Examples with Role org.opencastproject.security.api.Role used on opensource projects

Example 41 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class SakaiUserProviderInstance method findRoles.

@Override
public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
    // We search for SITEID, SITEID_Learner, SITEID_Instructor
    logger.debug("findRoles(query=" + query + " offset=" + offset + " limit=" + limit + ")");
    // Don't return roles for users or groups
    if (target == Role.Target.USER) {
        return Collections.emptyIterator();
    }
    boolean exact = true;
    boolean ltirole = false;
    if (query.endsWith("%")) {
        exact = false;
        query = query.substring(0, query.length() - 1);
    }
    if (query.isEmpty()) {
        return Collections.emptyIterator();
    }
    // Verify that role name ends with LTI_LEARNER_ROLE or LTI_INSTRUCTOR_ROLE
    if (exact && !query.endsWith("_" + LTI_LEARNER_ROLE) && !query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
        return Collections.emptyIterator();
    }
    String sakaiSite = null;
    if (query.endsWith("_" + LTI_LEARNER_ROLE)) {
        sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_LEARNER_ROLE));
        ltirole = true;
    } else if (query.endsWith("_" + LTI_INSTRUCTOR_ROLE)) {
        sakaiSite = query.substring(0, query.lastIndexOf("_" + LTI_INSTRUCTOR_ROLE));
        ltirole = true;
    }
    if (!ltirole) {
        sakaiSite = query;
    }
    if (!verifySakaiSite(sakaiSite)) {
        return Collections.emptyIterator();
    }
    // Roles list
    List<Role> roles = new LinkedList<Role>();
    JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(organization);
    if (ltirole) {
        // Query is for a Site ID and an LTI role (Instructor/Learner)
        roles.add(new JaxbRole(query, jaxbOrganization, "Sakai Site Role", Role.Type.EXTERNAL));
    } else {
        // Site ID - return both roles
        roles.add(new JaxbRole(sakaiSite + "_" + LTI_INSTRUCTOR_ROLE, jaxbOrganization, "Sakai Site Instructor Role", Role.Type.EXTERNAL));
        roles.add(new JaxbRole(sakaiSite + "_" + LTI_LEARNER_ROLE, jaxbOrganization, "Sakai Site Learner Role", Role.Type.EXTERNAL));
    }
    return roles.iterator();
}

Example 42 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class JpaGroupRoleProviderTest method testRolesForUser.

@Test
public void testRolesForUser() throws UnauthorizedException {
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_109_SPRING_2012_STUDENT", org1));
    Set<String> members = new HashSet<String>();
    members.add("admin");
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
    provider.addGroup(group);
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_122_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_124_SPRING_2012_STUDENT", org1));
    JpaGroup group2 = new JpaGroup("test2", org1, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group2);
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_134_SPRING_2011_STUDENT", org2));
    authorities.add(new JpaRole("ROLE_ASTRO_144_SPRING_2012_STUDENT", org2));
    JpaGroup group3 = new JpaGroup("test2", org2, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group3);
    List<Role> rolesForUser = provider.getRolesForUser("admin");
    Assert.assertEquals("There should be four roles", 6, rolesForUser.size());
    rolesForUser.contains(new JpaRole(group.getRole(), org1));
    rolesForUser.contains(new JpaRole(group2.getRole(), org1));
}

Example 43 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class JpaGroupRoleProviderTest method testFindRoles.

@Test
public void testFindRoles() throws UnauthorizedException {
    // findRoles() should return a role per group, not the included roles for each group
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_109_SPRING_2012_STUDENT", org1));
    Set<String> members = new HashSet<String>();
    members.add("admin");
    JpaGroup group = new JpaGroup("test", org1, "Test", "Test group", authorities, members);
    provider.addGroup(group);
    Role role = provider.findRoles("%test%", Role.Target.ALL, 0, 0).next();
    Assert.assertEquals("ROLE_GROUP_TEST", role.getName());
    authorities.clear();
    authorities.add(new JpaRole("ROLE_ASTRO_122_SPRING_2011_STUDENT", org1));
    authorities.add(new JpaRole("ROLE_ASTRO_124_SPRING_2012_STUDENT", org1));
    JpaGroup group2 = new JpaGroup("test2", org1, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group2);
    authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_134_SPRING_2011_STUDENT", org2));
    authorities.add(new JpaRole("ROLE_ASTRO_144_SPRING_2012_STUDENT", org2));
    JpaGroup group3 = new JpaGroup("test2", org2, "Test2", "Test 2 group", authorities, members);
    provider.addGroup(group3);
    Assert.assertEquals(0, IteratorUtils.toList(provider.findRoles("%PrIn%", Role.Target.ALL, 0, 0)).size());
    Assert.assertEquals(0, IteratorUtils.toList(provider.findRoles("%PrIn%", Role.Target.ALL, 0, 1)).size());
    Assert.assertEquals(2, IteratorUtils.toList(provider.findRoles("%test%", Role.Target.ALL, 0, 2)).size());
}

Example 44 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class UserAndRoleDirectoryServiceImplTest method testUserMerge.

@Test
public void testUserMerge() throws Exception {
    User mergedUser = directory.loadUser(userName);
    Set<Role> roles = mergedUser.getRoles();
    assertTrue(roles.contains(role1));
    assertTrue(roles.contains(role2));
    assertTrue(roles.contains(role3));
    assertNotNull(mergedUser.getPassword());
    assertEquals(org.getId(), mergedUser.getOrganization().getId());
    assertEquals(userName, mergedUser.getUsername());
    assertEquals("matterhorn,test", mergedUser.getProvider());
    assertTrue(mergedUser.isManageable());
    assertTrue(((JaxbUser) mergedUser).isManageable());
}

Example 45 with Role

use of org.opencastproject.security.api.Role in project opencast by opencast.

the class UserDirectoryUtils method isCurrentUserAuthorizedHandleRoles.

/**
 * Return false if the current user hasn't an admin role and the roles list contain same role, true otherwise
 *
 * @param securityService the SecurityService
 * @param roles roles list to test
 * @return true if the roles list doesn't contain an admin role
 *            or if the current user is allowed to create, update or delete users or groups with the given roles
 */
public static boolean isCurrentUserAuthorizedHandleRoles(SecurityService securityService, Set<Role> roles) {
    User user = securityService.getUser();
    if (user == null)
        return false;
    Organization org = user.getOrganization();
    for (Role role : roles) {
        if (StringUtils.equals(SecurityConstants.GLOBAL_ADMIN_ROLE, role.getName()))
            return user.hasRole(SecurityConstants.GLOBAL_ADMIN_ROLE);
        if (org != null && StringUtils.equals(org.getAdminRole(), role.getName()))
            return user.hasRole(SecurityConstants.GLOBAL_ADMIN_ROLE) || user.hasRole(org.getAdminRole());
    }
    return true;
}