use of org.opennms.web.springframework.security.OnmsAuthenticationDetails in project opennms by OpenNMS.
the class SetUserGroupController method handleRequestInternal.
@Override
protected ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
boolean shouldFilter = AclUtils.shouldFilter(SecurityContextHolder.getContext().getAuthentication().getAuthorities());
if (httpServletRequest.getMethod().equals(METHOD_POST) && shouldFilter) {
String userGroups = httpServletRequest.getParameter("j_usergroups");
String[] userGroupList;
if (userGroups != null) {
String[] split = userGroups.split(",");
userGroupList = split[0].equals("") ? null : split;
} else {
userGroupList = null;
}
OnmsAuthenticationDetails details = (OnmsAuthenticationDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
details.setUserGroups(userGroupList);
String[] groupNames;
String user = SecurityContextHolder.getContext().getAuthentication().getName();
List<Group> groups = m_groupDao.findGroupsForUser(user);
groupNames = new String[groups.size()];
for (int i = 0; i < groups.size(); i++) {
groupNames[i] = groups.get(i).getName();
}
if (details.getUserGroups() != null && details.getUserGroups().length > 0) {
Set<String> detailsSet = new HashSet<String>(Arrays.asList(details.getUserGroups()));
Set<String> groupSet = new HashSet<String>(Arrays.asList(groupNames));
if (groupSet.containsAll(detailsSet)) {
groupNames = details.getUserGroups();
}
}
m_filterManager.enableAuthorizationFilter(groupNames);
}
return null;
}
Aggregations