protected boolean isGlobalSearchFolderPermitted() { return userSessionSource.getUserSession().isSpecificPermitted("cuba.gui.searchFolder.global"); }
@Override public boolean isSpecificPermitted(String name) { return userSessionSource.getUserSession().isSpecificPermitted(name); }
protected boolean isGlobalAppFolderPermitted() { return userSessionSource.getUserSession().isSpecificPermitted("cuba.gui.appFolder.global"); } }
protected boolean uerCanEditGlobalFilter() { return userSessionSource.getUserSession().isSpecificPermitted(GLOBAL_FILTER_PERMISSION); }
return; if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return;
return; if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return;
return; if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return;
private Node<BasicPermissionTarget> filterNode(UserSession session, Node<BasicPermissionTarget> rootNode) { Node<BasicPermissionTarget> filteredRootNode = new Node<>(rootNode.getData()); rootNode.getChildren().stream() .filter(child -> session.isSpecificPermitted(child.getData().getPermissionValue())) .map(child -> filterNode(session, child)) .filter(child -> child.getNumberOfChildren() > 0 || !isCategory(child.getData())) //filtering out empty categories .forEach(filteredRootNode::addChild); return filteredRootNode; }
protected boolean isGlobalPresentation() { Presentations presentations = table.getPresentations(); Presentation presentation = presentations.getCurrent(); return presentation != null && (!presentations.isGlobal(presentation) || userSessionSource.getUserSession().isSpecificPermitted("cuba.gui.presentations.global")); } }
protected void checkImportPermissions(Folder folder) { UserSession userSession = userSessionSource.getUserSession(); if (folder instanceof SearchFolder) { SearchFolder searchFolder = (SearchFolder) folder; User currentUser = userSession.getCurrentOrSubstitutedUser(); if (searchFolder.getUser() != null && !currentUser.equals(searchFolder.getUser())) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } if (searchFolder.getUser() == null && !userSession.isSpecificPermitted("cuba.gui.searchFolder.global")) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } } if (folder instanceof AppFolder) { if (!userSession.isSpecificPermitted("cuba.gui.appFolder.global")) { throw new AccessDeniedException(PermissionType.ENTITY_OP, Folder.class.getSimpleName()); } } }
if (!session.isSpecificPermitted(PERMISSION_NAME)) { log.warn(PERMISSION_NAME + " is not permitted for user " + session.getUser().getLogin()); return false;
UserSession userSession = authenticationService.login(credentials).getSession(); if (!userSession.isSpecificPermitted(Authentication.PERMISSION_NAME)) { log.info(String.format("User %s is not allowed to use REST-API", username)); AppContext.setSecurityContext(new SecurityContext(userSession));
@Override public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException { if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions() && clientCredentials.getClientType() == ClientType.REST_API && !authenticationDetails.getSession().isSpecificPermitted("cuba.restApi.enabled")) { throw new RestApiAccessDeniedException(messages.getMessage(MSG_PACK, "LoginException.restApiAccessDenied")); } } }
public BulkEditAction(ListComponent target) { super(target, "bulkEdit"); this.icon = AppBeans.get(Icons.class).get(CubaIcon.BULK_EDIT_ACTION); Messages messages = AppBeans.get(Messages.NAME); this.caption = messages.getMessage(getClass(), "actions.BulkEdit"); this.constraintOperationType = ConstraintOperationType.UPDATE; UserSession userSession = AppBeans.get(UserSessionSource.class).getUserSession(); if (!userSession.isSpecificPermitted(BulkEditor.PERMISSION)) { setVisible(false); setEnabled(false); } }
if (userSession.isSpecificPermitted(ShowInfoAction.ACTION_PERMISSION) && findEditor((Layout) target) != null) { actions.add(showInfo);
@Override public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException { if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions()) { ClientType clientType = clientCredentials.getClientType(); if (ClientType.DESKTOP == clientType || ClientType.WEB == clientType) { if (!authenticationDetails.getSession().isSpecificPermitted("cuba.gui.loginToClient")) { log.warn("Attempt of login to {} for user '{}' without cuba.gui.loginToClient permission", clientType, clientCredentials); Locale userLocale; if (clientCredentials.getLocale() != null) { userLocale = clientCredentials.getLocale(); } else { userLocale = messages.getTools().getDefaultLocale(); } throw new LoginException(getInvalidCredentialsMessage(clientCredentials.getUserIdentifier(), userLocale)); } } } } }
public PresentationEditor(Presentation presentation, HasPresentations component) { this.presentation = presentation; this.component = component; messages = AppBeans.get(Messages.NAME); sessionSource = AppBeans.get(UserSessionSource.NAME); isNew = PersistenceHelper.isNew(presentation); allowGlobalPresentations = sessionSource.getUserSession() .isSpecificPermitted("cuba.gui.presentations.global"); initLayout(); setWidthUndefined(); String titleMessageKey = isNew ? "PresentationsEditor.new" : "PresentationsEditor.edit"; setCaption(getMessage(titleMessageKey)); setModal(true); setResizable(false); }
} else if (selected.size() > 1 && bulkEditorIntegration.isEnabled()) { UserSession userSession = AppBeans.get(UserSessionSource.class).getUserSession(); boolean isBulkEditorPermitted = userSession.isSpecificPermitted(BulkEditor.PERMISSION); if (isBulkEditorPermitted) {
boolean userCanEditFilters = userCanEditFilers(); boolean filterEditable = isEditable(); boolean userCanEditGlobalAppFolder = userSessionSource.getUserSession().isSpecificPermitted(GLOBAL_APP_FOLDERS_PERMISSION); boolean createdByCurrentUser = userSessionSource.getUserSession().getCurrentOrSubstitutedUser().equals(filterEntity.getUser()); boolean hasCode = !Strings.isNullOrEmpty(filterEntity.getCode());
if (!userSession.isSpecificPermitted(BulkEditor.PERMISSION)) { Messages messages = AppBeans.get(Messages.NAME);