List of usage examples for org.springframework.security.core GrantedAuthority getAuthority
String getAuthority();
GrantedAuthority
can be represented as a String
and that String
is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String
. From source file:org.telscenter.sail.webapp.presentation.web.controllers.author.project.ExportProjectController.java
/** * Return true iff the logged-in user is allowed to export the project * @param signedInUser user that is signed in * @param project can the signed in user export this project? * @return true/false/* w w w . j av a 2 s. c o m*/ */ private boolean authorize(User signedInUser, Project project) { Collection<? extends GrantedAuthority> authorities = signedInUser.getUserDetails().getAuthorities(); for (GrantedAuthority authority : authorities) { if (authority.getAuthority().equals(UserDetailsService.ADMIN_ROLE)) { // if signed in user is an admin, (s)he can export all projects. return true; } else if (authority.getAuthority().equals(UserDetailsService.TEACHER_ROLE)) { //the signed in user is a teacher return this.projectService.canAuthorProject(project, signedInUser) || this.projectService.canReadProject(project, signedInUser); } } // other request methods are not authorized at this point return false; }
From source file:org.telscenter.sail.webapp.presentation.web.controllers.project.ExportProjectController.java
/** * Return true iff the logged-in user is allowed to export the project * @param signedInUser user that is signed in * @param project can the signed in user export this project? * @return true/false// w ww. j av a 2s . c om */ private boolean authorize(User signedInUser, Project project) { if (signedInUser != null) { Collection<? extends GrantedAuthority> authorities = signedInUser.getUserDetails().getAuthorities(); for (GrantedAuthority authority : authorities) { if (authority.getAuthority().equals(UserDetailsService.ADMIN_ROLE)) { // if signed in user is an admin, (s)he can export all projects. return true; } else if (authority.getAuthority().equals(UserDetailsService.TEACHER_ROLE)) { //the signed in user is a teacher return this.projectService.canAuthorProject(project, signedInUser) || this.projectService.canReadProject(project, signedInUser); } } } // other request methods are not authorized at this point return false; }
From source file:pl.bcichecki.rms.services.impl.PrivilegesServiceImpl.java
@Override @SuppressWarnings("unchecked") public Set<PrivilegeType> getAuthenticatedUsersPrivileges() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { return SetUtils.EMPTY_SET; }/*from w w w. j a v a 2 s .c om*/ Set<PrivilegeType> privileges = new HashSet<PrivilegeType>(); for (GrantedAuthority g : authentication.getAuthorities()) { privileges.add(PrivilegeType.fromString(g.getAuthority())); } return privileges; }
From source file:ro.cs.om.web.security.UserAuth.java
/** * @param authorities the authorities to set *//*from w w w . j a va 2 s.c om*/ public void setAuthorities(Collection<? extends GrantedAuthority> authorities) { if (authorities == null) return; this.authorities = authorities; if (authoritiesHash != null) { authoritiesHash.clear(); } else { authoritiesHash = new HashMap<String, Object>(); } for (GrantedAuthority ga : authorities) { authoritiesHash.put(ga.getAuthority(), new Object()); } }
From source file:rusch.megan6server.TextFileAuthentication.java
/**Check auth contains read permission * /*from ww w . j a v a 2 s .co m*/ * @param authorities * @return */ public boolean canRead(Collection<? extends GrantedAuthority> authorities) { for (GrantedAuthority auth : authorities) { if (auth.getAuthority().equals(ROLE_READER)) { return true; } } return false; }
From source file:rusch.megan6server.TextFileAuthentication.java
/**Check if auth contains the right to modify users * /*from w ww . j ava 2s.c o m*/ * @param authorities * @return */ public boolean isAdmin(Collection<? extends GrantedAuthority> authorities) { for (GrantedAuthority auth : authorities) { if (auth.getAuthority().equals(ROLE_ADMIN)) { return true; } } return false; }
From source file:software.coolstuff.springframework.owncloud.config.AuthorityMapperConfiguration.java
@Bean public GrantedAuthoritiesMapper grantedAuthoritiesMapper() { return (grantedAuthorities) -> { if (CollectionUtils.isEmpty(grantedAuthorities)) { return grantedAuthorities; }//from w w w . j a v a 2s . c om List<GrantedAuthority> mappedAuthorities = new ArrayList<>(); for (GrantedAuthority grantedAuthority : grantedAuthorities) { mappedAuthorities.add(new SimpleGrantedAuthority("MAPPED_" + grantedAuthority.getAuthority())); } return mappedAuthorities; }; }
From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java
@Override @Transactional//w w w .j ava 2s.co m public void addGroupAuthority(String groupName, GrantedAuthority authority) { UserGroup g = loadGroup(groupName); for (gemma.gsec.model.GroupAuthority ga : g.getAuthorities()) { if (ga.getAuthority().equals(authority.getAuthority())) { logger.warn("Group already has authority" + authority.getAuthority()); return; } } GroupAuthority auth = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.GroupAuthority(); auth.setAuthority(authority.getAuthority()); g.getAuthorities().add(auth); userService.update(g); }
From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java
@Override @Transactional/*from w w w.jav a2s . c o m*/ public void createGroup(String groupName, List<GrantedAuthority> authorities) { UserGroup g = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.UserGroup(); g.setName(groupName); for (GrantedAuthority ga : authorities) { GroupAuthority groupAuthority = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.GroupAuthority(); groupAuthority.setAuthority(ga.getAuthority()); g.getAuthorities().add(groupAuthority); } userService.create(g); }
From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java
@Override @Transactional//from w ww . j a v a2 s. c om public void removeGroupAuthority(String groupName, GrantedAuthority authority) { UserGroup group = loadGroup(groupName); userService.removeGroupAuthority(group, authority.getAuthority()); }