Example usage for org.springframework.security.acls.domain PrincipalSid PrincipalSid

List of usage examples for org.springframework.security.acls.domain PrincipalSid PrincipalSid

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.acls.domain.*
  5. PrincipalSid
  6. PrincipalSid

Introduction

In this page you can find the example usage for org.springframework.security.acls.domain PrincipalSid PrincipalSid.

Prototype

public PrincipalSid(Authentication authentication)

Source Link

Usage

From source file:net.projectmonkey.spring.acl.util.SidUtil.java

public static Sid createSid(final String authority, final boolean principal) {
    Sid toReturn = null;/*from w w w  . j  av a2s.  c  om*/
    if (principal) {
        toReturn = new PrincipalSid(authority);
    } else {
        toReturn = new GrantedAuthoritySid(authority);
    }
    return toReturn;
}

From source file:org.jtalks.common.service.security.AclBuilderImpl.java

/**
 * {@inheritDoc}//from   w ww. ja va  2  s  . com
 */
@Override
public AclBuilder user(String username) {
    sids.add(new PrincipalSid(username));
    return this;
}

From source file:org.jtalks.common.service.security.AclManagerImplTest.java

@BeforeClass
public void setUpClass() {
    sids.add(new GrantedAuthoritySid(ROLE));
    sids.add(new PrincipalSid(USERNAME));
    permissions.add(BasePermission.READ);
}

From source file:org.bremersee.common.acl.test.AclServiceTests.java

@Test
public void testAcl() {
    LOG.info("Testing ...");

    RunAsUtil.runAs("tester", getRunAsRoles(), () -> {
        MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100"));
        acl.setOwner(new PrincipalSid("tester"));
        acl.setEntriesInheriting(false);
        acl.setParent(null);//  w  w w.j  av  a  2s.  co  m
        acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true);
        acl = aclService.updateAcl(acl);
        return acl;
    });

    MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100"));
    LOG.info("Acl: " + acl);

    boolean friendCanRead = permissionEvaluator.hasPermission(
            new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ");

    LOG.info("Successful? " + friendCanRead);
    TestCase.assertEquals(true, friendCanRead);

}

From source file:sample.contact.service.impl.MenuServiceImpl.java

public Menu create(Menu menu) {
    // Create the Menu itself
    menu = menuDao.save(menu);// w  w  w .  java  2s.  c  om

    // Grant the current principal administrative permission to the menu
    addPermission(menu, new PrincipalSid(getUsername()), BasePermission.ADMINISTRATION);

    if (logger.isDebugEnabled()) {
        logger.debug("Created menu " + menu + " and granted admin permission to recipient " + getUsername());
    }
    return menu;
}

From source file:org.tibetjungle.demo.service.ContactServiceImpl.java

public void create(Contact contact) {
    // Create the Contact itself
    contact.setId(new Long(counter++));
    contactDao.create(contact);// www .j  a  v a  2s  .  co  m

    // Grant the current principal administrative permission to the contact
    aclPermissionService.grantAfterCreating(contact, new PrincipalSid(getUsername()),
            BasePermission.ADMINISTRATION);

    if (logger.isDebugEnabled()) {
        logger.debug(
                "Created contact " + contact + " and granted admin permission to recipient " + getUsername());
    }
}

From source file:de.randi2.aspects.SecurityAspects.java

/**
 * Aroung Aspect to secure the randomize prozess.
 * //from w w  w .  j a  v a  2s  .  c  o  m
 * @param pjp
 *            the pjp
 * 
 * @return the object
 * 
 * @throws Throwable
 *             the throwable
 */
@Around("execution(public * de.randi2.services.*.randomize*(..))")
@Transactional(propagation = Propagation.REQUIRED)
public Object secRandomize(ProceedingJoinPoint pjp) throws Throwable {
    boolean allowedReadTrial = false;
    Trial trial = (Trial) pjp.getArgs()[0];
    if (trial.getStatus() == TrialStatus.ACTIVE) {
        TrialSubject subject = (TrialSubject) pjp.getArgs()[1];

        try {
            Acl acl = aclService.readAclById(new ObjectIdentityHibernate(Trial.class, trial.getId()),
                    sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())));
            allowedReadTrial = acl.isGranted(
                    permissionsOf(PermissionHibernate.READ, PermissionHibernate.ADMINISTRATION),
                    sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())), false);

            if (allowedReadTrial) {
                acl = aclService.readAclById(new ObjectIdentityHibernate(TrialSubject.class, subject.getId()),
                        sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())));
                boolean allowedRandomize = acl.isGranted(
                        permissionsOf(PermissionHibernate.CREATE, PermissionHibernate.ADMINISTRATION),
                        sidsOf(new PrincipalSid(SecurityContextHolder.getContext().getAuthentication())),
                        false);
                if (allowedRandomize) {
                    return pjp.proceed();
                }

            }
        } catch (NotFoundException e) {
            logger.info("The user (" + SecurityContextHolder.getContext().getAuthentication().getName()
                    + ")have no permission to randomize in this trial!");
        }
        throw new AccessDeniedException("You have not the permission to randomize in this trial!");
    } else {
        throw new AccessDeniedException("It is not possible to randomize in this inactive trial!");
    }
}

From source file:gov.nih.nci.ncicb.tcga.dcc.common.security.impl.AclSecurityUtilImpl.java

@Override
@Transactional//from   ww w  .  java 2 s .c o m
public void addPermission(final DccAnnotationNote dccAnnotationNote, final Permission permission) {

    final Sid recipient = new PrincipalSid(securityUtil.getAuthenticatedPrincipalLoginName());
    addPermission(dccAnnotationNote, recipient, permission);
}

From source file:net.projectmonkey.spring.acl.hbase.repository.AccessControlEntryValueTest.java

@Test
public void keyCreatedCorrectlyForGrantingPermissionAndPrincipal() {
    Sid sid = new PrincipalSid(AUTHORITY);
    AccessControlEntryValue underTest = new AccessControlEntryValue(ID, sid, PERMISSION, true);
    assertTrue(underTest.isGranting());/*from  w w w .ja v  a  2s . c  o m*/
    assertTrue(ArrayUtils.isEquals(GRANTING_PRINCIPAL_KEY_BYTES, underTest.getKey()));
    assertEquals(ID, underTest.getId());
    assertEquals(sid, underTest.getSid());
    assertEquals(AUTHORITY, underTest.getAuthority());
    assertEquals(PERMISSION, underTest.getPermission());
}

From source file:org.jtalks.common.service.security.AclManagerImplTest.java

@Test
public void testGrantOnObjectWithNotExistingAcl() throws Exception {
    ObjectIdentity objectIdentity = new ObjectIdentityImpl(target.getClass(), ID);
    MutableAcl objectAcl = new AclImpl(objectIdentity, 2L, mock(AclAuthorizationStrategy.class),
            mock(AuditLogger.class));
    when(aclService.readAclById(objectIdentity)).thenThrow(new NotFoundException(""));
    when(aclService.createAcl(objectIdentity)).thenReturn(objectAcl);

    manager.grant(sids, permissions, target);

    assertGranted(objectAcl, new PrincipalSid(USERNAME), BasePermission.READ, "Permission to user not granted");
    assertGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.READ,
            "Permission to ROLE_USER not granted");
    verify(aclService).readAclById(objectIdentity);
    verify(aclService).createAcl(objectIdentity);
    verify(aclService).updateAcl(objectAcl);
}