Example 1 with UserPermissionQuery
use of org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery in project kapua by eclipse.
the class KapuaAuthorizingRealm method doGetAuthorizationInfo.
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
//
// Extract principal
String username = (String) principals.getPrimaryPrincipal();
logger.debug("Getting authorization info for: {}", username);
//
// Get Services
KapuaLocator locator = KapuaLocator.getInstance();
UserService userService = locator.getService(UserService.class);
UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(username);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
//
// Get user permissions set
UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
query.setPredicate(predicate);
final KapuaListResult<UserPermission> userPermissions;
try {
userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {
@Override
public KapuaListResult<UserPermission> call() throws Exception {
return userPermissionService.query(query);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find permissions!", e);
}
}
//
// Create SimpleAuthorizationInfo with principals permissions
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (UserPermission userPermission : userPermissions.getItems()) {
Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
logger.trace("Username: {} has permission: {}", username, p);
info.addStringPermission(p.toString());
}
return info;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
User(org.eclipse.kapua.service.user.User)
SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo)
UserService(org.eclipse.kapua.service.user.UserService)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Callable(java.util.concurrent.Callable)
ShiroException(org.apache.shiro.ShiroException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
KapuaException(org.eclipse.kapua.KapuaException)
AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)
ShiroException(org.apache.shiro.ShiroException)
UserPermissionQuery(org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery)
UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)
Permission(org.eclipse.kapua.service.authorization.permission.Permission)
UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate)
UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)
Aggregations
Callable (java.util.concurrent.Callable)1
ShiroException (org.apache.shiro.ShiroException)1
AuthenticationException (org.apache.shiro.authc.AuthenticationException)1
UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1
SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1
KapuaException (org.eclipse.kapua.KapuaException)1
AttributePredicate (org.eclipse.kapua.commons.model.query.predicate.AttributePredicate)1
KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)1
KapuaPredicate (org.eclipse.kapua.model.query.predicate.KapuaPredicate)1
Permission (org.eclipse.kapua.service.authorization.permission.Permission)1
PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)1
UserPermission (org.eclipse.kapua.service.authorization.user.permission.UserPermission)1
UserPermissionFactory (org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)1
UserPermissionQuery (org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery)1
UserPermissionService (org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)1
User (org.eclipse.kapua.service.user.User)1
UserService (org.eclipse.kapua.service.user.UserService)1
