private boolean isUserInGroup(String groupId, String agentId) { String realmId = "/site/" + siteId + "/group/" + groupId; boolean isMember = false; try { AuthzGroup group = authzGroupService.getAuthzGroup(realmId); if (group.getUserRole(agentId) != null) isMember = true; } catch (Exception e) { return false; // this isn't a group } return isMember; }
public Set<String> getEntityReferencesForUserAndPermission(String userReference, String permission) { if (permission == null) { throw new IllegalArgumentException("permission must both be set"); } Set<String> s = new HashSet<String>(); // get the groups from Sakai String userId = null; if (userReference != null) { userId = getUserIdFromRef(userReference); } // anonymous user case - http://jira.sakaiproject.org/jira/browse/SAK-14840 Set<String> authzGroupIds = authzGroupService.getAuthzGroupsIsAllowed(userId, permission, null); if (authzGroupIds != null) { s.addAll(authzGroupIds); } return s; }
authz = authzGroupService.getAuthzGroup(locationReference); authzGroupService.save(authz);
AuthzGroup realm = authzGroupService().getAuthzGroup(ref); try template = authzGroupService().getAuthzGroup(templateId); template = authzGroupService().getAuthzGroup(fallbackTemplate); realm = authzGroupService().addAuthzGroup(ref); realm = authzGroupService().addAuthzGroup(ref, template, userId);
long start = System.currentTimeMillis(); try { groupsTotal = authzGroupService.countAuthzGroups(null); Iterator<AuthzGroup> groupsIt = getAuthzGroups(); while (groupsIt.hasNext() && run) { try { AuthzGroup groupToRefresh = authzGroupService.getAuthzGroup(group.getId()); authzGroupService.save(groupToRefresh); groupsUpdated++; } catch (GroupNotDefinedException e) {
m_authzGroupService.removeAuthzGroup(m_authzGroupService.getAuthzGroup(edit.getReference()));
Set<String> groups = authzGroupService.getAuthzGroupsIsAllowed(EntityReference.getIdFromRef(id), "site.visit", null); Iterator<String> it = groups.iterator(); while (it.hasNext()) { AuthzGroup group = authzGroupService.getAuthzGroup(it.next()); group.removeMember(id); authzGroupService.save(group);
edit = m_authzGroupService.getAuthzGroup(ref); edit = m_authzGroupService.addAuthzGroup(ref); } catch (GroupIdInvalidException e1) { log.warn("BaseContentService#setRoleView: Failed to add AZG (" + ref + "): " + e1); m_authzGroupService.removeAuthzGroup(edit); m_authzGroupService.save(edit);
AuthzGroup realm = authzGroupService().getAuthzGroup(other.getReference()); AuthzGroup re = authzGroupService().addAuthzGroup(site.getReference(), realm, userDirectoryService().getCurrentUser().getId()); re.addMember(userDirectoryService().getCurrentUser().getId(), re.getMaintainRole(), true, false); authzGroupService().save(re);
m_azg = siteService.authzGroupService().getAuthzGroup(getReference()); try template = siteService.authzGroupService().getAuthzGroup(groupAzgTemplate); template = siteService.authzGroupService().getAuthzGroup("!group.template"); m_azg = siteService.authzGroupService().newAuthzGroup(getReference(), template, null); m_azgChanged = true; if (!siteService.authzGroupService().isRoleAssignable(role.getId())) { continue;
m_azg = authzGroupService.getAuthzGroup(getReference()); try template = authzGroupService.getAuthzGroup(groupAzgTemplate); template = authzGroupService.getAuthzGroup("!site.template"); m_azg = authzGroupService.newAuthzGroup(getReference(), template, userId); m_azgChanged = true;
if (!authzGroupService().allowUnjoinGroup(siteReference(id))) return false; AuthzGroup azg = authzGroupService().getAuthzGroup(siteReference(id));
protected void loginToSakai() { Session sakaiSession = SessionManager.getCurrentSession(); sakaiSession.setUserId(userId); sakaiSession.setUserEid(userId); // establish the user's session UsageSessionService.startSession(userId, "127.0.0.1", FixPublicSyllabusAttachmentsJob.class.getName()); // update the user's externally provided realm definitions authzGroupService.refreshUser(userId); // post the login event EventTrackingService.post(EventTrackingService.newEvent(UsageSessionService.EVENT_LOGIN, null, true)); }
public Set<String> getUserReferencesForEntityReference(String reference, String permission) { if (reference == null || permission == null) { throw new IllegalArgumentException("reference and permission must both be set"); } List<String> azGroups = new ArrayList<String>(); azGroups.add(reference); Set<String> userIds = authzGroupService.getUsersIsAllowed(permission, azGroups); // need to remove the admin user or else they show up in unwanted places (I think, maybe this is not needed) if (userIds.contains(ADMIN_USER_ID)) { userIds.remove(ADMIN_USER_ID); } // now convert to userRefs Set<String> userRefs = new HashSet<String>(); for (String userId : userIds) { userRefs.add( getUserRefFromUserId(userId) ); } return userRefs; }
if (m_securityService.isSuperUser() || (m_authzGroupService.isAllowed(m_sessionManager.getCurrentSessionUserId(), eventId(SECURE_ALL_GROUPS), m_siteService.siteReference(m_context)) && unlockCheck(function, getReference()))) groupRefs = m_authzGroupService.getAuthzGroupsIsAllowed(m_sessionManager.getCurrentSessionUserId(), eventId(function), groupRefs);
/** * Remove a site's realm. * * @param site * The site. */ protected void disableAuthorizationGroup(String ref) { try { authzGroupService().removeAuthzGroup(ref); } catch (Exception e) { log.warn(".removeSite: AuthzGroup exception: " + e); } }
/** * Save the site's azg if modified. * * @param site * The site to save. */ protected void saveSiteAzg(Site site) { if (((BaseSite) site).m_azgChanged) { try { authzGroupService().save(((BaseSite) site).m_azg); } catch (Exception t) { log.warn(".saveAzgs - site: " + t); } ((BaseSite) site).m_azgChanged = false; } }
if (authzGroupService().isAllowed(userId, SiteService.SECURE_UPDATE_SITE, "/site/!admin"))
authzGroupService.removeAuthzGroup(authzGroupService.getAuthzGroup(submission.getReference()));
Set<String> groups = authzGroupService.getAuthzGroupsIsAllowed(EntityReference.getIdFromRef(oldUserReference), "site.visit", null); Iterator<String> it = groups.iterator(); while (it.hasNext()) { AuthzGroup group = authzGroupService.getAuthzGroup(it.next()); Member member = group.getMember(oldUserId); authzGroupService.save(group);