if (organizationEntity == null) { JpaOrganization organization = new JpaOrganization(org.getId(), org.getName(), org.getServers(), org.getAdminRole(), org.getAnonymousRole(), org.getProperties()); em.persist(organization); } else { organizationEntity.setName(org.getName()); organizationEntity.setAdminRole(org.getAdminRole()); organizationEntity.setAnonymousRole(org.getAnonymousRole()); for (Map.Entry<String, Integer> servers : org.getServers().entrySet()) {
/** * Constructs an organization from an organization * * @param org * the organization */ public static JaxbOrganization fromOrganization(Organization org) { if (org instanceof JaxbOrganization) return (JaxbOrganization) org; return new JaxbOrganization(org.getId(), org.getName(), org.getServers(), org.getAdminRole(), org.getAnonymousRole(), org.getProperties()); }
if (user.hasRole(GLOBAL_ADMIN_ROLE) || user.hasRole(org.getAdminRole())) return true;
/** * Create a system user for the given organization with global and organization local admin role. Get the * <code>systemUserName</code> from the global config where it is stored under {@link #PROPERTY_KEY_SYS_USER}. In an * OSGi environment this is typically done calling * <code>componentContext.getBundleContext().getProperty(PROPERTY_KEY_SYS_USER)</code>. * * @see #createSystemUser(org.osgi.service.component.ComponentContext, org.opencastproject.security.api.Organization) */ public static User createSystemUser(String systemUserName, Organization org) { JaxbOrganization jaxbOrganization = JaxbOrganization.fromOrganization(org); return new JaxbUser(systemUserName, null, jaxbOrganization, new JaxbRole(GLOBAL_ADMIN_ROLE, jaxbOrganization), new JaxbRole(org.getAdminRole(), jaxbOrganization)); }
/** * Check if the current user has access to the capture agent with the given id. * @param agentId * The agent id to check. * @throws UnauthorizedException * If the user doesn't have access. */ public static void checkAgentAccess(final SecurityService securityService, final String agentId) throws UnauthorizedException { if (isBlank(agentId)) { return; } final User user = securityService.getUser(); if (user.hasRole(SecurityConstants.GLOBAL_ADMIN_ROLE) || user.hasRole(user.getOrganization().getAdminRole())) { return; } if (!user.hasRole(SecurityUtil.getCaptureAgentRole(agentId))) { throw new UnauthorizedException(user, "schedule"); } }
String organizationAdminRole = requestedOrganization.getAdminRole(); if (!originalUser.hasRole(organizationAdminRole) && requestedUser.hasRole(organizationAdminRole)) { logger.warn("An unauthorized request is trying to switch to an admin user, from '{}' to '{}'", String organizationAdminRole = requestedOrganization.getAdminRole(); if (!originalUser.hasRole(organizationAdminRole) && requestedRoles.contains(organizationAdminRole)) { logger.warn("An unauthorized request by user '{}' is trying to gain admin role '{}'",