List of usage examples for org.springframework.security.acls.domain PrincipalSid PrincipalSid
public PrincipalSid(Authentication authentication)
From source file:net.projectmonkey.spring.acl.util.SidUtil.java
public static Sid createSid(final String authority, final boolean principal) { Sid toReturn = null;/*from w w w . j av a2s. c om*/ if (principal) { toReturn = new PrincipalSid(authority); } else { toReturn = new GrantedAuthoritySid(authority); } return toReturn; }
From source file:org.jtalks.common.service.security.AclBuilderImpl.java
/** * {@inheritDoc}//from w ww. ja va 2 s . com */ @Override public AclBuilder user(String username) { sids.add(new PrincipalSid(username)); return this; }
From source file:org.jtalks.common.service.security.AclManagerImplTest.java
@BeforeClass public void setUpClass() { sids.add(new GrantedAuthoritySid(ROLE)); sids.add(new PrincipalSid(USERNAME)); permissions.add(BasePermission.READ); }
From source file:org.bremersee.common.acl.test.AclServiceTests.java
@Test public void testAcl() { LOG.info("Testing ..."); RunAsUtil.runAs("tester", getRunAsRoles(), () -> { MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100")); acl.setOwner(new PrincipalSid("tester")); acl.setEntriesInheriting(false); acl.setParent(null);// w w w.j av a 2s. co m acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true); acl = aclService.updateAcl(acl); return acl; }); MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100")); LOG.info("Acl: " + acl); boolean friendCanRead = permissionEvaluator.hasPermission( new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ"); LOG.info("Successful? " + friendCanRead); TestCase.assertEquals(true, friendCanRead); }
From source file:sample.contact.service.impl.MenuServiceImpl.java
public Menu create(Menu menu) { // Create the Menu itself menu = menuDao.save(menu);// w w w . java 2s. c om // Grant the current principal administrative permission to the menu addPermission(menu, new PrincipalSid(getUsername()), BasePermission.ADMINISTRATION); if (logger.isDebugEnabled()) { logger.debug("Created menu " + menu + " and granted admin permission to recipient " + getUsername()); } return menu; }
From source file:org.tibetjungle.demo.service.ContactServiceImpl.java
public void create(Contact contact) { // Create the Contact itself contact.setId(new Long(counter++)); contactDao.create(contact);// www .j a v a 2s . co m // Grant the current principal administrative permission to the contact aclPermissionService.grantAfterCreating(contact, new PrincipalSid(getUsername()), BasePermission.ADMINISTRATION); if (logger.isDebugEnabled()) { logger.debug( "Created contact " + contact + " and granted admin permission to recipient " + getUsername()); } }
From source file:de.randi2.aspects.SecurityAspects.java
/** * Aroung Aspect to secure the randomize prozess. * //from w w w . j a v a 2s . c o m * @param pjp * the pjp * * @return the object * * @throws Throwable * the throwable */ @Around("execution(public * de.randi2.services.*.randomize*(..))") @Transactional(propagation = Propagation.REQUIRED) public Object secRandomize(ProceedingJoinPoint pjp) throws Throwable { boolean allowedReadTrial = false; Trial trial = (Trial) pjp.getArgs()[0]; if (trial.getStatus() == TrialStatus.ACTIVE) { TrialSubject subject = (TrialSubject) pjp.getArgs()[1]; try { Acl acl = aclService.readAclById(new ObjectIdentityHibernate(Trial.class, trial.getId()), sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()))); allowedReadTrial = acl.isGranted( permissionsOf(PermissionHibernate.READ, PermissionHibernate.ADMINISTRATION), sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())), false); if (allowedReadTrial) { acl = aclService.readAclById(new ObjectIdentityHibernate(TrialSubject.class, subject.getId()), sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()))); boolean allowedRandomize = acl.isGranted( permissionsOf(PermissionHibernate.CREATE, PermissionHibernate.ADMINISTRATION), sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())), false); if (allowedRandomize) { return pjp.proceed(); } } } catch (NotFoundException e) { logger.info("The user (" + SecurityContextHolder.getContext().getAuthentication().getName() + ")have no permission to randomize in this trial!"); } throw new AccessDeniedException("You have not the permission to randomize in this trial!"); } else { throw new AccessDeniedException("It is not possible to randomize in this inactive trial!"); } }
From source file:gov.nih.nci.ncicb.tcga.dcc.common.security.impl.AclSecurityUtilImpl.java
@Override @Transactional//from ww w . java 2 s .c o m public void addPermission(final DccAnnotationNote dccAnnotationNote, final Permission permission) { final Sid recipient = new PrincipalSid(securityUtil.getAuthenticatedPrincipalLoginName()); addPermission(dccAnnotationNote, recipient, permission); }
From source file:net.projectmonkey.spring.acl.hbase.repository.AccessControlEntryValueTest.java
@Test public void keyCreatedCorrectlyForGrantingPermissionAndPrincipal() { Sid sid = new PrincipalSid(AUTHORITY); AccessControlEntryValue underTest = new AccessControlEntryValue(ID, sid, PERMISSION, true); assertTrue(underTest.isGranting());/*from w w w .ja v a 2s . c o m*/ assertTrue(ArrayUtils.isEquals(GRANTING_PRINCIPAL_KEY_BYTES, underTest.getKey())); assertEquals(ID, underTest.getId()); assertEquals(sid, underTest.getSid()); assertEquals(AUTHORITY, underTest.getAuthority()); assertEquals(PERMISSION, underTest.getPermission()); }
From source file:org.jtalks.common.service.security.AclManagerImplTest.java
@Test public void testGrantOnObjectWithNotExistingAcl() throws Exception { ObjectIdentity objectIdentity = new ObjectIdentityImpl(target.getClass(), ID); MutableAcl objectAcl = new AclImpl(objectIdentity, 2L, mock(AclAuthorizationStrategy.class), mock(AuditLogger.class)); when(aclService.readAclById(objectIdentity)).thenThrow(new NotFoundException("")); when(aclService.createAcl(objectIdentity)).thenReturn(objectAcl); manager.grant(sids, permissions, target); assertGranted(objectAcl, new PrincipalSid(USERNAME), BasePermission.READ, "Permission to user not granted"); assertGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.READ, "Permission to ROLE_USER not granted"); verify(aclService).readAclById(objectIdentity); verify(aclService).createAcl(objectIdentity); verify(aclService).updateAcl(objectAcl); }