/** * Remove from the given light administrator privileges those not shared by the given user. * Does <em>not</em> take account of if the user is a member of <tt>system</tt>: * calculates assuming that the user is an administrator. * Assumes that <tt>root</tt> has all light administrator privileges. * @param user a user, may be {@code null} * @param privileges a set of light administrator privileges */ private void removeUserPrivileges(Experimenter user, Set<AdminPrivilege> privileges) { if (user == null || user.getId() == rootId) { return; } final List<NamedValue> config = user.getConfig(); if (CollectionUtils.isNotEmpty(config)) { for (final NamedValue configProperty : config) { if (!Boolean.parseBoolean(configProperty.getValue())) { final String configPropertyName = configProperty.getName(); if (configPropertyName.startsWith(USER_CONFIG_NAME_PREFIX)) { final String adminPrivilegeName = configPropertyName.substring(USER_CONFIG_NAME_PREFIX.length()); privileges.remove(ADMIN_PRIVILEGES_BY_VALUE.get(adminPrivilegeName)); } } } } }
@Override @RolesAllowed("user") public List<AdminPrivilege> getAdminPrivileges(Experimenter user) { if (!getMemberOfGroupIds(user).contains(getSecurityRoles().getSystemGroupId())) { return Collections.emptyList(); } final List<NamedValue> userConfig = userProxy(user.getId()).getConfig(); final List<AdminPrivilege> privileges = new ArrayList<AdminPrivilege>(LightAdminPrivileges.getAllPrivileges()); if (CollectionUtils.isNotEmpty(userConfig)) { for (final NamedValue configProperty : userConfig) { if (!Boolean.parseBoolean(configProperty.getValue())) { privileges.remove(adminPrivileges.getPrivilegeForConfigName(configProperty.getName())); } } } return privileges; }
return getEmail(); } else if (field.equals(CONFIG)) { return getConfig(); } else if (field.equals(ANNOTATIONLINKSCOUNTPEROWNER)) { return getAnnotationLinksCountPerOwner();
if (user.getConfig() == null) { userConfig = new ArrayList<NamedValue>(); user.setConfig(userConfig); } else { userConfig = user.getConfig(); for (final NamedValue configProperty : userConfig) { final AdminPrivilege currentPrivilege = adminPrivileges.getPrivilegeForConfigName(configProperty.getName());
protected Experimenter copyUser(Experimenter e) { if (e.getOmeName() == null) { throw new ValidationException("OmeName may not be null."); } Experimenter copy = new Experimenter(); copy.setOmeName(e.getOmeName()); copy.setFirstName(e.getFirstName()); copy.setMiddleName(e.getMiddleName()); copy.setLastName(e.getLastName()); copy.setEmail(e.getEmail()); copy.setInstitution(e.getInstitution()); copy.setLdap(e.getLdap()); copy.setConfig(e.getConfig()); if (e.getDetails() != null && e.getDetails().getPermissions() != null) { copy.getDetails().setPermissions(e.getDetails().getPermissions()); } // TODO make ShallowCopy-like which ignores collections and details. // if possible, values should be validated. i.e. iTypes should say what // is non-null return copy; }