public Roles getSecurityRoles() { return choose().getSecurityRoles(); }
@PermitAll public Roles getSecurityRoles() { return getSecuritySystem().getSecurityRoles(); }
/** * If the "user" group is the first element of the list of groups that this * user is a member of, then check if there's a second value which could be * used as the default instead. */ private ExperimenterGroup shouldBeDefault(Experimenter usr, Session s) { List<ExperimenterGroup> grps = usr.linkedExperimenterGroupList(); if (grps.size() >= 2) { // If there are either no groups, or no alternatives so there's // nothing we need to check. final String USER = sec.getSecurityRoles().getUserGroupName(); if (USER.equals(grps.get(0).getName())) { return grps.get(1); } } return null; } }
private long createSystemUserWithPassword(Experimenter newSystemUser, String password) { // logged & secured via createExperimenter return createExperimenterWithPassword(newSystemUser, password, groupProxy(sec.getSecurityRoles().getSystemGroupName()), groupProxy(sec.getSecurityRoles().getUserGroupName())); }
@RolesAllowed("system") @Transactional(readOnly = false) public long createSystemUser(Experimenter newSystemUser) { // logged & secured via createExperimenter return createExperimenter(newSystemUser, groupProxy(sec.getSecurityRoles().getSystemGroupName()), groupProxy(sec.getSecurityRoles().getUserGroupName())); }
@RolesAllowed("user") @Transactional(readOnly = false) public long createUser(final Experimenter newUser, String defaultGroup) { // logged via createExperimenter final ExperimenterGroup proxy = groupProxy(defaultGroup); // logged & secured via createExperimenter return createExperimenter(newUser, proxy, groupProxy(sec .getSecurityRoles().getUserGroupName())); }
@RolesAllowed("system") public List<Experimenter> discover() { List<Experimenter> discoveredExperimenters = Lists.newArrayList(); Roles r = getSecuritySystem().getSecurityRoles(); List<Experimenter> localExperimenters = iQuery.findAllByQuery( "select distinct e from Experimenter e " + "where id not in (:ids) and ldap = :ldap", new Parameters() .addIds(Lists.newArrayList(r.getRootId(), r.getGuestId())) .addBoolean("ldap", false)); for (Experimenter e : localExperimenters) { try { findExperimenter(e.getOmeName()); } catch (ApiUsageException aue) { // This user doesn't have an LDAP account continue; } discoveredExperimenters.add(e); } return discoveredExperimenters; }
@RolesAllowed("system") public List<ExperimenterGroup> discoverGroups() { List<ExperimenterGroup> discoveredGroups = Lists.newArrayList(); Roles r = getSecuritySystem().getSecurityRoles(); List<ExperimenterGroup> localGroups = iQuery.findAllByQuery( "select distinct g from ExperimenterGroup g " + "where id not in (:ids) and ldap = :ldap", new Parameters().addIds( Lists.newArrayList(r.getGuestGroupId(), r.getSystemGroupId(), r.getUserGroupId())) .addBoolean("ldap", false)); for (ExperimenterGroup g : localGroups) { try { findGroup(g.getName()); } catch (ApiUsageException aue) { // This group doesn't exist in the LDAP server continue; } discoveredGroups.add(g); } return discoveredGroups; }
@RolesAllowed("user") @Transactional(readOnly = false) public void setDefaultGroup(Experimenter user, ExperimenterGroup group) { if (user == null) { return; } if (group == null) { return; } if (group.getId() == null) { throw new ApiUsageException("Group argument to setDefaultGroup " + "must be managed (i.e. have an id)"); } EventContext ec = getSecuritySystem().getEventContext(); if (!(isAdmin() && getCurrentAdminPrivilegesForSession().contains( adminPrivileges.getPrivilege(AdminPrivilege.VALUE_MODIFY_USER)) || ec.getCurrentUserId().equals(user.getId()))) { throw new SecurityViolation("User " + user.getId() + " can only set own default group."); } Roles roles = getSecuritySystem().getSecurityRoles(); if (Long.valueOf(roles.getUserGroupId()).equals(group.getId())) { throw new ApiUsageException("Cannot set default group to: " + roles.getUserGroupName()); } roleProvider.setDefaultGroup(user, group); getBeanHelper().getLogger().info( String.format("Changing default group for %s to %s", user, group)); }
Roles roles = securitySystem.getSecurityRoles();
@RolesAllowed("user") public ExperimenterGroup getDefaultGroup(@NotNull long experimenterId) { ExperimenterGroup g = iQuery.findByQuery( "select g from ExperimenterGroup g, Experimenter e " + "join e.groupExperimenterMap m " + "where e.id = :id and m.parent = g.id " + "and g.name != :userGroup and index(m) = 0", new Parameters().addId(experimenterId).addString("userGroup", sec.getSecurityRoles().getUserGroupName())); if (g == null) { throw new ValidationException("The user " + experimenterId + " has no default group set."); } return g; }
+ "You cannot reset this password.")); else { final long systemGroupId = sec.getSecurityRoles().getSystemGroupId(); for (final ExperimenterGroup group : e.linkedExperimenterGroupList()) { if (group.getId() == systemGroupId) {