use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.
the class KapuaAuthorizingRealm method doGetAuthorizationInfo.
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
//
// Extract principal
String username = (String) principals.getPrimaryPrincipal();
logger.debug("Getting authorization info for: {}", username);
//
// Get Services
KapuaLocator locator = KapuaLocator.getInstance();
UserService userService = locator.getService(UserService.class);
UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(username);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
//
// Get user permissions set
UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
query.setPredicate(predicate);
final KapuaListResult<UserPermission> userPermissions;
try {
userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {
@Override
public KapuaListResult<UserPermission> call() throws Exception {
return userPermissionService.query(query);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find permissions!", e);
}
}
//
// Create SimpleAuthorizationInfo with principals permissions
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (UserPermission userPermission : userPermissions.getItems()) {
Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
logger.trace("Username: {} has permission: {}", username, p);
info.addStringPermission(p.toString());
}
return info;
}
use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.
the class UserPermissionDAO method create.
/**
* Creates and return new user permission
*
* @param em
* @param creator
* @return
* @throws KapuaException
*/
public static UserPermission create(EntityManager em, UserPermissionCreator creator) throws KapuaException {
UserPermission permission = new UserPermissionImpl(creator.getScopeId());
permission.setUserId(creator.getUserId());
permission.setPermission(creator.getPermission());
return ServiceDAO.create(em, permission);
}
use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.
the class UserPermissionServiceImpl method find.
@Override
public UserPermission find(KapuaId scopeId, KapuaId permissionId) throws KapuaException {
ArgumentValidator.notNull(scopeId, "accountId");
ArgumentValidator.notNull(permissionId, "permissionId");
//
// Check Access
KapuaLocator locator = KapuaLocator.getInstance();
AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
authorizationService.checkPermission(permissionFactory.newPermission(UserPermissionDomain.USER_PERMISSION, Actions.read, scopeId));
//
// Do find
UserPermission permission = null;
EntityManager em = AuthorizationEntityManagerFactory.getEntityManager();
try {
permission = UserPermissionDAO.find(em, permissionId);
} catch (Exception e) {
throw KapuaExceptionUtils.convertPersistenceException(e);
} finally {
em.close();
}
return permission;
}
use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.
the class UserPermissionServiceImpl method create.
@Override
public UserPermission create(UserPermissionCreator userPermissionCreator) throws KapuaException {
ArgumentValidator.notNull(userPermissionCreator, "userPermissionCreator");
ArgumentValidator.notNull(userPermissionCreator.getPermission(), "userPermissionCreator.permission");
//
// Check Access
KapuaLocator locator = KapuaLocator.getInstance();
AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
authorizationService.checkPermission(permissionFactory.newPermission(UserPermissionDomain.USER_PERMISSION, Actions.write, userPermissionCreator.getScopeId()));
//
// Do create
UserPermission permission = null;
EntityManager em = AuthorizationEntityManagerFactory.getEntityManager();
try {
em.beginTransaction();
permission = UserPermissionDAO.create(em, userPermissionCreator);
em.commit();
} catch (Exception e) {
em.rollback();
throw KapuaExceptionUtils.convertPersistenceException(e);
} finally {
em.close();
}
return permission;
}
Aggregations