public static Location getEvacuation(Player player) { World world = player.getWorld(); String[] portalnames; if (Permission.has(player, "world.spawn") || Permission.has(player, "tpp")) { for (Position pos : getSpawnPoints()) { Location loc = pos.toLocation(); if (loc.getWorld() == null) continue; if (Permission.canEnter(player, loc.getWorld())) { return loc; } } portalnames = Portal.getPortals(); } else { portalnames = Portal.getPortals(world); } for (String name : portalnames) { if (Permission.canEnterPortal(player, name)) { Location loc = Portal.getPortalLocation(name, player.getWorld().getName(), true); if (loc == null) continue; if (loc.getWorld() == null) continue; if (Permission.canEnter(player, loc.getWorld())) { return loc; } } } return null; }
@CacheNameRemove(name = AppConstants.DEFAULT_CACHENAME) @Before({AdminValidator.PermDeleteValidator.class, Tx.class}) public void permDrop() { Integer id = getParaToInt("permission.id"); Permission permission = Permission.dao.findById(id); boolean result = false; if (!ValidateUtils.me().isNullOrEmpty(permission)) { Permission.dao.updateBy( "`permission`.left_code=`permission`.left_code-2", "`permission`.left_code>=" + permission.get("left_code")); Permission.dao.updateBy( "`permission`.right_code=`permission`.right_code-2", "`permission`.right_code>=" + permission.get("right_code")); result = permission.delete(); if (result) { RolePermission.dao.dropBy("permission_id=" + permission.get("id")); } } if (result) { setAttr("state", "success"); } else { setAttr("state", "failure"); } dynaRender("/view/admin/role.ftl"); }
/** * Saves a role. * * @param role the role to save * @param currentUser the user performing the save operation */ public void saveRole(Role role, User currentUser) throws IOException { Assert.notNull(role); Assert.notNull(currentUser); ILockedRepository repo = null; try { repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false); Map<String, Object> roleMap = new HashMap<String, Object>(); roleMap.put("name", role.getName()); // $NON-NLS-1$ Set<String> permissions = Sets.newHashSet(); for (Permission permission : role.getPermissions()) { permissions.add(permission.name()); } roleMap.put("permissions", permissions); // $NON-NLS-1$ Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create(); String json = gson.toJson(roleMap); File workingDir = RepositoryUtil.getWorkingDir(repo.r()); File workingFile = new File(workingDir, role.getName() + ROLE_SUFFIX); FileUtils.write(workingFile, json, Charsets.UTF_8); Git git = Git.wrap(repo.r()); git.add().addFilepattern(role.getName() + ROLE_SUFFIX).call(); PersonIdent ident = new PersonIdent(currentUser.getLoginName(), currentUser.getEmail()); git.commit().setAuthor(ident).setCommitter(ident).setMessage(role.getName()).call(); } catch (GitAPIException e) { throw new IOException(e); } finally { Util.closeQuietly(repo); } }
@Test public void testPermissions() throws ApplicationsManagerException, MalformedURLException { UUID resourceId = UUID.randomUUID(); Application application = getApplication(applicationName); String apiKey = applicationsManager.registerApplication(application); Assert.assertTrue(applicationsManager.isAuthorized(apiKey)); Permission permission = new Permission(resourceId); permission.setPermission(Permission.Action.RETRIEVE, true); applicationsManager.grantPermission(applicationName, permission); Assert.assertFalse( applicationsManager.isAuthorized(apiKey, resourceId, Permission.Action.DELETE)); applicationsManager.grantPermission(applicationName, resourceId, Permission.Action.DELETE); Assert.assertTrue( applicationsManager.isAuthorized(apiKey, resourceId, Permission.Action.DELETE)); applicationsManager.deregisterApplication(applicationName); Application actual = applicationsManager.getApplication(applicationName); Assert.assertNull(actual); }
public static void hydrateElement(IBaseDao dao, CnATreeElement element, RetrieveInfo ri) { if (element == null) { return; } hydrateEntity(dao, element.getEntity()); // Initialize permissions, so it should be possible to access an elements' // permissions anywhere. for (Permission p : element.getPermissions()) { p.getRole(); p.isReadAllowed(); p.isWriteAllowed(); } // Initialize the complete child->parent chain, since that is needed for checks // whether an element belongs to a specific IT-Verbund. for (CnATreeElement e = element.getParent(); e != null; e = e.getParent()) {} if (ri != null) { CnATreeElement elementWithChildren = (CnATreeElement) dao.retrieve(element.getDbId(), ri); if (elementWithChildren != null) { element.setChildren(elementWithChildren.getChildren()); } } }
@Override public Collection<? extends GrantedAuthority> getAuthorities() { List<SimpleGrantedAuthority> list = new ArrayList<SimpleGrantedAuthority>(); for (Permission p : authGroup.getRoles()) { list.add(new SimpleGrantedAuthority(p.getRolename())); } return list; }
public boolean onCommand(CommandSender sender, Command cmd, String commandLabel, String arg[]) { List<String> args = Arrays.asList(arg); if (cmd.getName().equalsIgnoreCase("creativerights") && Permission.promote(sender)) { if (args.size() != 1) { Util.sendMessage(sender, "&cInvalid arguments supplied!"); return true; } // Check permissions PermissionUser user = Permission.manager.getUser(args.get(0)); if (user.inGroup(Config.CreativeGroup)) Util.sendMessage(sender, "&7" + args.get(0) + " already has creative rights!"); else { user.addGroup(Config.CreativeGroup); Util.sendMessage(sender, "&7" + args.get(0) + " granted creative rights"); } // Check config list Config.savePlayers(); return true; } if (cmd.getName().equalsIgnoreCase("delcreativerights") && Permission.promote(sender)) { if (args.size() != 1) { Util.sendMessage(sender, "&cInvalid arguments supplied!"); return true; } // Check permissions PermissionUser user = Permission.manager.getUser(args.get(0)); if (!user.inGroup(Config.CreativeGroup)) Util.sendMessage(sender, "&7" + args.get(0) + " does not have creative rights!"); else { user.removeGroup(Config.CreativeGroup); Util.sendMessage(sender, "&7Removed creative rights from " + args.get(0)); } // Check config list Config.savePlayers(); return true; } if (cmd.getName().equalsIgnoreCase("creativerender") && Permission.render(sender)) { if (generator.enabled) { Util.info("Running map generator..."); Thread thread = new Thread(generator); thread.start(); } else { Util.info("Map generator not enabled!"); } return true; } return false; }
private List<GrantedAuthority> populateGrantedAuthorities() { final List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(); for (final Role role : this.roles) { final Collection<Permission> permissions = role.getPermissions(); for (final Permission permission : permissions) { grantedAuthorities.add(new SimpleGrantedAuthority(permission.getCode())); } } return grantedAuthorities; }
public void mergeFrom(AccessSection section) { for (Permission src : section.getPermissions()) { Permission dst = getPermission(src.getName()); if (dst != null) { dst.mergeFrom(src); } else { permissions.add(src); } } }
public void setPermissions(List<Permission> list) { Set<String> names = new HashSet<>(); for (Permission p : list) { if (!names.add(p.getName().toLowerCase())) { throw new IllegalArgumentException(); } } permissions = list; }
public Set<String> getPermissionNames() { if (this.permissionNames == null || this.stale) { this.permissionNames = new HashSet<String>(this.permissions.size()); for (Permission perm : this.permissions) { this.permissionNames.add(perm.getName()); } this.permissionNames = Collections.unmodifiableSet(this.permissionNames); this.stale = false; } return this.permissionNames; }
@Override public boolean check(UserContext user, Session source) { if (!permissionSession.check(user, source)) return false; // Is there a mapping to show? if (EventDateMapping.hasMapping(source.getUniqueId())) return true; // Is there a mapping to add? if (user.getCurrentAuthority().hasRight(Right.EventDateMappingEdit) && permissionEventDateMappingEdit.check(user, source)) return true; return false; }
/** * Authorizes a global permission * * @param perms * @param action * @return */ private boolean authorize(List<Permission> perms, Permission.Action action) { if (perms != null) { for (Permission p : perms) { if (p.implies(action)) { return true; } } } else if (LOG.isDebugEnabled()) { LOG.debug("No permissions found"); } return false; }
static final HashMap<Resource, HashMap<Integer, Permission>> buildRegistry( final Collection<? extends Permission> permissions) { final HashMap<Resource, HashMap<Integer, Permission>> registry = new HashMap<>(); for (final Permission permission : permissions) { HashMap<Integer, Permission> map = registry.get(permission.resource()); if (map == null) { registry.put(permission.resource(), map = new HashMap<>()); } map.put(permission.factor(), permission); } return registry; }
@CacheNameRemove(name = AppConstants.DEFAULT_CACHENAME) @Before({AdminValidator.PermUpdateValidator.class, Tx.class}) public void permUpdate() { Permission permission = getModel(Permission.class); if (ValidateUtils.me().isNullOrEmpty(permission.get("pid"))) { permission.remove("pid"); } permission.set("updated_at", new Date()); if (permission.update()) { setAttr("state", "success"); } else { setAttr("state", "failure"); } dynaRender("/view/admin/role.ftl"); }
public Permission getPermission(String name, boolean create) { for (Permission p : getPermissions()) { if (p.getName().equalsIgnoreCase(name)) { return p; } } if (create) { Permission p = new Permission(name); permissions.add(p); return p; } return null; }
public void openWhenClose(Master master, Slave slave, String key) { Permission p = slave.getPermission(this); if (p == null || !p.isValid()) { mPermissionsListener.error(BluetoothClient.DONT_HAVE_PERMISSION); return; } mBluetoothClient = BluetoothClient.getInstance(mContext, this); if (!mBluetoothClient.isSupported()) { mBluetoothListener.bluetoothNotSupported(); return; } else if (!mBluetoothClient.isEnabled()) { mBluetoothListener.enableBluetooth(); return; } mBluetoothClient.executeOpenDoorWhenClose(p.getKey(), master.getName(), slave.getId()); }
private String editRolePermission(Operation op, Permission permission, IRole role) { IGuild parent = role.getGuild(); DiscordGuild g = cacheService.findGuildById(parent.getID()).orElseGet(() -> new DiscordGuild(parent)); DiscordRole edit = null; for (DiscordRole r : g.getRoles()) { if (r.getId().equals(role.getID())) { edit = r; break; } } if (edit == null) { edit = new DiscordRole(role); g.getRoles().add(edit); } if (edit.getName() == null) { edit.setName(role.getName()); } changePermission(op, permission, edit); g = cacheService.saveGuild(g); log.info("Saving new guild/role permission settings: {}", g); permissionService.evict(); return String.format( "Modified role %s: %s permission %s", edit.getName(), op.name().toLowerCase(), permission.getName()); }
/** * Set the array of permissions you want to use in your application * * @param permissions */ public Builder setPermissions(Permission[] permissions) { for (Permission permission : permissions) { switch (permission.getType()) { case READ: mReadPermissions.add(permission.getValue()); break; case PUBLISH: mPublishPermissions.add(permission.getValue()); break; default: break; } } return this; }
public static String toNameList(String perms) { if (perms == null || perms.length() == 0) return ""; StringBuilder sb = new StringBuilder(); for (int i = 0; i < perms.length(); i++) { String v = null; for (Permission f : Permission.values()) { if (f.getPermissionChar() == perms.charAt(i)) { v = f.name(); break; } } if (sb.length() > 0) sb.append(", "); sb.append(v == null ? perms.substring(i, i + 1) : v); } return sb.toString(); }
@Override public boolean check(UserContext user, Department source) { if (!permissionDepartment.check(user, source)) return false; if (!source.isAllowEvents()) return false; int nrRooms = ((Number) DepartmentDAO.getInstance() .getSession() .createQuery( "select count(r) from Room r " + "where r.eventDepartment.uniqueId=:deptId") .setLong("deptId", source.getUniqueId()) .setCacheable(true) .uniqueResult()) .intValue(); if (nrRooms > 0) return true; int nrLocations = ((Number) DepartmentDAO.getInstance() .getSession() .createQuery( "select count(r) from NonUniversityLocation r " + "where r.eventDepartment.uniqueId=:deptId") .setLong("deptId", source.getUniqueId()) .setCacheable(true) .uniqueResult()) .intValue(); return nrLocations > 0; }
/** * Returns the role that has the specified name. * * @throws RoleNotFoundException when the role could not be found */ public Role getRole(String roleName) throws IOException { Assert.hasLength(roleName); ILockedRepository repo = null; try { repo = globalRepositoryManager.getProjectCentralRepository(REPOSITORY_NAME, false); String json = BlobUtils.getHeadContent(repo.r(), roleName + ROLE_SUFFIX); if (json == null) { throw new RoleNotFoundException(roleName); } Gson gson = new GsonBuilder().enableComplexMapKeySerialization().create(); Map<String, Object> roleMap = gson.fromJson(json, new TypeToken<Map<String, Object>>() {}.getType()); @SuppressWarnings("unchecked") Collection<String> permissions = (Collection<String>) roleMap.get("permissions"); // $NON-NLS-1$ EnumSet<Permission> rolePermissions = EnumSet.noneOf(Permission.class); for (String permission : permissions) { rolePermissions.add(Permission.valueOf(permission)); } Role role = new Role(roleName, rolePermissions); return role; } finally { Util.closeQuietly(repo); } }
public EList<Role> getPermissionroles(Permission value) { if (!(value == null)) { EList<Role> res = value.getRoles(); return res; } return null; }
public EList<Operation> getPermissionoperations(Permission value) { if (!(value == null)) { EList<Operation> res = value.getOperations(); return res; } return null; }
public EList<Object> getPermissionobjects(Permission value) { if (!(value == null)) { EList<Object> res = value.getObjects(); return res; } return null; }
@Override public boolean check(UserContext user, Session source) { if (!permissionSession.check(user, source)) return false; return source.getStatusType() == null || !source.getStatusType().isActive() || source.getStatusType().isTestSession(); }
@Override public int hashCode() { final int prime = 31; int result = 1; result = prime * result + ((permission == null) ? 0 : permission.hashCode()); result = prime * result + ((principalId == null) ? 0 : principalId.hashCode()); return result; }
private String listPermissions(IMessage message, Permission permission, List<String> args) { List<String> matches = new ArrayList<>(); // TODO narrow search by following args for (DiscordGuild guild : cacheService.findAllGuilds()) { if (guild.getDenied().contains(permission)) { matches.add( String.format( "deny everyone in guild %s (%s)", nullAsEmpty(guild.getName()), guild.getId())); } else if (guild.getAllowed().contains(permission)) { matches.add( String.format( "allow anyone in guild %s (%s)", nullAsEmpty(guild.getName()), guild.getId())); } for (DiscordRole role : guild.getRoles()) { if (role.getDenied().contains(permission)) { matches.add( String.format( "deny everyone with role %s (%s) in guild %s (%s)", nullAsEmpty(role.getName()), role.getId(), nullAsEmpty(guild.getName()), guild.getId())); } else if (role.getAllowed().contains(permission)) { matches.add( String.format( "allow anyone with role %s (%s) in guild %s (%s)", nullAsEmpty(role.getName()), role.getId(), nullAsEmpty(guild.getName()), guild.getId())); } } } for (DiscordChannel channel : cacheService.findAllChannels()) { if (channel.getDenied().contains(permission)) { matches.add( String.format( "deny everyone in channel %s (%s)", nullAsEmpty(channel.getName()), channel.getId())); } else if (channel.getAllowed().contains(permission)) { matches.add( String.format( "allow anyone in channel %s (%s)", nullAsEmpty(channel.getName()), channel.getId())); } } for (DiscordUser user : cacheService.findAllUsers()) { if (user.getDenied().contains(permission)) { matches.add(String.format("deny user %s (%s)", nullAsEmpty(user.getName()), user.getId())); } else if (user.getAllowed().contains(permission)) { matches.add(String.format("allow user %s (%s)", nullAsEmpty(user.getName()), user.getId())); } } if (permission.isDefaultAllow()) { matches.add("allow if not previously denied"); } return matches.stream().collect(Collectors.joining(", ")); }
private boolean hasAccess(Permission privilegio) { if (privilegio == null) { return true; } Collection<Privilegio> privilegioList = Arrays.asList(privilegio.value()); return privilegioList.contains(usuarioSession.getUsuario().getPrivilegio()); }
@Override public boolean check(UserContext user, TimetableManager source) { for (Department d : source.getDepartments()) { if (d.getSessionId().equals(user.getCurrentAcademicSessionId())) { return permissionSession.check(user, d.getSession()); } } return true; }