Search in sources :

Example 1 with UserPermission

use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.

the class KapuaAuthorizingRealm method doGetAuthorizationInfo.

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
    // 
    // Extract principal
    String username = (String) principals.getPrimaryPrincipal();
    logger.debug("Getting authorization info for: {}", username);
    // 
    // Get Services
    KapuaLocator locator = KapuaLocator.getInstance();
    UserService userService = locator.getService(UserService.class);
    UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
    UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    // 
    // Get the associated user by name
    final User user;
    try {
        user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {

            @Override
            public User call() throws Exception {
                return userService.findByName(username);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find user!", e);
        }
    }
    // Check existence
    if (user == null) {
        throw new UnknownAccountException();
    }
    // 
    // Get user permissions set
    UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
    KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
    query.setPredicate(predicate);
    final KapuaListResult<UserPermission> userPermissions;
    try {
        userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {

            @Override
            public KapuaListResult<UserPermission> call() throws Exception {
                return userPermissionService.query(query);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find permissions!", e);
        }
    }
    // 
    // Create SimpleAuthorizationInfo with principals permissions
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    for (UserPermission userPermission : userPermissions.getItems()) {
        Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
        logger.trace("Username: {} has permission: {}", username, p);
        info.addStringPermission(p.toString());
    }
    return info;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) User(org.eclipse.kapua.service.user.User) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) UserService(org.eclipse.kapua.service.user.UserService) AuthenticationException(org.apache.shiro.authc.AuthenticationException) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Callable(java.util.concurrent.Callable) ShiroException(org.apache.shiro.ShiroException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) KapuaException(org.eclipse.kapua.KapuaException) AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate) ShiroException(org.apache.shiro.ShiroException) UserPermissionQuery(org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission) Permission(org.eclipse.kapua.service.authorization.permission.Permission) UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Example 2 with UserPermission

use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.

the class UserPermissionDAO method create.

/**
 * Creates and return new user permission
 *
 * @param em
 * @param creator
 * @return
 * @throws KapuaException
 */
public static UserPermission create(EntityManager em, UserPermissionCreator creator) throws KapuaException {
    UserPermission permission = new UserPermissionImpl(creator.getScopeId());
    permission.setUserId(creator.getUserId());
    permission.setPermission(creator.getPermission());
    return ServiceDAO.create(em, permission);
}
Also used : UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Example 3 with UserPermission

use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.

the class UserPermissionServiceImpl method find.

@Override
public UserPermission find(KapuaId scopeId, KapuaId permissionId) throws KapuaException {
    ArgumentValidator.notNull(scopeId, "accountId");
    ArgumentValidator.notNull(permissionId, "permissionId");
    // 
    // Check Access
    KapuaLocator locator = KapuaLocator.getInstance();
    AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    authorizationService.checkPermission(permissionFactory.newPermission(UserPermissionDomain.USER_PERMISSION, Actions.read, scopeId));
    // 
    // Do find
    UserPermission permission = null;
    EntityManager em = AuthorizationEntityManagerFactory.getEntityManager();
    try {
        permission = UserPermissionDAO.find(em, permissionId);
    } catch (Exception e) {
        throw KapuaExceptionUtils.convertPersistenceException(e);
    } finally {
        em.close();
    }
    return permission;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) EntityManager(org.eclipse.kapua.commons.jpa.EntityManager) AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) KapuaEntityNotFoundException(org.eclipse.kapua.KapuaEntityNotFoundException) KapuaException(org.eclipse.kapua.KapuaException) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Example 4 with UserPermission

use of org.eclipse.kapua.service.authorization.user.permission.UserPermission in project kapua by eclipse.

the class UserPermissionServiceImpl method create.

@Override
public UserPermission create(UserPermissionCreator userPermissionCreator) throws KapuaException {
    ArgumentValidator.notNull(userPermissionCreator, "userPermissionCreator");
    ArgumentValidator.notNull(userPermissionCreator.getPermission(), "userPermissionCreator.permission");
    // 
    // Check Access
    KapuaLocator locator = KapuaLocator.getInstance();
    AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    authorizationService.checkPermission(permissionFactory.newPermission(UserPermissionDomain.USER_PERMISSION, Actions.write, userPermissionCreator.getScopeId()));
    // 
    // Do create
    UserPermission permission = null;
    EntityManager em = AuthorizationEntityManagerFactory.getEntityManager();
    try {
        em.beginTransaction();
        permission = UserPermissionDAO.create(em, userPermissionCreator);
        em.commit();
    } catch (Exception e) {
        em.rollback();
        throw KapuaExceptionUtils.convertPersistenceException(e);
    } finally {
        em.close();
    }
    return permission;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) EntityManager(org.eclipse.kapua.commons.jpa.EntityManager) AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) KapuaEntityNotFoundException(org.eclipse.kapua.KapuaEntityNotFoundException) KapuaException(org.eclipse.kapua.KapuaException) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Aggregations

UserPermission (org.eclipse.kapua.service.authorization.user.permission.UserPermission)4 KapuaException (org.eclipse.kapua.KapuaException)3 KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)3 PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)3 KapuaEntityNotFoundException (org.eclipse.kapua.KapuaEntityNotFoundException)2 EntityManager (org.eclipse.kapua.commons.jpa.EntityManager)2 AuthorizationService (org.eclipse.kapua.service.authorization.AuthorizationService)2 Callable (java.util.concurrent.Callable)1 ShiroException (org.apache.shiro.ShiroException)1 AuthenticationException (org.apache.shiro.authc.AuthenticationException)1 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1 AttributePredicate (org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)1 KapuaPredicate (org.eclipse.kapua.model.query.predicate.KapuaPredicate)1 Permission (org.eclipse.kapua.service.authorization.permission.Permission)1 UserPermissionFactory (org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)1 UserPermissionQuery (org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery)1 UserPermissionService (org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)1 User (org.eclipse.kapua.service.user.User)1 UserService (org.eclipse.kapua.service.user.UserService)1