int minPriority = -1; for (UserRole userRole : userRoles) { dbRoles.add(userRole.getRole().getRoleName()); int rolePriority = userRole.getRole().getPriority(); if (rolePriority < minPriority || minPriority == -1) { minPriority = rolePriority; } for (RoleAction ra: userRole.getRole().getRoleActions()) { System.out.println("#########"+ra.getAction().getName()); System.out.println("@@@@@@@@@"+ra.getAction().getId()); map.put(ra.getAction().getName(), ra.getAction().getId()); } }
userpersis.getUserRole().clear(); // Let Hibernate know that we're really removing all the references for(UserRole role : user.getUserRole()) { userpersis.getUserRole().add(new UserRole(userpersis,role.getRole())); }
@Override protected Set<String> getRoleNamesForUser(Connection conn, String username) throws SQLException { Set<String> roleNames = new LinkedHashSet<>(); Collection<UserRole> roles = /* Get roles from your DB, this example use JPA entity, **but you put here any logic you want**...*/ for(UserRole userRole:roles){ roleNames.add(userRole.getRole().getName()); } return roleNames; // return roles so Shiro is 'aware' of roles to add them to current user }
Set<UserRole> roles = new HashSet<UserRole> (); // Guess for roles, should be needed to load them also from the db for(UserRole role : user.getUserRole()) { roles.add(new UserRole(userpersis,role.getRole())); } userpersis.setUserRole(roles);
for(UserRole userRole : userRoles){ System.out.println("called buildUserAuthority(Set<UserRole> userRoles) method....."); setAuths.add(new SimpleGrantedAuthority(userRole.getRole()));
setAuths.add(new SimpleGrantedAuthority(userRole.getRole()));
private List<Map> updateUserRole( @ApiParam(required = true) UserRoleList userRoleList, @HeaderParam(AUTHORIZATION) @ApiParam(value = EXAMPLE_AUTHORIZATION_HEADER, required = true) String authorizationHeader) { Username subject = authorization.getUser(authorizationHeader); UserInfo admin = authorization.getUserInfo(subject); List<Map> status = newArrayList(); for (UserRole userRole : userRoleList.getRoleList()) { try { authorization.checkUserPermissions(subject, userRole.getApplicationName(), ADMIN); status.add(authorization.setUserRole(userRole, admin)); } catch (AuthenticationException e) { LOGGER.error("Unable to check user permissions", e); status.add(ImmutableMap.<String, String>builder() .put("applicationName", userRole.getApplicationName().toString()) .put("userID", userRole.getUserID().toString()) .put("role", userRole.getRole().toString()) .put("roleAssignmentStatus", "FAILED") .put("reason", "Not Authorized").build()); } } return status; }
@Override public void removeUserFromSuperAdminRole(final UserInfo candidateUserInfo, final UserInfo assigningUserInfo) { LOGGER.debug("Removing user={} from superadmin by assigningUser={}", candidateUserInfo, assigningUserInfo); List<UserRole> allSuperAdmins = getSuperAdminRoleList(); LOGGER.debug("Current superadmins {}", allSuperAdmins); Preconditions.checkArgument(allSuperAdmins.size() > 1, "Cannot delete. SuperAdmins less than 1"); boolean isSuperAdmin = allSuperAdmins.stream().anyMatch((UserRole ur) -> ur.getRole().equals(Role.SUPERADMIN) && ur.getUserID().equals(candidateUserInfo.getUsername())); Preconditions.checkArgument(isSuperAdmin, "User %s is not a superadmin", candidateUserInfo.getUsername()); authorizationRepository.removeUserFromSuperAdminRole(candidateUserInfo); eventLog.postEvent(new AuthorizationChangeEvent(assigningUserInfo, null, candidateUserInfo, Role.SUPERADMIN.toString(), null)); }
@Override public void assignUserToSuperAdminRole(final UserInfo candidateUserInfo, final UserInfo assigningUserInfo) { LOGGER.debug("Assigning super admin role to user={} by user={} ", candidateUserInfo, assigningUserInfo); UserRoleList userRoleList = getUserRoleList(candidateUserInfo.getUsername()); LOGGER.debug("User role list {}", userRoleList); boolean isSuperAdmin = userRoleList.getRoleList().stream().anyMatch((UserRole ur) -> ur.getRole().equals(Role.SUPERADMIN)); Preconditions.checkArgument(!isSuperAdmin, "User %s is already a superadmin", candidateUserInfo.getUsername()); authorizationRepository.assignUserToSuperAdminRole(candidateUserInfo); eventLog.postEvent(new AuthorizationChangeEvent(assigningUserInfo, null, candidateUserInfo, null, Role.SUPERADMIN.toString())); }
/** * Returns the email adresses of the experiment admins. * * @param appName the application we want the admins from * @return a set of their valid email addresses */ private Set<String> getAdminEmails(Application.Name appName) { Set<String> adressors = new HashSet<>(); UserRoleList usersRoles = authorizationRepository.getApplicationUsers(appName); for (UserRole user : usersRoles.getRoleList()) { if (user.getRole() == Role.ADMIN) { String email = user.getUserEmail(); if (EmailValidator.getInstance().isValid(email)) { adressors.add(email); } else { LOGGER.warn("\"" + email + "\" is not a valid email address for one of the administrators of " + appName); } } } //no admins, no email! if (adressors.isEmpty()) { throw new WasabiEmailException("No Admins with an valid email registered for this Application"); } return adressors; }
status.put("applicationName", userRole.getApplicationName().toString()); status.put("userID", userRole.getUserID().toString()); status.put("role", userRole.getRole().toString()); for (UserRole role : userRoleList) { if (role.getApplicationName().equals(userRole.getApplicationName())) { oldRole = role.getRole(); break; eventLog.postEvent(new AuthorizationChangeEvent(admin, userRole.getApplicationName(), user, oldRole == null || "superadmin".equalsIgnoreCase(oldRole.toString()) ? null : oldRole.toString(), userRole.getRole().toString())); } catch (RepositoryException e) { LOGGER.info("RepoitoryException for setting user Role in DefaultAuthorization ", e);
@Override public void setUserRole(UserRole userRole) { BatchStatement batch = new BatchStatement(); batch.add(userRoleAccessor.insertUserRoleStatement( userRole.getUserID().toString(), userRole.getApplicationName().toString(), userRole.getRole().toString() )); batch.add(appRoleAccessor.insertAppRoleStatement( userRole.getApplicationName().toString(), userRole.getUserID().toString(), userRole.getRole().toString() )); manager.getSession().execute(batch); }