List of usage examples for org.apache.shiro.util ThreadContext getSecurityManager
public static SecurityManager getSecurityManager()
From source file:au.org.theark.admin.web.menu.AdminTabProviderImpl.java
License:Open Source License
public ITab createTab(String tabName) { return new ArkMainTab(new Model<String>(tabName)) { private static final long serialVersionUID = -5063032622932238615L; @Override// w w w . ja v a2s.com public Panel getPanel(String pid) { // The sub menu(s) for Admin return new AdminSubMenuTab(pid); } public boolean isAccessible() { return true; } public boolean isVisible() { boolean flag = false; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); // Only a Super Administrator can see the Admin tab/menu if (securityManager.hasRole(currentUser.getPrincipals(), au.org.theark.core.security.RoleConstants.ARK_ROLE_SUPER_ADMINISTATOR)) { flag = currentUser.isAuthenticated(); } else { flag = false; } return flag; } }; }
From source file:au.org.theark.core.security.ArkPermissionHelper.java
License:Open Source License
/** * Determines whether a particular module function is accessible/permitted by the user in context * //from w ww . j a v a 2 s. c o m * @param actionType * @return true if user in context has any of the CREATE, UPDATE, or READ permissions */ public static boolean isModuleFunctionAccessPermitted() { boolean modulePermitted = true; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); boolean hasSearchPermission = hasSearchPermission(securityManager, currentUser); boolean hasSavePermission = hasSavePermission(securityManager, currentUser); boolean hasEditPermission = hasEditPermission(securityManager, currentUser); boolean hasPermissions = (hasSearchPermission || hasSavePermission || hasEditPermission); if (!(hasPermissions)) { modulePermitted = false; } return modulePermitted; }
From source file:au.org.theark.core.security.ArkPermissionHelper.java
License:Open Source License
/** * Determines whether a particular action is permitted by the user in context (eg Save, Edit, Delete) * /* ww w . ja v a 2 s .c o m*/ * @param actionType * @return true if action is permitted */ public static boolean isActionPermitted(String actionType) { boolean actionPermitted = false; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (actionType.equalsIgnoreCase(Constants.SEARCH)) { actionPermitted = hasSearchPermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.SAVE)) { actionPermitted = hasSavePermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.EDIT)) { actionPermitted = hasEditPermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.DELETE)) { actionPermitted = hasDeletePermission(securityManager, currentUser); } else if (actionType.equalsIgnoreCase(Constants.NEW)) { actionPermitted = hasNewPermission(securityManager, currentUser); } return actionPermitted; }
From source file:au.org.theark.core.security.ArkSecurityManager.java
License:Open Source License
private SecurityManager getShiroSecurityManager() { return ThreadContext.getSecurityManager(); }
From source file:au.org.theark.core.web.component.AbstractContainerPanel.java
License:Open Source License
protected boolean isActionPermitted() { boolean flag = false; SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (securityManager.isPermitted(currentUser.getPrincipals(), PermissionConstants.READ)) { flag = true;/* ww w. jav a 2 s . c o m*/ } else { flag = false; } return flag; }
From source file:au.org.theark.core.web.component.AbstractContainerPanel.java
License:Open Source License
protected void disableUploadersInDemoMode() { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (!securityManager.hasRole(currentUser.getPrincipals(), au.org.theark.core.security.RoleConstants.ARK_ROLE_SUPER_ADMINISTATOR) && Constants.YES.equalsIgnoreCase(iArkCommonService.getDemoMode().getPropertyValue())) { ComponentHierarchyIterator iterrator = this.visitChildren(); while (iterrator.hasNext()) { Component component = iterrator.next(); if (FileUploadField.class.isAssignableFrom(component.getClass())) { component.setEnabled(false); }//from w ww .j a v a2 s .c o m } } }
From source file:au.org.theark.core.web.component.customfield.dataentry.AbstractCustomDataEditorForm.java
License:Open Source License
public void onBeforeRender() { super.onBeforeRender(); visitChildren(formVisitor);// w ww.jav a 2s. c o m SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE dataViewWMC.setOutputMarkupId(true); dataViewWMC.setEnabled(true); this.add(dataViewWMC); } else { dataViewWMC.setOutputMarkupId(true); dataViewWMC.setEnabled(false); //default to View mode this.add(dataViewWMC); } Long arkFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(arkFunctionId); if (arkFunction.getName() .equalsIgnoreCase(au.org.theark.core.Constants.FUNCTION_KEY_VALUE_SUBJECT_CUSTOM_DATA)) { EditModeButtonsPanel buttonPanel = (EditModeButtonsPanel) buttonsPanelWMC.get("buttonsPanel"); if (buttonPanel != null) { ((ArkAjaxButton) buttonPanel.get("cancel")).setVisible(false); } } }
From source file:au.org.theark.core.web.form.AbstractArchiveDetailForm.java
License:Open Source License
public void onBeforeRender() { super.onBeforeRender(); visitChildren(formVisitor);// w w w . j a v a 2 s .c o m SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE //If the logged in user has Create,Update Or Delete then by-pass the View/Read Only Screen and show the Edit Screen ArkCRUDHelper.onBeforeRenderWithCRDPermissions(crudVO); } else { ArkCRUDHelper.onBeforeRenderWithReadPermission(crudVO); } }
From source file:au.org.theark.core.web.form.AbstractDetailForm.java
License:Open Source License
public void onBeforeRender() { super.onBeforeRender(); visitChildren(formVisitor);/*from w ww . j a v a 2s . co m*/ Long arkFunctionId = (Long) SecurityUtils.getSubject().getSession() .getAttribute(au.org.theark.core.Constants.ARK_FUNCTION_KEY); ArkFunction arkFunction = iArkCommonService.getArkFunctionById(arkFunctionId); if (arkFunction.getName().equalsIgnoreCase(au.org.theark.core.Constants.FUNCTION_KEY_VALUE_LIMS_SUBJECT)) { ArkCRUDHelper.onBeforeRenderWithCRDPermissions(arkCrudContainerVO, arkFunction); } else { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE //If the logged in user has Create,Update Or Delete then by-pass the View/Read Only Screen and show the Edit Screen ArkCRUDHelper.onBeforeRenderWithCRDPermissions(arkCrudContainerVO); } else { ArkCRUDHelper.onBeforeRenderWithReadPermission(arkCrudContainerVO); } } }
From source file:au.org.theark.core.web.form.AbstractModalDetailForm.java
License:Open Source License
/** * // ww w . j ava2 s . c o m * Initialise method that is specific to classes that follow the ArkCrudContainerVO Pattern. The code related to each function has been modularised * into protected methods, this is to provide the subclasses to refer to the protected methods without having to re-create/duplicate them when they * extend the classes. */ protected void initialiseForm() { buttonsPanelWMC = new WebMarkupContainer("buttonsPanelWMC"); buttonsPanelWMC.setOutputMarkupPlaceholderTag(true); if (isNew()) { // ARK-333: Allow the form go straight into Edit mode for creating a New record initialiseEditButtonsPanel(true); arkCrudContainerVo.getDetailPanelFormContainer().setEnabled(true); } else { SecurityManager securityManager = ThreadContext.getSecurityManager(); Subject currentUser = SecurityUtils.getSubject(); if (ArkPermissionHelper.hasEditPermission(securityManager, currentUser) || //User can UPDATE ArkPermissionHelper.hasNewPermission(securityManager, currentUser) || //User can CREATE ArkPermissionHelper.hasDeletePermission(securityManager, currentUser)) { //User can DELETE initialiseEditButtonsPanel(false); arkCrudContainerVo.getDetailPanelFormContainer().setEnabled(true); } else { initialiseEditButtonsPanelForReadOnlyUser(); } } addComponentsToForm(); }