Example usage for org.springframework.security.acls.domain PrincipalSid PrincipalSid

List of usage examples for org.springframework.security.acls.domain PrincipalSid PrincipalSid

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.acls.domain.*
  5. PrincipalSid
  6. PrincipalSid

Introduction

In this page you can find the example usage for org.springframework.security.acls.domain PrincipalSid PrincipalSid.

Prototype

public PrincipalSid(Authentication authentication)

Source Link

Usage

From source file:ubic.gemma.security.SecurityServiceImpl.java

@Override
@Secured("GROUP_ADMIN")
public Collection<Sid> getAvailableSids() {

    Collection<Sid> results = new HashSet<Sid>();

    Collection<String> users = userManager.findAllUsers();

    for (String u : users) {
        results.add(new PrincipalSid(u));
    }/*from  ww  w .ja  v  a2  s  .  co  m*/

    Collection<String> groups = userManager.findAllGroups();

    for (String g : groups) {
        List<GrantedAuthority> ga = userManager.findGroupAuthorities(g);
        for (GrantedAuthority grantedAuthority : ga) {
            results.add(new GrantedAuthoritySid(grantedAuthority.getAuthority()));
        }
    }

    return results;
}

From source file:ubic.gemma.security.SecurityServiceImpl.java

@Override
@Secured("GROUP_ADMIN")
public void makeOwnedByUser(Securable s, String userName) {
    MutableAcl acl = getAcl(s);/*w w w .jav a  2  s .c  o  m*/

    Sid owner = acl.getOwner();
    if (owner != null && owner instanceof PrincipalSid
            && ((PrincipalSid) owner).getPrincipal().equals(userName)) {
        /*
         * Already owned by the given user -- note we don't check if the user exists here.
         */
        return;
    }

    // make sure user exists and is enabled.
    UserDetails user = this.userManager.loadUserByUsername(userName);
    if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) {
        throw new IllegalArgumentException("User  " + userName + " has a disabled account");
    }

    acl.setOwner(new PrincipalSid(userName));
    aclService.updateAcl(acl);

    /*
     * FIXME: I don't know if these are necessary if you are the owner.
     */
    addPrincipalAuthority(s, BasePermission.WRITE, userName);
    addPrincipalAuthority(s, BasePermission.READ, userName);
}

From source file:ubic.gemma.security.SecurityServiceImpl.java

@Override
@Secured("GROUP_ADMIN")
public void setOwner(Securable s, String userName) {

    // make sure user exists and is enabled.
    UserDetails user = this.userManager.loadUserByUsername(userName);
    if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) {
        throw new IllegalArgumentException("User  " + userName + " has a disabled account");
    }/*w w  w  .  j a  va 2  s .  c o m*/

    ObjectIdentity oi = this.objectIdentityRetrievalStrategy.getObjectIdentity(s);
    MutableAcl a = (MutableAcl) this.aclService.readAclById(oi);

    a.setOwner(new PrincipalSid(userName));

    this.aclService.updateAcl(a);

}

From source file:ubic.gemma.security.SecurityServiceImpl.java

/**
 * @param s/*from  w w w .  j  ava 2 s  .c  o  m*/
 * @param permission
 * @param principal i.e. username
 */
private void addPrincipalAuthority(Securable s, Permission permission, String principal) {
    MutableAcl acl = getAcl(s);
    acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(principal), true);
    aclService.updateAcl(acl);
}