Example 36 with Role
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class JpaGroupRoleProvider method getRolesForGroup.
/**
* {@inheritDoc}
*
* @see org.opencastproject.security.api.RoleProvider#getRolesForUser(String)
*/
@Override
public List<Role> getRolesForGroup(String groupName) {
List<Role> roles = new ArrayList<Role>();
String orgId = securityService.getOrganization().getId();
Group group = UserDirectoryPersistenceUtil.findGroupByRole(groupName, orgId, emf);
if (group != null) {
for (Role role : group.getRoles()) {
JaxbRole grouprole = new JaxbRole(role.getName(), JaxbOrganization.fromOrganization(role.getOrganization()), role.getDescription(), Role.Type.DERIVED);
roles.add(grouprole);
}
} else {
logger.warn("Group {} not found", groupName);
}
return roles;
}
Also used :
JaxbRole(org.opencastproject.security.api.JaxbRole)
Role(org.opencastproject.security.api.Role)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup)
JaxbGroup(org.opencastproject.security.api.JaxbGroup)
Group(org.opencastproject.security.api.Group)
JaxbRole(org.opencastproject.security.api.JaxbRole)
ArrayList(java.util.ArrayList)
Example 37 with Role
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class JpaGroupRoleProvider method findRoles.
/**
* {@inheritDoc}
*
* @see org.opencastproject.security.api.RoleProvider#findRoles(String, Role.Target, int, int)
*/
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
if (query == null)
throw new IllegalArgumentException("Query must be set");
String orgId = securityService.getOrganization().getId();
// Here we want to return only the ROLE_GROUP_ names, not the roles associated with a group
List<JpaGroup> groups = UserDirectoryPersistenceUtil.findGroups(orgId, 0, 0, emf);
List<Role> roles = new ArrayList<Role>();
for (JpaGroup group : groups) {
if (like(group.getRole(), query))
roles.add(new JaxbRole(group.getRole(), JaxbOrganization.fromOrganization(group.getOrganization()), "", Role.Type.GROUP));
}
Set<Role> result = new HashSet<Role>();
int i = 0;
for (Role entry : roles) {
if (limit != 0 && result.size() >= limit)
break;
if (i >= offset)
result.add(entry);
i++;
}
return result.iterator();
}
Also used :
JpaGroup(org.opencastproject.security.impl.jpa.JpaGroup)
JaxbRole(org.opencastproject.security.api.JaxbRole)
Role(org.opencastproject.security.api.Role)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
JaxbRole(org.opencastproject.security.api.JaxbRole)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Example 38 with Role
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class UserDirectoryPersistenceUtil method saveRoles.
/**
* Persist a set of roles
*
* @param roles
* the roles to persist
* @param emf
* the entity manager factory
* @return the persisted roles
*/
public static Set<JpaRole> saveRoles(Set<? extends Role> roles, EntityManagerFactory emf) {
Set<JpaRole> updatedRoles = new HashSet<JpaRole>();
EntityManager em = null;
EntityTransaction tx = null;
try {
em = emf.createEntityManager();
tx = em.getTransaction();
tx.begin();
// Save or update roles
for (Role role : roles) {
JpaRole jpaRole = (JpaRole) role;
saveOrganization((JpaOrganization) jpaRole.getOrganization(), emf);
JpaRole findRole = findRole(jpaRole.getName(), jpaRole.getOrganization().getId(), emf);
if (findRole == null) {
em.persist(jpaRole);
updatedRoles.add(jpaRole);
} else {
findRole.setDescription(jpaRole.getDescription());
updatedRoles.add(em.merge(findRole));
}
}
tx.commit();
return updatedRoles;
} finally {
if (tx.isActive()) {
tx.rollback();
}
if (em != null)
em.close();
}
}
Also used :
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
Role(org.opencastproject.security.api.Role)
EntityTransaction(javax.persistence.EntityTransaction)
EntityManager(javax.persistence.EntityManager)
JpaRole(org.opencastproject.security.impl.jpa.JpaRole)
HashSet(java.util.HashSet)
Example 39 with Role
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class MoodleUserProviderInstance method getRolesForUser.
/**
* {@inheritDoc}
*
* @see org.opencastproject.security.api.RoleProvider#getRolesForUser(java.lang.String)
*/
@Override
public List<Role> getRolesForUser(String username) {
List<Role> roles = new LinkedList<>();
// Don't answer for admin, anonymous or empty user
if ("admin".equals(username) || "".equals(username) || "anonymous".equals(username)) {
logger.debug("we don't answer for: {}", username);
return roles;
}
User user = loadUser(username);
if (user != null) {
logger.debug("Returning cached role set for {}", username);
return new ArrayList<>(user.getRoles());
}
// Not found
logger.debug("Return empty role set for {} - not found in Moodle", username);
return new LinkedList<>();
}Example 40 with Role
use of org.opencastproject.security.api.Role in project opencast by opencast.
the class MoodleUserProviderInstance method findRoles.
/**
* {@inheritDoc}
* <p>
* We search for COURSEID, COURSEID_Learner, COURSEID_Instructor
*
* @see org.opencastproject.security.api.RoleProvider#findRoles(java.lang.String, org.opencastproject.security.api.Role.Target, int, int)
*/
@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
// Don't return roles for users or groups
if (target == Role.Target.USER)
return Collections.emptyIterator();
boolean exact = true;
boolean ltirole = false;
if (query.endsWith("%")) {
exact = false;
query = query.substring(0, query.length() - 1);
}
if (query.isEmpty())
return Collections.emptyIterator();
// Verify that role name ends with LEARNER_ROLE_SUFFIX or INSTRUCTOR_ROLE_SUFFIX
if (exact && !query.endsWith("_" + LEARNER_ROLE_SUFFIX) && !query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX))
return Collections.emptyIterator();
// Extract moodle course id
String moodleCourseId = query;
if (query.endsWith("_" + LEARNER_ROLE_SUFFIX)) {
moodleCourseId = query.substring(0, query.lastIndexOf("_" + LEARNER_ROLE_SUFFIX));
ltirole = true;
} else if (query.endsWith("_" + INSTRUCTOR_ROLE_SUFFIX)) {
moodleCourseId = query.substring(0, query.lastIndexOf("_" + INSTRUCTOR_ROLE_SUFFIX));
ltirole = true;
}
// Check if course matches pattern
try {
if ((coursePattern != null) && !moodleCourseId.matches(coursePattern)) {
logger.debug("verify course {} failed regexp {}", moodleCourseId, coursePattern);
return Collections.emptyIterator();
}
} catch (PatternSyntaxException e) {
logger.warn("Invalid regular expression for course pattern {} - disabling checks", coursePattern);
coursePattern = null;
}
// Roles list
List<Role> roles = new LinkedList<>();
JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
if (ltirole) {
// Query is for a Course ID and an LTI role (Instructor/Learner)
roles.add(new JaxbRole(query, jaxbOrganization, "Moodle Site Role", Role.Type.EXTERNAL));
} else {
// Course ID - return both roles
roles.add(new JaxbRole(moodleCourseId + "_" + INSTRUCTOR_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Instructor Role", Role.Type.EXTERNAL));
roles.add(new JaxbRole(moodleCourseId + "_" + LEARNER_ROLE_SUFFIX, jaxbOrganization, "Moodle Course Learner Role", Role.Type.EXTERNAL));
}
return roles.iterator();
}
Also used :
JaxbRole(org.opencastproject.security.api.JaxbRole)
Role(org.opencastproject.security.api.Role)
JaxbRole(org.opencastproject.security.api.JaxbRole)
JaxbOrganization(org.opencastproject.security.api.JaxbOrganization)
LinkedList(java.util.LinkedList)
PatternSyntaxException(java.util.regex.PatternSyntaxException)
Aggregations
Role (org.opencastproject.security.api.Role)48
JaxbRole (org.opencastproject.security.api.JaxbRole)21
User (org.opencastproject.security.api.User)21
HashSet (java.util.HashSet)17
JpaRole (org.opencastproject.security.impl.jpa.JpaRole)16
ArrayList (java.util.ArrayList)14
Organization (org.opencastproject.security.api.Organization)13
JaxbOrganization (org.opencastproject.security.api.JaxbOrganization)12
JaxbUser (org.opencastproject.security.api.JaxbUser)7
Test (org.junit.Test)6
JpaGroup (org.opencastproject.security.impl.jpa.JpaGroup)6
LinkedList (java.util.LinkedList)5
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)5
Path (javax.ws.rs.Path)4
RoleProvider (org.opencastproject.security.api.RoleProvider)4
JpaUser (org.opencastproject.security.impl.jpa.JpaUser)4
RestQuery (org.opencastproject.util.doc.rest.RestQuery)4
JSONArray (org.json.simple.JSONArray)3
JSONObject (org.json.simple.JSONObject)3
UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)3
