/** * Check specific user permission */ public boolean isSpecificPermitted(String name) { return isPermitted(PermissionType.SPECIFIC, name); }
protected void incrementQueryKey() { queryKey = userSession.getAttribute("_queryKey"); if (queryKey == null) queryKey = 1; else queryKey++; userSession.setAttribute("_queryKey", queryKey); }
@Override public String getName() { return idpSession.getLogin(); }
@Override public Locale getLocale() { return getUserSession().getLocale(); } }
public static boolean isLoggedInWithExternalAuth(UserSession userSession) { return userSession.getAttribute(EXTERNAL_AUTH_USER_SESSION_ATTRIBUTE) != null; }
@Override public void userSessionLoggedIn(UserSession session) { RequestContext requestContext = RequestContext.get(); if (requestContext != null) { Principal principal = requestContext.getRequest().getUserPrincipal(); if (principal instanceof IdpSessionPrincipal) { IdpSession idpSession = ((IdpSessionPrincipal) principal).getIdpSession(); session.setAttribute(IdpService.IDP_USER_SESSION_ATTRIBUTE, idpSession.getId()); } } }
@Override public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException { if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions() && clientCredentials.getClientType() == ClientType.REST_API && !authenticationDetails.getSession().isSpecificPermitted("cuba.restApi.enabled")) { throw new RestApiAccessDeniedException(messages.getMessage(MSG_PACK, "LoginException.restApiAccessDenied")); } } }
@Override public UserSession getAndRefreshNN(UUID id) { UserSession userSession = getAndRefresh(id); if (userSession == null) throw new NoUserSessionException(id); return userSession; }
protected void removeExecutionContextFromUserSession(UserSession userSession, ExecutionContext context) { List<ExecutionContext> executions = userSession.getLocalAttribute(EXECUTIONS_ATTR); if (executions != null) { executions.remove(context); } }
@Override public boolean isScreenPermitted(String windowAlias) { return userSessionSource.getUserSession().isScreenPermitted(windowAlias); }
public boolean applicableToEntity(Class javaClass) { MetaClass metaClass = metadata.getClass(javaClass); return userSession.isEntityOpPermitted(metaClass, operation); } }
protected int getNextQueryKey() { UserSession userSession = userSessionSource.getUserSession(); Integer queryKey = userSession.getAttribute("_queryKey"); if (queryKey == null) queryKey = 1; else queryKey++; userSession.setAttribute("_queryKey", queryKey); return queryKey; } }
@Override public void pingUserSession(UserSession session) { String idpSessionId = session.getAttribute(IdpService.IDP_USER_SESSION_ATTRIBUTE); if (idpSessionId != null) { pingIdpSessionServer(idpSessionId); } }
@Override public UserSession getNN(UUID id) { UserSession userSession = internalGet(id, false, false); if (userSession == null) throw new NoUserSessionException(id); return userSession; }
/** * Check user permission for the screen */ public boolean isScreenPermitted(String windowAlias) { return isPermitted(PermissionType.SCREEN, windowAlias); }
@Override public UserSession getAndRefreshNN(UUID id, boolean propagate) { UserSession userSession = getAndRefresh(id, propagate); if (userSession == null) throw new NoUserSessionException(id); return userSession; }
/** * Check user permission. * <br>Same as {@link #isPermitted(com.haulmont.cuba.security.entity.PermissionType, String, int)} * with value=1 * <br>This method makes sense for permission types with two possible values 0,1 * * @param type permission type * @param target permission target:<ul> * <li>screen * <li>entity operation (view, create, update, delete) * <li>entity attribute name * <li>specific permission name * </ul> * @return true if permitted, false otherwise */ public boolean isPermitted(PermissionType type, String target) { return isPermitted(type, target, 1); }