Examples with AccessControlList org.opencastproject.security.api.AccessControlList used on opensource projects

Search in sources :

Example 21 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class AssetManagerMessageReceiverImpl method handleMessage.

/**
 * Handle an update message.
 */
private void handleMessage(TakeSnapshot msg) {
    logger.debug("Received AssetManager take snapshot message");
    final MediaPackage mp = msg.getMediapackage();
    final Opt<DublinCoreCatalog> episodeDublincore = msg.getEpisodeDublincore();
    final String organization = getSecurityService().getOrganization().getId();
    final User user = getSecurityService().getUser();
    // Load or create the corresponding recording event
    final Event event;
    try {
        event = getOrCreateEvent(mp.getIdentifier().toString(), organization, user, getSearchIndex());
        final AccessControlList acl = msg.getAcl();
        List<ManagedAcl> acls = aclServiceFactory.serviceFor(getSecurityService().getOrganization()).getAcls();
        for (final ManagedAcl managedAcl : AccessInformationUtil.matchAcls(acls, acl)) {
            event.setManagedAcl(managedAcl.getName());
        }
        event.setAccessPolicy(AccessControlParser.toJsonSilent(acl));
        event.setArchiveVersion(msg.getVersion());
        if (isBlank(event.getCreator()))
            event.setCreator(getSecurityService().getUser().getName());
        updateEvent(event, mp);
        if (episodeDublincore.isSome()) {
            updateEvent(event, episodeDublincore.get());
        }
    } catch (SearchIndexException e) {
        logger.error("Error retrieving the recording event from the search index: {}", e.getMessage());
        return;
    }
    // Update series name if not already done
    try {
        EventIndexUtils.updateSeriesName(event, organization, user, getSearchIndex());
    } catch (SearchIndexException e) {
        logger.error("Error updating the series name of the event to index: {}", ExceptionUtils.getStackTrace(e));
    }
    // Persist the scheduling event
    try {
        getSearchIndex().addOrUpdate(event);
        logger.debug("Asset manager entry {} updated in the admin ui search index", event.getIdentifier());
    } catch (SearchIndexException e) {
        logger.error("Error retrieving the recording event from the search index: {}", e.getMessage());
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) User(org.opencastproject.security.api.User) SearchIndexException(org.opencastproject.matterhorn.search.SearchIndexException) MediaPackage(org.opencastproject.mediapackage.MediaPackage) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) Event(org.opencastproject.index.service.impl.index.event.Event) EventIndexUtils.getOrCreateEvent(org.opencastproject.index.service.impl.index.event.EventIndexUtils.getOrCreateEvent) EventIndexUtils.updateEvent(org.opencastproject.index.service.impl.index.event.EventIndexUtils.updateEvent) DublinCoreCatalog(org.opencastproject.metadata.dublincore.DublinCoreCatalog)

Example 22 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SeriesServiceDatabaseImpl method userHasReadAccess.

private boolean userHasReadAccess(SeriesEntity entity) throws IOException, AccessControlParsingException {
    // Ensure this user is allowed to read this series
    String accessControlXml = entity.getAccessControl();
    if (accessControlXml != null) {
        AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
        User currentUser = securityService.getUser();
        Organization currentOrg = securityService.getOrganization();
        // There are several reasons a user may need to load a series: to read content, to edit it, or add content
        if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.READ.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.CONTRIBUTE.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
            return false;
        }
    }
    return true;
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization)

Example 23 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SeriesServiceDatabaseImpl method userHasWriteAccess.

private boolean userHasWriteAccess(SeriesEntity entity) throws IOException, AccessControlParsingException {
    // Ensure this user is allowed to write this series
    String accessControlXml = entity.getAccessControl();
    if (accessControlXml != null) {
        AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
        User currentUser = securityService.getUser();
        Organization currentOrg = securityService.getOrganization();
        if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
            return false;
        }
    }
    return true;
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization)

Example 24 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SeriesServiceDatabaseImpl method deleteSeries.

/*
   * (non-Javadoc)
   *
   * @see org.opencastproject.series.impl.SeriesServiceDatabase#deleteSeries(java.lang.String)
   */
@Override
public void deleteSeries(String seriesId) throws SeriesServiceDatabaseException, NotFoundException {
    EntityManager em = emf.createEntityManager();
    EntityTransaction tx = em.getTransaction();
    try {
        tx.begin();
        SeriesEntity entity = getSeriesEntity(seriesId, em);
        if (entity == null) {
            throw new NotFoundException("Series with ID " + seriesId + " does not exist");
        }
        // Ensure this user is allowed to delete this series
        String accessControlXml = entity.getAccessControl();
        if (accessControlXml != null) {
            AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
            User currentUser = securityService.getUser();
            Organization currentOrg = securityService.getOrganization();
            if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
                throw new UnauthorizedException(currentUser + " is not authorized to update series " + seriesId);
            }
        }
        em.remove(entity);
        tx.commit();
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        logger.error("Could not delete series: {}", e.getMessage());
        if (tx.isActive()) {
            tx.rollback();
        }
        throw new SeriesServiceDatabaseException(e);
    } finally {
        em.close();
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) EntityTransaction(javax.persistence.EntityTransaction) EntityManager(javax.persistence.EntityManager) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization) SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) NoResultException(javax.persistence.NoResultException) SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) IOException(java.io.IOException) AccessControlParsingException(org.opencastproject.security.api.AccessControlParsingException)

Example 25 with AccessControlList

use of org.opencastproject.security.api.AccessControlList in project opencast by opencast.

the class SeriesServiceDatabaseImpl method getSeries.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.series.impl.SeriesServiceDatabase#getSeries(java.lang.String)
 */
@Override
public DublinCoreCatalog getSeries(String seriesId) throws NotFoundException, SeriesServiceDatabaseException {
    EntityManager em = emf.createEntityManager();
    EntityTransaction tx = em.getTransaction();
    try {
        tx.begin();
        SeriesEntity entity = getSeriesEntity(seriesId, em);
        if (entity == null) {
            throw new NotFoundException("No series with id=" + seriesId + " exists");
        }
        // Ensure this user is allowed to read this series
        String accessControlXml = entity.getAccessControl();
        if (accessControlXml != null) {
            AccessControlList acl = AccessControlParser.parseAcl(accessControlXml);
            User currentUser = securityService.getUser();
            Organization currentOrg = securityService.getOrganization();
            // There are several reasons a user may need to load a series: to read content, to edit it, or add content
            if (!AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.READ.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.CONTRIBUTE.toString()) && !AccessControlUtil.isAuthorized(acl, currentUser, currentOrg, Permissions.Action.WRITE.toString())) {
                throw new UnauthorizedException(currentUser + " is not authorized to see series " + seriesId);
            }
        }
        return dcService.load(IOUtils.toInputStream(entity.getDublinCoreXML(), "UTF-8"));
    } catch (NotFoundException e) {
        throw e;
    } catch (Exception e) {
        logger.error("Could not update series: {}", e.getMessage());
        if (tx.isActive()) {
            tx.rollback();
        }
        throw new SeriesServiceDatabaseException(e);
    } finally {
        em.close();
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) EntityTransaction(javax.persistence.EntityTransaction) EntityManager(javax.persistence.EntityManager) User(org.opencastproject.security.api.User) Organization(org.opencastproject.security.api.Organization) SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) NoResultException(javax.persistence.NoResultException) SeriesServiceDatabaseException(org.opencastproject.series.impl.SeriesServiceDatabaseException) UnauthorizedException(org.opencastproject.security.api.UnauthorizedException) NotFoundException(org.opencastproject.util.NotFoundException) IOException(java.io.IOException) AccessControlParsingException(org.opencastproject.security.api.AccessControlParsingException)

Aggregations

AccessControlList (org.opencastproject.security.api.AccessControlList)108 NotFoundException (org.opencastproject.util.NotFoundException)46 UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)38 AccessControlEntry (org.opencastproject.security.api.AccessControlEntry)30 MediaPackage (org.opencastproject.mediapackage.MediaPackage)27 Test (org.junit.Test)26 IOException (java.io.IOException)22 Organization (org.opencastproject.security.api.Organization)22 User (org.opencastproject.security.api.User)21 DublinCoreCatalog (org.opencastproject.metadata.dublincore.DublinCoreCatalog)19 ArrayList (java.util.ArrayList)18 SeriesException (org.opencastproject.series.api.SeriesException)18 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)16 MediaPackageException (org.opencastproject.mediapackage.MediaPackageException)16 Date (java.util.Date)15 SchedulerException (org.opencastproject.scheduler.api.SchedulerException)14 Path (javax.ws.rs.Path)13 RestQuery (org.opencastproject.util.doc.rest.RestQuery)13 WebApplicationException (javax.ws.rs.WebApplicationException)12 File (java.io.File)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial