/** * Update the site security when an AuthzGroup is deleted, if it is a site AuthzGroup. * * @param azGroup The AuthzGroup. */ protected void removeSiteSecurity(AuthzGroup azGroup) { // Special code for the site service Reference ref = entityManager().newReference(azGroup.getId()); if (SiteService.APPLICATION_ID.equals(ref.getType()) && SiteService.SITE_SUBTYPE.equals(ref.getSubType())) { // no azGroup, no users Set empty = new HashSet(); SiteService.setSiteSecurity(ref.getId(), empty, empty, empty); } }
/** * Update the site security based on the values in the AuthzGroup, if it is a site AuthzGroup. * * @param azGroup The AuthzGroup. */ protected void updateSiteSecurity(AuthzGroup azGroup) { // Special code for the site service Reference ref = entityManager().newReference(azGroup.getId()); if (SiteService.APPLICATION_ID.equals(ref.getType()) && SiteService.SITE_SUBTYPE.equals(ref.getSubType())) { // collect the users Set updUsers = azGroup.getUsersIsAllowed(SiteService.SECURE_UPDATE_SITE); Set unpUsers = azGroup.getUsersIsAllowed(SiteService.SITE_VISIT_UNPUBLISHED); Set visitUsers = azGroup.getUsersIsAllowed(SiteService.SITE_VISIT); SiteService.setSiteSecurity(ref.getId(), updUsers, unpUsers, visitUsers); } }
/** {@inheritDoc} */ public Collection getEntityAuthzGroups(Reference ref, String userId) { // double check that it's mine if (APPLICATION_ID != ref.getType()) return null; Collection rv = new Vector(); // if the reference is an AuthzGroup, and not a special one // get the list of realms for the azGroup-referenced resource if ((ref.getId() != null) && (ref.getId().length() > 0) && (!ref.getId().startsWith("!"))) { // add the current user's azGroup (for what azGroup stuff everyone can do, i.e. add) ref.addUserAuthzGroup(rv, sessionManager().getCurrentSessionUserId()); // make a new reference on the azGroup's id Reference refnew = entityManager().newReference(ref.getId()); rv.addAll(refnew.getAuthzGroups(userId)); } return rv; }
/** {@inheritDoc} */ public void refreshUser(String userId) { if ((m_provider == null) || (userId == null)) return; try { String eid = userDirectoryService().getUserEid(userId); // wrap the provided map in our special map that will deal with compound provider ids Map providerGrants = new ProviderMap(m_provider, m_provider.getGroupRolesForUser(eid)); m_storage.refreshUser(userId, providerGrants); // update site security for this user - get the user's realms for the three site locks Set updAuthzGroups = getAuthzGroupsIsAllowed(userId, SiteService.SECURE_UPDATE_SITE, null); Set unpAuthzGroups = getAuthzGroupsIsAllowed(userId, SiteService.SITE_VISIT_UNPUBLISHED, null); Set visitAuthzGroups = getAuthzGroupsIsAllowed(userId, SiteService.SITE_VISIT, null); // convert from azGroup ids (potential site references) to site ids for those that are site, // skipping special and user sites other than our user's Set updSites = new HashSet(); for (Iterator i = updAuthzGroups.iterator(); i.hasNext(); ) { String azGroupId = (String) i.next(); Reference ref = entityManager().newReference(azGroupId); if ((SiteService.APPLICATION_ID.equals(ref.getType())) && SiteService.SITE_SUBTYPE.equals(ref.getSubType()) && !SiteService.isSpecialSite(ref.getId()) && (!SiteService.isUserSite(ref.getId()) || userId.equals(SiteService.getSiteUserId(ref.getId())))) { updSites.add(ref.getId()); } } Set unpSites = new HashSet(); for (Iterator i = unpAuthzGroups.iterator(); i.hasNext(); ) { String azGroupId = (String) i.next(); Reference ref = entityManager().newReference(azGroupId); if ((SiteService.APPLICATION_ID.equals(ref.getType())) && SiteService.SITE_SUBTYPE.equals(ref.getSubType()) && !SiteService.isSpecialSite(ref.getId()) && (!SiteService.isUserSite(ref.getId()) || userId.equals(SiteService.getSiteUserId(ref.getId())))) { unpSites.add(ref.getId()); } } Set visitSites = new HashSet(); for (Iterator i = visitAuthzGroups.iterator(); i.hasNext(); ) { String azGroupId = (String) i.next(); Reference ref = entityManager().newReference(azGroupId); if ((SiteService.APPLICATION_ID.equals(ref.getType())) && SiteService.SITE_SUBTYPE.equals(ref.getSubType()) && !SiteService.isSpecialSite(ref.getId()) && (!SiteService.isUserSite(ref.getId()) || userId.equals(SiteService.getSiteUserId(ref.getId())))) { visitSites.add(ref.getId()); } } SiteService.setUserSecurity(userId, updSites, unpSites, visitSites); } catch (UserNotDefinedException e) { M_log.warn("refreshUser: cannot find eid for user: " + userId); } }