Examples of org.ofbiz.security.authz.Authorization

org.ofbiz.security.authz.Authorization

    public Boolean auth;
    public String clazz = null;


    public boolean evalPermission(DispatchContext dctx, Map<String, ? extends Object> context) {
        GenericValue userLogin = (GenericValue) context.get("userLogin");
        Authorization authz = dctx.getAuthorization();
        Security security = dctx.getSecurity();
        if (userLogin == null) {
            Debug.logInfo("Secure service requested with no userLogin object", module);
            return false;
        }

View Full Code Here

        }


        // if no user is logged in, treat as if the user does not have permission: do not run subops
        GenericValue userLogin = methodContext.getUserLogin();
        if (userLogin != null) {
            Authorization authz = methodContext.getAuthz();
            Security security = methodContext.getSecurity();
            if (this.permissionInfo.hasPermission(methodContext, userLogin, authz, security)) {
                hasPermission = true;
            }

View Full Code Here

        if (dispatcher == null) {
            Debug.logError("[ControlServlet] ERROR: dispatcher not found in ServletContext", module);
        }
        request.setAttribute("dispatcher", dispatcher);


        Authorization authz = (Authorization) session.getAttribute("authz");
        if (authz == null) {
            authz = (Authorization) getServletContext().getAttribute("authz");
        }
        if (authz == null) {
            Debug.logError("[ControlServlet] ERROR: authorization not found in ServletContext", module);

View Full Code Here

            GenericValue userLogin = (GenericValue) context.get("userLogin");
            if (userLogin != null) {
                String permission = permissionExdr.expandString(context);
                String action = actionExdr.expandString(context);


                Authorization authz = (Authorization) context.get("authz");
                Security security = (Security) context.get("security");
                if (UtilValidate.isNotEmpty(action)) {
                    //Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field should no longer be used", module);
                    // run hasEntityPermission
                    if (security.hasEntityPermission(permission, action, userLogin)) {
                        return true;
                    }
                } else {
                    // run hasPermission
                    if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) {
                        return true;
                    }
                }
            }
            return false;

View Full Code Here

            } catch (SecurityConfigurationException e) {
                Debug.logError(e, module);
            }


            try {
                Authorization authz = AuthorizationFactory.getInstance(delegator);
                request.setAttribute("authz", authz);
                session.setAttribute("authz", authz);
            } catch (SecurityConfigurationException e) {
                Debug.logError(e, module);
            }

View Full Code Here

                "Y".equalsIgnoreCase(userLogin.getString("hasLoggedOut")) : false);
    }


    protected static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) {
        ServletContext context = (ServletContext) request.getAttribute("servletContext");
        Authorization authz = (Authorization) request.getAttribute("authz");
        Security security = (Security) request.getAttribute("security");


        String serverId = (String) context.getAttribute("_serverId");
        String contextPath = request.getContextPath();


        ComponentConfig.WebappInfo info = ComponentConfig.getWebAppInfo(serverId, contextPath);
        if (security != null) {
            if (info != null) {
                for (String permission: info.getBasePermission()) {
                    if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) &&
                            !authz.hasPermission(userLogin.getString("userLoginId"), permission, null)) {
                        return false;
                    }
                }
            } else {
                Debug.logInfo("No webapp configuration found for : " + serverId + " / " + contextPath, module);

View Full Code Here

        } catch (SecurityConfigurationException e) {
            Debug.logError(e, module);
        }


        try {
            Authorization authz = AuthorizationFactory.getInstance(delegator);
            request.setAttribute("authz", authz);
            session.setAttribute("authz", authz);
        } catch (SecurityConfigurationException e) {
            Debug.logError(e, module);
        }

View Full Code Here

                "Y".equalsIgnoreCase(userLogin.getString("hasLoggedOut")) : false);
    }


    protected static boolean hasBasePermission(GenericValue userLogin, HttpServletRequest request) {
        ServletContext context = (ServletContext) request.getAttribute("servletContext");
        Authorization authz = (Authorization) request.getAttribute("authz");
        Security security = (Security) request.getAttribute("security");


        String serverId = (String) context.getAttribute("_serverId");
        String contextPath = request.getContextPath();


        ComponentConfig.WebappInfo info = ComponentConfig.getWebAppInfo(serverId, contextPath);
        if (security != null) {
            if (info != null) {
                for (String permission: info.getBasePermission()) {
                    if (!"NONE".equals(permission) && !security.hasEntityPermission(permission, "_VIEW", userLogin) &&
                            !authz.hasPermission(userLogin.getString("userLoginId"), permission, null)) {
                        return false;
                    }
                }
            } else {
                Debug.logInfo("No webapp configuration found for : " + serverId + " / " + contextPath, module);

View Full Code Here

        }
        return delegator;
    }


    protected Authorization getAuthz() {
        Authorization authz = (Authorization) config.getServletContext().getAttribute("authorization");
        if (authz == null) {
            Delegator delegator = (Delegator) config.getServletContext().getAttribute("delegator");


            if (delegator != null) {
                try {

View Full Code Here

            } catch (SecurityConfigurationException e) {
                Debug.logError(e, module);
            }
            
            try {
                Authorization authz = AuthorizationFactory.getInstance(delegator);
                request.setAttribute("authz", authz);
                session.setAttribute("authz", authz);
            } catch (SecurityConfigurationException e) {
                Debug.logError(e, module);
            }

View Full Code Here

0 1 2 3 4

TOP

Related Classes of org.ofbiz.security.authz.Authorization

org.ofbiz.minilang.method.conditional.HasPermissionCondition

org.ofbiz.minilang.method.ifops.CheckPermission

org.ofbiz.minilang.method.ifops.IfHasPermission

org.ofbiz.service.ModelPermission

org.ofbiz.webapp.control.ContextFilter

org.ofbiz.webapp.control.ControlServlet

org.ofbiz.webapp.control.LoginWorker

org.ofbiz.webapp.event.CoreEvents

org.ofbiz.widget.menu.ModelMenuCondition$IfHasPermission

org.ofbiz.widget.PortalPageWorker

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.