/* (non-Javadoc)
* @see edu.internet2.middleware.grouper.ui.RepositoryBrowser#getParentStems(edu.internet2.middleware.grouper.ui.GroupOrStem)
*/
public List getParentStems(GroupOrStem groupOrStem) throws Exception {
List path = new ArrayList();
if (groupOrStem == null) return path;
Map map = GrouperHelper.group2Map(s, groupOrStem);
Stem curStem = null;
String endPoint = GrouperHelper.NS_ROOT;
boolean isEndPointReached = false;
if (isHidePreRootNode()) {
endPoint = getRootNode();
if (map.get("name").equals(endPoint)) isEndPointReached = true;
}
while (!isEndPointReached
&& !"".equals(map.get("stem"))
&& !GrouperHelper.NS_ROOT.equals(map.get("stem"))) {
curStem = StemFinder.findByName(s, (String) map.get("stem"), true);
if (curStem != null) {
map = GrouperHelper.stem2Map(s, curStem);
path.add(0, map);
if (curStem.getName().equals(endPoint)) isEndPointReached = true;
}
}
if (!isEndPointReached) {
path.add(0, GrouperHelper.stem2Map(s, StemFinder.findRootStem(s)));
}
return path;
}
/**
* remove objects not allowed to see privileges on
*
* @param groupsAndStems
*/
public static void removeObjectsNotAllowedToSeePrivs(Set<?> groupsAndStems) {
if (groupsAndStems == null) {
return;
}
// subject who is making the query
final Subject grouperSessionSubject = GrouperSession.staticGrouperSession().getSubject();
Iterator<?> iterator = groupsAndStems.iterator();
while (iterator.hasNext()) {
Object groupOrStem = iterator.next();
if (groupOrStem instanceof Group) {
Group group = (Group) groupOrStem;
if (!group.hasAdmin(grouperSessionSubject)) {
iterator.remove();
}
} else if (groupOrStem instanceof Stem) {
Stem stem = (Stem) groupOrStem;
if (!stem.hasStem(grouperSessionSubject)) {
iterator.remove();
}
} else {
// this should never happen
throw new RuntimeException(
"Not expecting object of type: " + groupOrStem.getClass() + ", " + groupOrStem);
}
}
}
public void setUp() {
super.setUp();
// add etc:attribute:courses:courseType attribute
Stem etcStem =
StemFinder.findByName(GrouperSession.staticGrouperSession(), "etc:attribute", true);
Stem coursesStem = etcStem.addChildStem("courses", "Courses");
AttributeDef attributeDef =
coursesStem.addChildAttributeDef("courseType", AttributeDefType.attr);
attributeDef.setAssignToGroup(true);
attributeDef.setMultiValued(true);
attributeDef.setValueType(AttributeDefValueType.string);
attributeDef.store();
coursesStem.addChildAttributeDefName(attributeDef, "courseType", "courseType");
}
public Set getResults(GrouperSession s) throws QueryException {
// note, no need for GrouperSession inverse of control
GrouperSession.validate(s);
Set results;
if (ns.isRootStem()) {
results =
PrivilegeHelper.canViewGroups(
s, GrouperDAOFactory.getFactory().getGroup().findAllByCreatedAfter(this.d));
} else {
results =
PrivilegeHelper.canViewGroups(
s,
GrouperDAOFactory.getFactory()
.getGroup()
.findAllByCreatedAfter(this.d, getStringForScope(ns)));
}
return results;
} // public Set getResults(s)
/**
* Check if subject has privilege.
*
* <p>
*
* @param i BeanShell interpreter.
* @param stack BeanShell call stack.
* @param name Check for privilege on this {@link Group} or {@link Stem}.
* @param subjId Check if this {@link Subject} has privilege.
* @param priv Check this {@link AccessPrivilege}.
* @return True if succeeds.
* @throws GrouperShellException
* @since 0.0.1
*/
public static boolean invoke(
Interpreter i, CallStack stack, String name, String subjId, Privilege priv)
throws GrouperShellException {
GrouperShell.setOurCommand(i, true);
try {
GrouperSession s = GrouperShell.getSession(i);
Subject subj = SubjectFinder.findByIdOrIdentifier(subjId, true);
if (Privilege.isAccess(priv)) {
Group g = GroupFinder.findByName(s, name, true);
if (priv.equals(AccessPrivilege.ADMIN)) {
return g.hasAdmin(subj);
} else if (priv.equals(AccessPrivilege.OPTIN)) {
return g.hasOptin(subj);
} else if (priv.equals(AccessPrivilege.OPTOUT)) {
return g.hasOptout(subj);
} else if (priv.equals(AccessPrivilege.READ)) {
return g.hasRead(subj);
} else if (priv.equals(AccessPrivilege.UPDATE)) {
return g.hasUpdate(subj);
} else if (priv.equals(AccessPrivilege.GROUP_ATTR_READ)) {
return g.hasGroupAttrRead(subj);
} else if (priv.equals(AccessPrivilege.GROUP_ATTR_UPDATE)) {
return g.hasGroupAttrUpdate(subj);
} else if (priv.equals(AccessPrivilege.VIEW)) {
return g.hasView(subj);
} else {
throw new RuntimeException("Not expecting privilege: " + priv);
}
} else if (Privilege.isNaming(priv)) {
Stem ns = StemFinder.findByName(s, name, true);
if (priv.equals(NamingPrivilege.CREATE)) {
return ns.hasCreate(subj);
} else if (priv.equals(NamingPrivilege.STEM_ATTR_READ)) {
return ns.hasStemAttrRead(subj);
} else if (priv.equals(NamingPrivilege.STEM_ATTR_UPDATE)) {
return ns.hasStemAttrUpdate(subj);
} else if (priv.equals(NamingPrivilege.STEM) || priv.equals(NamingPrivilege.STEM_ADMIN)) {
return ns.hasStemAdmin(subj);
} else {
throw new RuntimeException("Not expecting privilege: " + priv);
}
} else if (Privilege.isAttributeDef(priv)) {
AttributeDef attributeDef = AttributeDefFinder.findByName(name, true);
if (priv.equals(AttributeDefPrivilege.ATTR_ADMIN)) {
return attributeDef.getPrivilegeDelegate().hasAttrAdmin(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_OPTIN)) {
return attributeDef.getPrivilegeDelegate().hasAttrOptin(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_OPTOUT)) {
return attributeDef.getPrivilegeDelegate().hasAttrOptout(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_READ)) {
return attributeDef.getPrivilegeDelegate().hasAttrRead(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_UPDATE)) {
return attributeDef.getPrivilegeDelegate().hasAttrUpdate(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_DEF_ATTR_READ)) {
return attributeDef.getPrivilegeDelegate().hasAttrDefAttrRead(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_DEF_ATTR_UPDATE)) {
return attributeDef.getPrivilegeDelegate().hasAttrDefAttrUpdate(subj);
} else if (priv.equals(AttributeDefPrivilege.ATTR_VIEW)) {
return attributeDef.getPrivilegeDelegate().hasAttrView(subj);
} else {
throw new RuntimeException("Not expecting privilege: " + priv);
}
} else {
throw new RuntimeException("Invalid privilege type: " + priv);
}
} catch (GroupNotFoundException eGNF) {
GrouperShell.error(i, eGNF);
} catch (StemNotFoundException eNSNF) {
GrouperShell.error(i, eNSNF);
} catch (SubjectNotFoundException eSNF) {
GrouperShell.error(i, eSNF);
} catch (SubjectNotUniqueException eSNU) {
GrouperShell.error(i, eSNU);
}
return false;
} // public static boolean invoke(i, stack, name, subjId, priv)
/**
* @see edu.internet2.middleware.grouper.ui.RepositoryBrowser#getChildren(java.lang.String, int,
* int, java.lang.StringBuffer, boolean, boolean)
*/
public Set getChildren(
String node,
String listField,
int start,
int pageSize,
StringBuffer totalCount,
boolean isFlat,
boolean isForAssignment,
String omitForAssignment,
String context,
HttpServletRequest request)
throws Exception {
if (isFlat) return getFlatChildren(start, pageSize, totalCount, "flat", request);
Set results = new LinkedHashSet();
GroupOrStem groupOrStem = GroupOrStem.findByID(s, node);
Group group = groupOrStem.getGroup();
Stem stem = groupOrStem.getStem();
if (listField == null || "".equals(listField)) listField = "members";
Field field = FieldFinder.find(listField, true);
List sortedChildren = null;
int[] resultSizeArray = new int[1];
int resultSize = 0;
if (isForAssignment) {
if (group != null) { // display immediate members
Set<Membership> allChildren = new LinkedHashSet<Membership>();
ResourceBundle resourceBundle = GrouperUiFilter.retrieveSessionMediaResourceBundle();
String sortLimitString = resourceBundle.getString("comparator.sort.limit");
int sortLimit = Integer.parseInt(sortLimitString);
allChildren =
MembershipFinder.internal_findAllImmediateByGroupAndFieldAndPage(
group, field, start, pageSize, sortLimit, resultSizeArray);
resultSize = resultSizeArray[0];
sortedChildren =
LowLevelGrouperCapableAction.sort(allChildren, request, context, resultSize, null);
int groupList2SubjectStart = (start >= sortedChildren.size()) ? 0 : start;
results.addAll(
GrouperHelper.groupList2SubjectsMaps(
s, sortedChildren, groupList2SubjectStart, pageSize));
if (totalCount != null) {
totalCount.setLength(0);
totalCount.append(resultSize);
}
return results;
}
} else if (group != null) return results;
Set<GroupAsMap> allChildren = new LinkedHashSet<GroupAsMap>();
// must be stem
String stemName = null;
if (stem != null) {
stemName = stem.getName();
} else if (GrouperHelper.NS_ROOT.equals(node)) {
stemName = node;
} else {
throw new RuntimeException(node + " is not recognised");
}
List<GroupAsMap> listOfMaps = getChildrenAsMaps(s, stemName, start, pageSize, resultSizeArray);
if (this.pagedQuery()) {
resultSize = resultSizeArray[0];
}
if (sortedQuery()) {
listOfMaps = LowLevelGrouperCapableAction.sort(listOfMaps, request, context, -1, null);
}
allChildren.addAll(listOfMaps);
// Map validStems = GrouperHelper.getValidStems(s,browseMode);
boolean addChild = false;
int end = start + pageSize;
Map child;
String name;
Iterator it = allChildren.iterator();
int count = 0;
while (it.hasNext()) {
addChild = false;
child = (Map) it.next();
if (isForAssignment) {
// Do not try to exclude current group - so what if someone tries to add an existing member?
// Also becomes complicated if there are custom fields
// if(omitForAssignment!=null && omitForAssignment.equals(child.get("id"))) {
// addChild=false;
// }else{
addChild = true;
// }
} else {
addChild = isValidChild(child);
}
if (addChild) {
if (!this.pagedQuery()) {
resultSize++;
}
if (this.pagedQuery() || (resultSize >= start && resultSize < end)) {
results.add(child);
}
} else if (this.pagedQuery()) {
resultSize--;
}
}
if (totalCount != null) {
totalCount.setLength(0);
totalCount.append(resultSize);
}
return results;
}
/**
* get child stems to show
*
* @param stem
* @return the stems
*/
public Set<Stem> getChildStems(Stem stem) {
return stem.getChildStems();
}
/**
* get child groups from a stem
*
* @param stem
* @param scope
* @return the set of groups
*/
public Set<Group> getChildGroups(Stem stem, QueryOptions queryOptions) {
return stem.getChildGroups();
}