protected boolean isUserAllowed(File aclFile) throws SAXException, IOException, XPathExpressionException { Document aclDoc = builder.parse(aclFile); XPath xPath = XPathFactory.newInstance().newXPath(); NodeList roles = (NodeList) xPath.evaluate("//*[local-name() = 'role']", aclDoc, XPathConstants.NODESET); for (int i = 0; i < roles.getLength(); i++) { Node role = roles.item(i); for (Role userRole : securityService.getUser().getRoles()) { if (userRole.getName().equals(role.getTextContent())) { return true; } } } return false; }
@Override public List<Role> getRolesForUser(String userName) { List<Role> roles = new LinkedList<Role>(); // Don't answer for admin, anonymous or empty user if ("admin".equals(userName) || "".equals(userName) || "anonymous".equals(userName)) { logger.debug("we don't answer for: " + userName); return roles; } logger.debug("getRolesForUser(" + userName + ")"); User user = loadUser(userName); if (user != null) { logger.debug("Returning cached roleset for {}", userName); return new ArrayList<Role>(user.getRoles()); } // Not found logger.debug("Return empty roleset for {} - not found on Sakai"); return new LinkedList<Role>(); }
/** * {@inheritDoc} * * @see org.opencastproject.security.api.RoleProvider#getRolesForUser(java.lang.String) */ @Override public List<Role> getRolesForUser(String username) { List<Role> roles = new LinkedList<>(); // Don't answer for admin, anonymous or empty user if ("admin".equals(username) || "".equals(username) || "anonymous".equals(username)) { logger.debug("we don't answer for: {}", username); return roles; } User user = loadUser(username); if (user != null) { logger.debug("Returning cached role set for {}", username); return new ArrayList<>(user.getRoles()); } // Not found logger.debug("Return empty role set for {} - not found in Moodle", username); return new LinkedList<>(); }
for (Role role : currentUser.getRoles()) { if (welcomePages.containsKey(role.getName())) { response.sendRedirect(welcomePages.get(role.getName()));
return true; Set<Role> userRoles = user.getRoles(); for (AccessControlEntry entry : acl.getEntries()) { if (!action.toString().equals(entry.getAction()))
/** * Creates a JAXB user from a regular user object with an additional set of roles. * * @param user * the user * @return the JAXB user */ public static JaxbUser fromUser(User user, Collection<? extends Role> extraRoles) { Set<JaxbRole> roles = new HashSet<JaxbRole>(); for (Role role : user.getRoles()) { roles.add(JaxbRole.fromRole(role)); } for (Role role : extraRoles) { roles.add(JaxbRole.fromRole(role)); } JaxbUser jaxbUser = new JaxbUser(user.getUsername(), user.getPassword(), user.getName(), user.getEmail(), user.getProvider(), user.canLogin(), JaxbOrganization.fromOrganization(user.getOrganization()), roles); jaxbUser.setManageable(user.isManageable()); return jaxbUser; }
logger.warn("An unauthorized request is trying to switch roles from '{}' to '{}'", requestedUser.getRoles(), rolesHeader); ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN);