public boolean isAllowedFunction(String function, Role role) { try { if (isCurrentUserAdmin()) { return true; } if (role == null) { return false; } return role.isAllowed(function); } catch (Exception e) { log.error("Caught exception while performing function test", e); } return false; }
public Set getRolesIsAllowed(String function) { if (m_lazy) baseAuthzGroupService.m_storage.completeGet(this); Set rv = new HashSet(); for (Iterator i = m_roles.values().iterator(); i.hasNext();) { Role r = (Role) i.next(); if (r.isAllowed(function)) { rv.add(r.getId()); } } return rv; }
/** * {@inheritDoc} */ public Set getUsersIsAllowed(String lock) { if (m_lazy) baseAuthzGroupService.m_storage.completeGet(this); Set rv = new HashSet(); for (Iterator it = m_userGrants.entrySet().iterator(); it.hasNext();) { Map.Entry entry = (Map.Entry) it.next(); String user = (String) entry.getKey(); BaseMember grant = (BaseMember) entry.getValue(); if (grant.active && grant.role.isAllowed(lock)) { rv.add(user); } } return rv; }
public Map<String, PollRolePerms> getRoles(String locationReference) { log.debug("Getting permRoles"); Map<String, PollRolePerms> perms = new HashMap<String, PollRolePerms>(); try { AuthzGroup group = authzGroupService.getAuthzGroup(locationReference); Set<Role> roles = group.getRoles(); Iterator<Role> i = roles.iterator(); while (i.hasNext()) { Role role = (Role)i.next(); String name = role.getId(); log.debug("Adding element for " + name); perms.put(name, new PollRolePerms(name, role.isAllowed(PollListManager.PERMISSION_VOTE), role.isAllowed(PollListManager.PERMISSION_ADD), role.isAllowed(PollListManager.PERMISSION_DELETE_OWN), role.isAllowed(PollListManager.PERMISSION_DELETE_ANY), role.isAllowed(PollListManager.PERMISSION_EDIT_OWN), role.isAllowed(PollListManager.PERMISSION_EDIT_ANY) )); } } catch (Exception e) { e.printStackTrace(); } return perms; }
/** * {@inheritDoc} */ public boolean isAllowed(String user, String lock) { if (m_lazy) baseAuthzGroupService.m_storage.completeGet(this); // consider a role granted BaseMember grant = (BaseMember) m_userGrants.get(user); if ((grant != null) && (grant.active)) { if (grant.role.isAllowed(lock)) return true; } Set<String> userRoles = baseAuthzGroupService.getEmptyRoles(user); for (String userRole: userRoles) { Role role = (Role) m_roles.get(userRole); if (role != null) { if (role.isAllowed(lock)) return true; } } return false; }
public boolean isRoleAllowedInRealm(String roleId, String realmId, String permission) { try { AuthzGroup group = authzGroupService.getAuthzGroup(realmId); Role role = group.getRole(roleId); return role.isAllowed(permission); } catch (GroupNotDefinedException e) { // TODO Auto-generated catch block e.printStackTrace(); } return false; }
/** * {@inheritDoc} * @see org.sakaiproject.content.api.ContentHostingService#getRoleViews(String) */ public Set<String> getRoleViews(final String id) { String ref = getReference(id); LinkedHashSet<String> roleIds = new LinkedHashSet<String>(); AuthzGroup realm = null; try { realm = m_authzGroupService.getAuthzGroup(ref); } catch (GroupNotDefinedException e) { // if there is no authz group then no roles can have been defined. return roleIds; } Set<Role> roles = realm.getRoles(); for (Role role : roles) { if(role.isAllowed(AUTH_RESOURCE_READ)) { roleIds.add(role.getId()); } } return roleIds; }
try { siteRealm = authzGroupService.getAuthzGroup("/site/" + siteId); if (!siteRole.isAllowed(CommonsFunctions.POST_CREATE) || !siteRole.isAllowed(CommonsFunctions.POST_READ_ANY) || !siteRole.isAllowed(CommonsFunctions.POST_UPDATE_OWN) || !siteRole.isAllowed(CommonsFunctions.POST_DELETE_OWN) || !siteRole.isAllowed(CommonsFunctions.COMMENT_CREATE) || !siteRole.isAllowed(CommonsFunctions.COMMENT_READ_ANY) || !siteRole.isAllowed(CommonsFunctions.COMMENT_UPDATE_OWN) || !siteRole.isAllowed(CommonsFunctions.COMMENT_DELETE_OWN)) { if (siteRole.isAllowed(AssignmentServiceConstants.SECURE_ADD_ASSIGNMENT_SUBMISSION)) { filteredFunctions.add(CommonsFunctions.POST_CREATE); filteredFunctions.add(CommonsFunctions.POST_READ_ANY); if (siteRole.isAllowed(AssignmentServiceConstants.SECURE_ADD_ASSIGNMENT)) { filteredFunctions.add(CommonsFunctions.POST_CREATE); filteredFunctions.add(CommonsFunctions.POST_READ_ANY);
String groupRef = group.getReference(); for (Member member : group.getMembers()) { if (member.getRole().isAllowed(SECURE_ADD_ASSIGNMENT_SUBMISSION)) { if (!groupIdUserIds.containsKey(groupRef)) { groupIdUserIds.put(groupRef, new HashSet<String>());
Role siteHelperRole = siteHelperAuthzGroup.getRole(siteRole.getId()); if (!siteRole.isAllowed(SiteService.SECURE_UPDATE_SITE)) { log.warn(userId + " attempted to update COMMONS permissions for site " + site.getTitle()); return false;
for (Member member : members) { if (member != null && member.isActive() && member.getUserId() != null) { boolean canSwap = member.getRole().isAllowed(SiteService.SITE_ROLE_SWAP); permKeysToInvalidate.add(makeCacheKey(member.getUserId(), null, perm, azgRef, false));