示例#1
0
  /**
   * Create any new system permissions for a given user. All permissions in the given list will be
   * inserted.
   *
   * @param user_id The ID of the user whose permissions should be updated.
   * @param permissions The new system permissions that the given user should have when this
   *     operation completes.
   * @throws GuacamoleException If permission to administer system permissions is denied.
   */
  private void createSystemPermissions(int user_id, Collection<SystemPermission> permissions)
      throws GuacamoleException {

    // If no permissions given, stop now
    if (permissions.isEmpty()) return;

    // Only a system administrator can add system permissions.
    permissionCheckService.verifySystemAccess(
        this.user_id, SystemPermission.Type.ADMINISTER.name());

    // Insert all requested permissions
    for (SystemPermission permission : permissions) {

      // Insert permission
      SystemPermissionKey newSystemPermission = new SystemPermissionKey();
      newSystemPermission.setUser_id(user_id);
      newSystemPermission.setPermission(MySQLConstants.getSystemConstant(permission.getType()));
      systemPermissionDAO.insert(newSystemPermission);
    }
  }
示例#2
0
  /**
   * Delete system permissions for a given user. All permissions in the given list will be removed
   * from the user.
   *
   * @param user_id The ID of the user whose permissions should be updated.
   * @param permissions The permissions the given user should no longer have when this operation
   *     completes.
   * @throws GuacamoleException If the permissions specified could not be removed due to system
   *     restrictions.
   */
  private void deleteSystemPermissions(int user_id, Collection<SystemPermission> permissions)
      throws GuacamoleException {

    // If no permissions given, stop now
    if (permissions.isEmpty()) return;

    // Prevent self-de-adminifying
    if (user_id == this.user_id)
      throw new GuacamoleClientException(
          "Removing your own administrative permissions is not allowed.");

    // Build list of requested system permissions
    List<String> systemPermissionTypes = new ArrayList<String>();
    for (SystemPermission permission : permissions)
      systemPermissionTypes.add(MySQLConstants.getSystemConstant(permission.getType()));

    // Delete the requested system permissions for this user
    SystemPermissionExample systemPermissionExample = new SystemPermissionExample();
    systemPermissionExample
        .createCriteria()
        .andUser_idEqualTo(user_id)
        .andPermissionIn(systemPermissionTypes);
    systemPermissionDAO.deleteByExample(systemPermissionExample);
  }