Examples of com.esri.gpt.framework.security.principal.Roles

• com.esri.gpt.framework.security.principal.Roles
  Defines a Role collection.

    // set role/group properties
    try {
      readUserGroups(user);
      RoleSet authRoles = user.getAuthenticationStatus().getAuthenticatedRoles();
      Roles cfgRoles = getApplicationConfiguration().getIdentityConfiguration().getConfiguredRoles();
      for (Role role: cfgRoles.values()) {
        authRoles.addAll(role.getFullRoleSet());
      }
    } catch (NamingException e) {
      // will never be thrown
    }

 */
@Override
public void readUserGroups(User user)
  throws IdentityException, NamingException, SQLException {
  if ((user != null) && (user.getDistinguishedName().equalsIgnoreCase(getDN()))) {
    Roles cfgRoles = getApplicationConfiguration().getIdentityConfiguration().getConfiguredRoles();
    for (Role role: cfgRoles.values()) {
      Group group = new Group();
      group.setDistinguishedName(role.getKey());
      group.setKey(role.getKey());
      group.setName(role.getKey());
      user.getGroups().add(group);

  user.setName(user.getProfile().getUsername());

  // read groups, set authenticated roles
  getQueryFunctions().readUserGroups(dirContext,user);
  Groups userGroups = user.getGroups();
  Roles configuredRoles = getConfiguration().getIdentityConfiguration().getConfiguredRoles();
  RoleSet authenticatedRoles = user.getAuthenticationStatus().getAuthenticatedRoles();
  for (Role role: configuredRoles.values()) {
    if (userGroups.containsKey(role.getDistinguishedName())) {
      authenticatedRoles.addAll(role.getFullRoleSet());
    }
  }
  user.getAuthenticationStatus().setWasAuthenticated(true);

  // prepare attributes and add the new user to LDAP
  Attributes attributes = prepareRegistrationAttributes(upCreds,user.getProfile());
  addEntry(dirContext,user.getDistinguishedName(),attributes);

  // add user to general user group
  Roles configuredRoles = getConfiguration().getIdentityConfiguration().getConfiguredRoles();
  if (configuredRoles.getAuthenticatedUserRequiresRole()) {
    String sRoleRegistered = configuredRoles.getRegisteredUserRoleKey();
    Role roleRegistered = configuredRoles.get(sRoleRegistered);
    String sGeneralDN = roleRegistered.getDistinguishedName();
    String sGroupAttribute = groupProps.getGroupMemberAttribute();
    BasicAttribute groupAttribute = new BasicAttribute(sGroupAttribute);
    BasicAttributes groupAttributes = new BasicAttributes();
    groupAttribute.add(user.getDistinguishedName());

  throws CredentialPolicyException, NamingException {

 //TODO: need to check if the user is already in role.

  // add user to general user group
  Roles configuredRoles = getConfiguration().getIdentityConfiguration().getConfiguredRoles();
  Role roleRegistered = configuredRoles.get(role);
  String sGeneralDN = roleRegistered.getDistinguishedName();
  addUserToGroup(dirContext, user, sGeneralDN);
}

    groupsJson += " { \"key\" : \"" + Val.escapeStrForJson(gkey) + "\" , \"name\" : \"" + Val.escapeStrForJson(name) + "\" , \"dn\" : \"" + Val.escapeStrForJson(dn) + "\" }";
  }
  groupsJson += " ] , ";

  String rolesJson = " \"selectableRoles\" : [";
  Roles roles = buildSelectableRoles(context);
  sortedKeys=new ArrayList<String>(roles.keySet());
  Collections.sort(sortedKeys);
  boolean firstRole = true;
  for(int i=0; i <sortedKeys.size(); i++){
    Role role = roles.get(sortedKeys.get(i));
    String roleDn = Val.chkStr(role.getDistinguishedName());
    String roleKey = Val.chkStr(role.getKey());
    String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey()));
    if(!role.isManage()) continue;
    boolean hasRole = false;

    idAdapter.readUserProfile(user);
    if(parts.length > 0) {
    String groupIdentifier = URLDecoder.decode(parts[5].trim(),"UTF-8");
    if(!groupIdentifier.endsWith(groupDIT)){
        IdentityConfiguration idConfig = context.getIdentityConfiguration();
        Roles configuredRoles = idConfig.getConfiguredRoles();
      Role roleRegistered = configuredRoles.get(groupIdentifier);
      groupIdentifier = roleRegistered.getDistinguishedName();
    }
      boolean isSelf = checkSelf(context,member);
      if((isSelf && attempt.equals("2")) || !isSelf){

 * @param groupIdentifier
 * @return true if group is configured in geoportal
 */
protected boolean checkIfConfigured(RequestContext context,String groupIdentifier){
  boolean isConfigured = false;
  Roles roles = buildSelectableRoles(context);
  for (Role role : roles.values()){
    if(groupIdentifier.endsWith(groupDIT)){
      if(role.getDistinguishedName().equalsIgnoreCase(groupIdentifier)) {
        isConfigured = true;
        break;
      }

 * @param groupIdentifier
 * @return true if group is allowed to manage in geoportal
 */
protected boolean checkIfAllowedToManage(RequestContext context,String groupIdentifier){
  boolean isAllowedToManage = false;
  Roles roles = buildSelectableRoles(context);
  for (Role role : roles.values()){
    if(groupIdentifier.endsWith(groupDIT)){
      if(role.getDistinguishedName().equalsIgnoreCase(groupIdentifier) && role.isManage()) {
        isAllowedToManage = true;
        break;
      }

  if(!isMemberSearch){
    HashMap<String,Object> resultsMap = buildUsersList(context, filter,null);
    users = (Users) resultsMap.get("topUserMatches");
    totalMatches = (Integer) resultsMap.get("totalMatches");
  }else if(isMemberSearch && attributeName != null){
    Roles configuredRoles = context.getIdentityConfiguration().getConfiguredRoles();
    Role role = configuredRoles.get(attributeName);
    String sDn = role.getDistinguishedName();
    IdentityAdapter idAdapter = context.newIdentityAdapter();
    users = idAdapter.readGroupMembers(sDn);
    totalMatches = users.size();
    users.sort();