Examples with Organization org.opencastproject.security.api.Organization used on opensource projects

Example 26 with Organization

use of org.opencastproject.security.api.Organization in project opencast by opencast.

the class UserAndRoleDirectoryServiceImpl method loadUser.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.security.api.UserDirectoryService#loadUser(java.lang.String)
 */
@Override
public User loadUser(String userName) throws IllegalStateException {
    Organization org = securityService.getOrganization();
    if (org == null) {
        throw new IllegalStateException("No organization is set");
    }
    Object user = cache.getUnchecked(tuple(org.getId(), userName));
    if (user == nullToken) {
        cache.invalidate(tuple(org.getId(), userName));
        return null;
    } else {
        return (User) user;
    }
}

Example 27 with Organization

use of org.opencastproject.security.api.Organization in project opencast by opencast.

the class UserAndRoleDirectoryServiceImpl method findRoles.

@Override
@SuppressWarnings("unchecked")
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
    if (query == null)
        throw new IllegalArgumentException("Query must be set");
    Organization org = securityService.getOrganization();
    if (org == null)
        throw new IllegalStateException("No organization is set");
    // Find all roles from the role providers
    Stream<Role> roles = Stream.empty();
    for (RoleProvider roleProvider : roleProviders) {
        String providerOrgId = roleProvider.getOrganization();
        if (!ALL_ORGANIZATIONS.equals(providerOrgId) && !org.getId().equals(providerOrgId))
            continue;
        roles = roles.append(IteratorUtils.toList(roleProvider.findRoles(query, target, 0, 0))).sort(roleComparator);
    }
    return roles.drop(offset).apply(limit > 0 ? StreamOp.<Role>id().take(limit) : StreamOp.<Role>id()).iterator();
}

Example 28 with Organization

use of org.opencastproject.security.api.Organization in project opencast by opencast.

the class UserAndRoleDirectoryServiceImpl method findUsers.

@Override
@SuppressWarnings("unchecked")
public Iterator<User> findUsers(String query, int offset, int limit) {
    if (query == null)
        throw new IllegalArgumentException("Query must be set");
    Organization org = securityService.getOrganization();
    if (org == null)
        throw new IllegalStateException("No organization is set");
    // Find all users from the user providers
    Stream<User> users = Stream.empty();
    for (final UserProvider userProvider : userProviders) {
        String providerOrgId = userProvider.getOrganization();
        if (!ALL_ORGANIZATIONS.equals(providerOrgId) && !org.getId().equals(providerOrgId))
            continue;
        users = users.append(IteratorUtils.toList(userProvider.findUsers(query, 0, 0))).sort(userComparator);
    }
    return users.drop(offset).apply(limit > 0 ? StreamOp.<User>id().take(limit) : StreamOp.<User>id()).iterator();
}

Example 29 with Organization

use of org.opencastproject.security.api.Organization in project opencast by opencast.

the class UserAndRoleDirectoryServiceImpl method invalidate.

@Override
public void invalidate(String userName) {
    for (UserProvider userProvider : userProviders) {
        userProvider.invalidate(userName);
    }
    Organization org = securityService.getOrganization();
    if (org == null)
        throw new IllegalStateException("No organization is set");
    cache.invalidate(tuple(org.getId(), userName));
    logger.trace("Invalidated user {} from user directories", userName);
}

Example 30 with Organization

use of org.opencastproject.security.api.Organization in project opencast by opencast.

the class OpencastLdapAuthoritiesPopulator method addAuthorities.

/**
 * Add the specified authorities to the provided set
 *
 * @param authorities
 *          a set containing the authorities
 * @param values
 *          the values to add to the set
 */
private void addAuthorities(Set<GrantedAuthority> authorities, String[] values) {
    if (values != null) {
        Organization org = securityService.getOrganization();
        if (!organization.equals(org)) {
            throw new SecurityException(String.format("Current request belongs to the organization \"%s\". Expected \"%s\"", org.getId(), organization.getId()));
        }
        for (String value : values) {
            /*
         * Please note the prefix logic for roles:
         *
         * - Roles that start with any of the "exclude prefixes" are left intact
         * - In any other case, the "role prefix" is prepended to the roles read from LDAP
         *
         * This only applies to the prefix addition. The conversion to uppercase is independent from these
         * considerations
         */
            String authority;
            if (uppercase)
                authority = StringUtils.trimToEmpty(value).replaceAll(ROLE_CLEAN_REGEXP, ROLE_CLEAN_REPLACEMENT).toUpperCase();
            else
                authority = StringUtils.trimToEmpty(value).replaceAll(ROLE_CLEAN_REGEXP, ROLE_CLEAN_REPLACEMENT);
            // Ignore the empty parts
            if (!authority.isEmpty()) {
                // Check if this role is a group role and assign the groups appropriately
                List<Role> groupRoles;
                if (groupRoleProvider != null)
                    groupRoles = groupRoleProvider.getRolesForGroup(authority);
                else
                    groupRoles = Collections.emptyList();
                // Try to add the prefix if appropriate
                String prefix = this.prefix;
                if (!prefix.isEmpty()) {
                    boolean hasExcludePrefix = false;
                    for (String excludePrefix : excludedPrefixes) {
                        if (authority.startsWith(excludePrefix)) {
                            hasExcludePrefix = true;
                            break;
                        }
                    }
                    if (hasExcludePrefix)
                        prefix = "";
                }
                authority = (prefix + authority).replaceAll(ROLE_CLEAN_REGEXP, ROLE_CLEAN_REPLACEMENT);
                debug("Parsed LDAP role \"{}\" to role \"{}\"", value, authority);
                if (!groupRoles.isEmpty()) {
                    // The authority is a group role
                    debug("Found group for the group with group role \"{}\"", authority);
                    for (Role role : groupRoles) {
                        authorities.add(new SimpleGrantedAuthority(role.getName()));
                        logger.debug("\tAdded role from role \"{}\"'s group: {}", authority, role);
                    }
                }
                // Finally, add the authority itself
                authorities.add(new SimpleGrantedAuthority(authority));
            } else {
                debug("Found empty authority. Ignoring...");
            }
        }
    }
}