/** * Tests whether this user credentials has any of the authorities in the * given set. * * @param auths the authorities to compare with. * @return true or false. */ public boolean hasAnyAuthority( Collection<String> auths ) { Set<String> all = new HashSet<>( getAllAuthorities() ); return all.removeAll( auths ); }
/** * Tests whether the user has the given authority. Returns true in any case * if the user has the ALL authority. */ public boolean isAuthorized( String auth ) { if ( auth == null ) { return false; } final Set<String> auths = getAllAuthorities(); return auths.contains( UserAuthorityGroup.AUTHORITY_ALL ) || auths.contains( auth ); }
/** * Indicates whether this user credentials can modify the given user * credentials. This user credentials must have the ALL authority or possess * all user authorities of the other user credentials to do so. * * @param other the user credentials to modify. */ public boolean canModifyUser( UserCredentials other ) { if ( other == null ) { return false; } final Set<String> authorities = getAllAuthorities(); if ( authorities.contains( UserAuthorityGroup.AUTHORITY_ALL ) ) { return true; } return authorities.containsAll( other.getAllAuthorities() ); }
@Override public Collection<GrantedAuthority> getAuthorities() { Collection<GrantedAuthority> grantedAuthorities = new ArrayList<>(); getAllAuthorities() .forEach( authority -> grantedAuthorities.add( new SimpleGrantedAuthority( authority ) ) ); return grantedAuthorities; }
@Override public Set<String> getCurrentUserAuthorities() { return Sets.newHashSet( currentUser.getUserCredentials().getAllAuthorities() ); }
/** * Indicates whether this user credentials can issue the given user authority * group. First the given authority group must not be null. Second this * user credentials must not contain the given authority group. Third * the authority group must be a subset of the aggregated user authorities * of this user credentials, or this user credentials must have the ALL * authority. * * @param group the user authority group. * @param canGrantOwnUserAuthorityGroups indicates whether this users can grant * its own authority groups to others. */ public boolean canIssueUserRole( UserAuthorityGroup group, boolean canGrantOwnUserAuthorityGroups ) { if ( group == null ) { return false; } final Set<String> authorities = getAllAuthorities(); if ( authorities.contains( UserAuthorityGroup.AUTHORITY_ALL ) ) { return true; } if ( !canGrantOwnUserAuthorityGroups && userAuthorityGroups.contains( group ) ) { return false; } return authorities.containsAll( group.getAuthorities() ); }
private boolean haveAuthority( User user, Collection<String> anyAuthorities ) { return containsAny( user.getUserCredentials().getAllAuthorities(), anyAuthorities ); }
@Override public boolean isAccessible( App app, User user ) { if ( user == null || user.getUserCredentials() == null || app == null || app.getName() == null ) { return false; } Set<String> auths = user.getUserCredentials().getAllAuthorities(); return auths.contains( "ALL" ) || auths.contains( "M_dhis-web-maintenance-appmanager" ) || auths.contains( app.getSeeAppAuthority() ); }
protected void injectSecurityContext( User user ) { List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); }
protected void saveAndInjectUserSecurityContext( User user ) { userService.addUser( user ); userService.addUserCredentials( user.getUserCredentials() ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContextHolder.getContext().setAuthentication( authentication ); }
protected User createAndInjectAdminUser( String... authorities ) { User user = createAdminUser( authorities ); List<GrantedAuthority> grantedAuthorities = user.getUserCredentials().getAllAuthorities() .stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() ); UserDetails userDetails = new org.springframework.security.core.userdetails.User( user.getUserCredentials().getUsername(), user.getUserCredentials().getPassword(), grantedAuthorities ); Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails, "", grantedAuthorities ); SecurityContext context = SecurityContextHolder.createEmptyContext(); context.setAuthentication( authentication ); SecurityContextHolder.setContext( context ); return user; }
public static UserInfo fromUser( User user ) { if ( user == null ) { return null; } UserCredentials credentials = user.getUserCredentials(); return new UserInfo( credentials.getId(), credentials.getUsername(), credentials.getAllAuthorities() ); }
@Override public UserInfo getCurrentUserInfo() { return new UserInfo( currentUser.getId(), currentUser.getUsername(), currentUser.getUserCredentials().getAllAuthorities() ); }
Set<String> auths = params.getUser().getUserCredentials().getAllAuthorities();