/** * @see TokenHolder#copyToken(IObject, IObject) */ public void copyToken(IObject source, IObject copy) { tokenHolder.copyToken(source, copy); }
public boolean allowCreation(IObject iObject) { if (tokenHolder.hasPrivilegedToken(iObject)) { return true; } return false; }
tokenHolder.setToken(graphHolder); // oneTimeToken } finally { for (GraphHolder graphHolder : ghs) { tokenHolder.clearToken(graphHolder);
public Event newEvent(Session session, EventType type, TokenHolder tokenHolder) { BasicEventContext c = current(); Event e = new Event(); e.setType(type); e.setTime(new Timestamp(System.currentTimeMillis())); tokenHolder.setToken(e.getGraphHolder()); e.getDetails().setPermissions(Permissions.READ_ONLY); // Proxied if necessary e.setExperimenter(c.getOwner()); e.setExperimenterGroup(c.getGroup()); e.setSession(session); c.setEvent(e); return e; }
/** * Simplified factory method which generates all the security primitives * internally. Primarily useful for generated testing instances. * @param sm the session manager * @param sf the session factory * @param cache the session cache * @return a configured security system */ public static BasicSecuritySystem selfConfigure(SessionManager sm, ServiceFactory sf, SessionCache cache) { CurrentDetails cd = new CurrentDetails(cache); SystemTypes st = new SystemTypes(); TokenHolder th = new TokenHolder(); Roles roles = new Roles(); final SessionProvider sessionProvider = new SessionProviderInMemory(roles, new NodeProviderInMemory(""), null); final OmeroInterceptor oi = new OmeroInterceptor(roles, st, new ExtendedMetadata.Impl(), cd, th, new PerSessionStats(cd), new LightAdminPrivileges(roles), null, new HashSet<String>(), new HashSet<String>()); SecurityFilterHolder holder = new SecurityFilterHolder( cd, new OneGroupSecurityFilter(roles), new AllGroupsSecurityFilter(null, roles), new SharingSecurityFilter(roles, null)); BasicSecuritySystem sec = new BasicSecuritySystem(oi, st, cd, sm, sessionProvider, new EventProviderInMemory(), roles, sf, new TokenHolder(), Collections.<SecurityFilter>singletonList(holder), new DefaultPolicyService(), new BasicACLVoter(cd, st, th, holder, sessionProvider, new ReadOnlyStatus(false, false))); return sec; }
/** * @see TokenHolder#hasPrivilegedToken(IObject) */ public boolean hasPrivilegedToken(IObject obj) { return tokenHolder.hasPrivilegedToken(obj); }
protected void propagateHiddenValues(IObject from, IObject to) { th.copyToken(from, to); if (from.getDetails() != null && from.getDetails().filteredSize() > 0) { to.getDetails().addFiltered(from.getDetails().filteredSet()); } }
if (tokenHolder.hasPrivilegedToken(iObject)) { return true; } else if (!sysType) {
if (tokenHolder.hasPrivilegedToken(iobj)) { privileged = true;
final Details newDetails) { if (tokenHolder.hasPrivilegedToken(obj)) { return obj.getDetails(); // EARLY EXIT
if (tokenHolder.hasPrivilegedToken(iObject)) { return 1; // ticket:1794, allow move to "user } else if (!sysTypeOrUsrGroup && currentUser.isGraphCritical(d)) { //ticket:1769