Java Code Examples for org.alfresco.service.cmr.security.AuthorityType#getAuthorityType()
The following examples show how to use
org.alfresco.service.cmr.security.AuthorityType#getAuthorityType() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: UserNameConstraint.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
protected void evaluateSingleValue(Object value)
{
// ensure that the value can be converted to a String
String checkValue = null;
try
{
checkValue = DefaultTypeConverter.INSTANCE.convert(String.class, value);
}
catch (TypeConversionException e)
{
throw new ConstraintException(ERR_NON_STRING, value);
}
AuthorityType type = AuthorityType.getAuthorityType(checkValue);
if((type != AuthorityType.USER) && (type != AuthorityType.GUEST))
{
throw new ConstraintException(ERR_INVALID_USERNAME, value, type);
}
}
Example 2
| Source File: AuthorityDAOImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
|
public void addAuthorityToZones(String authorityName, Set<String> zones)
{
if ((zones != null) && (zones.size() > 0))
{
Set<NodeRef> zoneRefs = new HashSet<NodeRef>(zones.size() * 2);
for (String authorityZone : zones)
{
zoneRefs.add(getOrCreateZone(authorityZone));
}
NodeRef authRef = getAuthorityOrNull(authorityName);
if (authRef != null)
{
// Normalize the user name if necessary
if (AuthorityType.getAuthorityType(authorityName) == AuthorityType.USER)
{
authorityName = (String) nodeService.getProperty(authRef, ContentModel.PROP_USERNAME);
}
nodeService.addChild(zoneRefs, authRef, ContentModel.ASSOC_IN_ZONE, QName.createQName("cm", authorityName, namespacePrefixResolver));
}
}
}
Example 3
| Source File: AuthorityServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
|
/**
* {@inheritDoc}
*/
public void deleteAuthority(String name, boolean cascade)
{
AuthorityType type = AuthorityType.getAuthorityType(name);
checkTypeIsMutable(type);
if (cascade)
{
for (String child : getContainedAuthorities(type, name, true))
{
deleteAuthority(child, true);
}
}
authorityDAO.deleteAuthority(name);
permissionServiceSPI.deletePermissions(name);
if (isGroup(type))
{
OnGroupDeleted onGroupDelete = onGroupDeletedDelegate.get(ContentModel.TYPE_AUTHORITY);
onGroupDelete.onGroupDeleted(name, cascade);
}
}
Example 4
| Source File: SolrOwnerScorer.java From SearchServices with GNU Lesser General Public License v3.0 | 6 votes |
|
public static SolrOwnerScorer createOwnerScorer(Weight weight, LeafReaderContext context, SolrIndexSearcher searcher, String authority) throws IOException
{
if (AuthorityType.getAuthorityType(authority) == AuthorityType.USER)
{
DocSet ownedDocs = (DocSet) searcher.cacheLookup(CacheConstants.ALFRESCO_OWNERLOOKUP_CACHE, authority);
if (ownedDocs == null)
{
// Cache miss: query the index for docs where the owner matches the authority.
ownedDocs = searcher.getDocSet(new TermQuery(new Term(QueryConstants.FIELD_OWNER, authority)));
searcher.cacheInsert(CacheConstants.ALFRESCO_OWNERLOOKUP_CACHE, authority, ownedDocs);
}
return new SolrOwnerScorer(weight, ownedDocs, context, searcher);
}
// Return an empty doc set, as the authority isn't a user.
return new SolrOwnerScorer(weight, new BitDocSet(new FixedBitSet(0)), context, searcher);
}
Example 5
| Source File: AuthorityDAOImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
|
private void listAuthorities(AuthorityType type, String name, Set<String> authorities, boolean parents, boolean recursive)
{
AuthorityType localType = AuthorityType.getAuthorityType(name);
if (localType.equals(AuthorityType.GUEST))
{
// Nothing to do
}
else
{
NodeRef ref = getAuthorityOrNull(name);
if (ref != null)
{
listAuthorities(type, ref, authorities, parents, recursive, false);
}
else if (!localType.equals(AuthorityType.USER))
{
// Don't worry about missing person objects. It might be the system user or a user yet to be
// auto-created
throw new UnknownAuthorityException("An authority was not found for " + name);
}
}
}
Example 6
| Source File: AuthorityDAOImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
|
public String getShortName(String name)
{
AuthorityType type = AuthorityType.getAuthorityType(name);
if (type.isFixedString())
{
return "";
}
else if (type.isPrefixed())
{
return name.substring(type.getPrefixString().length());
}
else
{
return name;
}
}
Example 7
| Source File: SolrOwnerSetScorer.java From SearchServices with GNU Lesser General Public License v3.0 | 5 votes |
|
public static SolrOwnerSetScorer createOwnerSetScorer(Weight weight, LeafReaderContext context, SolrIndexSearcher searcher, String authorities) throws IOException
{
DocSet authorityOwnedDocs = (DocSet) searcher.cacheLookup(CacheConstants.ALFRESCO_OWNERLOOKUP_CACHE, authorities);
if(authorityOwnedDocs == null)
{
// Split the authorities. The first character in the authorities String
// specifies the separator, e.g. ",jbloggs,abeecher"
String[] auths = authorities.substring(1).split(authorities.substring(0, 1));
BooleanQuery.Builder bQuery = new BooleanQuery.Builder();
for(String current : auths)
{
if (AuthorityType.getAuthorityType(current) == AuthorityType.USER)
{
bQuery.add(new TermQuery(new Term(QueryConstants.FIELD_OWNER, current)), Occur.SHOULD);
}
}
WrappedQuery wrapped = new WrappedQuery(bQuery.build());
wrapped.setCache(false);
authorityOwnedDocs = searcher.getDocSet(wrapped);
searcher.cacheInsert(CacheConstants.ALFRESCO_OWNERLOOKUP_CACHE, authorities, authorityOwnedDocs);
}
// TODO: Cache the final set? e.g. searcher.cacheInsert(authorities, authorityOwnedDocs)
return new SolrOwnerSetScorer(weight, authorityOwnedDocs, context, searcher);
}
Example 8
| Source File: GetAuthoritiesCannedQuery.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
private boolean includeFilter(AuthorityInfo auth, AuthorityType type, Pattern nameFilter)
{
String authName = auth.getAuthorityName();
AuthorityType authType = AuthorityType.getAuthorityType(authName);
if ((authName == null) || ((type != null) && (! type.equals(authType))))
{
// exclude by type
return false;
}
if (nameFilter == null)
{
return true;
}
String displayName = auth.getAuthorityDisplayName();
if (displayName != null && nameFilter.matcher(displayName).find())
{
return true;
}
// To match on just displayName use the following.
// if (displayName != null)
// {
// return nameFilter.matcher(displayName).find();
// }
if (authType.isPrefixed())
{
authName = authName.substring(authType.getPrefixString().length());
}
return (nameFilter.matcher(authName).find());
}
Example 9
| Source File: GroupsImpl.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 5 votes |
|
private GroupMember getGroupMember(AuthorityInfo authorityInfo)
{
if (authorityInfo == null)
{
return null;
}
GroupMember groupMember = new GroupMember();
groupMember.setId(authorityInfo.getAuthorityName());
String authorityDisplayName = authorityInfo.getAuthorityDisplayName();
if (authorityDisplayName == null || authorityDisplayName.isEmpty())
{
authorityDisplayName = authorityService.getAuthorityDisplayName(authorityInfo.getAuthorityName());
}
groupMember.setDisplayName(authorityDisplayName);
String memberType = null;
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityInfo.getAuthorityName());
switch (authorityType)
{
case GROUP:
memberType = PARAM_MEMBER_TYPE_GROUP;
break;
case USER:
memberType = PARAM_MEMBER_TYPE_PERSON;
break;
default:
}
groupMember.setMemberType(memberType);
return groupMember;
}
Example 10
| Source File: AuthorityDAOImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
public void removeAuthority(String parentName, String childName, boolean cacheRefresh)
{
NodeRef parentRef = getAuthorityOrNull(parentName);
if (parentRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + parentName);
}
NodeRef childRef = getAuthorityOrNull(childName);
if (childRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + childName);
}
nodeService.removeChild(parentRef, childRef);
childAuthorityCache.remove(parentRef);
if (AuthorityType.getAuthorityType(childName) == AuthorityType.USER)
{
// Normalize the user name
childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
userAuthorityCache.remove(childName);
}
else
{
userAuthorityCache.clear();
if (cacheRefresh)
{
authorityBridgeTableCache.refresh();
}
}
}
Example 11
| Source File: SolrAuthoritySetQuery.java From SearchServices with GNU Lesser General Public License v3.0 | 5 votes |
|
private BitsFilter getOwnerFilter(String[] auths, SolrIndexSearcher searcher) throws IOException
{
Builder builder = new BooleanQuery.Builder();
for(String current : auths)
{
if (AuthorityType.getAuthorityType(current) == AuthorityType.USER)
{
builder.add(new TermQuery(new Term(QueryConstants.FIELD_OWNER, current)), BooleanClause.Occur.SHOULD);
}
}
BitsFilterCollector collector = new BitsFilterCollector(searcher.getTopReaderContext().leaves().size());
searcher.search(builder.build(), collector);
return collector.getBitsFilter();
}
Example 12
| Source File: WorkflowAuthorityManager.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
public boolean isUser(String authorityName)
{
AuthorityType type = AuthorityType.getAuthorityType(authorityName);
return type == AuthorityType.USER ||
type == AuthorityType.ADMIN ||
type == AuthorityType.GUEST;
}
Example 13
| Source File: AuthorityServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
public void setAuthorityDisplayName(String authorityName, String authorityDisplayName)
{
AuthorityType type = AuthorityType.getAuthorityType(authorityName);
checkTypeIsMutable(type);
authorityDAO.setAuthorityDisplayName(authorityName, authorityDisplayName);
}
Example 14
| Source File: AccessPermissionImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
public AccessPermissionImpl(String permission, AccessStatus accessStatus, String authority, int position)
{
this.permission = permission;
this.accessStatus = accessStatus;
this.authority = authority;
this.authorityType = AuthorityType.getAuthorityType(authority);
this.position = position;
}
Example 15
| Source File: AuthorityDAOImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
private Pair<String, String> cacheKey(String authorityName)
{
String tenantDomain = AuthorityType.getAuthorityType(authorityName) == AuthorityType.USER ? tenantService.getDomain(authorityName) : tenantService.getCurrentUserDomain();
return new Pair<String, String>(tenantDomain, getPooledName(authorityName));
}
Example 16
| Source File: SiteServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* @see org.alfresco.service.cmr.site.SiteService#removeMembership(java.lang.String, java.lang.String)
*/
public void removeMembership(final String shortName, final String authorityName)
{
final NodeRef siteNodeRef = getSiteNodeRef(shortName);
if (siteNodeRef == null)
{
throw new SiteDoesNotExistException(shortName);
}
// TODO what do we do about the user if they are in a group that has
// rights to the site?
// Get the current user
String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
// Get the user current role
final String role = getMembersRole(shortName, authorityName);
if (role != null)
{
// Check that we are not about to remove the last site manager
checkLastManagerRemoval(shortName, authorityName, role);
// If ...
// -- the current user has change permissions rights on the site
// or
// -- the user is ourselves
if ((currentUserName.equals(authorityName) == true) || isSiteAdmin(currentUserName) ||
(permissionService.hasPermission(siteNodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED))
{
// Run as system user
AuthenticationUtil.runAs(
new AuthenticationUtil.RunAsWork<Object>()
{
public Object doWork() throws Exception
{
// Remove the user from the current permission
// group
String currentGroup = getSiteRoleGroup(shortName, role, true);
authorityService.removeAuthority(currentGroup, authorityName);
return null;
}
}, AuthenticationUtil.SYSTEM_USER_NAME);
// Raise events
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName);
if (authorityType == AuthorityType.USER)
{
activityService.postActivity(
ActivityType.SITE_USER_REMOVED, shortName,
ACTIVITY_TOOL, getActivityUserData(authorityName, ""), authorityName);
}
else if (authorityType == AuthorityType.GROUP)
{
String authorityDisplayName = authorityService.getAuthorityDisplayName(authorityName);
activityService.postActivity(
ActivityType.SITE_GROUP_REMOVED, shortName,
ACTIVITY_TOOL, getActivityGroupData(authorityDisplayName, ""));
}
}
else
{
// Throw an exception
throw new SiteServiceException(MSG_CAN_NOT_REMOVE_MSHIP, new Object[]{shortName});
}
}
else
{
// Throw an exception
throw new SiteServiceException(MSG_CAN_NOT_REMOVE_MSHIP, new Object[]{shortName});
}
}
Example 17
| Source File: GroupsImpl.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
|
private boolean isGroupAuthority(String authorityName)
{
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName);
return AuthorityType.GROUP.equals(authorityType) || AuthorityType.EVERYONE.equals(authorityType);
}
Example 18
| Source File: PersonServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* {@inheritDoc}
*/
public NodeRef createPerson(Map<QName, Serializable> properties, Set<String> zones)
{
ParameterCheck.mandatory("properties", properties);
String userName = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_USERNAME));
if (userName == null)
{
throw new IllegalArgumentException("No username specified when creating the person.");
}
if (EqualsHelper.nullSafeEquals(userName, AuthenticationUtil.getSystemUserName()))
{
throw new AlfrescoRuntimeException("The built-in authority '" + AuthenticationUtil.getSystemUserName() + "' is a user, but not a Person (i.e. it does not have a profile).");
}
AuthorityType authorityType = AuthorityType.getAuthorityType(userName);
if (authorityType != AuthorityType.USER)
{
throw new AlfrescoRuntimeException("Attempt to create person for an authority which is not a user");
}
tenantService.checkDomainUser(userName);
if (personExists(userName))
{
throw new AlfrescoRuntimeException("Person '" + userName + "' already exists.");
}
properties.put(ContentModel.PROP_USERNAME, userName);
properties.put(ContentModel.PROP_SIZE_CURRENT, 0L);
NodeRef personRef = null;
try
{
beforeCreateNodeValidationBehaviour.disable();
personRef = nodeService.createNode(
getPeopleContainer(),
ContentModel.ASSOC_CHILDREN,
getChildNameLower(userName), // Lowercase:
ContentModel.TYPE_PERSON, properties).getChildRef();
}
finally
{
beforeCreateNodeValidationBehaviour.enable();
}
checkIfPersonShouldBeDisabledAndSetAspect(personRef, properties);
if (zones != null)
{
for (String zone : zones)
{
// Add the person to an authentication zone (corresponding to an external user registry)
// Let's preserve case on this child association
nodeService.addChild(authorityService.getOrCreateZone(zone), personRef, ContentModel.ASSOC_IN_ZONE, QName.createQName(NamespaceService.CONTENT_MODEL_PREFIX, userName, namespacePrefixResolver));
}
}
removeFromCache(userName, false);
publishEvent("user.create", this.nodeService.getProperties(personRef));
return personRef;
}
Example 19
| Source File: SimpleAccessControlEntry.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* Set the authority
* @param authority String
*/
public void setAuthority(String authority)
{
this.authority = authority;
this.authorityType = AuthorityType.getAuthorityType(authority);
}
Example 20
| Source File: SiteServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* @see org.alfresco.service.cmr.site.SiteService#setMembership(java.lang.String,
* java.lang.String, java.lang.String)
*/
public void setMembership(final String shortName,
final String authorityName,
final String role)
{
final NodeRef siteNodeRef = getSiteNodeRef(shortName);
if (siteNodeRef == null)
{
throw new SiteDoesNotExistException(shortName);
}
// Get the user's current role
final String currentRole = getMembersRole(shortName, authorityName);
// Do nothing if the role of the user is not being changed
if (currentRole == null || role.equals(currentRole) == false)
{
// TODO if this is the only site manager do not down grade their
// permissions
if(canAddMember(shortName, authorityName, role))
{
// Check that we are not about to remove the last site manager
checkLastManagerRemoval(shortName, authorityName, currentRole);
// Run as system user
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
{
public Object doWork() throws Exception
{
if (currentRole != null)
{
// Remove the user from the current
// permission group
String currentGroup = getSiteRoleGroup(shortName, currentRole, true);
authorityService.removeAuthority(currentGroup, authorityName);
}
// Add the user to the new permission group
String newGroup = getSiteRoleGroup(shortName, role, true);
authorityService.addAuthority(newGroup, authorityName);
return null;
}
}, AuthenticationUtil.SYSTEM_USER_NAME);
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName);
String authorityDisplayName = authorityName;
if (authorityType == AuthorityType.GROUP)
{
authorityDisplayName = authorityService.getAuthorityDisplayName(authorityName);
}
if (currentRole == null)
{
if (authorityType == AuthorityType.USER)
{
activityService.postActivity(
ActivityType.SITE_USER_JOINED, shortName,
ACTIVITY_TOOL, getActivityUserData(authorityDisplayName, role), authorityName);
}
else if (authorityType == AuthorityType.GROUP)
{
activityService.postActivity(
ActivityType.SITE_GROUP_ADDED, shortName,
ACTIVITY_TOOL, getActivityGroupData(authorityDisplayName, role));
}
}
else
{
if (authorityType == AuthorityType.USER)
{
activityService.postActivity(
ActivityType.SITE_USER_ROLE_UPDATE, shortName,
ACTIVITY_TOOL, getActivityUserData(authorityDisplayName, role));
}
else if (authorityType == AuthorityType.GROUP)
{
activityService.postActivity(
ActivityType.SITE_GROUP_ROLE_UPDATE, shortName,
ACTIVITY_TOOL, getActivityGroupData(authorityDisplayName, role));
}
}
}
else
{
// Raise a permission exception
throw new SiteServiceException(MSG_CAN_NOT_CHANGE_MSHIP, new Object[]{shortName});
}
}
}
