public ACLVoter choose() { Long shareId = cd.getCurrentEventContext().getCurrentShareId(); if (shareId == null || shareId.longValue() < 0) { // ticket:2219 return basic; } else { return sharing; } }
public EventContext getEventContext(boolean refresh) { EventContext ec = cd.getCurrentEventContext(); if (refresh) { String uuid = ec.getCurrentSessionUuid(); ec = sessionManager.reload(uuid); } return ec; }
public SecurityFilter choose() { final EventContext ec = cd.getCurrentEventContext(); final Long groupId = ec.getCurrentGroupId(); final Long shareId = ec.getCurrentShareId(); if (shareId != null && shareId >= 0) { return share; } else if (groupId < 0) { return allgroups; } else { return onegroup; } }
public CurrentSessionStats(CurrentDetails cd, SessionManager sm) { stats = new SessionStats[] { sm.getSessionStats(cd .getCurrentEventContext().getCurrentSessionUuid()) }; }
@PermitAll public Map<String, String> getConfigValues(String keyRegex) { if (keyRegex == null) { return Collections.emptyMap(); } Pattern p = Pattern.compile(keyRegex); Map<String, String> rv = new HashMap<String, String>(); Set<String> keys = prefs.getKeySet(); // Not resolving aliases since these come straight-from the prefs for (String key : keys) { if (p.matcher(key).find()) { if (prefs.canRead( currentDetails.getCurrentEventContext(), key)) { rv.put(key, getInternalValue(key)); } } } return rv; }
public Principal principal() { if (principalHolder.size() == 0) { return null; } else { EventContext ec = principalHolder.getCurrentEventContext(); String session = ec.getCurrentSessionUuid(); return new Principal(session); } }
/** * */ public boolean allowLoad(Session session, Class<? extends IObject> klass, Details d, long id) { Assert.notNull(klass); // Assert.notNull(d); if (d == null || sysTypes.isSystemType(klass) || sysTypes.isInSystemGroup(d)) { return true; } long sessionID = cd.getCurrentEventContext().getCurrentShareId(); ShareData data = store.get(sessionID); if (data.enabled) { return store.contains(sessionID, klass, id); } return false; }
/** * see {@link IConfig#getConfigValue(String)} */ @PermitAll // see above public String getConfigValue(String key) { if (key == null) { return ""; } key = prefs.resolveAlias(key); if (!prefs.canRead(currentDetails.getCurrentEventContext(), key)) { throw new SecurityViolation("Cannot read configuration: " + key); } return getInternalValue(key); }
return allow; final EventContext ec = currentUser.getCurrentEventContext(); final Set<AdminPrivilege> privileges = ec.getCurrentAdminPrivileges(); final boolean isChgrpPrivilege = privileges.contains(adminPrivileges.getPrivilege(AdminPrivilege.VALUE_CHGRP));
final EventContext ec = currentUser.getCurrentEventContext();
groupId = HibernateUtils.nullSafeGroupId(iObject); final EventContext ec = currentUser.getCurrentEventContext(); if (ec.getCurrentUserId().equals(ownerId) || ec.getLeaderOfGroupsList().contains(groupId)) { return true; // object owner or group owner
final EventContext ec = getCurrentEventContext();
/** * Called in the main server (Blitz-0) in order to create a PIXELDATA * {@link EventLog} which will get processed by PixelData-0. */ public void onApplicationEvent(final MissingPyramidMessage mpm) { if (readOnly.isReadOnlyDb()) { log.debug("Ignored: " + mpm); return; } log.info("Received: " + mpm); // #5232. If this is called without an active event, then throw // an exception since a call to Executor should wrap whatever the // invoker is doing. final CurrentDetails cd = executor.getContext().getBean(CurrentDetails.class); if (cd.size() <= 0) { throw new InternalException("Not logged in."); } final EventContext ec = cd.getCurrentEventContext(); if (null == ec.getCurrentUserId()) { throw new InternalException("No user! Must be wrapped by call to Executor?"); } Future<EventLog> future = this.executor.submit(cd.getContext(), new Callable<EventLog>(){ public EventLog call() throws Exception { return makeEvent(ec, mpm); }}); this.executor.get(future); }
return new Session(session.getId(), false); } else { EventContext ec = current.getCurrentEventContext(); if (!ec.isCurrentUserAdmin()) { Long uid = session.getOwner().getId();
Permissions groupPerms = currentUser.getCurrentEventContext() .getCurrentGroupPermissions();
public boolean isGraphCritical(Details details) { EventContext ec = getCurrentEventContext(); long gid = ec.getCurrentGroupId(); Permissions perms = ec.getCurrentGroupPermissions();
protected Session updateSession() { Session s = helper.getServiceFactory().getQueryService() .findByQuery("select s from Session s where s.uuid = :uuid", new Parameters().addString("uuid", session)); if (s == null) { // we assume that if the session is visible, then // the current user should be able to edit it. throw helper.cancel(new ERR(), null, "no-session"); } boolean isAdmin = current.getCurrentEventContext().isCurrentUserAdmin(); updated |= updateField(s, Session.TIMETOLIVE, timeToLive, isAdmin); updated |= updateField(s, Session.TIMETOIDLE, timeToIdle, isAdmin); if (updated) { security.runAsAdmin(new AdminAction(){ @Override public void runAsAdmin() { update.flush(); }}); return s; } else { throw helper.cancel(new ERR(), null, "no-update-performed", "session", session); } }
final EventContext curr = cd.getCurrentEventContext(); final boolean readOnly = curr.isReadOnly(); final boolean isClose = false;
final EventContext ec = currentUser.getCurrentEventContext(); final boolean isOwner = ec.getCurrentUserId().equals(linkedUid); final boolean isOwnerOrSupervisor = currentUser.isOwnerOrSupervisor(linkedObject); final boolean isSupervisor = (!isOwner) && isOwnerOrSupervisor; final boolean isMember = ec.getMemberOfGroupsList().contains(linkedGid); final Permissions p = currentUser.getCurrentEventContext() .getCurrentGroupPermissions();
EventContext ec = cd.getCurrentEventContext(); if (ec instanceof BasicSecurityWiring.CloseOnNoSessionContext) { throw new SessionTimeoutException("closing", ec); ec = cd.getCurrentEventContext(); // Replace with callContext