List of usage examples for org.apache.shiro SecurityUtils getSubject
public static Subject getSubject()
From source file:au.org.theark.core.web.component.tabbedPanel.ArkAjaxTabbedPanel.java
License:Open Source License
protected WebMarkupContainer newLink(final String linkId, final int index) { ArkBusyAjaxLink<String> tabLink = new ArkBusyAjaxLink<String>(linkId) { private static final long serialVersionUID = 1L; @Override//from www.j av a2 s . co m public void onClick(AjaxRequestTarget target) { if (mainTabs.size() == 0 || (mainTabs.size() > 0 && mainTabs.get(index).isAccessible())) { setSelectedTab(index); if (mainTabs.size() > 0 && mainTabs.get(index).getTitle().getObject() .equalsIgnoreCase(au.org.theark.core.Constants.FUNCTION_KEY_VALUE_SUBJECT)) { // Clear Subject session objects (ie force a new search) SecurityUtils.getSubject().getSession() .removeAttribute(au.org.theark.core.Constants.SUBJECTUID); SecurityUtils.getSubject().getSession() .removeAttribute(au.org.theark.core.Constants.PERSON_CONTEXT_ID); SecurityUtils.getSubject().getSession() .removeAttribute(au.org.theark.core.Constants.PERSON_TYPE); arkContextPanelMarkup.get("subjectLabel") .replaceWith(new Label("subjectLabel", new Model(""))); target.add(arkContextPanelMarkup); } } if (target != null) { target.add(ArkAjaxTabbedPanel.this); } onAjaxUpdate(target); } }; return tabLink; }
From source file:au.org.theark.core.web.form.AbstractArchiveDetailForm.java
License:Open Source License
public void onBeforeRender() { super.onBeforeRender(); visitChildren(formVisitor);//from ww w . ja v a 2 s . c o m SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE //If the logged in user has Create,Update Or Delete then by-pass the View/Read Only Screen and show the Edit Screen ArkCRUDHelper.onBeforeRenderWithCRDPermissions(crudVO); } else { ArkCRUDHelper.onBeforeRenderWithReadPermission(crudVO); } }
From source file:au.org.theark.core.web.form.AbstractDetailForm.java
License:Open Source License
public void onBeforeRender() { super.onBeforeRender(); visitChildren(formVisitor);//from w w w . ja v a2 s .c o m Long arkFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(arkFunctionId); if (arkFunction.getName().equalsIgnoreCase(au.org.theark.core.Constants.FUNCTION_KEY_VALUE_LIMS_SUBJECT)) { ArkCRUDHelper.onBeforeRenderWithCRDPermissions(arkCrudContainerVO, arkFunction); } else { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE //If the logged in user has Create,Update Or Delete then by-pass the View/Read Only Screen and show the Edit Screen ArkCRUDHelper.onBeforeRenderWithCRDPermissions(arkCrudContainerVO); } else { ArkCRUDHelper.onBeforeRenderWithReadPermission(arkCrudContainerVO); } } }
From source file:au.org.theark.core.web.form.AbstractModalDetailForm.java
License:Open Source License
/** * /*from w ww . j a va2s .c o m*/ * Initialise method that is specific to classes that follow the ArkCrudContainerVO Pattern. The code related to each function has been modularised * into protected methods, this is to provide the subclasses to refer to the protected methods without having to re-create/duplicate them when they * extend the classes. */ protected void initialiseForm() { buttonsPanelWMC = new WebMarkupContainer("buttonsPanelWMC"); buttonsPanelWMC.setOutputMarkupPlaceholderTag(true); if (isNew()) { // ARK-333: Allow the form go straight into Edit mode for creating a New record initialiseEditButtonsPanel(true); arkCrudContainerVo.getDetailPanelFormContainer().setEnabled(true); } else { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE initialiseEditButtonsPanel(false); arkCrudContainerVo.getDetailPanelFormContainer().setEnabled(true); } else { initialiseEditButtonsPanelForReadOnlyUser(); } } addComponentsToForm(); }
From source file:au.org.theark.core.web.form.AbstractModalDetailForm.java
License:Open Source License
protected void disableModalDetailForm(Long sessionId, String errorMessage, ArkCrudContainerVO arkCrudContainerVo) { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (!securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.CREATE) && !securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.UPDATE) && !securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.READ) && !securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.DELETE)) { arkCrudContainerVo.getDetailPanelContainer().setEnabled(false); this.error( "You do not have the required security privileges to work with this function. Please see your Administrator."); } else {// w w w .j av a2 s. com if (sessionId == null) { arkCrudContainerVo.getDetailPanelContainer().setEnabled(false); this.error(errorMessage); } else { arkCrudContainerVo.getDetailPanelContainer().setEnabled(true); } } }
From source file:au.org.theark.core.web.form.AbstractWizardForm.java
License:Open Source License
protected boolean isActionPermitted(String actionType) { boolean flag = false; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (actionType.equalsIgnoreCase(Constants.SAVE)) { if (securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.UPDATE) || securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.CREATE)) { flag = true;/* w w w .ja va2 s.c o m*/ } else { flag = false; } } else if (actionType.equalsIgnoreCase(Constants.EDIT)) { if (securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.UPDATE)) { flag = true; } else { flag = false; } } else if (actionType.equalsIgnoreCase(Constants.DELETE)) { if (securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.DELETE)) { flag = true; } else { flag = false; } } return flag; }
From source file:au.org.theark.core.web.StudyHelper.java
License:Open Source License
public void setStudyLogo(Study study, AjaxRequestTarget target, WebMarkupContainer studyNameMarkup, WebMarkupContainer studyLogoMarkup, IArkCommonService<Void> iArkCommonService) { this.iArkCommonService = iArkCommonService; // Set the study logo Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); if (sessionStudyId != null && (study.getStudyLogoFileId() != null || study.getStudyLogoBlob() != null)) { setStudyLogoImage(study, "studyLogoImage", studyLogoMarkup); studyNameMarkup.setVisible(false); studyLogoMarkup.setVisible(true); } else {//from w w w .j a va2 s. co m // Only show study name, no logo studyNameLabel = new Label("studyNameLabel", new Model<String>(study.getName())); studyNameMarkup.replace(studyNameLabel); studyNameMarkup.setVisible(true); studyLogoMarkup.setVisible(false); } target.add(studyNameMarkup); target.add(studyLogoMarkup); }
From source file:au.org.theark.disease.web.component.affection.form.DetailForm.java
License:Open Source License
public DetailForm(String id, FeedbackPanel feedBackPanel, WebMarkupContainer arkContextContainer, ContainerForm containerForm, ArkCrudContainerVO arkCrudContainerVO) { super(id, feedBackPanel, containerForm, arkCrudContainerVO); this.arkContextMarkupContainer = arkContextContainer; sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); study = iArkCommonService.getStudy(sessionStudyId); Long sessionPersonId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.PERSON_CONTEXT_ID); try {//w w w .j ava 2s . c o m lss = iArkCommonService.getSubject(sessionPersonId, study); } catch (EntityNotFoundException e) { e.printStackTrace(); } containerForm.getModelObject().getAffection().setLinkSubjectStudy(lss); containerForm.getModelObject().getAffection().setStudy(study); this.cpModel = new CompoundPropertyModel<AffectionVO>(containerForm.getModel()); }
From source file:au.org.theark.disease.web.component.affection.form.DetailForm.java
License:Open Source License
@Override protected void onSave(Form<AffectionVO> containerForm, AjaxRequestTarget target) { Long studyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); if (studyId == null) { // No study in context this.error("There is no study selected. Please select a study to manage diseases."); processErrors(target);/*from ww w . jav a2 s .co m*/ } else { try { save(containerForm, target); customFieldForm.onEditSave(target, containerForm); target.add(this); } catch (DataIntegrityViolationException e) { this.error(getString("duplicate.keys.error")); processErrors(target); } } }
From source file:au.org.theark.disease.web.component.affection.SearchResultListPanel.java
License:Open Source License
private AjaxLink buildLink(final AffectionVO affectionVO) { ArkBusyAjaxLink link = new ArkBusyAjaxLink("disease.name") { @Override/* w ww. j a va2 s.c om*/ public void onClick(AjaxRequestTarget target) { Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); ArkCRUDHelper.preProcessDetailPanelOnSearchResults(target, arkCrudContainerVO); containerForm.setModelObject(affectionVO); } }; Label nameLinkLabel = new Label("affection.name", affectionVO.getAffection().getDisease().getName()); link.add(nameLinkLabel); return link; }