Examples of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.security.IAuthorizationPrincipal
An IAuthorizationPrincipal represents a portal entity to which IPermissions have been granted. Such an entity could be an IGroupMember, an IChannel or an IPerson. @author Dan Ellentuck @version $Revision: 19776 $

            if (IPortletRenderer.CONFIG.equals(portletMode)) {
                final IPerson person = this.personManager.getPerson(httpServletRequest);
                
                final EntityIdentifier ei = person.getEntityIdentifier();
                final AuthorizationService authorizationService = AuthorizationService.instance();
                final IAuthorizationPrincipal ap = authorizationService.newPrincipal(ei.getKey(), ei.getType());
                
                final IPortletEntity portletEntity = portletWindow.getPortletEntity();
                final IPortletDefinition portletDefinition = portletEntity.getPortletDefinition();
                
                if (!ap.canConfigure(portletDefinition.getPortletDefinitionId().getStringId())) {


                    logger.error("User {} attempted to use portlet {} in {} but lacks permission to use that mode.  " +
                            "THIS MAY BE AN ATTEMPT TO EXPLOIT A HISTORICAL SECURITY FLAW.  " +
                            "You should probably figure out who this user is and why they are trying to access " +
                            "unauthorized portlet modes.",

View Full Code Here

        this.permissionStore = permissionStore;
    }


    public boolean canEditOwner(IPerson currentUser, String owner) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }


    public boolean canViewOwner(IPerson currentUser, String owner) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }


    public boolean canEditActivity(IPerson currentUser, String activity) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }


    public boolean canViewActivity(IPerson currentUser, String activity) {
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

     * @see org.jasig.portal.portlets.permissionsadmin.IPermissionAdministrationHelper#canEditPermission(org.jasig.portal.security.IPerson, java.lang.String)
     */
    public boolean canEditPermission(IPerson currentUser, String target) {
        
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, EDIT_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

     * @see org.jasig.portal.portlets.permissionsadmin.IPermissionAdministrationHelper#canViewPermission(org.jasig.portal.security.IPerson, java.lang.String)
     */
    public boolean canViewPermission(IPerson currentUser, String target) {
        
        EntityIdentifier ei = currentUser.getEntityIdentifier();
        IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
        return (ap.hasPermission(PERMISSIONS_OWNER, VIEW_PERMISSION, ALL_PERMISSIONS_TARGET));
    }

View Full Code Here

    public boolean canRender(final String userName, final String fname) {
        if (userName == null || fname == null) {
            return false;
        }
        
        final IAuthorizationPrincipal userPrincipal = this.getUserPrincipal(userName);
        if (userPrincipal == null) {
            return false;
        }
        
        final String portletId;
        try {
            final IPortletDefinition portletDefinition = this.portletDefinitionRegistry.getPortletDefinitionByFname(fname);
            if (portletDefinition == null) {
                if (this.logger.isInfoEnabled()) {
                    this.logger.info("No PortletDefinition for fname='" + fname + "', returning false.");
                }


                return false;
            }
            
            portletId = portletDefinition.getPortletDefinitionId().getStringId();
        }
        catch (Exception e) {
            this.logger.warn("Could not find PortletDefinition for fname='" + fname + "' while checking if user '" + userName + "' can render it. Returning FALSE.", e);
            return false;
        }
        
        return userPrincipal.canRender(portletId);
    }

View Full Code Here

            return false;
        }


        final HttpServletRequest currentRequest = portalRequestUtils.getCurrentPortalRequest();
        final IPerson currentUser = personManager.getPerson((HttpServletRequest) currentRequest);
        final IAuthorizationPrincipal authPrincipal = this.getUserPrincipal(currentUser.getUserName());
        
        final boolean rslt = authPrincipal != null
                ? authPrincipal.hasPermission(owner, activity, target)
                : false;
        return rslt;


    }

View Full Code Here

     * @see org.jasig.portal.portlets.lookup.IPersonLookupHelper#searchForPeople(org.jasig.portal.security.IPerson, java.util.Map)
     */
    public List<IPersonAttributes> searchForPeople(final IPerson searcher, final Map<String, Object> query) {


        // get the IAuthorizationPrincipal for the searching user
        final IAuthorizationPrincipal principal = getPrincipalForUser(searcher);


        // build a set of all possible user attributes the current user has 
        // permission to view
        final Set<String> permittedAttributes = getAvailableAttributes(principal);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jasig.portal.security.IAuthorizationPrincipal

org.jasig.portal.AbstractChannelRegistryStore

org.jasig.portal.api.groups.EntityFactory

org.jasig.portal.api.groups.EntityService

org.jasig.portal.api.permissions.ApiPermissionsService

org.jasig.portal.channel.ChannelPublishingServiceImpl

org.jasig.portal.channel.JpaChannelRegistryStore

org.jasig.portal.ChannelRegistryManager

org.jasig.portal.channels.adminnav.provider.ListModel

org.jasig.portal.channels.error.CError

org.jasig.portal.channels.groupsmanager.commands.GroupsManagerCommand

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.