Examples with IPentahoBasicAclEntry - org.pentaho.platform.api.engine.IPentahoBasicAclEntry

Example 1 with IPentahoBasicAclEntry

use of org.pentaho.platform.api.engine.IPentahoBasicAclEntry in project pentaho-platform by pentaho.

the class PentahoBasicAclVoter method hasAccess.

public boolean hasAccess(final IPentahoSession session, final IAclHolder holder, final int mask) {
    Authentication auth = getAuthentication(session);
    // If we're not authenticated, default to no access and return.
    if (auth == null) {
        return false;
    }
    // admins can do anything they want!
    if (isPentahoAdministrator(session)) {
        return true;
    }
    IAclEntry[] effectiveAcls = getEffectiveAcls(session, holder);
    if ((effectiveAcls == null) || (effectiveAcls.length == 0)) {
        return false;
    }
    for (IAclEntry element : effectiveAcls) {
        IPentahoBasicAclEntry acl = (IPentahoBasicAclEntry) element;
        if (acl.isPermitted(mask)) {
            return true;
        }
    }
    return false;
}

Also used : IAclEntry(org.pentaho.platform.api.engine.IAclEntry) Authentication(org.springframework.security.core.Authentication) IPentahoBasicAclEntry(org.pentaho.platform.api.engine.IPentahoBasicAclEntry)

Example 2 with IPentahoBasicAclEntry

use of org.pentaho.platform.api.engine.IPentahoBasicAclEntry in project pentaho-platform by pentaho.

the class PentahoUserOverridesVoter method getEffectiveAcls.

@Override
public IAclEntry[] getEffectiveAcls(final IPentahoSession session, final IAclHolder holder) {
    Authentication auth = getAuthentication(session);
    // User is un-authenticated. Return no access controls.
    if (auth == null) {
        return null;
    }
    IAclEntry[] objectAcls = super.getEffectiveAcls(session, holder);
    if (objectAcls == null) {
        return null;
    }
    Object principal = auth.getPrincipal();
    String userName = null;
    if (principal instanceof UserDetails) {
        userName = ((UserDetails) principal).getUsername();
    } else {
        userName = principal.toString();
    }
    for (IAclEntry element : objectAcls) {
        // First, search for the user name in the objectAcls. If it's there,
        // then that
        // overrides anything else. It's the only acl returned.
        IPentahoBasicAclEntry entry = (IPentahoBasicAclEntry) element;
        String recipient = entry.getRecipient().toString();
        // ACL.
        if (recipient.equals(userName)) {
            return new IAclEntry[] { entry };
        }
    }
    // settings.
    return objectAcls;
}

Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) IAclEntry(org.pentaho.platform.api.engine.IAclEntry) Authentication(org.springframework.security.core.Authentication) IPentahoBasicAclEntry(org.pentaho.platform.api.engine.IPentahoBasicAclEntry)

Aggregations

IAclEntry (org.pentaho.platform.api.engine.IAclEntry)2 IPentahoBasicAclEntry (org.pentaho.platform.api.engine.IPentahoBasicAclEntry)2 Authentication (org.springframework.security.core.Authentication)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)1