List of usage examples for org.apache.shiro SecurityUtils getSubject
public static Subject getSubject()
From source file:au.org.theark.core.security.AAFRealm.java
License:Open Source License
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAuthorizationInfo simpleAuthInfo = new SimpleAuthorizationInfo(); // Get the logged in user name from Shiro Session String ldapUserName = (String) principals.getPrimaryPrincipal(); Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); Long sessionFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); Long sessionModuleId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_MODULE_KEY); try {/*www . j a v a 2 s .c o m*/ if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId == null) { // Load the role for the given module and use case ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, null); simpleAuthInfo.addRole(role); /* Check if the logged in user is a Super Administrator */ if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } else if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId != null) { // Get the roles for the study in context Study study = iArkCommonService.getStudy(sessionStudyId); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, study); simpleAuthInfo.addRole(role); if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } } catch (EntityNotFoundException e) { log.error(e.getMessage()); } return simpleAuthInfo; }
From source file:au.org.theark.core.security.ArkLdapRealm.java
License:Open Source License
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAuthorizationInfo simpleAuthInfo = new SimpleAuthorizationInfo(); // Get the logged in user name from Shiro Session String ldapUserName = (String) principals.getPrimaryPrincipal(); Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); Long sessionFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); Long sessionModuleId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_MODULE_KEY); try {/*ww w .j a v a2s .c o m*/ if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId == null) { // Load the role for the given module and use case ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, null); simpleAuthInfo.addRole(role); /*//Add multiple roles iArkCommonService.getArkRoleListByUserAndStudy(arkUserVo, study); simpleAuthInfo.addRoles(roles);*/ /* Check if the logged in user is a Super Administrator */ if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } else if (sessionModuleId != null && sessionFunctionId != null && sessionStudyId != null) { // Get the roles for the study in context Study study = iArkCommonService.getStudy(sessionStudyId); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(sessionFunctionId); ArkModule arkModule = iArkCommonService.getArkModuleById(sessionModuleId); String role = iArkCommonService.getUserRole(ldapUserName, arkFunction, arkModule, study); simpleAuthInfo.addRole(role); if (iArkCommonService.isSuperAdministator(ldapUserName, arkFunction, arkModule)) { java.util.Collection<String> userRolePermission = iArkCommonService.getArkRolePermission(role); simpleAuthInfo.addStringPermissions(userRolePermission); } else { if (role != null) { java.util.Collection<String> userRolePermission = iArkCommonService .getArkRolePermission(arkFunction, role, arkModule); simpleAuthInfo.addStringPermissions(userRolePermission); } } } } catch (EntityNotFoundException e) { log.error(e.getMessage()); } return simpleAuthInfo; }
From source file:au.org.theark.core.security.ArkPermissionHelper.java
License:Open Source License
/** * Determines whether a particular module function is accessible/permitted by the user in context * // w w w . j a v a 2 s . com * @param actionType * @return true if user in context has any of the CREATE, UPDATE, or READ permissions */ public static boolean isModuleFunctionAccessPermitted() { boolean modulePermitted = true; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); boolean hasSearchPermission = hasSearchPermission(securityManager, currentUser); boolean hasSavePermission = hasSavePermission(securityManager, currentUser); boolean hasEditPermission = hasEditPermission(securityManager, currentUser); boolean hasPermissions = (hasSearchPermission || hasSavePermission || hasEditPermission); if (!(hasPermissions)) { modulePermitted = false; } return modulePermitted; }
From source file:au.org.theark.core.security.ArkPermissionHelper.java
License:Open Source License
/** * Determines whether a particular module is accessible by the user, for the study in context * /*from www .j a v a 2s . c o m*/ * @param arkModuleName * @return true if module set to be accessed/used within the study in context */ public static boolean isModuleAccessPermitted(String arkModuleName) { boolean modulePermitted = true; Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); if (sessionStudyId != null) { String arkModule = (String) SecurityUtils.getSubject().getSession().getAttribute(arkModuleName); if (arkModule != null) { if (arkModule.equals(arkModuleName)) { modulePermitted = true; } else { modulePermitted = false; } } } else { modulePermitted = false; } return modulePermitted; }
From source file:au.org.theark.core.security.ArkPermissionHelper.java
License:Open Source License
/** * Determines whether a particular action is permitted by the user in context (eg Save, Edit, Delete) * /*from ww w. ja v a 2 s . co m*/ * @param actionType * @return true if action is permitted */ public static boolean isActionPermitted(String actionType) { boolean actionPermitted = false; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (actionType.equalsIgnoreCase(Constants.SEARCH)) { actionPermitted = hasSearchPermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.SAVE)) { actionPermitted = hasSavePermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.EDIT)) { actionPermitted = hasEditPermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.DELETE)) { actionPermitted = hasDeletePermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.NEW)) { actionPermitted = hasNewPermission(securityManager, currentUser); } return actionPermitted; }
From source file:au.org.theark.core.security.ArkSecurityManager.java
License:Open Source License
public boolean subjectHasRole(String roleName) { Subject currentUser = SecurityUtils.getSubject(); return getShiroSecurityManager().hasRole(currentUser.getPrincipals(), roleName); }
From source file:au.org.theark.core.security.ArkSecurityManager.java
License:Open Source License
public boolean[] subjectHasRoles(List<String> rolesName) { Subject currentUser = SecurityUtils.getSubject(); return getShiroSecurityManager().hasRoles(currentUser.getPrincipals(), rolesName); }
From source file:au.org.theark.core.service.ArkCommonServiceImpl.java
License:Open Source License
public void delete(Search search) { // Create Both CustomField and CustomFieldDisplay AuditHistory ah = new AuditHistory(); // Custom Field History ah.setActionType(au.org.theark.core.Constants.ACTION_TYPE_DELETED); ah.setComment("Search " + search.getName() + " was deleted successfully."); ah.setEntityId(search.getId());//from w ww . ja v a 2 s. co m ah.setEntityType(au.org.theark.core.Constants.ENTITY_TYPE_SEARCH); this.createAuditHistory(ah, SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal().toString(), search.getStudy()); studyDao.delete(search); }
From source file:au.org.theark.core.service.ArkCommonServiceImpl.java
License:Open Source License
@Override public void deleteUpload(Upload upload) { AuditHistory ah = new AuditHistory(); ah.setActionType(au.org.theark.core.Constants.ACTION_TYPE_DELETED); ah.setComment("Upload " + upload.getFilename() + " was deleted successfully."); ah.setEntityId(upload.getId());/* w w w . j ava 2 s. co m*/ ah.setEntityType(au.org.theark.core.Constants.ENTITY_TYPE_STUDY_UPLOAD); this.createAuditHistory(ah, SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal().toString(), upload.getStudy()); studyDao.deleteUpload(upload); }
From source file:au.org.theark.core.service.ArkCommonServiceImpl.java
License:Open Source License
@Override public WebComponent getHostedByImage() { WebComponent hostedByImage = new ContextImage("hostedByImage", new Model<String>("images/" + Constants.HOSTED_BY_IMAGE)); try {/*from ww w. j a va 2s. c o m*/ Long sessionStudyId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.STUDY_CONTEXT_ID); Study study = null; if (sessionStudyId != null) { study = getStudy(sessionStudyId); } SettingFile settingFile = iArkSettingService.getSettingFileFromSetting("BRANDING_IMAGE_LEFT", study, null); if (settingFile != null) { File hosted_file = retriveArkFileAttachmentAsFile(null, null, au.org.theark.core.Constants.ARK_SETTINGS_DIR, settingFile.getFileId(), settingFile.getChecksum()); hostedByImage = new NonCachingImage("hostedByImage", new AbstractReadOnlyModel<DynamicImageResource>() { @Override public DynamicImageResource getObject() { DynamicImageResource dir = getDynamicImageResourceForFile(settingFile, hosted_file); dir.setFormat("image/png"); return dir; } }); } } catch (ArkSystemException e) { e.printStackTrace(); } catch (ArkFileNotFoundException e) { e.printStackTrace(); } catch (ArkCheckSumNotSameException e) { e.printStackTrace(); } catch (NullPointerException e) { e.printStackTrace(); } hostedByImage.setOutputMarkupId(true); return hostedByImage; }