@Override public String getCurrentSudoerName() { final Experimenter sudoer = session.getSudoer(); return sudoer == null ? null : sudoer.getOmeName(); }
@Override public Long getCurrentSudoerId() { final Experimenter sudoer = session.getSudoer(); return sudoer == null ? null : sudoer.getId(); }
@Transactional(readOnly = false) public Object doWork(org.hibernate.Session __s, ServiceFactory sf) { final Long sudoerId; if (orig.getSudoer() == null) { sudoerId = null; } else { sudoerId = orig.getSudoer().getId(); } return sessionProvider.executeUpdate(sf, copy, internal_uuid, newctx.getCurrentUserId(), sudoerId); } });
/** * Determine the light administrator privileges associated with a session. * If the session originates via <q>sudo</q>, takes that into account. * Does <em>not</em> take account of if the relevant user is a member of <tt>system</tt>: * calculates assuming that the user is an administrator. * Assumes that <tt>root</tt> has all light administrator privileges. * @param session an OMERO session * @return the light administrator privileges associated with the session */ private ImmutableSet<AdminPrivilege> getPrivileges(Session session) { final Set<AdminPrivilege> privileges = new HashSet<>(getAllPrivileges()); removeUserPrivileges(session.getSudoer(), privileges); removeUserPrivileges(session.getOwner(), privileges); return ImmutableSet.copyOf(privileges); }
final List<String> userRoles = admin.getUserRoles(exp); final Session reloaded = sessionProvider.findSessionById(session.getId(), sf); final Experimenter sudoer = reloaded.getSudoer(); boolean hasAdminPrivileges = memberOfGroupsIds.contains(roles.getSystemGroupId()); if (sudoer != null) {
boolean hasAdminPrivileges = CollectionUtils.isNotEmpty(executeProjection(membershipQuery, new Parameters().addLong("group", roles.getSystemGroupId()).addLong("user", session.getOwner().getId()))); if (session.getSudoer() != null) { hasAdminPrivileges = hasAdminPrivileges && CollectionUtils.isNotEmpty(executeProjection(membershipQuery, new Parameters().addLong("group", roles.getSystemGroupId()).addLong("user", session.getSudoer().getId()))); if (!privileges.contains(adminPrivileges.getPrivilege(AdminPrivilege.VALUE_READ_SESSION))) { if (session.getSudoer() == null) { sessionQuery.append(" AND sudoer IS NULL"); } else { sessionQuery.append(" AND sudoer.id = :sudoer"); params.addLong("sudoer", session.getSudoer().getId());
public Session call() throws Exception { SessionManager.CreationRequest req = new SessionManager.CreationRequest(); req.principal = principal; req.agent = "OMERO.sudo"; req.groupsLed = groupsLed; req.timeToIdle = timeToIdleMilliseconds; req.timeToLive = timeToLiveMilliseconds; req.sudoer = context.getCurrentUserId(); if (currentSession != null) { final Experimenter sudoer = currentSession.getSudoer(); if (sudoer != null) { req.sudoer = sudoer.getId(); } } return mgr.createFromRequest(req); }}); return ex.get(future);
return getOwner(); } else if (field.equals(SUDOER)) { return getSudoer(); } else if (field.equals(TIMETOIDLE)) { return getTimeToIdle();
public Session call() throws Exception { final CreationRequest req = new CreationRequest(); req.principal = principal; req.agent = "createSession"; if (currentSession != null) { final Experimenter sudoer = currentSession.getSudoer(); if (sudoer != null) { req.sudoer = sudoer.getId(); } } final Session session = mgr.createFromRequest(req); session.setTimeToIdle(timeToIdleMs); session.setTimeToLive(timeToLiveMs); return mgr.update(session, false); }}); return ex.get(future);