public List<String> getAllGroups() { return principal.getAllGroups(); }
/** * @param originatingPrincipal * @param groupName * @return * @since 10.2 */ protected boolean acceptGroup(NuxeoPrincipal originatingPrincipal, String groupName) { return originatingPrincipal.isAdministrator() || originatingPrincipal.getAllGroups().contains(groupName); } }
static boolean isAPowerUserEditableUser(NuxeoPrincipal user) { UserManager um = Framework.getService(UserManager.class); List<String> adminGroups = um.getAdministratorsGroups(); for (String adminGroup : adminGroups) { if (user.getAllGroups().contains(adminGroup)) { return false; } } return true; }
public static String[] getPrincipalsToCheck(NuxeoPrincipal principal) { List<String> userGroups = principal.getAllGroups(); if (userGroups == null) { return new String[] { principal.getName(), SecurityConstants.EVERYONE }; } else { int size = userGroups.size(); String[] groups = new String[size + 2]; userGroups.toArray(groups); groups[size] = principal.getName(); groups[size + 1] = SecurityConstants.EVERYONE; return groups; } }
/** * Gets the task actors list: prefixed and unprefixed names of the principal and all its groups. * * @param principal the principal * @return the actors and group */ public static List<String> getTaskActors(NuxeoPrincipal principal) { List<String> actors = new ArrayList<String>(); String name = principal.getName(); actors.add(name); if (!name.startsWith(NuxeoPrincipal.PREFIX)) { actors.add(NuxeoPrincipal.PREFIX + name); } else { actors.add(name.substring(NuxeoPrincipal.PREFIX.length())); } for (String group : principal.getAllGroups()) { actors.add(group); if (!group.startsWith(NuxeoGroup.PREFIX)) { actors.add(NuxeoGroup.PREFIX + group); } else { actors.add(group.substring(NuxeoGroup.PREFIX.length())); } } return actors; } }
protected boolean isTaskAssignedToUser(Task task, NuxeoPrincipal user, boolean checkDelegatedActors) { if (task != null && user != null) { List<String> actors = user.getAllGroups(); actors.add(user.getName());
@Factory(value = "userSubscriptions", scope = ScopeType.EVENT) public List<UserSubscription> getUserSubscriptions() { List<UserSubscription> result = new ArrayList<>(); String prefixedUserName = NuxeoPrincipal.PREFIX + currentUser.getName(); result.addAll(fetchSubscriptionsFor(prefixedUserName)); for (String group : currentUser.getAllGroups()) { String prefixedgroupName = NuxeoGroup.PREFIX + group; result.addAll(fetchSubscriptionsFor(prefixedgroupName)); } reorderSubscriptions(result); return subscriptions; }
/** * Gets all the notifications the user may subscribe to. */ @Factory("inheritedNotifications") public void loadInheritedNotifications() throws ClassNotFoundException { inheritedNotifications = new ArrayList<Notification>(); DocumentModel currentDoc = navigationContext.getCurrentDocument(); NuxeoPrincipal principal = (NuxeoPrincipal) FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal(); for (String group : principal.getAllGroups()) { List<String> notifs = notificationManager.getSubscriptionsForUserOnDocument("group:" + group, currentDoc); for (String inheritedNotification : notifs) { Notification notif = notificationManager.getNotificationByName(inheritedNotification); inheritedNotifications.add(notif); } } }
List<String> groups = new ArrayList<>(user.getAllGroups()); groups.add(SecurityConstants.EVERYONE); String username = user.getName();
@Override public SQLQuery transform(Principal principal, SQLQuery query) { NuxeoPrincipal nuxeoPrincipal = (NuxeoPrincipal) principal; if (!nuxeoPrincipal.isAdministrator() && !StringUtils.equals(principal.getName(), "system")) { List<String> allGroups = nuxeoPrincipal.getAllGroups(); // if restricted profile if (!hasAllowedProfile(allGroups)) { // apply NOT_IN_DOMAIN restriction WhereClause where = query.where; Predicate predicate; if (where == null || where.predicate == null) { predicate = NOT_IN_DOMAIN; } else { predicate = new Predicate(NOT_IN_DOMAIN, Operator.AND, where.predicate); } query = new SQLQuery(query.select, query.from, new WhereClause(predicate), query.groupBy, query.having, query.orderBy, query.limit, query.offset); } } return query; }
/** * Checks if the current user can still read and write access rights. If he can't, then the security data are * rebuilt. */ private boolean checkPermissions() { if (currentUser.isAdministrator()) { return true; } else { List<String> principals = new ArrayList<String>(); principals.add(currentUser.getName()); principals.addAll(currentUser.getAllGroups()); ACP acp = currentDocument.getACP(); new SecurityDataConverter(); List<UserEntry> modifiableEntries = SecurityDataConverter.convertToUserEntries(securityData); if (null == acp) { acp = new ACPImpl(); } acp.setRules(modifiableEntries.toArray(new UserEntry[0])); final boolean access = acp.getAccess(principals.toArray(new String[0]), getPermissionsToCheck()) .toBoolean(); if (!access) { rebuildSecurityData(); } return access; } }