use of org.opencastproject.security.api.Role in project opencast by opencast.
the class GroupMessageReceiverImpl method execute.
@Override
protected void execute(GroupItem groupItem) {
String organization = getSecurityService().getOrganization().getId();
User user = getSecurityService().getUser();
switch(groupItem.getType()) {
case Update:
org.opencastproject.security.api.Group jaxbGroup = groupItem.getGroup();
logger.debug("Update the group with id '{}', name '{}', description '{}', organization '{}', roles '{}', members '{}'", jaxbGroup.getGroupId(), jaxbGroup.getName(), jaxbGroup.getDescription(), jaxbGroup.getOrganization(), jaxbGroup.getRoles(), jaxbGroup.getMembers());
try {
Group group = GroupIndexUtils.getOrCreate(jaxbGroup.getGroupId(), organization, user, getSearchIndex());
group.setName(jaxbGroup.getName());
group.setDescription(jaxbGroup.getDescription());
group.setMembers(jaxbGroup.getMembers());
Set<String> roles = new HashSet<>();
for (Role role : jaxbGroup.getRoles()) {
roles.add(role.getName());
}
group.setRoles(roles);
getSearchIndex().addOrUpdate(group);
} catch (SearchIndexException e) {
logger.error("Error storing the group {} to the search index: {}", jaxbGroup.getGroupId(), ExceptionUtils.getStackTrace(e));
return;
}
break;
case Delete:
logger.debug("Received Delete Group Event {}", groupItem.getGroupId());
// Remove the group from the search index
try {
getSearchIndex().delete(Group.DOCUMENT_TYPE, groupItem.getGroupId().concat(organization));
logger.debug("Group {} removed from external search index", groupItem.getGroupId());
} catch (SearchIndexException e) {
logger.error("Error deleting the group {} from the search index: {}", groupItem.getGroupId(), ExceptionUtils.getStackTrace(e));
return;
}
return;
default:
throw new IllegalArgumentException("Unhandled type of GroupItem");
}
}
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class SeriesServiceSolrIndex method appendAuthorization.
/**
* Appends the authorization information to the solr query string
*
* @param sb
* the {@link StringBuilder} containing the query
* @param forEdit
* if this query should return only series available to the current user for editing
*
* @return the appended {@link StringBuilder}
*/
protected StringBuilder appendAuthorization(StringBuilder sb, boolean forEdit) {
User currentUser = securityService.getUser();
Organization currentOrg = securityService.getOrganization();
if (!currentUser.hasRole(currentOrg.getAdminRole()) && !currentUser.hasRole(GLOBAL_ADMIN_ROLE)) {
List<String> roleList = new ArrayList<String>();
for (Role role : currentUser.getRoles()) {
roleList.add(role.getName());
}
String[] roles = roleList.toArray(new String[roleList.size()]);
if (forEdit) {
appendAnd(sb, SolrFields.ACCESS_CONTROL_EDIT, roles);
} else if (roles.length > 0) {
sb.append(" AND (");
append(sb, "", SolrFields.ACCESS_CONTROL_CONTRIBUTE, roles);
sb.append(" OR ");
append(sb, "", SolrFields.ACCESS_CONTROL_READ, roles);
sb.append(")");
}
}
return sb;
}
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class ResourceServlet method isUserAllowed.
protected boolean isUserAllowed(File aclFile) throws SAXException, IOException, XPathExpressionException {
Document aclDoc = builder.parse(aclFile);
XPath xPath = XPathFactory.newInstance().newXPath();
NodeList roles = (NodeList) xPath.evaluate("//*[local-name() = 'role']", aclDoc, XPathConstants.NODESET);
for (int i = 0; i < roles.getLength(); i++) {
Node role = roles.item(i);
for (Role userRole : securityService.getUser().getRoles()) {
if (userRole.getName().equals(role.getTextContent())) {
return true;
}
}
}
return false;
}
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class JpaUserAndRoleProvider method getRolesForUser.
/**
* {@inheritDoc}
*
* @see org.opencastproject.security.api.RoleProvider#getRolesForUser(String)
*/
@Override
public List<Role> getRolesForUser(String userName) {
ArrayList<Role> roles = new ArrayList<Role>();
User user = loadUser(userName);
if (user == null)
return roles;
roles.addAll(user.getRoles());
return roles;
}
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class OrganizationRoleProvider method getRoles.
/**
* @see org.opencastproject.security.api.RoleProvider#getRoles()
*/
@Override
public Iterator<Role> getRoles() {
Organization organization = securityService.getOrganization();
List<Role> roles = new ArrayList<Role>();
// The GLOBAL_ADMIN_ROLE is provided by the InMemoryUserAndRoleProvider
if (!GLOBAL_ADMIN_ROLE.equals(organization.getAdminRole())) {
roles.add(new JaxbRole(organization.getAdminRole(), JaxbOrganization.fromOrganization(organization), "", Type.INTERNAL));
}
roles.add(new JaxbRole(organization.getAnonymousRole(), JaxbOrganization.fromOrganization(organization), "", Type.SYSTEM));
return roles.iterator();
}
Aggregations