public boolean isAuthorized(CompositePermissionCheck compositePermissionCheck) { Authentication currentAuthentication = getCurrentAuthentication(); if (currentAuthentication != null) { return isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), compositePermissionCheck); } else { return true; } }
public boolean isAuthorized(CompositePermissionCheck compositePermissionCheck) { Authentication currentAuthentication = getCurrentAuthentication(); if (currentAuthentication != null) { return isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), compositePermissionCheck); } else { return true; } }
protected boolean isAuthCheckExecuted() { Authentication currentAuthentication = getCurrentAuthentication(); CommandContext commandContext = Context.getCommandContext(); return isAuthorizationEnabled() && commandContext.isAuthorizationCheckEnabled() && currentAuthentication != null && currentAuthentication.getUserId() != null; }
protected boolean isAuthCheckExecuted() { Authentication currentAuthentication = getCurrentAuthentication(); CommandContext commandContext = Context.getCommandContext(); return isAuthorizationEnabled() && commandContext.isAuthorizationCheckEnabled() && currentAuthentication != null && currentAuthentication.getUserId() != null; }
protected void addPermissionCheck(AuthorizationCheck authCheck, CompositePermissionCheck compositeCheck) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { authCheck.setPermissionChecks(compositeCheck); } }
protected void addPermissionCheck(AuthorizationCheck authCheck, CompositePermissionCheck compositeCheck) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { authCheck.setPermissionChecks(compositeCheck); } }
public boolean isAuthorized(Permission permission, Resource resource, String resourceId) { // this will be called by LdapIdentityProviderSession#isAuthorized() for executing LdapQueries. // to be backward compatible a check whether authorization has been enabled inside the given // command context will not be done. final Authentication currentAuthentication = getCurrentAuthentication(); if(isAuthorizationEnabled() && currentAuthentication != null && currentAuthentication.getUserId() != null) { return isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); } else { return true; } }
public boolean isAuthorized(Permission permission, Resource resource, String resourceId) { // this will be called by LdapIdentityProviderSession#isAuthorized() for executing LdapQueries. // to be backward compatible a check whether authorization has been enabled inside the given // command context will not be done. final Authentication currentAuthentication = getCurrentAuthentication(); if(isAuthorizationEnabled() && currentAuthentication != null && currentAuthentication.getUserId() != null) { return isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); } else { return true; } }
/** * Checks if the current authentication contains the group * {@link Groups#CAMUNDA_ADMIN}. The check is ignored if the authorization is * disabled or no authentication exists. * * @throws AuthorizationException */ public void checkCamundaAdmin() { final Authentication currentAuthentication = getCurrentAuthentication(); CommandContext commandContext = Context.getCommandContext(); if (isAuthorizationEnabled() && commandContext.isAuthorizationCheckEnabled() && currentAuthentication != null && !isCamundaAdmin(currentAuthentication)) { throw LOG.requiredCamundaAdminException(); } }
/** * Checks if the current authentication contains the group * {@link Groups#CAMUNDA_ADMIN}. The check is ignored if the authorization is * disabled or no authentication exists. * * @throws AuthorizationException */ public void checkCamundaAdmin() { final Authentication currentAuthentication = getCurrentAuthentication(); CommandContext commandContext = Context.getCommandContext(); if (isAuthorizationEnabled() && commandContext.isAuthorizationCheckEnabled() && currentAuthentication != null && !isCamundaAdmin(currentAuthentication)) { throw LOG.requiredCamundaAdminException(); } }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(compositePermissionCheck); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: compositePermissionCheck.getAllPermissionChecks()) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
@Override public void checkAuthorization(Permission permission, Resource resource, String resourceId) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); boolean isAuthorized = isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); if (!isAuthorized) { throw new AuthorizationException( currentAuthentication.getUserId(), permission.getName(), resource.resourceName(), resourceId); } } }
@Override public void checkAuthorization(Permission permission, Resource resource, String resourceId) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); boolean isAuthorized = isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId); if (!isAuthorized) { throw new AuthorizationException( currentAuthentication.getUserId(), permission.getName(), resource.resourceName(), resourceId); } } }
protected void addPermissionCheck(ListQueryParameterObject query, Resource resource, String queryParam, Permission permission) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { PermissionCheck permCheck = newPermissionCheck(); permCheck.setResource(resource); permCheck.setResourceIdQueryParam(queryParam); permCheck.setPermission(permission); query.getAuthCheck().addAtomicPermissionCheck(permCheck); } }
protected void addPermissionCheck(ListQueryParameterObject query, Resource resource, String queryParam, Permission permission) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { PermissionCheck permCheck = newPermissionCheck(); permCheck.setResource(resource); permCheck.setResourceIdQueryParam(queryParam); permCheck.setPermission(permission); query.getAuthCheck().addAtomicPermissionCheck(permCheck); } }
public void configureQuery(ListQueryParameterObject query) { AuthorizationCheck authCheck = query.getAuthCheck(); authCheck.getPermissionChecks().clear(); if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); authCheck.setAuthUserId(currentAuthentication.getUserId()); authCheck.setAuthGroupIds(currentAuthentication.getGroupIds()); enableQueryAuthCheck(authCheck); } else { authCheck.setAuthorizationCheckEnabled(false); authCheck.setAuthUserId(null); authCheck.setAuthGroupIds(null); } }
public void configureQuery(ListQueryParameterObject query) { AuthorizationCheck authCheck = query.getAuthCheck(); authCheck.getPermissionChecks().clear(); if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); authCheck.setAuthUserId(currentAuthentication.getUserId()); authCheck.setAuthGroupIds(currentAuthentication.getGroupIds()); enableQueryAuthCheck(authCheck); } else { authCheck.setAuthorizationCheckEnabled(false); authCheck.setAuthUserId(null); authCheck.setAuthGroupIds(null); } }