/** * Gets the name of the currently logged-in principal. * * @return the principal name, or {@code null} if there was no login * @since 8.4 */ protected static String getCurrentPrincipalName() { NuxeoPrincipal p = ClientLoginModule.getCurrentPrincipal(); return p == null ? null : p.getName(); }
@Override public boolean hasCreateFromKeyPermission() { NuxeoPrincipal principal = ClientLoginModule.getCurrentPrincipal(); if (principal == null) { return false; } String createFromKeyUsers = properties.getOrDefault(CREATE_FROM_KEY_USERS, EMPTY); String createFromKeyGroups = properties.getOrDefault(CREATE_FROM_KEY_GROUPS, EMPTY); if ("*".equals(createFromKeyUsers) || "*".equals(createFromKeyGroups)) { return true; } List<String> authorizedUsers = Arrays.asList(createFromKeyUsers.split(",")); List<String> authorizedGroups = Arrays.asList(createFromKeyGroups.split(",")); return principal.isAdministrator() || authorizedUsers.contains(principal.getName()) || authorizedGroups.stream().anyMatch(principal::isMemberOf); }
protected static NuxeoPrincipal getPrincipal() { return ClientLoginModule.getCurrentPrincipal(); }
/** * Returns the tenant id of the logged user if any, {@code null} otherwise. */ protected String getCurrentTenantId() { NuxeoPrincipal principal = ClientLoginModule.getCurrentPrincipal(); return principal != null ? principal.getTenantId() : null; }
/** * Checks the current user rights for the given permission against the read-only flag and the permission descriptor. * <p> * Throws {@link DirectorySecurityException} if the user does not have adequate privileges. * * @throws DirectorySecurityException if access is denied * @since 8.3 */ public void checkPermission(String permission) { if (hasPermission(permission)) { return; } if (permission.equals(SecurityConstants.WRITE) && isReadOnly()) { throw new DirectorySecurityException("Directory is read-only"); } else { NuxeoPrincipal user = ClientLoginModule.getCurrentPrincipal(); throw new DirectorySecurityException("User " + user + " does not have " + permission + " permission"); } }
ValueExpression currentDocExpr = expressionFactory.createValueExpression(currentDocument, DocumentModel.class); ValueExpression userExpr = expressionFactory.createValueExpression(ClientLoginModule.getCurrentPrincipal(), NuxeoPrincipal.class); vm.setVariable(PREVIOUS_DOCUMENT, previousDocExpr);
Map<String, Object> context = new HashMap<>(); Map<String, Serializable> ei = extendedInfos == null ? Collections.emptyMap() : extendedInfos; NuxeoPrincipal currentUser = ClientLoginModule.getCurrentPrincipal(); context.put("Document", doc); context.put("XPath", xpath);
NuxeoPrincipal user = ClientLoginModule.getCurrentPrincipal(); if (user == null) { return false;
if (!session.exists(docRef)) { NuxeoPrincipal principal = ClientLoginModule.getCurrentPrincipal(); if (principal != null && principal.isAnonymous()) { throw new DocumentSecurityException("Authentication is needed for downloading the blob");
public JWTBuilderImpl() { builder = JWT.create(); // default Nuxeo issuer, checked during validation builder.withIssuer(NUXEO_ISSUER); // default to current principal as subject String subject = ClientLoginModule.getCurrentPrincipal().getActingUser(); if (subject == null) { throw new NuxeoException("No currently logged-in user"); } builder.withSubject(subject); // default TTL withTTL(0); }