Examples with Role org.opencastproject.security.api.Role used on opensource projects

Example 26 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class GroupMessageReceiverImpl method execute.

@Override
protected void execute(GroupItem groupItem) {
    String organization = getSecurityService().getOrganization().getId();
    User user = getSecurityService().getUser();
    switch(groupItem.getType()) {
        case Update:
            org.opencastproject.security.api.Group jaxbGroup = groupItem.getGroup();
            logger.debug("Update the group with id '{}', name '{}', description '{}', organization '{}', roles '{}', members '{}'", jaxbGroup.getGroupId(), jaxbGroup.getName(), jaxbGroup.getDescription(), jaxbGroup.getOrganization(), jaxbGroup.getRoles(), jaxbGroup.getMembers());
            try {
                Group group = GroupIndexUtils.getOrCreate(jaxbGroup.getGroupId(), organization, user, getSearchIndex());
                group.setName(jaxbGroup.getName());
                group.setDescription(jaxbGroup.getDescription());
                group.setMembers(jaxbGroup.getMembers());
                Set<String> roles = new HashSet<>();
                for (Role role : jaxbGroup.getRoles()) {
                    roles.add(role.getName());
                }
                group.setRoles(roles);
                getSearchIndex().addOrUpdate(group);
            } catch (SearchIndexException e) {
                logger.error("Error storing the group {} to the search index: {}", jaxbGroup.getGroupId(), ExceptionUtils.getStackTrace(e));
                return;
            }
            break;
        case Delete:
            logger.debug("Received Delete Group Event {}", groupItem.getGroupId());
            // Remove the group from the search index
            try {
                getSearchIndex().delete(Group.DOCUMENT_TYPE, groupItem.getGroupId().concat(organization));
                logger.debug("Group {} removed from external search index", groupItem.getGroupId());
            } catch (SearchIndexException e) {
                logger.error("Error deleting the group {} from the search index: {}", groupItem.getGroupId(), ExceptionUtils.getStackTrace(e));
                return;
            }
            return;
        default:
            throw new IllegalArgumentException("Unhandled type of GroupItem");
    }
}

Example 27 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class SeriesServiceSolrIndex method appendAuthorization.

/**
 * Appends the authorization information to the solr query string
 *
 * @param sb
 *          the {@link StringBuilder} containing the query
 * @param forEdit
 *          if this query should return only series available to the current user for editing
 *
 * @return the appended {@link StringBuilder}
 */
protected StringBuilder appendAuthorization(StringBuilder sb, boolean forEdit) {
    User currentUser = securityService.getUser();
    Organization currentOrg = securityService.getOrganization();
    if (!currentUser.hasRole(currentOrg.getAdminRole()) && !currentUser.hasRole(GLOBAL_ADMIN_ROLE)) {
        List<String> roleList = new ArrayList<String>();
        for (Role role : currentUser.getRoles()) {
            roleList.add(role.getName());
        }
        String[] roles = roleList.toArray(new String[roleList.size()]);
        if (forEdit) {
            appendAnd(sb, SolrFields.ACCESS_CONTROL_EDIT, roles);
        } else if (roles.length > 0) {
            sb.append(" AND (");
            append(sb, "", SolrFields.ACCESS_CONTROL_CONTRIBUTE, roles);
            sb.append(" OR ");
            append(sb, "", SolrFields.ACCESS_CONTROL_READ, roles);
            sb.append(")");
        }
    }
    return sb;
}

Example 28 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class ResourceServlet method isUserAllowed.

protected boolean isUserAllowed(File aclFile) throws SAXException, IOException, XPathExpressionException {
    Document aclDoc = builder.parse(aclFile);
    XPath xPath = XPathFactory.newInstance().newXPath();
    NodeList roles = (NodeList) xPath.evaluate("//*[local-name() = 'role']", aclDoc, XPathConstants.NODESET);
    for (int i = 0; i < roles.getLength(); i++) {
        Node role = roles.item(i);
        for (Role userRole : securityService.getUser().getRoles()) {
            if (userRole.getName().equals(role.getTextContent())) {
                return true;
            }
        }
    }
    return false;
}

Example 29 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class JpaUserAndRoleProvider method getRolesForUser.

/**
 * {@inheritDoc}
 *
 * @see org.opencastproject.security.api.RoleProvider#getRolesForUser(String)
 */
@Override
public List<Role> getRolesForUser(String userName) {
    ArrayList<Role> roles = new ArrayList<Role>();
    User user = loadUser(userName);
    if (user == null)
        return roles;
    roles.addAll(user.getRoles());
    return roles;
}

Example 30 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class OrganizationRoleProvider method getRoles.

/**
 * @see org.opencastproject.security.api.RoleProvider#getRoles()
 */
@Override
public Iterator<Role> getRoles() {
    Organization organization = securityService.getOrganization();
    List<Role> roles = new ArrayList<Role>();
    // The GLOBAL_ADMIN_ROLE is provided by the InMemoryUserAndRoleProvider
    if (!GLOBAL_ADMIN_ROLE.equals(organization.getAdminRole())) {
        roles.add(new JaxbRole(organization.getAdminRole(), JaxbOrganization.fromOrganization(organization), "", Type.INTERNAL));
    }
    roles.add(new JaxbRole(organization.getAnonymousRole(), JaxbOrganization.fromOrganization(organization), "", Type.SYSTEM));
    return roles.iterator();
}