Examples with AclScope org.opencastproject.security.api.AclScope used on opensource projects

Search in sources :

Example 1 with AclScope

use of org.opencastproject.security.api.AclScope in project opencast by opencast.

the class AbstractAclServiceRestEndpoint method getActiveAclForEpisode.

private Either<AccessControlList, Tuple<ManagedAcl, AclScope>> getActiveAclForEpisode(AclService aclService, String episodeId) {
    final AQueryBuilder q = getAssetManager().createQuery();
    final ASelectQuery sq = q.select(q.snapshot()).where(q.mediaPackageId(episodeId).and(q.version().isLatest()));
    for (Snapshot snapshot : enrich(sq.run()).getSnapshots().head()) {
        // get active ACL of found media package
        final Tuple<AccessControlList, AclScope> activeAcl = getAuthorizationService().getActiveAcl(snapshot.getMediaPackage());
        // find corresponding managed ACL
        for (ManagedAcl macl : matchAcls(aclService, activeAcl.getA())) {
            return right(tuple(macl, activeAcl.getB()));
        }
        return left(activeAcl.getA());
    }
    // episode does not exist
    logger.warn("Episode {} cannot be found in Archive", episodeId);
    return left(EMPTY_ACL);
}
Also used : JsonConv.fullAccessControlList(org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList) AccessControlList(org.opencastproject.security.api.AccessControlList) Snapshot(org.opencastproject.assetmanager.api.Snapshot) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) JsonConv.digestManagedAcl(org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.digestManagedAcl) Util.getManagedAcl(org.opencastproject.authorization.xacml.manager.impl.Util.getManagedAcl) AQueryBuilder(org.opencastproject.assetmanager.api.query.AQueryBuilder) AclScope(org.opencastproject.security.api.AclScope) ASelectQuery(org.opencastproject.assetmanager.api.query.ASelectQuery)

Example 2 with AclScope

use of org.opencastproject.security.api.AclScope in project opencast by opencast.

the class AssetManagerWithSecurityTest method mkTestEnvironment.

/**
 * Setup the test environment.
 */
public AssetManagerWithSecurity mkTestEnvironment() throws Exception {
    final AuthorizationService authSvc = EasyMock.createNiceMock(AuthorizationService.class);
    EasyMock.expect(authSvc.getActiveAcl(EasyMock.<MediaPackage>anyObject())).andAnswer(new IAnswer<Tuple<AccessControlList, AclScope>>() {

        @Override
        public Tuple<AccessControlList, AclScope> answer() throws Throwable {
            return tuple(currentMediaPackageAcl, AclScope.Episode);
        }
    }).anyTimes();
    EasyMock.replay(authSvc);
    // 
    secSvc = EasyMock.createNiceMock(SecurityService.class);
    EasyMock.expect(secSvc.getUser()).andAnswer(new IAnswer<User>() {

        @Override
        public User answer() throws Throwable {
            return currentUser;
        }
    }).anyTimes();
    EasyMock.expect(secSvc.getOrganization()).andAnswer(new IAnswer<Organization>() {

        @Override
        public Organization answer() throws Throwable {
            return currentUser.getOrganization();
        }
    }).anyTimes();
    EasyMock.replay(secSvc);
    // 
    return new AssetManagerWithSecurity(mkAbstractAssetManager(), authSvc, secSvc);
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) IAnswer(org.easymock.IAnswer) AuthorizationService(org.opencastproject.security.api.AuthorizationService) SecurityService(org.opencastproject.security.api.SecurityService) MediaPackage(org.opencastproject.mediapackage.MediaPackage) AclScope(org.opencastproject.security.api.AclScope)

Example 3 with AclScope

use of org.opencastproject.security.api.AclScope in project opencast by opencast.

the class WorkflowMessageReceiverImpl method execute.

@Override
protected void execute(WorkflowItem workflowItem) {
    String organization = getSecurityService().getOrganization().getId();
    User user = getSecurityService().getUser();
    String eventId = null;
    switch(workflowItem.getType()) {
        case UpdateInstance:
            logger.debug("Received Update Workflow instance Entry for index {}", getSearchIndex().getIndexName());
            WorkflowInstance wf = workflowItem.getWorkflowInstance();
            MediaPackage mp = wf.getMediaPackage();
            eventId = mp.getIdentifier().toString();
            // Load or create the corresponding recording event
            Event event = null;
            try {
                event = getOrCreateEvent(eventId, organization, user, getSearchIndex());
                event.setCreator(getSecurityService().getUser().getName());
                event.setWorkflowId(wf.getId());
                event.setWorkflowDefinitionId(wf.getTemplate());
                event.setWorkflowState(wf.getState());
                WorkflowInstance.WorkflowState state = wf.getState();
                if (!(WorkflowInstance.WorkflowState.SUCCEEDED.equals(state) || WorkflowInstance.WorkflowState.FAILED.equals(state) || WorkflowInstance.WorkflowState.STOPPED.equals(state))) {
                    Tuple<AccessControlList, AclScope> activeAcl = authorizationService.getActiveAcl(mp);
                    List<ManagedAcl> acls = aclServiceFactory.serviceFor(getSecurityService().getOrganization()).getAcls();
                    Option<ManagedAcl> managedAcl = AccessInformationUtil.matchAcls(acls, activeAcl.getA());
                    if (managedAcl.isSome()) {
                        event.setManagedAcl(managedAcl.get().getName());
                    }
                    event.setAccessPolicy(AccessControlParser.toJsonSilent(activeAcl.getA()));
                    try {
                        Opt<DublinCoreCatalog> loadedDC = DublinCoreUtil.loadEpisodeDublinCore(workspace, mp);
                        if (loadedDC.isSome())
                            updateEvent(event, loadedDC.get());
                    } catch (Throwable t) {
                        logger.warn("Unable to load dublincore catalog for the workflow {}", wf.getId(), t);
                    }
                }
                updateEvent(event, mp);
            } catch (SearchIndexException e) {
                logger.error("Error retrieving the recording event from the search index: {}", e.getMessage());
                return;
            }
            // Update series name if not already done
            try {
                EventIndexUtils.updateSeriesName(event, organization, user, getSearchIndex());
            } catch (SearchIndexException e) {
                logger.error("Error updating the series name of the event to index: {}", ExceptionUtils.getStackTrace(e));
            }
            // Persist the scheduling event
            try {
                getSearchIndex().addOrUpdate(event);
                logger.debug("Workflow instance {} updated in the search index", event.getIdentifier());
            } catch (SearchIndexException e) {
                logger.error("Error retrieving the recording event from the search index: {}", e.getMessage());
                return;
            }
            return;
        case DeleteInstance:
            logger.debug("Received Delete Workflow instance Entry {}", eventId);
            eventId = workflowItem.getWorkflowInstance().getMediaPackage().getIdentifier().toString();
            // Remove the Workflow instance entry from the search index
            try {
                getSearchIndex().deleteWorkflow(organization, user, eventId, workflowItem.getWorkflowInstanceId());
                logger.debug("Workflow instance mediapackage {} removed from search index", eventId);
            } catch (NotFoundException e) {
                logger.warn("Workflow instance mediapackage {} not found for deletion", eventId);
            } catch (SearchIndexException e) {
                logger.error("Error deleting the Workflow instance entry {} from the search index: {}", eventId, ExceptionUtils.getStackTrace(e));
            }
            return;
        case AddDefinition:
            // TODO: Update the index with it as soon as the definition are part of it
            return;
        case DeleteDefinition:
            // TODO: Update the index with it as soon as the definition are part of it
            return;
        default:
            throw new IllegalArgumentException("Unhandled type of WorkflowItem");
    }
}
Also used : AccessControlList(org.opencastproject.security.api.AccessControlList) User(org.opencastproject.security.api.User) SearchIndexException(org.opencastproject.matterhorn.search.SearchIndexException) ManagedAcl(org.opencastproject.authorization.xacml.manager.api.ManagedAcl) NotFoundException(org.opencastproject.util.NotFoundException) AclScope(org.opencastproject.security.api.AclScope) WorkflowInstance(org.opencastproject.workflow.api.WorkflowInstance) MediaPackage(org.opencastproject.mediapackage.MediaPackage) Event(org.opencastproject.index.service.impl.index.event.Event) EventIndexUtils.getOrCreateEvent(org.opencastproject.index.service.impl.index.event.EventIndexUtils.getOrCreateEvent) EventIndexUtils.updateEvent(org.opencastproject.index.service.impl.index.event.EventIndexUtils.updateEvent) DublinCoreCatalog(org.opencastproject.metadata.dublincore.DublinCoreCatalog)

Aggregations

AccessControlList (org.opencastproject.security.api.AccessControlList)3 AclScope (org.opencastproject.security.api.AclScope)3 ManagedAcl (org.opencastproject.authorization.xacml.manager.api.ManagedAcl)2 MediaPackage (org.opencastproject.mediapackage.MediaPackage)2 IAnswer (org.easymock.IAnswer)1 Snapshot (org.opencastproject.assetmanager.api.Snapshot)1 AQueryBuilder (org.opencastproject.assetmanager.api.query.AQueryBuilder)1 ASelectQuery (org.opencastproject.assetmanager.api.query.ASelectQuery)1 JsonConv.digestManagedAcl (org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.digestManagedAcl)1 JsonConv.fullAccessControlList (org.opencastproject.authorization.xacml.manager.endpoint.JsonConv.fullAccessControlList)1 Util.getManagedAcl (org.opencastproject.authorization.xacml.manager.impl.Util.getManagedAcl)1 Event (org.opencastproject.index.service.impl.index.event.Event)1 EventIndexUtils.getOrCreateEvent (org.opencastproject.index.service.impl.index.event.EventIndexUtils.getOrCreateEvent)1 EventIndexUtils.updateEvent (org.opencastproject.index.service.impl.index.event.EventIndexUtils.updateEvent)1 SearchIndexException (org.opencastproject.matterhorn.search.SearchIndexException)1 DublinCoreCatalog (org.opencastproject.metadata.dublincore.DublinCoreCatalog)1 AuthorizationService (org.opencastproject.security.api.AuthorizationService)1 SecurityService (org.opencastproject.security.api.SecurityService)1 User (org.opencastproject.security.api.User)1 NotFoundException (org.opencastproject.util.NotFoundException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial