You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2015/11/14 18:33:09 UTC
[4/6] syncope git commit: [SYNCOPE-731] Implementation provided
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
index 60249f2..d24b678 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
@@ -40,8 +40,8 @@ import org.apache.syncope.common.lib.to.GroupTO;
import org.apache.syncope.common.lib.to.ProvisioningResult;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.PatchOperation;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.misc.utils.RealmUtils;
import org.apache.syncope.core.persistence.api.dao.GroupDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
@@ -95,25 +95,25 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
}
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_READ + "')")
@Transactional(readOnly = true)
@Override
public GroupTO read(final Long key) {
return binder.getGroupTO(key);
}
- @PreAuthorize("isAuthenticated() and not(hasRole('" + Entitlement.ANONYMOUS + "'))")
+ @PreAuthorize("isAuthenticated() and not(hasRole('" + StandardEntitlement.ANONYMOUS + "'))")
@Transactional(readOnly = true)
public List<GroupTO> own() {
return CollectionUtils.collect(
userDAO.findAllGroups(userDAO.find(AuthContextUtils.getUsername())),
new Transformer<Group, GroupTO>() {
- @Override
- public GroupTO transform(final Group input) {
- return binder.getGroupTO(input, true);
- }
- }, new ArrayList<GroupTO>());
+ @Override
+ public GroupTO transform(final Group input) {
+ return binder.getGroupTO(input, true);
+ }
+ }, new ArrayList<GroupTO>());
}
@PreAuthorize("isAuthenticated()")
@@ -135,30 +135,30 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
page, size, orderBy),
new Transformer<Group, GroupTO>() {
- @Override
- public GroupTO transform(final Group input) {
- return binder.getGroupTO(input, details);
- }
- }, new ArrayList<GroupTO>());
+ @Override
+ public GroupTO transform(final Group input) {
+ return binder.getGroupTO(input, details);
+ }
+ }, new ArrayList<GroupTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_SEARCH + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_SEARCH + "')")
@Transactional(readOnly = true)
@Override
public int searchCount(final SearchCond searchCondition, final List<String> realms) {
return searchDAO.count(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_SEARCH), realms),
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_SEARCH), realms),
searchCondition, AnyTypeKind.GROUP);
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_SEARCH + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_SEARCH + "')")
@Transactional(readOnly = true)
@Override
public List<GroupTO> search(final SearchCond searchCondition, final int page, final int size,
final List<OrderByClause> orderBy, final List<String> realms, final boolean details) {
List<Group> matchingGroups = searchDAO.search(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_SEARCH), realms),
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_SEARCH), realms),
searchCondition, page, size, orderBy, AnyTypeKind.GROUP);
return CollectionUtils.collect(matchingGroups, new Transformer<Group, GroupTO>() {
@@ -169,7 +169,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
}, new ArrayList<GroupTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_CREATE + "')")
@Override
public ProvisioningResult<GroupTO> create(final GroupTO groupTO, final boolean nullPriorityAsync) {
Pair<GroupTO, List<LogicActions>> before = beforeCreate(groupTO);
@@ -179,7 +179,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
}
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_CREATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_CREATE),
Collections.singleton(before.getLeft().getRealm()));
securityChecks(effectiveRealms, before.getLeft().getRealm(), null);
@@ -189,7 +189,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return after(binder.getGroupTO(created.getKey()), created.getRight(), before.getRight());
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> update(final GroupPatch groupPatch, final boolean nullPriorityAsync) {
GroupTO groupTO = binder.getGroupTO(groupPatch.getKey());
@@ -199,7 +199,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
Set<String> requestedRealms = new HashSet<>();
requestedRealms.add(before.getLeft().getRealm().getValue());
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
requestedRealms);
securityChecks(effectiveRealms, before.getLeft().getRealm().getValue(), before.getLeft().getKey());
}
@@ -209,14 +209,14 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return after(binder.getGroupTO(updated.getKey()), updated.getRight(), before.getRight());
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_DELETE + "')")
@Override
public ProvisioningResult<GroupTO> delete(final Long key, final boolean nullPriorityAsync) {
GroupTO group = binder.getGroupTO(key);
Pair<GroupTO, List<LogicActions>> before = beforeDelete(group);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_DELETE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_DELETE),
Collections.singleton(before.getLeft().getRealm()));
securityChecks(effectiveRealms, before.getLeft().getRealm(), before.getLeft().getKey());
@@ -241,13 +241,13 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return after(groupTO, statuses, before.getRight());
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public GroupTO unlink(final Long key, final Collection<String> resources) {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
@@ -264,13 +264,13 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return binder.getGroupTO(provisioningManager.unlink(patch));
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public GroupTO link(final Long key, final Collection<String> resources) {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
@@ -287,7 +287,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return binder.getGroupTO(provisioningManager.link(patch));
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> unassign(
final Long key, final Collection<String> resources, final boolean nullPriorityAsync) {
@@ -295,7 +295,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
@@ -312,7 +312,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return update(patch, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> assign(
final Long key,
@@ -324,7 +324,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
@@ -341,7 +341,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return update(patch, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> deprovision(
final Long key, final Collection<String> resources, final boolean nullPriorityAsync) {
@@ -349,7 +349,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
@@ -361,7 +361,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
return result;
}
- @PreAuthorize("hasRole('" + Entitlement.GROUP_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> provision(
final Long key,
@@ -373,7 +373,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.GROUP_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE),
Collections.singleton(group.getRealm()));
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/LoggerLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/LoggerLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/LoggerLogic.java
index 30e7374..7b2842d 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/LoggerLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/LoggerLogic.java
@@ -47,7 +47,7 @@ import org.apache.syncope.common.lib.types.TaskType;
import org.apache.syncope.common.lib.types.UnmatchingRule;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.AuditElements;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
import org.apache.syncope.core.persistence.api.dao.LoggerDAO;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
@@ -99,32 +99,32 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
}, new ArrayList<LoggerTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.LOG_LIST + "') and authentication.details.domain == "
+ @PreAuthorize("hasRole('" + StandardEntitlement.LOG_LIST + "') and authentication.details.domain == "
+ "T(org.apache.syncope.common.lib.SyncopeConstants).MASTER_DOMAIN")
@Transactional(readOnly = true)
public List<LoggerTO> listLogs() {
return list(LoggerType.LOG);
}
- @PreAuthorize("hasRole('" + Entitlement.AUDIT_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.AUDIT_LIST + "')")
@Transactional(readOnly = true)
public List<AuditLoggerName> listAudits() {
return CollectionUtils.collect(
IteratorUtils.filteredIterator(list(LoggerType.AUDIT).iterator(), PredicateUtils.notNullPredicate()),
new Transformer<LoggerTO, AuditLoggerName>() {
- @Override
- public AuditLoggerName transform(final LoggerTO logger) {
- AuditLoggerName result = null;
- try {
- result = AuditLoggerName.fromLoggerName(logger.getKey());
- } catch (Exception e) {
- LOG.warn("Unexpected audit logger name: {}", logger.getKey(), e);
- }
+ @Override
+ public AuditLoggerName transform(final LoggerTO logger) {
+ AuditLoggerName result = null;
+ try {
+ result = AuditLoggerName.fromLoggerName(logger.getKey());
+ } catch (Exception e) {
+ LOG.warn("Unexpected audit logger name: {}", logger.getKey(), e);
+ }
- return result;
- }
- }, new ArrayList<AuditLoggerName>());
+ return result;
+ }
+ }, new ArrayList<AuditLoggerName>());
}
private void throwInvalidLogger(final LoggerType type) {
@@ -134,7 +134,7 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
throw sce;
}
- @PreAuthorize("hasRole('" + Entitlement.LOG_READ + "') and authentication.details.domain == "
+ @PreAuthorize("hasRole('" + StandardEntitlement.LOG_READ + "') and authentication.details.domain == "
+ "T(org.apache.syncope.common.lib.SyncopeConstants).MASTER_DOMAIN")
@Transactional(readOnly = true)
public LoggerTO readLog(final String name) {
@@ -146,7 +146,7 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
throw new NotFoundException("Logger " + name);
}
- @PreAuthorize("hasRole('" + Entitlement.AUDIT_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.AUDIT_READ + "')")
@Transactional(readOnly = true)
public LoggerTO readAudit(final String name) {
for (final AuditLoggerName logger : listAudits()) {
@@ -192,13 +192,13 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
return result;
}
- @PreAuthorize("hasRole('" + Entitlement.LOG_SET_LEVEL + "') and authentication.details.domain == "
+ @PreAuthorize("hasRole('" + StandardEntitlement.LOG_SET_LEVEL + "') and authentication.details.domain == "
+ "T(org.apache.syncope.common.lib.SyncopeConstants).MASTER_DOMAIN")
public LoggerTO setLogLevel(final String name, final Level level) {
return setLevel(name, level, LoggerType.LOG);
}
- @PreAuthorize("hasRole('" + Entitlement.AUDIT_ENABLE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.AUDIT_ENABLE + "')")
public void enableAudit(final AuditLoggerName auditLoggerName) {
try {
setLevel(auditLoggerName.toLoggerName(), Level.DEBUG, LoggerType.AUDIT);
@@ -234,13 +234,13 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
return loggerToDelete;
}
- @PreAuthorize("hasRole('" + Entitlement.LOG_DELETE + "') and authentication.details.domain == "
+ @PreAuthorize("hasRole('" + StandardEntitlement.LOG_DELETE + "') and authentication.details.domain == "
+ "T(org.apache.syncope.common.lib.SyncopeConstants).MASTER_DOMAIN")
public LoggerTO deleteLog(final String name) {
return delete(name, LoggerType.LOG);
}
- @PreAuthorize("hasRole('" + Entitlement.AUDIT_DISABLE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.AUDIT_DISABLE + "')")
public void disableAudit(final AuditLoggerName auditLoggerName) {
try {
delete(auditLoggerName.toLoggerName(), LoggerType.AUDIT);
@@ -253,7 +253,8 @@ public class LoggerLogic extends AbstractTransactionalLogic<LoggerTO> {
}
}
- @PreAuthorize("hasRole('" + Entitlement.AUDIT_LIST + "') or hasRole('" + Entitlement.NOTIFICATION_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.AUDIT_LIST + "') or hasRole('"
+ + StandardEntitlement.NOTIFICATION_LIST + "')")
public List<EventCategoryTO> listAuditEvents() {
// use set to avoid duplications or null elements
Set<EventCategoryTO> events = new HashSet<>();
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/NotificationLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/NotificationLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/NotificationLogic.java
index cb1f041..fc4c8ac 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/NotificationLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/NotificationLogic.java
@@ -25,7 +25,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.syncope.common.lib.to.NotificationTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.NotificationDAO;
import org.apache.syncope.core.persistence.api.entity.Notification;
@@ -43,7 +43,7 @@ public class NotificationLogic extends AbstractTransactionalLogic<NotificationTO
@Autowired
private NotificationDataBinder binder;
- @PreAuthorize("hasRole('" + Entitlement.NOTIFICATION_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.NOTIFICATION_READ + "')")
public NotificationTO read(final Long notificationKey) {
Notification notification = notificationDAO.find(notificationKey);
if (notification == null) {
@@ -55,7 +55,7 @@ public class NotificationLogic extends AbstractTransactionalLogic<NotificationTO
return binder.getNotificationTO(notification);
}
- @PreAuthorize("hasRole('" + Entitlement.NOTIFICATION_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.NOTIFICATION_LIST + "')")
public List<NotificationTO> list() {
return CollectionUtils.collect(notificationDAO.findAll(), new Transformer<Notification, NotificationTO>() {
@@ -66,12 +66,12 @@ public class NotificationLogic extends AbstractTransactionalLogic<NotificationTO
}, new ArrayList<NotificationTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.NOTIFICATION_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.NOTIFICATION_CREATE + "')")
public NotificationTO create(final NotificationTO notificationTO) {
return binder.getNotificationTO(notificationDAO.save(binder.create(notificationTO)));
}
- @PreAuthorize("hasRole('" + Entitlement.NOTIFICATION_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.NOTIFICATION_UPDATE + "')")
public NotificationTO update(final NotificationTO notificationTO) {
Notification notification = notificationDAO.find(notificationTO.getKey());
if (notification == null) {
@@ -85,7 +85,7 @@ public class NotificationLogic extends AbstractTransactionalLogic<NotificationTO
return binder.getNotificationTO(notification);
}
- @PreAuthorize("hasRole('" + Entitlement.NOTIFICATION_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.NOTIFICATION_DELETE + "')")
public NotificationTO delete(final Long notificationKey) {
Notification notification = notificationDAO.find(notificationKey);
if (notification == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/PolicyLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/PolicyLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/PolicyLogic.java
index 0b4ac92..8f8baa5 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/PolicyLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/PolicyLogic.java
@@ -28,8 +28,8 @@ import org.apache.syncope.common.lib.policy.AbstractPolicyTO;
import org.apache.syncope.common.lib.policy.AccountPolicyTO;
import org.apache.syncope.common.lib.policy.PasswordPolicyTO;
import org.apache.syncope.common.lib.policy.SyncPolicyTO;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.PolicyType;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.PolicyDAO;
import org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy;
@@ -50,7 +50,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
@Autowired
private PolicyDataBinder binder;
- @PreAuthorize("hasRole('" + Entitlement.POLICY_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_CREATE + "')")
public <T extends AbstractPolicyTO> T create(final T policyTO) {
return binder.getPolicyTO(policyDAO.save(binder.getPolicy(null, policyTO)));
}
@@ -61,7 +61,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
return binder.getPolicyTO(savedPolicy);
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_UPDATE + "')")
public PasswordPolicyTO update(final PasswordPolicyTO policyTO) {
Policy policy = policyDAO.find(policyTO.getKey());
if (!(policy instanceof PasswordPolicy)) {
@@ -71,7 +71,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
return update(policyTO, policy);
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_UPDATE + "')")
public AccountPolicyTO update(final AccountPolicyTO policyTO) {
Policy policy = policyDAO.find(policyTO.getKey());
if (!(policy instanceof AccountPolicy)) {
@@ -81,7 +81,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
return update(policyTO, policy);
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_UPDATE + "')")
public SyncPolicyTO update(final SyncPolicyTO policyTO) {
Policy policy = policyDAO.find(policyTO.getKey());
if (!(policy instanceof SyncPolicy)) {
@@ -91,7 +91,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
return update(policyTO, policy);
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_LIST + "')")
public <T extends AbstractPolicyTO> List<T> list(final PolicyType type) {
return CollectionUtils.collect(policyDAO.find(type), new Transformer<Policy, T>() {
@@ -102,7 +102,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
}, new ArrayList<T>());
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_READ + "')")
public <T extends AbstractPolicyTO> T read(final Long key) {
Policy policy = policyDAO.find(key);
if (policy == null) {
@@ -112,7 +112,7 @@ public class PolicyLogic extends AbstractTransactionalLogic<AbstractPolicyTO> {
return binder.getPolicyTO(policy);
}
- @PreAuthorize("hasRole('" + Entitlement.POLICY_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.POLICY_DELETE + "')")
public <T extends AbstractPolicyTO> T delete(final Long key) {
Policy policy = policyDAO.find(key);
if (policy == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/RealmLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/RealmLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/RealmLogic.java
index 6d4b02c..0b27a0f 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/RealmLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/RealmLogic.java
@@ -25,7 +25,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.syncope.common.lib.to.RealmTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.RealmDAO;
import org.apache.syncope.core.persistence.api.entity.Realm;
@@ -43,7 +43,7 @@ public class RealmLogic extends AbstractTransactionalLogic<RealmTO> {
@Autowired
private RealmDataBinder binder;
- @PreAuthorize("hasRole('" + Entitlement.REALM_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REALM_LIST + "')")
public List<RealmTO> list(final String fullPath) {
Realm realm = realmDAO.find(fullPath);
if (realm == null) {
@@ -61,12 +61,12 @@ public class RealmLogic extends AbstractTransactionalLogic<RealmTO> {
}, new ArrayList<RealmTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.REALM_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REALM_CREATE + "')")
public RealmTO create(final String parentPath, final RealmTO realmTO) {
return binder.getRealmTO(realmDAO.save(binder.create(parentPath, realmTO)));
}
- @PreAuthorize("hasRole('" + Entitlement.REALM_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REALM_UPDATE + "')")
public RealmTO update(final RealmTO realmTO) {
Realm realm = realmDAO.find(realmTO.getFullPath());
if (realm == null) {
@@ -81,7 +81,7 @@ public class RealmLogic extends AbstractTransactionalLogic<RealmTO> {
return binder.getRealmTO(realm);
}
- @PreAuthorize("hasRole('" + Entitlement.REALM_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REALM_DELETE + "')")
public RealmTO delete(final String fullPath) {
Realm realm = realmDAO.find(fullPath);
if (realm == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/RelationshipTypeLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/RelationshipTypeLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/RelationshipTypeLogic.java
index 7df2755..3c6bfa6 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/RelationshipTypeLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/RelationshipTypeLogic.java
@@ -26,7 +26,7 @@ import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.common.lib.to.RelationshipTypeTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.RelationshipTypeDAO;
import org.apache.syncope.core.persistence.api.entity.RelationshipType;
@@ -44,7 +44,7 @@ public class RelationshipTypeLogic extends AbstractTransactionalLogic<Relationsh
@Autowired
private RelationshipTypeDAO relationshipTypeDAO;
- @PreAuthorize("hasRole('" + Entitlement.RELATIONSHIPTYPE_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RELATIONSHIPTYPE_READ + "')")
public RelationshipTypeTO read(final String key) {
RelationshipType relationshipType = relationshipTypeDAO.find(key);
if (relationshipType == null) {
@@ -56,24 +56,24 @@ public class RelationshipTypeLogic extends AbstractTransactionalLogic<Relationsh
return binder.getRelationshipTypeTO(relationshipType);
}
- @PreAuthorize("hasRole('" + Entitlement.RELATIONSHIPTYPE_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RELATIONSHIPTYPE_LIST + "')")
public List<RelationshipTypeTO> list() {
return CollectionUtils.collect(relationshipTypeDAO.findAll(),
new Transformer<RelationshipType, RelationshipTypeTO>() {
- @Override
- public RelationshipTypeTO transform(final RelationshipType input) {
- return binder.getRelationshipTypeTO(input);
- }
- }, new ArrayList<RelationshipTypeTO>());
+ @Override
+ public RelationshipTypeTO transform(final RelationshipType input) {
+ return binder.getRelationshipTypeTO(input);
+ }
+ }, new ArrayList<RelationshipTypeTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.RELATIONSHIPTYPE_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RELATIONSHIPTYPE_CREATE + "')")
public RelationshipTypeTO create(final RelationshipTypeTO relationshipTypeTO) {
return binder.getRelationshipTypeTO(relationshipTypeDAO.save(binder.create(relationshipTypeTO)));
}
- @PreAuthorize("hasRole('" + Entitlement.RELATIONSHIPTYPE_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RELATIONSHIPTYPE_UPDATE + "')")
public RelationshipTypeTO update(final RelationshipTypeTO relationshipTypeTO) {
RelationshipType relationshipType = relationshipTypeDAO.find(relationshipTypeTO.getKey());
if (relationshipType == null) {
@@ -87,7 +87,7 @@ public class RelationshipTypeLogic extends AbstractTransactionalLogic<Relationsh
return binder.getRelationshipTypeTO(relationshipType);
}
- @PreAuthorize("hasRole('" + Entitlement.RELATIONSHIPTYPE_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RELATIONSHIPTYPE_DELETE + "')")
public RelationshipTypeTO delete(final String key) {
RelationshipType relationshipType = relationshipTypeDAO.find(key);
if (relationshipType == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/ReportLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/ReportLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/ReportLogic.java
index 29cd65a..38a1463 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/ReportLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/ReportLogic.java
@@ -55,9 +55,9 @@ import org.apache.syncope.core.provisioning.api.job.JobNamer;
import org.apache.syncope.core.provisioning.api.job.JobInstanceLoader;
import org.apache.syncope.core.logic.report.TextSerializer;
import org.apache.syncope.common.lib.to.AbstractExecTO;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.JobAction;
import org.apache.syncope.common.lib.types.JobStatusType;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.xmlgraphics.util.MimeConstants;
import org.quartz.JobKey;
import org.quartz.Scheduler;
@@ -84,7 +84,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
@Autowired
private EntityFactory entityFactory;
- @PreAuthorize("hasRole('" + Entitlement.REPORT_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_CREATE + "')")
public ReportTO create(final ReportTO reportTO) {
Report report = entityFactory.newEntity(Report.class);
binder.getReport(report, reportTO);
@@ -103,7 +103,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return binder.getReportTO(report);
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_UPDATE + "')")
public ReportTO update(final ReportTO reportTO) {
Report report = reportDAO.find(reportTO.getKey());
if (report == null) {
@@ -126,7 +126,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return binder.getReportTO(report);
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_LIST + "')")
public List<ReportTO> list() {
return CollectionUtils.collect(reportDAO.findAll(),
new Transformer<Report, ReportTO>() {
@@ -138,7 +138,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
}, new ArrayList<ReportTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_READ + "')")
public ReportTO read(final Long reportKey) {
Report report = reportDAO.find(reportKey);
if (report == null) {
@@ -147,7 +147,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return binder.getReportTO(report);
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_READ + "')")
@Transactional(readOnly = true)
public ReportExecTO readExecution(final Long executionKey) {
ReportExec reportExec = reportExecDAO.find(executionKey);
@@ -157,7 +157,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return binder.getReportExecTO(reportExec);
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_READ + "')")
public void exportExecutionResult(final OutputStream os, final ReportExec reportExec,
final ReportExecExportFormat format) {
@@ -223,7 +223,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
}
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_READ + "')")
public ReportExec getAndCheckReportExec(final Long executionKey) {
ReportExec reportExec = reportExecDAO.find(executionKey);
if (reportExec == null) {
@@ -239,7 +239,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return reportExec;
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_EXECUTE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_EXECUTE + "')")
public ReportExecTO execute(final Long reportKey) {
Report report = reportDAO.find(reportKey);
if (report == null) {
@@ -268,7 +268,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return result;
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_DELETE + "')")
public ReportTO delete(final Long reportKey) {
Report report = reportDAO.find(reportKey);
if (report == null) {
@@ -281,7 +281,7 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
return deletedReport;
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_DELETE + "')")
public ReportExecTO deleteExecution(final Long executionKey) {
ReportExec reportExec = reportExecDAO.find(executionKey);
if (reportExec == null) {
@@ -324,12 +324,12 @@ public class ReportLogic extends AbstractJobLogic<ReportTO> {
}
@Override
- @PreAuthorize("hasRole('" + Entitlement.REPORT_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_LIST + "')")
public <E extends AbstractExecTO> List<E> listJobs(final JobStatusType type, final Class<E> reference) {
return super.listJobs(type, reference);
}
- @PreAuthorize("hasRole('" + Entitlement.REPORT_EXECUTE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.REPORT_EXECUTE + "')")
public void actionJob(final Long reportKey, final JobAction action) {
Report report = reportDAO.find(reportKey);
if (report == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
index b4795f6..8825e67 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
@@ -38,7 +38,7 @@ import org.apache.syncope.common.lib.to.ConnObjectTO;
import org.apache.syncope.common.lib.to.ResourceTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.DuplicateException;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
@@ -109,7 +109,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
@Autowired
private ConnectorFactory connFactory;
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_CREATE + "')")
public ResourceTO create(final ResourceTO resourceTO) {
if (StringUtils.isBlank(resourceTO.getKey())) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
@@ -135,7 +135,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return binder.getResourceTO(resource);
}
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_UPDATE + "')")
public ResourceTO update(final ResourceTO resourceTO) {
ExternalResource resource = resourceDAO.find(resourceTO.getKey());
if (resource == null) {
@@ -156,7 +156,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return binder.getResourceTO(resource);
}
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_DELETE + "')")
public ResourceTO delete(final String resourceName) {
ExternalResource resource = resourceDAO.find(resourceName);
if (resource == null) {
@@ -170,7 +170,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return resourceToDelete;
}
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_READ + "')")
@Transactional(readOnly = true)
public ResourceTO read(final String resourceName) {
ExternalResource resource = resourceDAO.find(resourceName);
@@ -212,7 +212,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return ImmutableTriple.of(resource, anyType, provision);
}
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_GET_CONNOBJECT + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_GET_CONNOBJECT + "')")
@Transactional(readOnly = true)
public ConnObjectTO readConnObject(final String key, final String anyTypeKey, final Long anyKey) {
Triple<ExternalResource, AnyType, Provision> init = connObjectInit(key, anyTypeKey);
@@ -268,7 +268,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return connObjectUtils.getConnObjectTO(connectorObject);
}
- @PreAuthorize("hasRole('" + Entitlement.RESOURCE_LIST_CONNOBJECT + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_LIST_CONNOBJECT + "')")
@Transactional(readOnly = true)
public Pair<SearchResult, List<ConnObjectTO>> listConnObjects(final String key, final String anyTypeKey,
final Integer size, final String pagedResultsCookie, final List<OrderByClause> orderBy) {
@@ -304,7 +304,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return ImmutablePair.of(searchResult[0], connObjects);
}
- @PreAuthorize("hasRole('" + Entitlement.CONNECTOR_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.CONNECTOR_READ + "')")
@Transactional(readOnly = true)
public void check(final ResourceTO resourceTO) {
ConnInstance connInstance = connInstanceDAO.find(resourceTO.getConnector());
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
index cfe2c5b..60f65a0 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
@@ -25,7 +25,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.syncope.common.lib.to.RoleTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.RoleDAO;
import org.apache.syncope.core.persistence.api.entity.Role;
@@ -43,7 +43,7 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
@Autowired
private RoleDAO roleDAO;
- @PreAuthorize("hasRole('" + Entitlement.ROLE_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_READ + "')")
public RoleTO read(final Long roleKey) {
Role role = roleDAO.find(roleKey);
if (role == null) {
@@ -55,7 +55,7 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
return binder.getRoleTO(role);
}
- @PreAuthorize("hasRole('" + Entitlement.ROLE_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_LIST + "')")
public List<RoleTO> list() {
return CollectionUtils.collect(roleDAO.findAll(), new Transformer<Role, RoleTO>() {
@@ -66,12 +66,12 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
}, new ArrayList<RoleTO>());
}
- @PreAuthorize("hasRole('" + Entitlement.ROLE_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_CREATE + "')")
public RoleTO create(final RoleTO roleTO) {
return binder.getRoleTO(roleDAO.save(binder.create(roleTO)));
}
- @PreAuthorize("hasRole('" + Entitlement.ROLE_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_UPDATE + "')")
public RoleTO update(final RoleTO roleTO) {
Role role = roleDAO.find(roleTO.getKey());
if (role == null) {
@@ -85,7 +85,7 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
return binder.getRoleTO(role);
}
- @PreAuthorize("hasRole('" + Entitlement.ROLE_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_DELETE + "')")
public RoleTO delete(final Long roleKey) {
Role role = roleDAO.find(roleKey);
if (role == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/SchemaLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/SchemaLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/SchemaLogic.java
index f3b1b09..a57f2e1 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/SchemaLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/SchemaLogic.java
@@ -31,8 +31,8 @@ import org.apache.syncope.common.lib.to.DerSchemaTO;
import org.apache.syncope.common.lib.to.PlainSchemaTO;
import org.apache.syncope.common.lib.to.VirSchemaTO;
import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.SchemaType;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.AnyTypeClassDAO;
import org.apache.syncope.core.persistence.api.dao.DerSchemaDAO;
import org.apache.syncope.core.persistence.api.dao.DuplicateException;
@@ -89,7 +89,7 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
return found;
}
- @PreAuthorize("hasRole('" + Entitlement.SCHEMA_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SCHEMA_CREATE + "')")
@SuppressWarnings("unchecked")
public <T extends AbstractSchemaTO> T create(final SchemaType schemaType, final T schemaTO) {
if (StringUtils.isBlank(schemaTO.getKey())) {
@@ -122,7 +122,7 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
return created;
}
- @PreAuthorize("hasRole('" + Entitlement.SCHEMA_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SCHEMA_DELETE + "')")
public void delete(final SchemaType schemaType, final String schemaName) {
if (!doesSchemaExist(schemaType, schemaName)) {
throw new NotFoundException(schemaType + "/" + schemaName);
@@ -154,11 +154,11 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
clazz == null ? virSchemaDAO.findAll() : virSchemaDAO.findByAnyTypeClass(clazz),
new Transformer<VirSchema, T>() {
- @Override
- public T transform(final VirSchema input) {
- return (T) binder.getVirSchemaTO(input);
- }
- }, new ArrayList<T>());
+ @Override
+ public T transform(final VirSchema input) {
+ return (T) binder.getVirSchemaTO(input);
+ }
+ }, new ArrayList<T>());
break;
case DERIVED:
@@ -166,11 +166,11 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
clazz == null ? derSchemaDAO.findAll() : derSchemaDAO.findByAnyTypeClass(clazz),
new Transformer<DerSchema, T>() {
- @Override
- public T transform(final DerSchema input) {
- return (T) binder.getDerSchemaTO(input);
- }
- }, new ArrayList<T>());
+ @Override
+ public T transform(final DerSchema input) {
+ return (T) binder.getDerSchemaTO(input);
+ }
+ }, new ArrayList<T>());
break;
case PLAIN:
@@ -179,11 +179,11 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
clazz == null ? plainSchemaDAO.findAll() : plainSchemaDAO.findByAnyTypeClass(clazz),
new Transformer<PlainSchema, T>() {
- @Override
- public T transform(final PlainSchema input) {
- return (T) binder.getPlainSchemaTO(input);
- }
- }, new ArrayList<T>());
+ @Override
+ public T transform(final PlainSchema input) {
+ return (T) binder.getPlainSchemaTO(input);
+ }
+ }, new ArrayList<T>());
}
return result;
@@ -225,7 +225,7 @@ public class SchemaLogic extends AbstractTransactionalLogic<AbstractSchemaTO> {
return read;
}
- @PreAuthorize("hasRole('" + Entitlement.SCHEMA_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SCHEMA_UPDATE + "')")
public <T extends AbstractSchemaTO> void update(final SchemaType schemaType, final T schemaTO) {
if (!doesSchemaExist(schemaType, schemaTO.getKey())) {
throw new NotFoundException(schemaType + "/" + schemaTO.getKey());
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
index 8004c52..fb45942 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
@@ -25,7 +25,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.syncope.common.lib.to.SecurityQuestionTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.SecurityQuestionDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
@@ -72,12 +72,12 @@ public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQu
return binder.getSecurityQuestionTO(securityQuestion);
}
- @PreAuthorize("hasRole('" + Entitlement.SECURITY_QUESTION_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SECURITY_QUESTION_CREATE + "')")
public SecurityQuestionTO create(final SecurityQuestionTO securityQuestionTO) {
return binder.getSecurityQuestionTO(securityQuestionDAO.save(binder.create(securityQuestionTO)));
}
- @PreAuthorize("hasRole('" + Entitlement.SECURITY_QUESTION_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SECURITY_QUESTION_UPDATE + "')")
public SecurityQuestionTO update(final SecurityQuestionTO securityQuestionTO) {
SecurityQuestion securityQuestion = securityQuestionDAO.find(securityQuestionTO.getKey());
if (securityQuestion == null) {
@@ -92,7 +92,7 @@ public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQu
return binder.getSecurityQuestionTO(securityQuestion);
}
- @PreAuthorize("hasRole('" + Entitlement.SECURITY_QUESTION_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SECURITY_QUESTION_DELETE + "')")
public SecurityQuestionTO delete(final Long securityQuestionId) {
SecurityQuestion securityQuestion = securityQuestionDAO.find(securityQuestionId);
if (securityQuestion == null) {
@@ -106,7 +106,7 @@ public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQu
return deleted;
}
- @PreAuthorize("isAnonymous() or hasRole('" + Entitlement.ANONYMOUS + "')")
+ @PreAuthorize("isAnonymous() or hasRole('" + StandardEntitlement.ANONYMOUS + "')")
public SecurityQuestionTO read(final String username) {
if (username == null) {
throw new NotFoundException("Null username");
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
index 480efc1..dcd24ad 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
@@ -18,6 +18,7 @@
*/
package org.apache.syncope.core.logic;
+import org.apache.syncope.core.misc.EntitlementsHolder;
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.URI;
@@ -128,6 +129,8 @@ public class SyncopeLogic extends AbstractLogic<SyncopeTO> {
syncopeTO.setVirAttrCache(virAttrCache.getClass().getName());
syncopeTO.setPasswordGenerator(passwordGenerator.getClass().getName());
+ syncopeTO.getEntitlements().addAll(EntitlementsHolder.getInstance().getValues());
+
syncopeTO.getReportlets().addAll(implLookup.getClassNames(Type.REPORTLET));
syncopeTO.getAccountRules().addAll(implLookup.getClassNames(Type.ACCOUNT_RULE));
syncopeTO.getPasswordRules().addAll(implLookup.getClassNames(Type.PASSWORD_RULE));
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/TaskLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/TaskLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/TaskLogic.java
index 3c9647e..3e716d6 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/TaskLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/TaskLogic.java
@@ -34,9 +34,9 @@ import org.apache.syncope.common.lib.to.SyncTaskTO;
import org.apache.syncope.common.lib.to.TaskExecTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.JobAction;
import org.apache.syncope.common.lib.types.JobStatusType;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.common.lib.types.TaskType;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.TaskDAO;
@@ -94,7 +94,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
@Autowired
private TaskUtilsFactory taskUtilsFactory;
- @PreAuthorize("hasRole('" + Entitlement.TASK_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_CREATE + "')")
public <T extends SchedTaskTO> T createSchedTask(final T taskTO) {
TaskUtils taskUtils = taskUtilsFactory.getInstance(taskTO);
@@ -116,12 +116,12 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return binder.getTaskTO(task, taskUtils);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_UPDATE + "')")
public SyncTaskTO updateSync(final SyncTaskTO taskTO) {
return updateSched(taskTO);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_UPDATE + "')")
public <T extends SchedTaskTO> T updateSched(final SchedTaskTO taskTO) {
SchedTask task = taskDAO.find(taskTO.getKey());
if (task == null) {
@@ -148,14 +148,14 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return binder.getTaskTO(task, taskUtils);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_LIST + "')")
public int count(
final TaskType type, final String resource, final AnyTypeKind anyTypeKind, final Long anyTypeKey) {
return taskDAO.count(type, resourceDAO.find(resource), anyTypeKind, anyTypeKey);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_LIST + "')")
@SuppressWarnings("unchecked")
public <T extends AbstractTaskTO> List<T> list(
final TaskType type, final String resource, final AnyTypeKind anyTypeKind, final Long anyTypeKey,
@@ -174,7 +174,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
}, new ArrayList<T>());
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_READ + "')")
public <T extends AbstractTaskTO> T read(final Long taskKey) {
Task task = taskDAO.find(taskKey);
if (task == null) {
@@ -183,7 +183,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return binder.getTaskTO(task, taskUtilsFactory.getInstance(task));
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_READ + "')")
public TaskExecTO readExecution(final Long execKey) {
TaskExec taskExec = taskExecDAO.find(execKey);
if (taskExec == null) {
@@ -192,7 +192,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return binder.getTaskExecTO(taskExec);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_EXECUTE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_EXECUTE + "')")
public TaskExecTO execute(final Long taskKey, final boolean dryRun) {
Task task = taskDAO.find(taskKey);
if (task == null) {
@@ -245,7 +245,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return result;
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_DELETE + "')")
public <T extends AbstractTaskTO> T delete(final Long taskKey) {
Task task = taskDAO.find(taskKey);
if (task == null) {
@@ -266,7 +266,7 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
return taskToDelete;
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_DELETE + "')")
public TaskExecTO deleteExecution(final Long execKey) {
TaskExec taskExec = taskExecDAO.find(execKey);
if (taskExec == null) {
@@ -310,12 +310,12 @@ public class TaskLogic extends AbstractJobLogic<AbstractTaskTO> {
}
@Override
- @PreAuthorize("hasRole('" + Entitlement.TASK_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_LIST + "')")
public <E extends AbstractExecTO> List<E> listJobs(final JobStatusType type, final Class<E> reference) {
return super.listJobs(type, reference);
}
- @PreAuthorize("hasRole('" + Entitlement.TASK_EXECUTE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.TASK_EXECUTE + "')")
public void actionJob(final Long taskKey, final JobAction action) {
Task task = taskDAO.find(taskKey);
if (task == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java
index 22b7ab5..e505f3c 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java
@@ -42,8 +42,8 @@ import org.apache.syncope.common.lib.to.ProvisioningResult;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.Entitlement;
import org.apache.syncope.common.lib.types.PatchOperation;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.GroupDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
@@ -87,27 +87,27 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
@Autowired
protected SyncopeLogic syncopeLogic;
- @PreAuthorize("hasRole('" + Entitlement.USER_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_READ + "')")
@Transactional(readOnly = true)
public String getUsername(final Long key) {
return binder.getUserTO(key).getUsername();
}
- @PreAuthorize("hasRole('" + Entitlement.USER_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_READ + "')")
@Transactional(readOnly = true)
public Long getKey(final String username) {
return binder.getUserTO(username).getKey();
}
- @PreAuthorize("hasRole('" + Entitlement.USER_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_LIST + "')")
@Transactional(readOnly = true)
@Override
public int count(final List<String> realms) {
return userDAO.count(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.USER_LIST), realms));
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_LIST), realms));
}
- @PreAuthorize("hasRole('" + Entitlement.USER_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_LIST + "')")
@Transactional(readOnly = true)
@Override
public List<UserTO> list(
@@ -115,15 +115,15 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
final List<String> realms, final boolean details) {
return CollectionUtils.collect(userDAO.findAll(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.USER_LIST), realms),
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_LIST), realms),
page, size, orderBy),
new Transformer<User, UserTO>() {
- @Override
- public UserTO transform(final User input) {
- return binder.returnUserTO(binder.getUserTO(input, details));
- }
- }, new ArrayList<UserTO>());
+ @Override
+ public UserTO transform(final User input) {
+ return binder.returnUserTO(binder.getUserTO(input, details));
+ }
+ }, new ArrayList<UserTO>());
}
@PreAuthorize("isAuthenticated()")
@@ -134,30 +134,30 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
binder.returnUserTO(binder.getAuthenticatedUserTO()));
}
- @PreAuthorize("hasRole('" + Entitlement.USER_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_READ + "')")
@Transactional(readOnly = true)
@Override
public UserTO read(final Long key) {
return binder.returnUserTO(binder.getUserTO(key));
}
- @PreAuthorize("hasRole('" + Entitlement.USER_SEARCH + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_SEARCH + "')")
@Transactional(readOnly = true)
@Override
public int searchCount(final SearchCond searchCondition, final List<String> realms) {
return searchDAO.count(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.USER_SEARCH), realms),
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_SEARCH), realms),
searchCondition, AnyTypeKind.USER);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_SEARCH + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_SEARCH + "')")
@Transactional(readOnly = true)
@Override
public List<UserTO> search(final SearchCond searchCondition, final int page, final int size,
final List<OrderByClause> orderBy, final List<String> realms, final boolean details) {
List<User> matchingUsers = searchDAO.search(
- getEffectiveRealms(AuthContextUtils.getAuthorizations().get(Entitlement.USER_SEARCH), realms),
+ getEffectiveRealms(AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_SEARCH), realms),
searchCondition, page, size, orderBy, AnyTypeKind.USER);
return CollectionUtils.collect(matchingUsers, new Transformer<User, UserTO>() {
@@ -168,20 +168,20 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
}, new ArrayList<UserTO>());
}
- @PreAuthorize("isAnonymous() or hasRole('" + Entitlement.ANONYMOUS + "')")
+ @PreAuthorize("isAnonymous() or hasRole('" + StandardEntitlement.ANONYMOUS + "')")
public ProvisioningResult<UserTO> selfCreate(
final UserTO userTO, final boolean storePassword, final boolean nullPriorityAsync) {
return doCreate(userTO, storePassword, true, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_CREATE + "')")
@Override
public ProvisioningResult<UserTO> create(final UserTO userTO, final boolean nullPriorityAsync) {
return doCreate(userTO, true, false, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_CREATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_CREATE + "')")
public ProvisioningResult<UserTO> create(
final UserTO userTO, final boolean storePassword, final boolean nullPriorityAsync) {
@@ -202,7 +202,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
if (!self) {
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_CREATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_CREATE),
Collections.singleton(before.getLeft().getRealm()));
securityChecks(effectiveRealms, before.getLeft().getRealm(), null);
}
@@ -213,14 +213,14 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return after(binder.returnUserTO(binder.getUserTO(created.getKey())), created.getRight(), before.getRight());
}
- @PreAuthorize("isAuthenticated() and not(hasRole('" + Entitlement.ANONYMOUS + "'))")
+ @PreAuthorize("isAuthenticated() and not(hasRole('" + StandardEntitlement.ANONYMOUS + "'))")
public ProvisioningResult<UserTO> selfUpdate(final UserPatch userPatch, final boolean nullPriorityAsync) {
UserTO userTO = binder.getAuthenticatedUserTO();
userPatch.setKey(userTO.getKey());
return doUpdate(userPatch, true, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> update(final UserPatch userPatch, final boolean nullPriorityAsync) {
return doUpdate(userPatch, false, nullPriorityAsync);
@@ -239,7 +239,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
Set<String> requestedRealms = new HashSet<>();
requestedRealms.add(before.getLeft().getRealm().getValue());
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
requestedRealms);
securityChecks(effectiveRealms, before.getLeft().getRealm().getValue(), before.getLeft().getKey());
}
@@ -273,12 +273,12 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return updated;
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
public ProvisioningResult<UserTO> status(final StatusPatch statusPatch, final boolean nullPriorityAsync) {
// security checks
UserTO toUpdate = binder.getUserTO(statusPatch.getKey());
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(toUpdate.getRealm()));
securityChecks(effectiveRealms, toUpdate.getRealm(), toUpdate.getKey());
@@ -290,7 +290,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
Collections.<LogicActions>emptyList());
}
- @PreAuthorize("hasRole('" + Entitlement.MUST_CHANGE_PASSWORD + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.MUST_CHANGE_PASSWORD + "')")
public ProvisioningResult<UserTO> changePassword(final String password, final boolean nullPriorityAsync) {
UserPatch userPatch = new UserPatch();
userPatch.setPassword(new PasswordPatch.Builder().value(password).build());
@@ -298,7 +298,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return selfUpdate(userPatch, nullPriorityAsync);
}
- @PreAuthorize("isAnonymous() or hasRole('" + Entitlement.ANONYMOUS + "')")
+ @PreAuthorize("isAnonymous() or hasRole('" + StandardEntitlement.ANONYMOUS + "')")
@Transactional
public void requestPasswordReset(final String username, final String securityAnswer) {
if (username == null) {
@@ -319,7 +319,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
provisioningManager.requestPasswordReset(user.getKey());
}
- @PreAuthorize("isAnonymous() or hasRole('" + Entitlement.ANONYMOUS + "')")
+ @PreAuthorize("isAnonymous() or hasRole('" + StandardEntitlement.ANONYMOUS + "')")
@Transactional
public void confirmPasswordReset(final String token, final String password) {
User user = userDAO.findByToken(token);
@@ -329,13 +329,13 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
provisioningManager.confirmPasswordReset(user.getKey(), token, password);
}
- @PreAuthorize("isAuthenticated() and not(hasRole('" + Entitlement.ANONYMOUS + "'))")
+ @PreAuthorize("isAuthenticated() and not(hasRole('" + StandardEntitlement.ANONYMOUS + "'))")
public ProvisioningResult<UserTO> selfDelete(final boolean nullPriorityAsync) {
UserTO userTO = binder.getAuthenticatedUserTO();
return doDelete(userTO, true, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_DELETE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_DELETE + "')")
@Override
public ProvisioningResult<UserTO> delete(final Long key, final boolean nullPriorityAsync) {
UserTO userTO = binder.getUserTO(key);
@@ -349,7 +349,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
if (!self) {
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_DELETE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_DELETE),
Collections.singleton(before.getLeft().getRealm()));
securityChecks(effectiveRealms, before.getLeft().getRealm(), before.getLeft().getKey());
}
@@ -380,13 +380,13 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return after(binder.returnUserTO(deletedTO), statuses, before.getRight());
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public UserTO unlink(final Long key, final Collection<String> resources) {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
@@ -403,13 +403,13 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return binder.returnUserTO(binder.getUserTO(provisioningManager.unlink(patch)));
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public UserTO link(final Long key, final Collection<String> resources) {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
@@ -426,7 +426,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return binder.returnUserTO(binder.getUserTO(provisioningManager.link(patch)));
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> unassign(
final Long key, final Collection<String> resources, final boolean nullPriorityAsync) {
@@ -434,7 +434,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
@@ -451,7 +451,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return update(patch, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> assign(
final Long key,
@@ -463,7 +463,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
@@ -485,7 +485,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return update(patch, nullPriorityAsync);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> deprovision(
final Long key, final Collection<String> resources, final boolean nullPriorityAsync) {
@@ -493,7 +493,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
@@ -505,7 +505,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
return result;
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> provision(
final Long key,
@@ -517,7 +517,7 @@ public class UserLogic extends AbstractAnyLogic<UserTO, UserPatch> {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = getEffectiveRealms(
- AuthContextUtils.getAuthorizations().get(Entitlement.USER_UPDATE),
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE),
Collections.singleton(user.getRealm()));
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/UserWorkflowLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/UserWorkflowLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/UserWorkflowLogic.java
index 9e0b45b..59af419 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/UserWorkflowLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/UserWorkflowLogic.java
@@ -26,7 +26,7 @@ import org.apache.syncope.common.lib.patch.AnyPatch;
import org.apache.syncope.common.lib.patch.UserPatch;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.to.WorkflowFormTO;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.entity.task.PropagationTask;
import org.apache.syncope.core.persistence.api.entity.user.User;
@@ -58,13 +58,13 @@ public class UserWorkflowLogic extends AbstractTransactionalLogic<WorkflowFormTO
@Autowired
private UserDAO userDAO;
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_FORM_CLAIM + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_FORM_CLAIM + "')")
@Transactional(rollbackFor = { Throwable.class })
public WorkflowFormTO claimForm(final String taskId) {
return uwfAdapter.claimForm(taskId);
}
- @PreAuthorize("hasRole('" + Entitlement.USER_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
public UserTO executeWorkflowTask(final UserTO userTO, final String taskId) {
WorkflowResult<Long> updated = uwfAdapter.execute(userTO, taskId);
@@ -81,27 +81,29 @@ public class UserWorkflowLogic extends AbstractTransactionalLogic<WorkflowFormTO
return binder.getUserTO(updated.getResult());
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_FORM_READ + "') and hasRole('" + Entitlement.USER_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_FORM_READ + "') and hasRole('"
+ + StandardEntitlement.USER_READ + "')")
@Transactional(rollbackFor = { Throwable.class })
public WorkflowFormTO getFormForUser(final Long key) {
User user = userDAO.authFind(key);
return uwfAdapter.getForm(user.getWorkflowId());
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_FORM_LIST + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_FORM_LIST + "')")
@Transactional(rollbackFor = { Throwable.class })
public List<WorkflowFormTO> getForms() {
return uwfAdapter.getForms();
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_FORM_READ + "') and hasRole('" + Entitlement.USER_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_FORM_READ + "') and hasRole('"
+ + StandardEntitlement.USER_READ + "')")
@Transactional(rollbackFor = { Throwable.class })
public List<WorkflowFormTO> getForms(final Long key, final String formName) {
User user = userDAO.authFind(key);
return uwfAdapter.getForms(user.getWorkflowId(), formName);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_FORM_SUBMIT + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_FORM_SUBMIT + "')")
@Transactional(rollbackFor = { Throwable.class })
public UserTO submitForm(final WorkflowFormTO form) {
WorkflowResult<? extends AnyPatch> updated = uwfAdapter.submitForm(form);
http://git-wip-us.apache.org/repos/asf/syncope/blob/b9fcf293/core/logic/src/main/java/org/apache/syncope/core/logic/WorkflowLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/WorkflowLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/WorkflowLogic.java
index 58777f7..8b6d530 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/WorkflowLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/WorkflowLogic.java
@@ -22,7 +22,7 @@ import java.io.OutputStream;
import java.lang.reflect.Method;
import javax.ws.rs.core.MediaType;
import org.apache.syncope.common.lib.AbstractBaseBean;
-import org.apache.syncope.common.lib.types.Entitlement;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.workflow.api.AnyObjectWorkflowAdapter;
import org.apache.syncope.core.workflow.api.GroupWorkflowAdapter;
import org.apache.syncope.core.workflow.api.UserWorkflowAdapter;
@@ -57,19 +57,19 @@ public class WorkflowLogic extends AbstractTransactionalLogic<AbstractBaseBean>
: WorkflowDefinitionFormat.XML;
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportAnyObjectDefinition(final MediaType format, final OutputStream os) {
exportDefinition(awfAdapter, getFormat(format), os);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportUserDefinition(final MediaType format, final OutputStream os) {
exportDefinition(uwfAdapter, getFormat(format), os);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportGroupDefinition(final MediaType format, final OutputStream os) {
exportDefinition(gwfAdapter, getFormat(format), os);
@@ -79,19 +79,19 @@ public class WorkflowLogic extends AbstractTransactionalLogic<AbstractBaseBean>
adapter.exportDiagram(os);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportAnyObjectDiagram(final OutputStream os) {
exportDiagram(awfAdapter, os);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportUserDiagram(final OutputStream os) {
exportDiagram(uwfAdapter, os);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_READ + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_READ + "')")
@Transactional(readOnly = true)
public void exportGroupDiagram(final OutputStream os) {
exportDiagram(gwfAdapter, os);
@@ -103,17 +103,17 @@ public class WorkflowLogic extends AbstractTransactionalLogic<AbstractBaseBean>
adapter.importDefinition(format, definition);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_UPDATE + "')")
public void importAnyObjectDefinition(final MediaType format, final String definition) {
importDefinition(awfAdapter, getFormat(format), definition);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_UPDATE + "')")
public void importUserDefinition(final MediaType format, final String definition) {
importDefinition(uwfAdapter, getFormat(format), definition);
}
- @PreAuthorize("hasRole('" + Entitlement.WORKFLOW_DEF_UPDATE + "')")
+ @PreAuthorize("hasRole('" + StandardEntitlement.WORKFLOW_DEF_UPDATE + "')")
public void importGroupDefinition(final MediaType format, final String definition) {
importDefinition(gwfAdapter, getFormat(format), definition);
}