List of usage examples for org.springframework.security.acls.domain PrincipalSid PrincipalSid
public PrincipalSid(Authentication authentication)
From source file:ubic.gemma.security.SecurityServiceImpl.java
@Override @Secured("GROUP_ADMIN") public Collection<Sid> getAvailableSids() { Collection<Sid> results = new HashSet<Sid>(); Collection<String> users = userManager.findAllUsers(); for (String u : users) { results.add(new PrincipalSid(u)); }/*from ww w .ja v a2 s . co m*/ Collection<String> groups = userManager.findAllGroups(); for (String g : groups) { List<GrantedAuthority> ga = userManager.findGroupAuthorities(g); for (GrantedAuthority grantedAuthority : ga) { results.add(new GrantedAuthoritySid(grantedAuthority.getAuthority())); } } return results; }
From source file:ubic.gemma.security.SecurityServiceImpl.java
@Override @Secured("GROUP_ADMIN") public void makeOwnedByUser(Securable s, String userName) { MutableAcl acl = getAcl(s);/*w w w .jav a 2 s .c o m*/ Sid owner = acl.getOwner(); if (owner != null && owner instanceof PrincipalSid && ((PrincipalSid) owner).getPrincipal().equals(userName)) { /* * Already owned by the given user -- note we don't check if the user exists here. */ return; } // make sure user exists and is enabled. UserDetails user = this.userManager.loadUserByUsername(userName); if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) { throw new IllegalArgumentException("User " + userName + " has a disabled account"); } acl.setOwner(new PrincipalSid(userName)); aclService.updateAcl(acl); /* * FIXME: I don't know if these are necessary if you are the owner. */ addPrincipalAuthority(s, BasePermission.WRITE, userName); addPrincipalAuthority(s, BasePermission.READ, userName); }
From source file:ubic.gemma.security.SecurityServiceImpl.java
@Override @Secured("GROUP_ADMIN") public void setOwner(Securable s, String userName) { // make sure user exists and is enabled. UserDetails user = this.userManager.loadUserByUsername(userName); if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) { throw new IllegalArgumentException("User " + userName + " has a disabled account"); }/*w w w . j a va 2 s . c o m*/ ObjectIdentity oi = this.objectIdentityRetrievalStrategy.getObjectIdentity(s); MutableAcl a = (MutableAcl) this.aclService.readAclById(oi); a.setOwner(new PrincipalSid(userName)); this.aclService.updateAcl(a); }
From source file:ubic.gemma.security.SecurityServiceImpl.java
/** * @param s/*from w w w . j ava 2 s .c o m*/ * @param permission * @param principal i.e. username */ private void addPrincipalAuthority(Securable s, Permission permission, String principal) { MutableAcl acl = getAcl(s); acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(principal), true); aclService.updateAcl(acl); }