Example usage for org.springframework.security.core GrantedAuthority getAuthority

List of usage examples for org.springframework.security.core GrantedAuthority getAuthority

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.core.*
  5. GrantedAuthority
  6. getAuthority

Introduction

In this page you can find the example usage for org.springframework.security.core GrantedAuthority getAuthority.

Prototype

String getAuthority();

Source Link

Document

If the GrantedAuthority can be represented as a String and that String is sufficient in precision to be relied upon for an access control decision by an AccessDecisionManager (or delegate), this method should return such a String.

Usage

From source file:org.telscenter.sail.webapp.presentation.web.controllers.author.project.ExportProjectController.java

/**
 * Return true iff the logged-in user is allowed to export the project
 * @param signedInUser user that is signed in
 * @param project can the signed in user export this project?
 * @return true/false/* w  w  w .  j  av a  2 s.  c o  m*/
 */
private boolean authorize(User signedInUser, Project project) {
    Collection<? extends GrantedAuthority> authorities = signedInUser.getUserDetails().getAuthorities();
    for (GrantedAuthority authority : authorities) {
        if (authority.getAuthority().equals(UserDetailsService.ADMIN_ROLE)) {
            // if signed in user is an admin, (s)he can export all projects.
            return true;
        } else if (authority.getAuthority().equals(UserDetailsService.TEACHER_ROLE)) {
            //the signed in user is a teacher
            return this.projectService.canAuthorProject(project, signedInUser)
                    || this.projectService.canReadProject(project, signedInUser);
        }
    }
    // other request methods are not authorized at this point
    return false;
}

From source file:org.telscenter.sail.webapp.presentation.web.controllers.project.ExportProjectController.java

/**
 * Return true iff the logged-in user is allowed to export the project
 * @param signedInUser user that is signed in
 * @param project can the signed in user export this project?
 * @return true/false//  w ww.  j  av  a 2s  .  c  om
 */
private boolean authorize(User signedInUser, Project project) {
    if (signedInUser != null) {

        Collection<? extends GrantedAuthority> authorities = signedInUser.getUserDetails().getAuthorities();
        for (GrantedAuthority authority : authorities) {
            if (authority.getAuthority().equals(UserDetailsService.ADMIN_ROLE)) {
                // if signed in user is an admin, (s)he can export all projects.
                return true;
            } else if (authority.getAuthority().equals(UserDetailsService.TEACHER_ROLE)) {
                //the signed in user is a teacher
                return this.projectService.canAuthorProject(project, signedInUser)
                        || this.projectService.canReadProject(project, signedInUser);
            }
        }
    }
    // other request methods are not authorized at this point
    return false;
}

From source file:pl.bcichecki.rms.services.impl.PrivilegesServiceImpl.java

@Override
@SuppressWarnings("unchecked")
public Set<PrivilegeType> getAuthenticatedUsersPrivileges() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        return SetUtils.EMPTY_SET;
    }/*from   w  w  w.  j a  v a 2 s  .c  om*/
    Set<PrivilegeType> privileges = new HashSet<PrivilegeType>();
    for (GrantedAuthority g : authentication.getAuthorities()) {
        privileges.add(PrivilegeType.fromString(g.getAuthority()));
    }
    return privileges;
}

From source file:ro.cs.om.web.security.UserAuth.java

/**
 * @param authorities the authorities to set
 *//*from  w  w w .  j  a  va  2  s.c  om*/
public void setAuthorities(Collection<? extends GrantedAuthority> authorities) {
    if (authorities == null)
        return;
    this.authorities = authorities;
    if (authoritiesHash != null) {
        authoritiesHash.clear();
    } else {
        authoritiesHash = new HashMap<String, Object>();
    }
    for (GrantedAuthority ga : authorities) {
        authoritiesHash.put(ga.getAuthority(), new Object());
    }
}

From source file:rusch.megan6server.TextFileAuthentication.java

/**Check auth contains read permission
 * /*from ww w  . j a v  a 2  s  .co m*/
 * @param authorities
 * @return
 */
public boolean canRead(Collection<? extends GrantedAuthority> authorities) {
    for (GrantedAuthority auth : authorities) {
        if (auth.getAuthority().equals(ROLE_READER)) {
            return true;
        }
    }
    return false;
}

From source file:rusch.megan6server.TextFileAuthentication.java

/**Check if auth contains the right to modify users
 * /*from w ww .  j ava 2s.c o m*/
 * @param authorities
 * @return
 */
public boolean isAdmin(Collection<? extends GrantedAuthority> authorities) {
    for (GrantedAuthority auth : authorities) {
        if (auth.getAuthority().equals(ROLE_ADMIN)) {
            return true;
        }
    }
    return false;
}

From source file:software.coolstuff.springframework.owncloud.config.AuthorityMapperConfiguration.java

@Bean
public GrantedAuthoritiesMapper grantedAuthoritiesMapper() {
    return (grantedAuthorities) -> {
        if (CollectionUtils.isEmpty(grantedAuthorities)) {
            return grantedAuthorities;
        }//from w w  w .  j  a  v a  2s . c om

        List<GrantedAuthority> mappedAuthorities = new ArrayList<>();
        for (GrantedAuthority grantedAuthority : grantedAuthorities) {
            mappedAuthorities.add(new SimpleGrantedAuthority("MAPPED_" + grantedAuthority.getAuthority()));
        }
        return mappedAuthorities;
    };
}

From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java

@Override
@Transactional//w w  w .j  ava  2s.co  m
public void addGroupAuthority(String groupName, GrantedAuthority authority) {
    UserGroup g = loadGroup(groupName);

    for (gemma.gsec.model.GroupAuthority ga : g.getAuthorities()) {
        if (ga.getAuthority().equals(authority.getAuthority())) {
            logger.warn("Group already has authority" + authority.getAuthority());
            return;
        }
    }

    GroupAuthority auth = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.GroupAuthority();
    auth.setAuthority(authority.getAuthority());

    g.getAuthorities().add(auth);

    userService.update(g);
}

From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java

@Override
@Transactional/*from   w  w w.jav  a2s .  c  o m*/
public void createGroup(String groupName, List<GrantedAuthority> authorities) {

    UserGroup g = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.UserGroup();
    g.setName(groupName);
    for (GrantedAuthority ga : authorities) {
        GroupAuthority groupAuthority = new ubc.pavlab.aspiredb.server.model.common.auditAndSecurity.GroupAuthority();
        groupAuthority.setAuthority(ga.getAuthority());
        g.getAuthorities().add(groupAuthority);
    }

    userService.create(g);

}

From source file:ubc.pavlab.aspiredb.server.security.authentication.UserManagerImpl.java

@Override
@Transactional//from w  ww  . j  a  v a2  s.  c om
public void removeGroupAuthority(String groupName, GrantedAuthority authority) {

    UserGroup group = loadGroup(groupName);

    userService.removeGroupAuthority(group, authority.getAuthority());

}