public boolean canManageAnyCustomField() { try { return GrouperHelper.canUserEditAnyCustomAttribute(group); }catch(Exception e) { throw new RuntimeException(e); } }
/** * Returns direct privileges for member on group or stem * @param s * @param groupOrStem * @param member * @return Map keyed on name of privs which are directly assigned */ public static Map getImmediateHas(GrouperSession s,GroupOrStem groupOrStem,Member member) throws SchemaException{ Map map = getAllHas(s,groupOrStem,member); return (Map)map.get("subject"); }
/** * Given a composite return a Map for use in Tiles * @param grouperSession * @param comp * @return a Map representing a Composite, for use in Tiles / JSTL * @throws GroupNotFoundException * @throws MemberNotFoundException * @throws SchemaException */ public static Map getCompositeMap(GrouperSession grouperSession,Composite comp) throws GroupNotFoundException,MemberNotFoundException,SchemaException,SubjectNotFoundException{ return getCompositeMap(grouperSession,comp,null); }
while(fieldsIt.hasNext()) { field = (Field)fieldsIt.next(); if(("read".equals(priv) && canRead(s,field,g)) ||("write".equals(priv) && canWrite(s,field,g))) { fieldsMap.put(field.getName(),Boolean.TRUE); accumulateFields(fieldsMap.keySet()); return fieldsMap;
if(GrouperHelper.isRoot(s) && "true".equals(chainedMediaBundle.getString("act-as-admin.default"))) { session.setAttribute("activeWheelGroupMember",true); PersonalStem personalStemInstance = (PersonalStem) Class .forName(personalStem).newInstance(); GrouperHelper.createIfAbsentPersonalStem(s,personalStemInstance); if(getAuthUser(session)!=null) session.setAttribute("sessionInited", Boolean.TRUE); try{ session.setAttribute("fieldList",GrouperHelper.getFieldsAsMap()); }catch(Exception e) { LOG.error("Error retrieving Fields: " + e.getMessage());
/** * For a group id, for all its types, return fields of type LIST which the session user can write * @param s * @param g * @return List of list fields for group * @throws Exception */ public static List getWritableListFieldsForGroup(GrouperSession s,Group g) throws Exception{ List writable = getListFieldsForGroup(s,g); Field field; String name; Iterator it = writable.iterator(); while(it.hasNext()) { name=(String)it.next(); field=FieldFinder.find(name); if(!g.canReadField(field)) it.remove(); } accumulateFields(writable); return writable; }
field = (Field)fieldsIt.next(); if(field.getType().equals(FieldType.LIST)&& !"members".equals(field.getName())) { if(canRead(s,field,g)) { lists.add(field.getName()); accumulateFields(lists); return lists;
groupMap=GrouperHelper.group2Map(s,via); }else{ groupMap=GrouperHelper.getCompositeMap(s,comp); if(!pm.getMember().getSubjectId().equals(via.getUuid())) { g = GroupFinder.findByUuid(s,pm.getMember().getSubjectId()); groupMap=GrouperHelper.group2Map(s,g); groupMap.put("listField",pm.getList().getName()); chain.add(groupMap);
allPrivs = member.getPrivs(groupOrStem.getGroup()); try { effectiveMemberships = getEffectiveMembershipsForGroupAndSubject(s,groupOrStem.getGroup(),member.getSubject(),field); }catch(Exception e){} }else{ privs.put("group",group2Map(s,GroupFinder.findByUuid(s,priv.getOwner().getId()))); privs.put(priv.getName(),Boolean.TRUE); if(effectiveMemberships.containsKey(priv.getOwner())) { effectiveMemberships.remove(nPriv.getOwner()); privs.put("group",group2Map(s,GroupFinder.findByUuid(s,nPriv.getOwner().getId()))); }catch(GroupNotFoundException e){} effectivePrivs.put(nPriv.getName(),Boolean.TRUE); if(privs==null) { privs=new HashMap(); privs.put("group",group2Map(s,effGroup)); privs.put("member",Boolean.TRUE); results.put(effGroup.getUuid(),privs);
/** * Retrieve list of attributes which can be searched * @return List of searchable fields * @throws SchemaException */ public static List getSearchableFields(ResourceBundle bundle) throws SchemaException{ List res = new ArrayList(); List<String> names=new ArrayList(); for (int i=0;i<searchableGroupFields.length;i++) { Map map = new HashMap(); map.put("name",searchableGroupFields[i]); map.put("displayName",bundle.getString("field.displayName." + searchableGroupFields[i])); res.add(map); names.add(searchableGroupFields[i]); } for (AttributeDefName legacyAttribute : GroupTypeFinder.internal_findAllLegacyAttributes()) { String name = legacyAttribute.getLegacyAttributeName(true); if(noSearchFields.indexOf(":" + name + ":") == -1) { names.add(name); res.add(ObjectAsMap.getInstance("FieldAsMap",legacyAttribute)); } } accumulateFields(names); return res; }
/** * Checks key groups.create.grant.all to determine pre-selected privs to * be checked in the UI. If not set, checks default assignments in the Grouper API * @param mediaBundle * @return Map keyed on Access privilege names */ public static Map getDefaultAccessPrivsForUI(ResourceBundle mediaBundle){ String privStr = null; try { privStr = mediaBundle.getString("groups.create.grant.all"); }catch(Exception e){} if(privStr==null || "".equals(privStr)) return getDefaultAccessPrivsForGrouperAPI(); Map privs = new HashMap(); if("none".equals(privStr)) return privs; String[] privArr = privStr.split(" "); for(int i=0;i<privArr.length;i++) { privs.put(privArr[i],Boolean.TRUE); } return privs; }
/** * Given a GroupeGroup or GrouperStem id, an array of subjects and an array of * privileges, grant the privileges to each subject for the GrouperStem or * GrouperGroup * * @param s GrouperSession for authenticated user * @param stemOrGroupId GrouperGroup or GrouperStem id * @param members array of Subjects * @param privileges array of privileges * @param forStems indicates GrouperStem */ public static void assignPrivileges(GrouperSession s, String stemOrGroupId, Subject[] members, String[] privileges, boolean forStems) throws SchemaException,MemberAddException,InsufficientPrivilegeException,MemberNotFoundException, GrantPrivilegeException{ assignPrivileges(s,stemOrGroupId,members,privileges,forStems,FieldFinder.find("members")); }
/** * For a group id, for all its types, return fields of type LIST which the session user can read or write * @param s * @param g * @return List of list fields for group * @throws Exception */ public static List getReadableListFieldsForGroup(GrouperSession s,Group g) throws Exception{ List readable = getListFieldsForGroup(s,g); Field field; String name; Iterator it = readable.iterator(); while(it.hasNext()) { name=(String)it.next(); field=FieldFinder.find(name); if(!g.canReadField(field)&& !g.canWriteField(field)) it.remove(); } accumulateFields(readable); return readable; }
/** * For a given subject determine all the custom list fields they appear in * @param s * @param subject * @return List of field names the subject is a member of * @throws Exception */ public static List getListFieldsForSubject(GrouperSession s,Subject subject) throws Exception{ Set lists = FieldFinder.findAllByType(FieldType.LIST); List res = new ArrayList(); Iterator it = lists.iterator(); Field field; Set memberships; while(it.hasNext()) { field = (Field)it.next(); if(!"members".equals(field.getName())) { memberships = MemberFinder.findBySubject(s,subject).getMemberships(field); if(memberships.size()>0) { res.add(field.getName()); } } } accumulateFields(res); return res; }
/** * Returns indirect privileges for member on the group or stem - but not how derived * @param s * @param groupOrStem * @param member * @return Map keyed on name of privs which are indirectly assigned */ public static Map getEffectiveHas(GrouperSession s,GroupOrStem groupOrStem,Member member,Field field) throws SchemaException{ Map map =getAllHas(s,groupOrStem,member,field); return (Map)map.get("effectivePrivs"); }
/** * Returns direct privileges for member on group or stem * @param s * @param groupOrStem * @param member * @param field * @return Map keyed on name of privs which are directly assigned * @throws SchemaException */ public static Map getImmediateHas(GrouperSession s,GroupOrStem groupOrStem,Member member,Field field) throws SchemaException{ Map map = getAllHas(s,groupOrStem,member,field); return (Map)map.get("subject"); }
/** * Returns indirect privileges for member on the group or stem * @param s * @param groupOrStem * @param member * @return Map keyed on privilege name for indirect privileges for member on the group or stem, and how derived */ public static Map getExtendedHas(GrouperSession s,GroupOrStem groupOrStem,Member member,Field field) throws SchemaException{ Map map =getAllHas(s,groupOrStem,member,field); map.remove("subject"); map.remove("effectivePrivs"); return map; }
/** * Returns all privileges, direct and indirect, that member has for group or stem * @param s * @param groupOrStem * @param member * @return Map keyed on privilege names - whether direct or indirect * @throws SchemaException */ public static Map getAllHas(GrouperSession s,GroupOrStem groupOrStem,Member member) throws SchemaException{ return getAllHas(s,groupOrStem,member,FieldFinder.find("members")); }
/** * Supplement group maps with privilege info for provided subject * assuming subject has any privileges for this group * @param s * @param groups * @param subject * @return a List of embellished groups */ public static List embellishGroupMapsWithSubjectPrivs(GrouperSession s,List groups,Subject subject) throws Exception{ GroupAsMap group; Map privs=null; Member member = MemberFinder.findBySubject(s,subject); GroupOrStem gs = null; for (int i=0;i<groups.size();i++) { group = (GroupAsMap)groups.get(i); gs=GroupOrStem.findByGroup(s, (Group)group.getWrappedObject()); privs=getAllHas(s,gs,member); group.put("subjectPrivs", privs); group.put("privsSubject", subject.getId()); } return groups; }