}
boolean toRet = sites.containsKey(siteId);
if (toRet) {
List<Group> userGroups = userServiceInternal.getUserGroups(sites.get(siteId), currentUser.getUsername());
for (Group g : userGroups) {
if (g.getGroupName().equals(studioConfiguration.getProperty(CONFIGURATION_DEFAULT_ADMIN_GROUP))) {
toRet = true;
break;
}
}
toRet = userGroups.contains(studioConfiguration.getProperty(CONFIGURATION_DEFAULT_ADMIN_GROUP));
}
return toRet;
} catch (UserNotFoundException e) {
logger.info("User is not site member", e);
return false;
} catch (ServiceLayerException e) {
logger.error("Error getting user memberships", e);
return false;
}
}
Also used :
UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException)
Group(org.craftercms.studio.api.v2.dal.Group)
HashMap(java.util.HashMap)
SiteFeed(org.craftercms.studio.api.v1.dal.SiteFeed)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
Example 15 with Group
use of org.craftercms.studio.api.v2.dal.Group in project studio by craftercms.
the class SecurityServiceImpl method isSiteAdmin.
@Override
@ValidateParams
public boolean isSiteAdmin(@ValidateStringParam(name = "username") String username, String site) {
boolean toRet = false;
try {
if (userServiceInternal.isUserMemberOfGroup(username, SYSTEM_ADMIN_GROUP)) {
return true;
}
List<Group> groups = userServiceInternal.getUserGroups(-1, username);
if (CollectionUtils.isNotEmpty(groups)) {
Map<String, List<String>> roleMappings = configurationService.geRoleMappings(site);
if (MapUtils.isNotEmpty(roleMappings)) {
for (Group group : groups) {
String groupName = group.getGroupName();
List<String> roles = roleMappings.get(groupName);
if (roles.contains(ADMIN_ROLE)) {
toRet = true;
}
}
}
}
} catch (ServiceLayerException | UserNotFoundException e) {
logger.warn("Error getting user memberships", e);
}
return toRet;
}
Also used :
UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException)
Group(org.craftercms.studio.api.v2.dal.Group)
ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException)
ArrayList(java.util.ArrayList)
List(java.util.List)
ValidateParams(org.craftercms.commons.validation.annotations.param.ValidateParams)
Aggregations
Group (org.craftercms.studio.api.v2.dal.Group)26
ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)23
UserNotFoundException (org.craftercms.studio.api.v1.exception.security.UserNotFoundException)20
HashMap (java.util.HashMap)17
GroupNotFoundException (org.craftercms.studio.api.v1.exception.security.GroupNotFoundException)13
ArrayList (java.util.ArrayList)12
SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)12
User (org.craftercms.studio.api.v2.dal.User)12
AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)11
GroupAlreadyExistsException (org.craftercms.studio.api.v1.exception.security.GroupAlreadyExistsException)10
ConfigurationException (org.craftercms.studio.api.v2.exception.configuration.ConfigurationException)10
HasPermission (org.craftercms.commons.security.permissions.annotations.HasPermission)8
ResponseBody (org.craftercms.studio.model.rest.ResponseBody)6
List (java.util.List)5
AuditLogParameter (org.craftercms.studio.api.v2.dal.AuditLogParameter)5
UserAlreadyExistsException (org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException)4
SiteService (org.craftercms.studio.api.v1.service.site.SiteService)4
AuditServiceInternal (org.craftercms.studio.api.v2.service.audit.internal.AuditServiceInternal)4
StudioConfiguration (org.craftercms.studio.api.v2.utils.StudioConfiguration)4
ZonedDateTime (java.time.ZonedDateTime)3
